Doc.: IEEE 802.11-06/0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 1 TGr Security Architecture Notice: This document has been prepared.

Slides:



Advertisements
Similar presentations
Doc.: IEEE /0866r1 Submission September 2005 Michael Montemurro, Chantry NetworksSlide 1 Mobility Domain Definition and Description Notice: This.
Advertisements

Doc.: IEEE /90r0 Submission Nov., 2012 NICTSlide b NICT Proposal IEEE P Wireless RANs Date: Authors: Notice: This document.
Doc.: IEEE /0930r0 Submission July 2006 Nancy Cam-Winget, Cisco Slide 1 Editor Updates since Jacksonville Notice: This document has been prepared.
Doc.: IEEE /1867r1 Submission November r Security TeamSlide 1 TGr Security Requirements Notice: This document has been prepared to.
Doc.: IEEE /0094r0 Submission November 2009 Steve Shellhammer, QualcommSlide 1 Comments on PAR Notice: This document has been prepared.
Doc.: IEEE /0121r0 Submission January 2006 S. Bezzateev, A. Fomin, M. WongSlide 1 Broadcast Management Frame Protection Notice: This document.
Doc.: r Submission March 2006 AllSlide 1 A method to refresh the keys hierarchy periodically Notice: This document has been prepared to.
Doc.: IEEE /2237r0 Submission July 2007 Emily Qi, Intel CorporationSlide 1 TGv Redline D1.0 Insert and Deletion Notice: This document has been.
Doc.: IEEE /1212r0 Submission TGT and MEF Liaison Notice: This document has been prepared to assist IEEE It is offered as a basis for.
Doc.: IEEE /86r2 Submission March, 2010 Gabor BajkoSlide 1 Location Proxy Notice: This document has been prepared to assist IEEE It is.
Doc.: IEEE /0197r0 Submission March 2005 Nancy Cam-Winget et alSlide 1 TAP & JIT Merge Process Notice: This document has been prepared to assist.
Doc.: IEEE /01097r0 Submission November 2005 N. Cam-Winget, K. Sood, and J. WalkerSlide 1 EAPKIE Replay Counters and MIC Notice: This document.
Doc.: IEEE /0215r1 Submission January 2006 Jesse Walker, Intel CorporationSlide 1 TGw Closing Report Notice: This document has been prepared to.
Doc.: IEEE /2112r1 Submission Peter Loc, MarvellSlide 1 TGn LB97 Frame Format Ad Hoc San Francisco, July 2007 Notice: This document.
Doc.: IEEE /0652r1 Submission May 2007 Emily Qi, Intel CorporationSlide 1 TGv Redline D0.12 Insert and Deletion Notice: This document has been.
Use of KCK for TGr Management Frame Protection
LB84 General AdHoc Group Sept. Closing TGn Motions
[ Interim Meetings 2006] Date: Authors: July 2005
Motions Date: Authors: January 2006
LB73 Noise and Location Categories
LB73 Noise and Location Categories
Waveform Generator Source Code
March 2014 Election Results
TGp Closing Report Date: Authors: July 2007 Month Year
TGr Security Architecture
Attendance and Documentation for the March 2007 Plenary
TGr Architectural Entities
3GPP Extended Date: Authors: July 2005 July 2005
[ Policies and Procedure Summary]
3GPP liaison report May 2006 May 2006 Date: Authors:
Motion to accept Draft p 2.0
Protected SSIDs Date: Authors: March 2005 March 2005
3GPP liaison report July 2006
Motions Date: Authors: January 2006
(Presentation name) For (Name of group) (Presenter’s name,title)
On Coexistence Mechanisms
TGu-changes-from-d0-02-to-d0-03
On Coexistence Mechanisms
Reflector Tutorial Date: Authors: July 2006 Month Year
TGv Redline D0.07 Insert and Deletion
TGv Redline D0.06 Insert and Deletion
Experimental DTV Sensor
IEEE WG Opening Report – July 2008
ADS Study Group Mid-week Report
TGu-changes-from-d0-01-to-d0-02
LB73 Noise and Location Categories
TGy draft 2.0 with changebars from draft 1.0
TGv Redline D0.10 Insert and Deletion
TGr Security Architecture
WAPI Position Paper Sept 2005 Sept 2005 IEEE WG
Redline of draft P802.11w D2.2 Date: Authors:
TGr Proposed Draft Revision Notice
TGu-changes-from-d0-02-to-d0-03
[ Policies and Procedure Summary]
Draft P802.11s D1.03 WordConversion
Questions to the Contention-based Protocol (CBP) Study Group
Motion to go to Letter Ballot
EC Motions – July 2005 Plenary
TGu-changes-from-d0-04-to-d0-05
2-Level Key Hierarchy Date: 19 July 2005 Authors: July 2005 Month Year
PSK Treatment Options Date: 19 September 2005 Authors: September 2005
Transition Nowhere Date: Authors: Sept 2005 Sept 2005
TGu-changes-from-d0-03-to-d0-04
TGu Motions Date: Authors: May 2006 May 2006
Reserve Option Contradiction
WAPI Position Paper Sept 2005 Sept 2005 IEEE WG
Use of KCK for TGr Management Frame Protection
Use of KCK for TGr Management Frame Protection
Use of Nonces in Fast Transitioning Flows
TGr Proposed Draft Revision Notice
Presentation transcript:

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 1 TGr Security Architecture Notice: This document has been prepared to assist IEEE It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE Working Group. If you have questions, contact the IEEE Patent Committee Administrator at. Date: Authors:

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 2 TGr Security Design Instrument this design in context of state machines and in relation to 802.1X

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 3 TGr Security Architecture

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 4 TGr PTK Key Derivation

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 5 TGr Key Hierarchy (Contd.) R0KH receives MSK from AS R0KH derives PMK-R0 from MSK R0KH generates multiple PMK-R1 keys and sends to R1KHs PTK Keys –4 keys: KEK, KCK-11, TK, KCK-1X –KEK and KCK-11 are consumed by SME: SME uses KEK to wrap KDEs and KCK11 to MIC 11r frames –KCK-1X is consumed by.1X used to MIC.1X frames –KCK-1X authenticates GTK updates and TKIP countermeasures

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 6 TGr Initial Association

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 7 TGr Initial Association ANonce R0KH and R1KH are within the same crypto boundary –Because the R0KH and R1KH both need assurance that the ANonce is fresh and unpredictable ANonce was mixed into the key hierarchy to give distinct PMK-R1 Names. Four alternatives are discussed: –Extend additional keying material in PMK-R0 for use in PMK-R0 Name derivation –Extend additional keying material in PMK-R1 for use in PMK-R1 Name derivation –Use of EAP-Session-Id in PMK-R0 Name derivation –Have R1KH and R0KH generate independent ANonces, and deliver both to the STA

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 8 TGr FT Reassociation – Base Mechanism

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 9 GTK Updates Either the SME or the 802.1X can trigger the GTK update Message format and flow remains the same as 11i 802.1X requests SME to wrap KDEs On AP, 802.1X originates the GTK update messages Supplicant asks SME to unwrap and plumb GTK into MAC

doc.: IEEE /0566r1 Submission May 2006 Sood, Walker, Cam-Winget, CalhounSlide 10 TGr Design Impacts No EAPOL-Key Frames (EAPKIE) in any 11r messages Existing 11r message formats will need to be modified A separate MIC IE within the TGr messages Over-the-Air and Over-the-DS end-to-end message contents can be harmonized, since both will now be processed by the SME Security sections need to be modified to include this architecture, update key hierarchy Either duplicate the 11i state machine to adjust for 11r Initial Association, OR, add a flag in 11i state machine to make it use 11r key as opposed to 11i PMK

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.