1 IEEE MEDIA INDEPENDENT HANDOVER DCN: sec Title: ERP proposal Date Submitted: October 11, 2011 Authors or Source(s): Fernando Bernal-Hidalgo, Rafa Marín-López Abstract: Modifications to be carried out in current D04 related with comment #24.
2 IEEE presentation release statements This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws and in Understanding Patent Issues During IEEE Standards Development Section 6 of the IEEE-SA Standards Board bylawshttp://standards.ieee.org/guides/bylaws/sect6-7.html#6
AUTH TLV Generation How to generate the AUTH TLV – PRF(K, “AUTH_TLV” | MNCiphersuite | PoSCiphersuite) K = MSK or rMSK No need to define a new key in the key hierarchy. MNCiphersuite = the ciphersuite sent by the MN PoSCiphersuite = the ciphersuite sent by the PoS PRF is the one selected in the KDF_LIST – KDF_CMAC_AES – KDF_HMAC_SHA1 – KDF_HMAC_SHA256
Draft Modifications Rename – Change KDF_LIST to PRF_LIST Modify definition – PRF_LIST Bit 0: KDF_AES_CMAC PRF_AES_CMAC Bit 1: KDF_HMAC_SHA1 PRF_HMAC_SHA1 – We missed KDF_HMAC_SHA256. Add it: Bit 2 : KDF_HMAC_SHA256
ERP User Initiated MIH Access Authentication Phase EAP Peer MN EAP Peer MN EAP Auth. PoS EAP Auth. PoS MIH_Auth request (EAP-Initiate/Re-Auth, parameters) MIH_Auth response (EAP-Finish/Re-Auth, selections, AUTH) MIH Capability Discovery Request MIH Capability Discovery Response MIH Termination Resquest MIH Termination Response... Capability Discovery Phase MIH Service Authentication Phase Service Access Phase Termination Phase
ERP Network Initiated (1) MIH Access Authentication Phase EAP Peer MN EAP Peer MN EAP Auth. PoS EAP Auth. PoS MIH_Auth request (EAP-Initiate/Re-Auth, parameters) MIH_Auth response (EAP-Finish/Re-Auth, selections, AUTH) MIH_Auth indication (EAP-Initiate/ Re-auth-Start) Trigger MIH Capability Discovery Request MIH Capability Discovery Response Capability Discovery Phase MIH Termination Resquest MIH Termination Response... Service Access Phase Termination Phase MIH Service Authentication Phase
ERP Network Initiated (2) MIH Access Authentication Phase EAP Peer MN EAP Peer MN EAP Auth. PoS EAP Auth. PoS MIH_Auth request (EAP-Initiate/Re-Auth, parameters) MIH_Auth response (EAP-Finish/Re-Auth, selections, AUTH) MIH_Auth request (EAP-Request/Identity) Trigger MIH_Auth response MIH Service Authentication Phase MIH Capability Discovery Request MIH Capability Discovery Response Capability Discovery Phase MIH Termination Resquest MIH Termination Response... Service Access Phase Termination Phase
DICUSSION Should the MIH Service Authentication Phase be protected by an existing MIH SA during re- authentication with the same PoS? – We believe that MIH_AUTH messages should be always protected by using AUTH TLV To not use MIH SA How is AUTH TLV generated (key used and ciphersuite)? – Done Should we add a new section explaining how downgrading attack is avoided? – No. Nevertheless, the way how AUTH TLV is generated solves the problem.