Presentation is loading. Please wait.

Presentation is loading. Please wait.

NIST Considerations Date: Authors: July 2005 Month Year

Published byKurt de Coninck Modified over 5 years ago

Similar presentations

Presentation on theme: "NIST Considerations Date: Authors: July 2005 Month Year"— Presentation transcript:

1 NIST Considerations Date:2005-07-19 Authors: July 2005 Month Year
March 2005 July 2005 NIST Considerations Date: Authors: Notice: This document has been prepared to assist IEEE It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures < ieee802.org/guides/bylaws/sb-bylaws.pdf>, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE Working Group. If you have questions, contact the IEEE Patent Committee Administrator at Nancy Cam-Winget, Cisco Emily Qi, Intel Corporation

2 July 2005 NIST Considerations Collision attack on SHA-1 successful collision after 269 vs. original bound of 280 operations. NIST commencing phase-out of SHA-1 with replacement by 2010. While SHA-1 is still considered secure as a PRF and is further protected by HMAC for signatures, NIST is recommending adoption of SHA-256 Nancy Cam-Winget, Cisco

3 Updates to KDF Replace HMAC-SHA1 with HMAC-SHA256: July 2005
Output = KDF-Length( K, label, Context) where Input: K, a 256 bit key derivation key label, a string identifying the purpose of the keys derived using this KDF Context, a bit string that provides context to identify the derived key Length, the length of the derived key in bits Output: a Length-bit derived key result = “” iterations = (Length+159)/160 do i = 1 to iterations result = result || HMAC-SHA256(K, i || label || 0x00 || Context || Length) od return first Length bits of result and securely delete all unused bits Nancy Cam-Winget, Cisco

4 Use AES-CMAC-128 for EAPOL-Key MIC
July 2005 Use AES-CMAC-128 for EAPOL-Key MIC EAPOL Key frame new Key Descriptor Version: The value 3 shall be used for all EAPOL-Key frames to and from a STA when either the pairwise or the group cipher is AES-CCMP for Key Descriptor 2. This value indicates the following: AES-CMAC-128 is the EAPOL-Key MIC. Where CMAC is defined in NIST Special publication B. The output of the AES-CMAC shall be the full 128 bits. The value 3 shall also be used for all EAPOL-KEY-IE elements included in the (re)association and TGr action frames Nancy Cam-Winget, Cisco

5 July 2005 AES-CMAC-128 AES(K, D) : AES 128bit block cipher using a 128bit key, K to encrypt plaintext D 0128: 128bits of zeroes L = AES( K, 0128) if MSB(L) = 0 → Lu = L << 1 else Lu = (L << 1) XOR 0x if MSB(Lu) = 0 → Lu2 = (Lu) << 1 else Lu2 = ((Lu) << 1) XOR 0x Y[0] = 0128 Partition data stream, M into m blocks: M[1], M[2] … M[m] If M[m] != 128bits, pad: M*[m] = (Lu2 XOR (M[m] || 10j)) where j= # 0’s to pad to 128bits M[m] = M[m] XOR (Lu) if the length of M[m] = 128 X[m] = X[m] XOR (Lu2) otherwise for i = 1 to m do Y[i] = AES( K, M[i] XOR Y[i-1] ) Nancy Cam-Winget, Cisco

6 July 2005 Comments? Nancy Cam-Winget, Cisco

Download ppt "NIST Considerations Date: Authors: July 2005 Month Year"

Similar presentations

Use of KCK for TGr Management Frame Protection

Use of KCK for TGr Management Frame Protection
Submission on comments to +HTC frames

Submission on comments to +HTC frames
LB84 General AdHoc Group Sept. Closing TGn Motions

LB84 General AdHoc Group Sept. Closing TGn Motions
LB84 General AdHoc Group Sept. Closing TGn Motions

LB84 General AdHoc Group Sept. Closing TGn Motions
[ Interim Meetings 2006] Date: Authors: July 2005

[ Interim Meetings 2006] Date: Authors: July 2005
Motions Date: Authors: January 2006

Motions Date: Authors: January 2006
London TGu Motions Authors: January 2007 Date: Month Year

London TGu Motions Authors: January 2007 Date: Month Year
LB73 Noise and Location Categories

LB73 Noise and Location Categories
LB73 Noise and Location Categories

LB73 Noise and Location Categories
Waveform Generator Source Code

Waveform Generator Source Code
March 2014 Election Results

March 2014 Election Results
TGp Closing Report Date: Authors: July 2007 Month Year

TGp Closing Report Date: Authors: July 2007 Month Year
TGr Security Architecture

TGr Security Architecture
Attendance and Documentation for the March 2007 Plenary

Attendance and Documentation for the March 2007 Plenary
Attendance and Documentation for the March 2007 Plenary

Attendance and Documentation for the March 2007 Plenary
[ Policies and Procedure Summary]

[ Policies and Procedure Summary]
[ Policies and Procedure Summary]

[ Policies and Procedure Summary]
Motion to accept Draft p 2.0

Motion to accept Draft p 2.0
Protected SSIDs Date: Authors: March 2005 March 2005

Protected SSIDs Date: Authors: March 2005 March 2005
3GPP liaison report July 2006

3GPP liaison report July 2006

Similar presentations

Ads by Google