Doc.: IEEE 802.11-03/095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 1 Fast Re-authentication Dan Harkins.

Slides:



Advertisements
Similar presentations
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Advertisements

Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
Doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:
Doc.: IEEE /087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.
1 IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: The Role of a Media Independent Authenticator Date Submitted: December 30, 2009.
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: IEEE r Fast BSS Transition – A Study Date Submitted: September 21, 2009 Present.
Doc.: IEEE /080r0A Submission January 2003 Black/Kasslin/Sinivaara, NokiaSlide 1 A Framework for RRM Simon Black, Mika Kasslin, Hasse Sinivaara.
Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Doc.: IEEE /252 Submission May 2001 Bernard Aboba, MicrosoftSlide 1 Issues with the 802.1X State Machine IEEE 802.1X Revision PAR Bernard Aboba.
IEEE P802 Handoff ECSG Submission July 2003 Bernard Aboba, Microsoft Detection of Network Attachment (DNA) and Handoff ECSG Bernard Aboba Microsoft July.
Submission doc.: IEEE 11-12/0553r0 May 2012 Jarkko Kneckt, NokiaSlide 1 Response Criteria of Probe Request Date: Authors:
Doc.: IEEE /039 Submission January 2001 Haverinen/Edney, NokiaSlide 1 Use of GSM SIM Authentication in IEEE System Submitted to IEEE
Doc.: IEEE /0259r02 Submission Date: ad New Technique Proposal March 2010 Yuichi Morioka, Sony CorporationSlide 1 Authors:
Doc.: IEEE /689r0 Submission November 2002 Dan Harkins, Trapeze Networks.Slide 1 Re-authentication when Roaming Dan Harkins.
Doc.: IEEE /1160 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA
Doc.: IEEE /1125r0 Submission September 2010 Marc Emmelmann, Fraunhofer FOKUSSlide 1 How does the (new) Fast Initial Link Set- Up PAR address.
Doc.: IEEE /688r0 Submission September 2003 Stephen McCann, Siemens Roke ManorSlide 1 Interworking Update II Stephen McCann, Siemens Roke Manor.
Doc.: IEEE /0578r0 Submission 2008 May Jarkko Kneckt, NokiaSlide 1 Forwarding in mesh containing MPs in power save Date: Authors:
Doc.: IEEE /1521r2 Submission January 2012 Marc Emmelmann, FOKUSSlide 1 AP and Network Discovery Enhancements Date: Authors:
Doc.: r0-I Submission July 22, 2003 Paul Lambert, Airgo NetworksSlide 1 Enabling Encryption in Hotspots by Decoupling the Privacy Field from.
Doc.: IEEE /1345r0 Submission November 2013 Jiamin Chen, HuaweiSlide 1 Dynamic Channel Transfer(DCT) Procedure for IEEE aj ( 60GHz New Technique.
Doc.: IEEE k Submission September 2003 Martin Lefkowitz, Trapeze NetworksSlide 1 Directed Probe Request With No Response Option Martin.
Doc.: IEEE /0608r2 Submission May 2012 Shoukang Zheng et. al, I2R, SingaporeSlide 1 Low-Power PS-Poll Date: Authors:
Doc.: IEEE /0283r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 Suggested Changes to the Abbreviated Handshake Date: Authors:
Submission doc.: IEEE ai November 2012 Lei Wang, InterDigital CommunicationsSlide 1 Proposals for the FD Frame Capability, Security and.
Doc.: IEEE /108r0 Submission January 2003 Adrian Stephens, IntelSlide 1 Some proposed motions for HT SG Adrian P Stephens
Doc.: IEEE /0373r0 Submission March 2012 Ron Porat, Broadcom BF Frame Format Date: Authors: Slide 1.
Doc.: IEEE /0119r00 Submission January 2011 Marc Emmelmann, Fraunhofer FokusSlide 1 Requirements for FILS Submissions coming from PAR & 5C Date:
Doc.: IEEE /0440r1 Submission July 2013 Jiamin Chen, HuaweiSlide 1 Dynamic Channel Transfer(DCT) procedure for IEEE aj ( 60GHz ) Date:
