Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fast Authentication in TGai

Published byしなつ もちやま Modified over 5 years ago

Similar presentations

Presentation on theme: "Fast Authentication in TGai"— Presentation transcript:

1 Fast Authentication in TGai
Month Year doc.: IEEE yy/xxxxr0 Mar 2012 Fast Authentication in TGai Date: Authors: Name Affiliations Address Phone Kiseon Ryu LG Electronics 10225 Willow Creek Rd, San Diego, CA, 92131, USA +1 (858) Giwon Park LG R&D Complex 533, Hogye-1dong, Dongan-Gu, Anyang, Kyungki, , Korea Jaehyung Song Jinsam Kwak George Cherian Qualcomm 5775 Morehouse Dr., San Diego, CA Santosh Abraham Qualcomm Inc Kiseon Ryu, LG John Doe, Some Company

2 Month Year doc.: IEEE yy/xxxxr0 Mar 2012 Abstract This document proposes optimization of the EAP-RP based fast authentication for FILS. Kiseon Ryu, LG John Doe, Some Company

3 Conformance w/ TGai PAR & 5C
Month Year doc.: IEEE yy/xxxxr0 Mar 2012 Conformance w/ TGai PAR & 5C Conformance Question Response Does the proposal degrade the security offered by Robust Security Network Association (RSNA) already defined in ? No Does the proposal change the MAC SAP interface? Does the proposal require or introduce a change to the architecture? Does the proposal introduce a change in the channel access mechanism? Does the proposal introduce a change in the PHY? Which of the following link set-up phases is addressed by the proposal? (1) AP Discovery (2) Network Discovery (3) Link (re-)establishment / exchange of security related messages (4) Higher layer aspects, e.g. IP address assignment 3 Kiseon Ryu, LG John Doe, Some Company

4 Background 11/1160r6 has proposed using EAP framework for FILS
Month Year doc.: IEEE yy/xxxxr0 Mar 2012 Background 11/1160r6 has proposed using EAP framework for FILS Uses the EAP-RP for fast authentication by using a pre-established FILS context (i.e., EMSK, rRK, and rIK) to improve the authentication time during association. STA can be disassociated with the AP due to several reasons (e.g., STA’s leaving the AP, STA’s inactivity, and etc.,) However, STA should perform full EAP or EAP-RP procedure whenever coming back to the AP Full EAP and EAP-RP requires communication between the STA and the authentication server Kiseon Ryu, LG John Doe, Some Company

5 Month Year doc.: IEEE yy/xxxxr0 Mar 2012 Proposal STA/AP’s retaining the FILS context after disassociation for the specific time duration When the time duration has not been expired (i.e., FILS context is retained at both the STA and the AP) and the STA attempts to be associated with the AP, EAP-RP procedure can be omitted during association by using retained FILS context In this case, backbone signaling between AP and AS for EAP-RP is not necessary for re-authentication Kiseon Ryu, LG John Doe, Some Company

6 Optimization of EAP-RP based fast authentication
Month Year doc.: IEEE yy/xxxxr0 Mar 2012 Optimization of EAP-RP based fast authentication [step 1]. Full EAP authentication is performed between STA and AP1. [step 2]. STA disassociates from AP. [step 3]. STA/AP caches the STA/AP FILS contexts (i.e. PMK and rMSK, and etc.,) during specific time duration after STA’s disassociation/de-authentication. [step 4]. STA acquires Anonce via Beacon or probe response message. [step 5]. STA transmits the association request message with, MIC, EAPOL(Snonce, Anonce), If the STA is a previous associated STA and FILS contexts timer is not expired, AP re-use the STA’s FILS contexts (i.e., PMK, rMSK, and etc.,) and performs verification of association request message. If the association request message verification was failed, AP instructs STA to perform the full EAP authentication. [step 6]. If the association request message verification was successful, AP transmits the association response message to STA. If the STA successfully completed the message verification, it can access AP otherwise, STA shall perform the full EAP authentication procedure with authentication server. Kiseon Ryu, LG John Doe, Some Company

7 Optimization of EAP-RP based fast authentication
Month Year doc.: IEEE yy/xxxxr0 Mar 2012 Optimization of EAP-RP based fast authentication EAP-RP based fast authentication procedure can be optimized when: STA comebacks to the AP with which it was previously associated STA and AP retains the FILS contexts (e.g., PMK, rMSK, and etc.,) for the specific time duration (e.g., FILS context retain timer) after disassociation. If the FILS contexts is retained at both STA and AP, EAP procedure can be omitted during re-association. Kiseon Ryu, LG John Doe, Some Company

