Presentation is loading. Please wait.

Presentation is loading. Please wait.

Extended Usage of STKSA

Published byGary Green Modified over 5 years ago

Similar presentations

Presentation on theme: "Extended Usage of STKSA"— Presentation transcript:

1 Extended Usage of STKSA
2018/9/22 doc.: IEEE yy/xxxxr0 Mar 2008 Extended Usage of STKSA Date: Authors: Notice: This document has been prepared to assist IEEE It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Hu Junling Sihoon Yang, LG Electronics

2 2018/9/22 doc.: IEEE yy/xxxxr0 Mar 2008 Abstract Extended use cases of STKSA and the imaginable solutions for these use cases are described in this slides deck. Hu Junling Sihoon Yang, LG Electronics

3 Use Case 1 (see contribution 11-09-2916 also)
2018/9/22 doc.: IEEE yy/xxxxr0 Mar 2008 Use Case 1 (see contribution also) Two QSTAs are assoicated with an AP which does not support Security. The two STAs want to exchange security datum, but the AP path is not secure. DL can be used just for secure transmitting. The STKSA can be setup manually or through other certain special approach. AP Not secure Secure Initiator STA Peer STA SMK is entered into STAs manually before DLS starting. Hu Junling Sihoon Yang, LG Electronics

4 Use Case 1 (see contribution 11-09-2916 also)
2018/9/22 doc.: IEEE yy/xxxxr0 Mar 2008 Use Case 1 (see contribution also) Even peer STA moves away and AP path is used, STKSA can be kept in AP path. The STAs still used STK to protect the data, but the protected data is encapsulated in tunnel. AP Path secure tunnel AP Secure Initiator STA Peer STA Hu Junling Sihoon Yang, LG Electronics

5 Use case 2 Two QSTAs are assoicated with an AP which support Security.
Mar 2008 Use case 2 Two QSTAs are assoicated with an AP which support Security. The AP need to decrypts the data frame and encrypts it again when the AP transmits the data frames from one STA to the other. STA1 initiates DLS with STA2 because of bad QoS and the DLS is succeeded. AP encrypts the data by PTK2. AP decrypts the data by PTK1. AP AP transmits the data frames protected by PTK2 to STA2. STA1 sends data frames protected by PTK1 to AP. Direct Link STA1 STA2 Hu Junling

6 Data frame protected by STK
Mar 2008 Use case 2 Now, the STA2 moves, the direct link can not be used, so the data path is switched to AP path. STK is still used for protect the data between STAs and AP. The AP does not decrypt the data and encrypt it again before transmit it to peer STA since the data frame is protected by STK, so the burden of the AP is decreased. AP path AP Data frame protected by STK Direct Link STA1 STA2 Hu Junling

7 Mar 2008 Use case 3 Two QSTAs are assoicated with an AP which support Security. STKSA can be used only for decreasing the burden of AP when the DL cann’t be setup essentially due to STA1 is too far away from STA2 or other reasons. The STKSA is created through AP path entirely. Date frames between STA and AP are protected by STK and AP do nothing for the data when the AP transmit it. Create STKSA AP Data frame, protected by STK STA2 Direct Link can not be setup STA1 Hu Junling

8 Solution 1 (for use case 1)
Mar 2008 Solution 1 (for use case 1) For use case 1, the Remote Frame Type field in TDLS frame body shall be set to 3 for tunneled secure frames (value 2 of RFT field has been defined for TDLS frames. See figure z1). LLC/SNAP Remote Frame Type Packet Type Information Octets: 8 1 variable Figure z1—TDLS frame body A new table z2 is added to define the Packet Type values for tunneled secure frames: Tunneled Secure Frame Type Value Meaning STKSA messages protected by SMK 1 Data protected by STK 2 – 255 Reserved New Table Z2 Hu Junling

9 Solution 2 (for use case 2 and 3)
Mar 2008 Solution 2 (for use case 2 and 3) For use case 2, a reserved bit in KeyID octet can be used to indicate that the frame is protected by station to station keys. Rsvd 5 bits (b0-b4) Ext IV (b5) Key ID (b6b7) Rsvd 4 bits (b0-b3) STSL Key Ind (b4) Ext IV (b5) Key ID (b6b7) 0: Normal 1: Protected by SMK/STK WPA defined that KeyID value 0 is used for PTK and values 1 to 3 are used for GTK, but WPA also suggest that value 3 is reserved. So we can define the value 3 of KeyID for station to station keys. Rsvd 5 bits (b0-b4) Ext IV (b5) Key ID (b6b7) 00: PTK 01, 10: GTK 11: SMK/STK Hu Junling

10 Mar 2008 Straw poll Do you think it is a practical method using STK to protect data frames in both direct path and AP path in the use case 1? Yes/No/Unknown: Do you think it is a effective method using STK to protect data frames in AP path to decrease the burden of the AP in use case 2 and 3? Use case 2: Yes/No/Unknown: Use case 3: Yes/No/Unknown: Hu Junling

Download ppt "Extended Usage of STKSA"

Similar presentations

Submission doc.: IEEE 802.19-15/XXXXr0 Month Year John Doe, Some CompanySlide 1 Insert Presentation Title Here Date: YYYY-MM-DD Authors: Notice: This document.