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Confidential 1 IEEE u Overview Klaas Wierenga TF-Mobility Loughborough, May 7, 2009.
Wireless and Security CSCI 5857: Encoding and Encryption.
Doc.: IEEE ai Submission Paul Lambert, Marvell TGai Discovery Proposal Author: Abstract Short high-level proposal for discovery techniques.
Doc.: IEEE /1429r2 Submission January 2012 Dan Harkins, Aruba NetworksSlide 1 A Protocol for FILS Authentication Date: Authors:
Doc.: IEEE /0374r0 Submission March 2010 Dan Harkins, Aruba NetworksSlide 1 Clarifying the Behavior of PMK Caching Date: Authors:
Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
Submission doc.: IEEE 11-14/0062r0 January 2014 Dan Harkins, Aruba NetworksSlide 1 PMK Caching for FILS Date: Authors:
Doc.: IEEE /684r0 Submission November 2002 Martin Lefkowitz, Trapeze NetworksSlide 1 Extended Keymap ID Martin Lefkowitz Trapeze Networks.
Submission doc.: IEEE /1128r1 September 2015 Dan Harkins, Aruba Networks (an HP company)Slide 1 Opportunistic Wireless Encryption Date:
Doc.: IEEE r Submission November 2004 Bob Beach, Symbol TechnologiesSlide 1 Fast Roaming Using Multiple Concurrent Associations Bob.
Doc.: IEEE /008r0 Submission January 2003 N. Cam-Winget, D. Smith, K. AmannSlide 1 Proposed new AKM for Fast Roaming Nancy Cam-Winget, Cisco Systems.
Doc.: IEEE /0263r1 SubmissionJae Seung Lee, ETRI Spec Framework Proposal: Selection of the AP for Scanning Date: Slide 1 March 2012.
Doc.: IEEE /403r0 Submission July 2001 Albert Young, 3Com, et alSlide 1 Supplementary Functional Requirements for Tgi ESS Networks Submitted to.
Doc.: IEEE /0896r0 SubmissionJae Seung Lee, ETRISlide 1 Probe Request Filtering Criteria Date: July 2012.
Doc.: IEEE /1212r0 Submission September 2011 IEEE Slide 1 The Purpose and Justification of WAPI Comparing Apples to Apples, not Apples to.
Doc.: IEEE /1145r1 Submission August WG Slide 1 Mutual Authentication Date: Authors: Slide 1.
Submission doc.: IEEE r1 March 2012 Dan Harkins, Aruba NetworksSlide 1 The Pitfalls of Hacking and Grafting Date: Authors:
Doc.: IEEE /2539r0 Submission September 2007 Tony Braskich, MotorolaSlide 1 Overview of an abbreviated handshake with sequential and simultaneous.
Doc.: IEEE /2179r0 Submission July 2007 Steve Emeott, MotorolaSlide 1 Summary of Updates to MSA Overview and MKD Functionality Text Date:
FILS Reduced Neighbor Report
Authentication and Upper-Layer Messaging
Discussions on FILS Authentication
Keying for Fast Roaming
FILS Reduced Neighbor Report
Security Properties Straw Polls
Fast Roaming Compromise Proposal
Roaming timings and PMK lifetime
TGr Authentication Framework
Fast Roaming Compromise Proposal
Fast Roaming Compromise Proposal
Dan Harkins Trapeze Networks
Roaming timings and PMK lifetime
Keying for Fast Roaming
doc.: IEEE /1072r0 Dan Harkins Trapeze Networks
doc.: IEEE /1072r0 Dan Harkins Trapeze Networks
Beacon Protection Date: Authors: May 2018 January 2018
TGr Authentication Framework
Thinking About the Site Report
Sept 2003 PMK “sharing” Tim Moore Tim Moore, Microsoft.
Roaming timings and PMK lifetime
Presentation transcript:

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 1 Fast Re-authentication Dan Harkins

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 2 Roaming in 3.0 Section describes 2 schemes for roaming: –If the AP supports pre-authentication the STA is expected to pre-authenticate prior to roaming. –If the AP does not support pre-authentication the STA is forced to go through a complete 802.1X authentication.

