Presentation is loading. Please wait.

Presentation is loading. Please wait.

Extra MIC for use in Public Access WLAN

Published byBernadette Newton Modified over 5 years ago

Similar presentations

Presentation on theme: "Extra MIC for use in Public Access WLAN"— Presentation transcript:

1 Extra MIC for use in Public Access WLAN
Month 2002 doc.: IEEE /xxxr0 May 2002 Extra MIC for use in Public Access WLAN Stefan Rommer, Mats Näslund (Ericsson) Stefan Rommer, Mats Näslund (Ericsson) John Doe, His Company

2 May 2002 Motivation Public Access WLAN has special properties not present in corporate WLAN. Security in the AP and between the AP and a WLAN Serving Node (WSN) is important. Public Access Hotspot AP WSN/FA AP Could be highly untrusted! Stefan Rommer, Mats Näslund (Ericsson)

3 Motivation (2) Operators are very concerned about robust billing.
May 2002 Motivation (2) Operators are very concerned about robust billing. Robust billing requires at least integrity protection between mobile terminal and WSN. Public Access Hotspot Billing data collected here AP WSN/FA AP Could be highly untrusted! Stefan Rommer, Mats Näslund (Ericsson)

4 Solution alternatives
Month 2002 doc.: IEEE /xxxr0 May 2002 Solution alternatives Extend the i security association (authentication, encryption etc.) from the Mobile all the way to the WSN. Difficult since i is closely tied to the MAC layer. Let higher layers and/or other standards perform the needed functions A layer-2 solution is to prefer. IEEE is not well supported. Use proprietary solutions Not good for interoperability and market acceptance Add needed functions to i Stefan Rommer, Mats Näslund (Ericsson) John Doe, His Company

5 Add needed functions to 802.11i: Extra MIC
May 2002 Add needed functions to i: Extra MIC Add a (optional) ’transparent’ MIC that is not closely tied to the MAC layer MIC calculated over the whole payload (MSDU) Payload’ = Payload || extra MIC The AP can be configured to not add/verify the MIC The AP can transparently forward the Payload || MIC Stefan Rommer, Mats Näslund (Ericsson)

6 Possible message flow 802.11i MIC’ Basic 802.11i Payload’
May 2002 Possible message flow 802.11i MIC’ Basic i AP WSN/FA Payload’ RC Payload MIC’ TAG Payload MIC’ Payload AES Encrypted IV Payload MIC’ Michael ICV TKIP Encrypted Stefan Rommer, Mats Näslund (Ericsson)

7 Motivation (3): Why specify it in 802.11i?
May 2002 Motivation (3): Why specify it in i? A single standardised WLAN-solution will promote interoperability. Possible to reuse existing i functions, e.g. the key management. Possible to reuse the existing algorithms (e.g. Michael). Stefan Rommer, Mats Näslund (Ericsson)

8 May 2002 Key details AP WSN Trusted RADIUS Trusted RADIUS WSN acts as a RADIUS Proxy and can extract the EAP Master Key. A key for the new MIC can then be derived both at the Mobile and at the WSN. Stefan Rommer, Mats Näslund (Ericsson)

9 Can we use the existing 802.11i MICs instead of adding a new one?
May 2002 Can we use the existing i MICs instead of adding a new one? Add MIC in the WSN, do the encryption in the AP. MIC should be applied to whole MSDU TKIP: Should be possible to add Michael in the WSN AES: OCB: Not easy, encryption and authentication coupled. CCM: Add CBC-MAC in WSN. Stefan Rommer, Mats Näslund (Ericsson)

10 Conclusions Public access sites need “extended” protection.
May 2002 Conclusions Public access sites need “extended” protection. Robust billing requires at least integrity protection. An extra MIC is one option. 802.11i has the possibility to provide it. Existing security functions can be reused. Stefan Rommer, Mats Näslund (Ericsson)

Download ppt "Extra MIC for use in Public Access WLAN"

Similar presentations

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
15 November 2004 1 Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
Michal Rapco 05, 2005 Security issues in Wireless LANs.

Michal Rapco 05, 2005 Security issues in Wireless LANs.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
6LoWPAN (Introduction, Problem Statement & Goals) Nandakishore Kushalnagar Intel Corporation.

6LoWPAN (Introduction, Problem Statement & Goals) Nandakishore Kushalnagar Intel Corporation.
RTP Encryption for 3G Networks Rolf Blom, Elisabetta Carrara, Karl Norrman, Mats Näslund Communications Security Lab Ericsson.

RTP Encryption for 3G Networks Rolf Blom, Elisabetta Carrara, Karl Norrman, Mats Näslund Communications Security Lab Ericsson.
WLANs & Security Standards (802.11) 802.11b - up to 11 Mbps, several hundred feet 802.11g - up to 54 Mbps, backward compatible, same frequency 802.11a.

WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
Wireless Security: The need for WPA and 802.11i By Abuzar Amini CS 265 Section 1.

Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless security Wi–Fi (802.11) Security

Wireless security Wi–Fi (802.11) Security
SubmissionJoe Kwak, InterDigital1 Simplified 11k Security Joe Kwak InterDigital Communications Corporation doc: IEEE 802.11-04/552r0May 2004.

SubmissionJoe Kwak, InterDigital1 Simplified 11k Security Joe Kwak InterDigital Communications Corporation doc: IEEE /552r0May 2004.
Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id: 1014052061 1.

Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id:
Doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 1 Protection of Action Frames Jon Edney Nokia

Doc.: IEEE /552r0 Submission July 2003 Jon Edney, NokiaSlide 1 Protection of Action Frames Jon Edney Nokia
History and Implementation of the IEEE 802 Security Architecture

History and Implementation of the IEEE 802 Security Architecture
CSE 4905 WiFi Security II WPA2 (WiFi Protected Access 2)

CSE 4905 WiFi Security II WPA2 (WiFi Protected Access 2)
History and Implementation of the IEEE 802 Security Architecture

History and Implementation of the IEEE 802 Security Architecture
TGaq Transaction Protocol

TGaq Transaction Protocol

Similar presentations

Ads by Google