Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhanced Security Date: Authors: May 2009 May 2009

Published byKory Lloyd Modified over 6 years ago

Similar presentations

Presentation on theme: "Enhanced Security Date: Authors: May 2009 May 2009"— Presentation transcript:

1 Enhanced 802.11 Security Date: 2008-05-11 Authors: May 2009 May 2009
doc.: IEEE /0315r2 May 2009 Enhanced Security Date: Authors: Dan Harkins, Aruba Networks Dan Hakrins, Aruba Networks

2 May 2009 doc.: IEEE /0315r2 May 2009 Abstract This document describes important security features that are missing from, or will enhance, IEEE and proposes a way to add them to IEEE Dan Harkins, Aruba Networks Dan Hakrins, Aruba Networks

3 Security Services in 802.11 Key Management Ciphers May 2009
Authentication: A STA can prove its identity to the network and vice versa Authorization and Access Control: Once authenticated a STA can be given access to the network, or a subset of it, or denied access to the network. Key derivation: each side derives a key known bound to each other. Ciphers Data Confidentiality: Data sent between the STA and AP is hidden from all but the source and destination of the data. Data Integrity: The recipient of a frame is able to verify that the frame was not modified in transit and that a false frame has not been substituted for a valid frame. Data Source Authentication: The recipient of a frame is able to ascertain the origin of the frame and it is not possible for anyone else to masquerade as the claimed originator. Dan Harkins, Aruba Networks

4 How are These Services Provided Today?
May 2009 How are These Services Provided Today? Wired Equivalent Privacy (WEP) Key Management Shared key: insecure simple proof-of-possession of a shared key Cipher WEP: insecure, numerous fundamental flaws in design Robust Security Network (RSN) 802.1x: provides mutual authentication, allows for authorization and access control decision making, generates secure and cryptographically strong keys. PSK: provides a limited type of authentication, generates weak keys that void some features of RSN ciphers. Ciphers TKIP: provides confidentiality, data integrity (sub-optimally), and data source authentication. CCMP: provides confidentiality, data integrity, and data source authentication. WEP is deprecated and should not be used. That leaves RSN as the only option available. Dan Harkins, Aruba Networks

5 May 2009 What’s The Problem? Cryptographically strong security is limited to one particular use case– the enterprise-- where: a AAA server is used to aggregate security services and policy. strict roles are enforced: clients obtain network access through APs. Cryptographically strong security doesn’t really work for other deployments. Small office/home office– a stand-alone AAA server is problematic. Networks of consumer electronics devices– a stand-alone AAA server is a non-starter and there is no real “client” and “AP” role. Mesh and peer-to-peer applications– there is no “client” and “AP” role. The PSK mode of i’s security is fundamentally broken. This is a source of continued bad press for – “ is still not secure”. This deficiency has resulted in another organization making a very complicated, but still not-quite secure, adjunct to i PSK mode. Dan Harkins, Aruba Networks

6 May 2009 What’s The Problem? The security of is centralized and role-based but is being used in ways that are neither. If your deployment does not fall into a narrow use case your choices are cumbersome and difficult to deploy, or insecure. The mandatory-to-implement cipher—CCMP– is slow(ish), has rigid usage requirements outside of which all security is lost, and consumes more power than other modes providing comparable security. GCM mode is suitable for very high-throughput PHYs and requires less power than CCMP SIV mode provides provable security when adherence to the rigid usage requirements of CCMP cannot be guaranteed. does not have a way to accept featurettes into the standard. Dan Harkins, Aruba Networks

7 May 2009 What’s The Solution? A Study Group to come up with a PAR & 5C to work on: Secure, de-centralized authentication and key management. These solutions should be suitable for a traditional ESS as well as ad hoc, mesh, and various peer-to-peer applications. They should not have strict role requirements. A password-based key exchange resistant to passive attack, active attack and dictionary attack. A certificate-based key exchange Definition (not development) of new ciphers AES-GCM: a high-performance, single-pass, cipher for authenticated encryption AES-SIV: a misuse-resistant cipher for authenticated encryption Dan Harkins, Aruba Networks