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 3 Roaming in 3.0 Section (3): “When a STA (re)associates with an AP without a (recent enough) pre- authentication, the AP has no cryptographic keys configured for the STA. In this case, the AP’s Authenticator will force a full 802.1X authentication.”

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 4 Roaming in 3.0 Problems with this “either-or” approach: A STA can only pre-authenticate with APs it notices during its MLME-SCAN. Depending on how often MLME-SCAN is done a moderately mobile user may move faster than she can pre-authenticate. Unless there is a sufficient amount of coverage overlap everywhere pre-authentication may not be possible. Pre-authentication necessarily creates more security associations than needed. Could be problematic in a large, mobile environment.

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 5 A Third Way It is possible for the AP to have the cryptographic keys (for example a derivative of the MK) for the STA when it roams. There are proposals to do this but it’s not necessary to constrain solutions. Unfortunately, i/D3.0 does not mention any way to take advantage of this!

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 6 The Third Way The AP obtains a secret from the AS in a manner outside the scope of this PAR. The AS and supplicant derive the secret to use (derivative of [P]MK or the next secret in a series) but the exact derivation is outside the scope of this PAR. This secret is used for authentication and key derivation in the same way that the PMK is used for initial association.

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 7 The Third Way On (re)association the STA requests re- authentication by setting the in RSN Capabilities bitfield in the RSN Information Element. This indicates “I have the secret and want to use it for fast re-authentication” supports pre-authentication supports re-authentication Bit 0 Bit 1 Bit 2 Bits =yes 0=no reserved supports pairwise keys 1=yes 0=no 1=yes 0=no

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 8 The Third Way If the AP does not support re-authentication, does not have the secret, or does not wish to perform re- authentication it responds with an EAP request and a full 802.1X authentication is performed. If the AP supports re-authentication and has the secret it responds with the first message of the 4- way handshake using the secret as the PMK. The client and AP finish the 4-way handshake and create a new key hierarchy.

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 9 The Third Way Security association, including session keys bound to the MAC addresses of the “new AP” and STA, is created. If the 4 way handshake fails the STA must disassociate (or be forced to disassociate) from the “new AP”.

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 10 Benefits of Re-Authentication No interoperability impact on existing deployed base. –An AP which does not support “re- authentication” is required to ignore the “re- authentication” bit so the assumption from (3) stands. –By not setting the “re-authentication” bit in the RSNE a client that does not support “re- authentication” will merely do a full 802.1X authentication with an AP which does.

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 11 Benefits of Re-Authentication Agnostic on the particular cryptographic transfer protocol –Just as we leave the particulars of EAP to the client and AS, we should leave the particulars of how the cryptographic context is transferred to the client and AS. –Able to use any method going forward without having to rev this standard.

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 12 Benefits of Re-Authentication No security issues: –Proof of possession of the secret authenticates the STA to the AP under the identity retrieved from the cryptographic context transfer protocol. –Proof of possession of the secret authenticates the AP to the STA as part of a trusted system. –All of the security requirements are on the cryptographic context transfer protocol and the devices that speak it to make up the trusted system. Limited forward secrecy could be provided! Addresses comments 270, 1537, 2069 …

doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 13 Proposed: Add support for “re-authentication” to 3.0: Description of “re-authentication” as a 3rd scheme in New section to define “re- authentication” Modify the Informative analysis of Modify the RSNE in section and accompanying text

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.