11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Secure Enablement and CVS without Persistent Association Slide 1Qualcomm.

Slides:

Advertisements

Similar presentations

Slide 1 doc.: IEEE /1092r0 Submission Simone Merlin, Qualcomm Incorporated September 2010 Slide 1 ACK Protocol and Backoff Procedure for MU-MIMO.

Advertisements

Cryptography and Network Security

Secure Socket Layer.

Doc.: IEEE /770r0 Submission July 2009 Slide 1 TGs Authenticated Encryption Function Date: Authors: Russ Housley (Vigil Security), et.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Cryptography and Network Security Chapter 17

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.

Temporal Key Integrity Protocol (TKIP) Presented By: Laxmi Nissanka Rao Kim Sang Soo.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

Chapter 8 Web Security.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.

Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.

Security Considerations for IEEE Networks Karthikeyan Mahadevan.

Air-Interface Application Layer Security: A follow up to C Source: Lucent Technologies, Inc. S.Patel, G.Sundaram, R.Rance, S.Mizikovsky,

Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Doc.:IEEE /0908r3 Submission November 2011 Secure Enablement and CVS without Persistent Association Slide 1S.Abraham Qualcomm Incorporated Authors:

Doc: Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

WEP Protocol Weaknesses and Vulnerabilities

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Shambhu Upadhyaya Security – AES-CCMP Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 13)

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

Security Protection on Trust Delegated Medical Data in Public Mobile Networks Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

Doc.: IEEE /1077r0 Submission September 2010 Dan Harkins, Aruba NetworksSlide 1 Galois/Counter Mode (GCM) Date: Authors:

National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE

Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.

Doc.: IEEE /1093r0 Submission November 2005 Hitoshi MORIOKA, ROOT Inc.Slide 1 MISP based Authentication Framework Notice: This document has been.

Lecture 5.1: Message Authentication Codes, and Key Distribution

Doc.: IEEE /610r0 Submission November 2001 Tim Moore, Microsoft 802.1X and key interactions Tim Moore.

Doc.: IEEE /0175r2 Submission June 2011 Slide 1 FCC TVWS Terminology Date: Authors: Peter Ecclesine, Cisco.

1 Symmetric-Key Encryption CSE 5351: Introduction to Cryptography Reading assignment: Chapter 2 Chapter 3 (sections ) You may skip proofs, but are.

Doc.: IEEE /1393r1 Submission November 2011 Slide 1 OFCOM ECC TR 159 TVWS Terminology Date: Authors: Peter Ecclesine, Cisco.

Submission November 2010 doc.: IEEE /1236r0 Enhancements to Enablement Procedure Slide 1 Santosh Abraham, Qualcomm Incorporated Date:

Doc.: IEEE /xxxxr0 July 2011 Padam Kafle, Nokia Submission Simplification of Enablement Procedure for TVWS Authors: Date: July 18, 2011 NameCompanyAddressPhone .

Doc.: IEEE /0485r0 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Management Protection Jesse Walker and Emily Qi Intel.

Doc.: IEEE /610r0 Submission November 2001 Tim Moore, Microsoft 802.1X and key interactions Tim Moore.

Doc.: IEEE /0352r1 March 2011 Padam Kafle, Nokia Submission Simplification of Enablement Procedure for TVWS band Authors: Date: March 11, 2011.

Doc.: IEEE /0896r0 SubmissionJae Seung Lee, ETRISlide 1 Probe Request Filtering Criteria Date: July 2012.

2010 CCSDS Spring Meeting, 5 May 2010 Portsmouth, VA, USA Encrypted Authentication ISO/IEC I. Aguilar – ESA/ESTEC.

Submission November 2010 doc.: IEEE /1237r0 Over the Air Database Access for Mode 2 Capable Devices Slide 1 Santosh Abraham, Qualcomm Incorporated.

Doc.: IEEE /XXXXr0 Submission July 2006 Nancy Cam-Winget, Cisco Slide 1 Constructing unique key streams for Management Frame Protection Notice:

Submission doc.: IEEE /1309r0 November 2012 Non-TIM Mode Negotiation Date: Slide 1 Authors: Kaiying Lv, ZTE.