8 A Focus on Enhanced Security
May 2009 A Focus on Enhanced Security Tight focus ensures timely results Keep a focus on security enhancements to existing functionality and not creation of new security algorithms, ciphers, etc. Much of this has already been designed– GCM, SIV, SAE– so it’s a problem of defining use in There is a need for de-centralized security in Use of a PSK/password is widespread and will remain so. Unfortunately it is not secure; we should make it so. There is market demand, as shown by the work of other groups like WFA. It makes sense for to provide it instead of hoping other organizations do it (and do it right). Data rates keep increasing, ciphers cannot be bottlenecks! More efficient ciphers consume less power which results in longer battery life, and it’s also green. Do security work in a security group; keep experts focused on their area of expertise. Dan Harkins, Aruba Networks

9 May 2009 References NIST SP800-38D P. Rogaway and T. Shrimpton, “Deterministic Authenticated Encryption, A Provable Security Treatment of the Key-Wrap Problem”, Advances in Cryptology– EUROCRYPT ’06, St. Petersburg, Russia, 2006. RFC 5297 H. Krawczyk, ‘SKEME: A Versatile Secure Key Exchange Mechanism for the Internet’, Proceedings of the Internet Society Symposium on Network and Distributed Systems Security, August 1995 V. Shoup, “On Formal Models for Secure Key Exchange”. ACM Computer and Communications Security Conference, 1999. Dan Harkins, Aruba Networks

10 May 2009 Motion Move to request the Working Group to approve and forward to the IEEE 802 Executive Committee the creation of a new IEEE Study Group, called the Enhanced Security Study Group (ESSG), to investigate ways to provide security enhancements to on the following: Secure, robust, de-centralized key management using public key-based and password-based credentials. Faster, more robust, or more power-efficient ciphers to protect frames. Upon confirmation of feasibility and per 802 operating rules, the ESSG shall draft a PAR and 5 criteria to be submitted to the WG. Moved: Seconded: Yes: No: Abstain: Dan Harkins, Aruba Networks

Download ppt "Enhanced Security Date: Authors: May 2009 May 2009"

Similar presentations

Doc.: IEEE 802.11-09/0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced 802.11 Security Date: 2009-03-13 Authors:

Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
Doc.: IEEE 802.11-08/1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: 2008-11-10 Authors:

Doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:
Doc.: IEEE 802.11-09/1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: 2009-09-15 Authors:

Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Secure Pre-Shared Key Authentication for IKE

Secure Pre-Shared Key Authentication for IKE
Submission doc.: IEEE 11-12/1253r1 November 2012 Dan Harkins, Aruba NetworksSlide 1 Why Use SIV for 11ai? Date: 2012-10-30 Authors:

Submission doc.: IEEE 11-12/1253r1 November 2012 Dan Harkins, Aruba NetworksSlide 1 Why Use SIV for 11ai? Date: Authors:
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Doc.: IEEE 802.11-12/0946r3 Submission August 2012 A proposal for next generation security in 802.11 built on changes in 802.11ac 23 August 2012 Slide.

Doc.: IEEE /0946r3 Submission August 2012 A proposal for next generation security in built on changes in ac 23 August 2012 Slide.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Comparative studies on authentication and key exchange methods for 802.11 wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
IEEE 802.11i WPA2. IEEE 802.11i (WPA2) IEEE 802.11i, is an amendment to the 802.11 standard specifying security mechanisms for wireless networks. The.

IEEE i WPA2. IEEE i (WPA2) IEEE i, is an amendment to the standard specifying security mechanisms for wireless networks. The.
Doc.: IEEE 802.11-09/0580r0 Submission May 09 Myles et al (Cisco)Slide 1 Discussion on the proposal to start a new Security SG in 802.11 WG.

Doc.: IEEE /0580r0 Submission May 09 Myles et al (Cisco)Slide 1 Discussion on the proposal to start a new Security SG in WG.
WEP Protocol Weaknesses and Vulnerabilities

WEP Protocol Weaknesses and Vulnerabilities
Doc.: IEEE 802.11-10/0374r0 Submission March 2010 Dan Harkins, Aruba NetworksSlide 1 Clarifying the Behavior of PMK Caching Date: 2010-03-08 Authors:

Doc.: IEEE /0374r0 Submission March 2010 Dan Harkins, Aruba NetworksSlide 1 Clarifying the Behavior of PMK Caching Date: Authors:
Doc.: IEEE 802.11-01/495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
Doc.: IEEE 802.11-11-0964r0 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: 2011-07-15 Authors:

Doc.: IEEE r0 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: Authors:
Lecture 24 Wireless Network Security

Lecture 24 Wireless Network Security

Similar presentations

Ads by Google