Submission doc.: IEEE /XXXXr0 Month Year John Doe, Some CompanySlide 1 Insert Presentation Title Here Date: YYYY-MM-DD Authors: Notice: This document.
Doc.: IEEE 802.11-05/1065r0 Submission November 2005 Emily Qi et alSlide 1 Proposal for Load Balancing Notice: This document has been prepared to assist.

Doc.: IEEE /1065r0 Submission November 2005 Emily Qi et alSlide 1 Proposal for Load Balancing Notice: This document has been prepared to assist.
Doc.: IEEE 802.11-07/2797r00 Submission Oct 2007 Jiyoung et al. Path Selection and Path Switch Mechanism Notice: This document has been prepared to assist.

Doc.: IEEE /2797r00 Submission Oct 2007 Jiyoung et al. Path Selection and Path Switch Mechanism Notice: This document has been prepared to assist.
Doc.: IEEE 802.11-06/0644r2 Submission May 2006 Päivi Ruuska, NokiaSlide 1 Measurement Pilot Transmission Information as optional information in Probe.

Doc.: IEEE /0644r2 Submission May 2006 Päivi Ruuska, NokiaSlide 1 Measurement Pilot Transmission Information as optional information in Probe.
21-06-0xxx-00-0000 IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-06-xxxx-00-0000 Title: Information Service Flow Update Date Submitted: October 22, 2006.

xxx IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx Title: Information Service Flow Update Date Submitted: October 22, 2006.
Doc.: IEEE 802.11-07/2155r0 Submission May 2007 Jiyoung et al.Slide 1 Advanced Event Request and Event Report Notice: This document has been prepared to.

Doc.: IEEE /2155r0 Submission May 2007 Jiyoung et al.Slide 1 Advanced Event Request and Event Report Notice: This document has been prepared to.
Doc.: IEEE 802.11-09/0072r0 Submission January 2009 Slide 1 Proxy ARP Issue for Direct Link Setup Notice: This document has been prepared to assist IEEE.

Doc.: IEEE /0072r0 Submission January 2009 Slide 1 Proxy ARP Issue for Direct Link Setup Notice: This document has been prepared to assist IEEE.
Doc.: IEEE 802.11-07/0041r1 AP Location Capability January 2007 Donghee Shim et alSlide 1 AP Location Capability Notice: This document has been prepared.

Doc.: IEEE /0041r1 AP Location Capability January 2007 Donghee Shim et alSlide 1 AP Location Capability Notice: This document has been prepared.
Doc.: IEEE 802.11-10/86r2 Submission March, 2010 Gabor BajkoSlide 1 Location Proxy Notice: This document has been prepared to assist IEEE 802.11. It is.

Doc.: IEEE /86r2 Submission March, 2010 Gabor BajkoSlide 1 Location Proxy Notice: This document has been prepared to assist IEEE It is.
Doc.: IEEE 802.11-07/2952r2 Submission Dec 2007 L.Chu Etc.Slide 1 Simplified DLS Action Frame Transmission in 11Z Date: 2007-12-07 Authors:

Doc.: IEEE /2952r2 Submission Dec 2007 L.Chu Etc.Slide 1 Simplified DLS Action Frame Transmission in 11Z Date: Authors:
FBMS Termination Date: Name Compay Address Phone

FBMS Termination Date: Name Compay Address Phone
STAKey Design Flaws Date: Jesse, Shlomo, Suman

STAKey Design Flaws Date: Jesse, Shlomo, Suman
<month year> doc.: IEEE < e> <Mar 2016>

<month year> doc.: IEEE < e> <Mar 2016>
June 2006 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Proposed Scenarios for Usage Model Document.

June 2006 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Proposed Scenarios for Usage Model Document.
Multicast Scope Date: Authors: September 2006 Month Year

Multicast Scope Date: Authors: September 2006 Month Year
Fair and protected DLS July 2007 Date: LG Electronics

Fair and protected DLS July 2007 Date: LG Electronics
TDLS Inconsistent Security Problem

TDLS Inconsistent Security Problem
Fair and Protected DLS September 2007 Date:

Fair and Protected DLS September 2007 Date:
May 2018 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Considerations on general MAC frame] Date Submitted:

May 2018 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Considerations on general MAC frame] Date Submitted:
doc.: IEEE <doc#>

doc.: IEEE <doc#>

Similar presentations

Ads by Google