Doc.:IEEE /0129r1 January 2012 S.Abraham, Qualcomm Inc Short Beacon Slide 1 Authors:

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Message Authentication Code

Security Enhancement to FTM

White Space Map Notification

FILS Handling of Large Objects

Multiple Locations Channel Availability Query

July 2002 QoS Interactions Interaction of AES Message Integrity Check Processing with Quality of Service Paul Lambert, Woodside Networks, Inc.

Integrity Check for Disassociate/Associate/Re-associate

Secure Enablement and CVS without Persistent Association

Security for Measurement Requests and Information

Multiple Locations Channel Availability Query

11af architecture Date: Authors: May 2011 Month Year

Counter With Cipher Block Chaining-MAC

Presentation transcript:

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Secure Enablement and CVS without Persistent Association Slide 1Qualcomm Incorporated Authors:

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Motivation FCC rules require secure transmission of –White space map –Contact Verification Signal Current af draft requires a “secure association” to provide the necessary protection for transmission of the WSM and CVS –Implication: All APs will need to be enablers to associate dependent STAs All APs will need accurate geo location We aim to design a protocol that keeps the enabling AP(E- AP) function separate from the data serving AP (S-AP) function Slide 2 Qualcomm Incorporated

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Proposed Enablement Flowchart Slide 3 Qualcomm Incorporated Key sent in an encrypted MPDU

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Operation of Enablement Procedure D-STA associates with E-AP using a secure association procedure as required by the E-AP D-STA requests enablement from the E-AP using the enablement procedure. After obtaining enablement, D-STA creates a random key K and sends it to the E-AP –The D-STA and E-AP both initialize a 64-bit counter CVS-WSMSeqNo to zero. D-STA then disassociates from E-AP D-STA may then associate with any other AP, even other dependent APs (this AP is called the serving AP) All other communication from D-STA to E-AP use a “pull method” as described later Slide 4Qualcomm Incorporated

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Obtaining a CVS from E-AP D-STA obtains a CVS by requesting one from E-AP –CVS Request frame is a public action frame –CVS Request is a good approach since it frees the E-AP from determining whether the D-STA is in sleep mode before sending CVS D-STA obtains a CVS from E-AP as follows –The D-STA forms a Nonce and a MIC by applying the AES-CCM Generation/Encryption process [1] using the key K to the concatenation of: The current CVS-WSMSeqNo, a single direction bit set to 0, and 39 zeroes (to form a 128-bit block). –The CVS-WSMSeqNo and the MIC is sent in the CVS request public action frame. When E-AP receives a CVS request, it forms the CVS (a public action frame) as follows: –E-AP authenticates the transmitter of the CVS request through the MIC –E-AP then forms a MIC for CVS message by concatenating applying the AES-CCM Generation/Encryption process o The received CVS-WSMSeqNo, a single direction bit set to 1 and 31 zeroes The WSM-ID –E-STA forms the body of the CVS as CVS-WSMSeqNo, | Encrypted WSM-ID | MIC When D-STA receives CVS –D-STA decrypts the CVS received and verifies if the CVS-WSMSeqNo corresponds to the number sent in the CVS request and then checks the WSM-ID Slide 5Qualcomm Incorporated

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Frame Formats CVS/CVS Request CVS and CVS Request are Public Action Frames –CVS-WSMSeqNo. Provides replay protection Slide 6 Qualcomm Incorporated CVS Request CVS

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Operation if WSM changes Operation when CVS indicates new WSM-ID –D-STA requests the WSM similar to the way that it requests a CVS. –WSM request message contains CVS-WSMSeqNo and MIC obtained by applying the AES-CCM Generation/Encryption process [1] to the concatenation of: The current CVS-WSMSeqNo, a single direction bit set to 0, and 39 zeroes When E-AP receives a WSM request, it returns the WSM ( in a public action frame) as follows: –E-AP authenticates the transmitter of the WSM request through the MIC –E-AP then forms the MIC for the WSM message by concatenating The received CVS-WSMSeqNo, a single direction bit set to 1 The WSM-ID, and WSM Some zero padding may be required The WSM message is formed with CVS-WSMSeqNo, Encrypted WSM and MIC Slide 7 Qualcomm Incorporated

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Frame Formats WSM Request/WSM Slide 8 Qualcomm Incorporated Message formats for WSM request and WSM Request WSM

af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 References [1] NIST SP C Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality Slide 9 Qualcomm Incorporated