Presentation is loading. Please wait.

Presentation is loading. Please wait.

RSC Pools for Mgmt Frames

Published byΆριστόδημος Κούνδουρος Modified over 5 years ago

Similar presentations

Presentation on theme: "RSC Pools for Mgmt Frames"— Presentation transcript:

1 RSC Pools for Mgmt Frames
Month Year doc.: IEEE yy/xxxxr0 July 2006 RSC Pools for Mgmt Frames Date: July, 2006 Author: Notice: This document has been prepared to assist IEEE It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures < ieee802.org/guides/bylaws/sb-bylaws.pdf>, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE Working Group. If you have questions, contact the IEEE Patent Committee Administrator at K.Hayes John Doe, Some Company

2 Replay Checking review
Month Year doc.: IEEE yy/xxxxr0 July 2006 Replay Checking review With a single session flow, frames must be sent in an ordered sequence across the link – frames cannot be reordered within the session lest security checks declare a replay violation For multiple sessions, the rule above still holds, but frames may be reordered across sessions (i.e. output scheduling may occur) K.Hayes John Doe, Some Company

3 Crypto Transmit Sequencing
July 2006 Crypto Transmit Sequencing TKIP and CCMP require replay checking as receiver operation Verification is done with Packet Numbers (PN) built from the IV, extended IV Transmitter allocates all PNs in the sequence received from the network stack, even for multiple sessions; gaps in the increasing PN sequence are allowed PNs must never be reused with the same RSN key within the same session K.Hayes

4 July 2006 What’s a session? Strictly speaking this is a set of frames with: A QoS control field with the same TID - OR- No QoS control field at all For TGw, management frames are the second category There is no QoS control field…and certainly no TID! Therefore, management frames use the same session as QoS-free data frames K.Hayes

5 Crypto Receive Sequencing
July 2006 Crypto Receive Sequencing Multi-session receiver cannot use a single Receive Sequence Counter (RSC) to do replay checks; it must have N counters, where N is the number of sessions Data frames are “steered” into a discrete RSC bin indexed by their QoS Control Field’s 4-bit TID, or another bin if QoS Control Field is absent from frame header K.Hayes

6 Management Frame Crypto Construction
July 2006 Management Frame Crypto Construction Clauses and state frames with no QoS Control field do not include any “priority” in their AAD and shall use 0x00 in their Nonce construction Management frames have no QoS Control Field in their header and therefore need no “priority octet” No need to change the 48-bit PN allocation for mgmt frames It would be incorrect to overload/subvert the MIC/Nonce input field labeled as “priority” with an arbitrary value because uniqueness is already easy to guarantee (and implement) K.Hayes

7 Guaranteeing Uniqueness with PN
July 2006 Guaranteeing Uniqueness with PN Transmitter allocates PNs of both mgmt and QoS-free data frames Simply allocate PNs from the same pool by maintaining a single counter for both! Using single counter is easiest way to implement this with a single thread If mgmt and data are transmitted by separate threads/CPUs, then let both threads access a single counter NO CHANCE of keystream collision since all PNs are unique for all sessions (with or without QoS control field) Transmitter provides uniqueness across all frames lacking QoS control field Receiver verifies uniqueness by using a single counter for all frames lacking QoS control field K.Hayes

8 How can Receiver Guarantee Unique PNs?
July 2006 How can Receiver Guarantee Unique PNs? Receiver uses a single counter for frames lacking QoS Control field ALL frames which lack a QoS Control field are checked against a MAC-state counter, just like in i Receiver performs replay check, just like in i If attacker is able to inject a frame with no QoS control in the air, receiver will detect it and drop the frame, just like in i Easy to guarantee, easy to implement, compatible with data cipher suite K.Hayes

9 July 2006 Questions? K.Hayes

10 Motion Move to instruct TGw editor to make following changes:
July 2006 Motion Move to instruct TGw editor to make following changes: The 0xff value used as input to the TKIP MIC and CCMP MIC for management frames shall be removed from those calculations as in accordance with clause The 0xff value used as input to the CCMP Nonce for management frames shall be set to 0x00 as in accordance with clause The PN values used for robust management frames shall be drawn from the same pool as for data frames containing no QoS control field K.Hayes

11 July 2006 backup K.Hayes

12 Output Scheduling July 2006 Low Prio PN = 11 PN = 9 Priority Scheduler
Hi Prio PN = 13 K.Hayes

13 Other examples of MAC state
July 2006 Other examples of MAC state moreData status Power Management state sequence number fragment number and fragmentation state MIB variables Crypto keys Ad nauseum… K.Hayes

Download ppt "RSC Pools for Mgmt Frames"

Similar presentations

Doc.: IEEE 802.11-06/0848-r2 Submission July 2006 K.HayesSlide 1 RSC Pools for Mgmt Frames Notice: This document has been prepared to assist IEEE 802.11.

Doc.: IEEE /0848-r2 Submission July 2006 K.HayesSlide 1 RSC Pools for Mgmt Frames Notice: This document has been prepared to assist IEEE
Doc.: IEEE 802.11-06/XXXXr0 Submission July 2006 Nancy Cam-Winget, Cisco Slide 1 Constructing unique key streams for Management Frame Protection Notice:

Doc.: IEEE /XXXXr0 Submission July 2006 Nancy Cam-Winget, Cisco Slide 1 Constructing unique key streams for Management Frame Protection Notice:
Use of KCK for TGr Management Frame Protection

Use of KCK for TGr Management Frame Protection
LB84 General AdHoc Group Sept. Closing TGn Motions

LB84 General AdHoc Group Sept. Closing TGn Motions
LB84 General AdHoc Group Sept. Closing TGn Motions

LB84 General AdHoc Group Sept. Closing TGn Motions
[ Interim Meetings 2006] Date: Authors: July 2005

[ Interim Meetings 2006] Date: Authors: July 2005
Motions Date: Authors: January 2006

Motions Date: Authors: January 2006
London TGu Motions Authors: January 2007 Date: Month Year

London TGu Motions Authors: January 2007 Date: Month Year
LB73 Noise and Location Categories

LB73 Noise and Location Categories
LB73 Noise and Location Categories

LB73 Noise and Location Categories
Waveform Generator Source Code

Waveform Generator Source Code
RSC Pools for Mgmt Frames

RSC Pools for Mgmt Frames
TGp Closing Report Date: Authors: July 2005 Month Year

TGp Closing Report Date: Authors: July 2005 Month Year
TGp Closing Report Date: Authors: July 2007 Month Year

TGp Closing Report Date: Authors: July 2007 Month Year
Attendance and Documentation for the March 2007 Plenary

Attendance and Documentation for the March 2007 Plenary
Attendance and Documentation for the March 2007 Plenary

Attendance and Documentation for the March 2007 Plenary
[ Policies and Procedure Summary]

[ Policies and Procedure Summary]
[ Policies and Procedure Summary]

[ Policies and Procedure Summary]
Motion to accept Draft p 2.0

Motion to accept Draft p 2.0
3GPP liaison report July 2006

3GPP liaison report July 2006

Similar presentations

Ads by Google