8 Month Year doc.: IEEE yy/xxxxr0 Mar 2012 Straw poll Concept: Do you agree to introduce the fast re-authentication by using the STA/AP’s retained security contexts (e.g., PMK, rMSK, and etc.,) to reduce the time required for the authentication on the re-association. Yes: 15 No : 10 Abstain: 17 Kiseon Ryu, LG John Doe, Some Company

9 Mar 2012 Motion for specification framework document (Voting at Hawaii F2F meeting) Motion Move to add the following text to Clause “Security” of TGai SFD, 12/0151. 3. Security Framework  R.3.A: The draft specification shall support the mechanism of fast re-authentication by using the STA/AP’s retained security contexts (e.g., PMK, rMSK, and etc.,), to reduce the time required for the authentication on the re-association. Moved: Seconded: Yes: No: Abstain: Kiseon Ryu, LG

Download ppt "Fast Authentication in TGai"

Similar presentations

Doc.: IEEE 802.11-12/1043 Submission NameAffiliationsAddressPhoneemail Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang, Kyungki,

Doc.: IEEE /1043 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang, Kyungki,
Doc.: IEEE 802.11-12/0255r1 Submission NameAffiliationsAddressPhoneemail Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,

Doc.: IEEE /0255r1 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,
Doc.: IEEE 802.11-11/1160 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA

Doc.: IEEE /1160 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA
Doc.: IEEE 802.11-11/1160r1 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA +1

Doc.: IEEE /1160r1 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA +1
Doc.:IEEE 802.11-12/0259r3 Submission March 2012 Reducing Probe Responses for faster AP discovery Slide 1 Authors: March 2012 NameAffiliationsAddressPhoneemail.

Doc.:IEEE /0259r3 Submission March 2012 Reducing Probe Responses for faster AP discovery Slide 1 Authors: March 2012 NameAffiliationsAddressPhone .
Doc.: IEEE 802.11-12/0550 Submission NameAffiliationsAddressPhone Kiseon RyuLG Electronics10225 Willow Creek Rd, San Diego, CA, 92131, USA +1

Doc.: IEEE /0550 Submission NameAffiliationsAddressPhone Kiseon RyuLG Electronics10225 Willow Creek Rd, San Diego, CA, 92131, USA +1
Doc.: IEEE 802.11-12/1042r3 Submission NameAffiliationsAddressPhoneemail Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,

Doc.: IEEE /1042r3 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,
Doc.: IEEE 802.11-12/1042 Submission NameAffiliationsAddressPhoneemail Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang, Kyungki,

Doc.: IEEE /1042 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang, Kyungki,
Doc.: IEEE 802.11-12/0257r1 Submission NameAffiliationsAddressPhoneemail Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,

Doc.: IEEE /0257r1 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,
Doc.:IEEE 802.11-12/0259r4 Submission March 2012 Reducing Probe Responses for faster AP discovery Slide 1 Authors: March 2012 NameAffiliationsAddressPhoneemail.

Doc.:IEEE /0259r4 Submission March 2012 Reducing Probe Responses for faster AP discovery Slide 1 Authors: March 2012 NameAffiliationsAddressPhone .
Submission doc.: IEEE 802.11-12/1034r4 September 2012 Jeongki Kim, LG ElectronicsSlide 1 Enhanced scanning procedure for FILS Date: 2012-09-17 Authors:

Submission doc.: IEEE /1034r4 September 2012 Jeongki Kim, LG ElectronicsSlide 1 Enhanced scanning procedure for FILS Date: Authors:
Doc.:IEEE 802.11-12/0258r7 Submission May 2012 Reducing Probe Responses for faster AP discovery Slide 1 Authors: May 2012 NameAffiliationsAddressPhoneemail.

Doc.:IEEE /0258r7 Submission May 2012 Reducing Probe Responses for faster AP discovery Slide 1 Authors: May 2012 NameAffiliationsAddressPhone .
Doc.: IEEE 802.11-12/1042r1 Submission NameAffiliationsAddressPhoneemail Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,

Doc.: IEEE /1042r1 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,
Doc.:IEEE 802.11-12/0258r6 Submission May 2012 Reducing Probe Responses for faster AP discovery Slide 1 Authors: May 2012 NameAffiliationsAddressPhoneemail.

Doc.:IEEE /0258r6 Submission May 2012 Reducing Probe Responses for faster AP discovery Slide 1 Authors: May 2012 NameAffiliationsAddressPhone .
Doc.: IEEE 802.11-12/0269r1 Submission NameAffiliationsAddressPhoneemail ChengYan FengZTE Corporation No.800, Middle Tianfu Avenue, Hi-tech District, Chengdu,

Doc.: IEEE /0269r1 Submission NameAffiliationsAddressPhone ChengYan FengZTE Corporation No.800, Middle Tianfu Avenue, Hi-tech District, Chengdu,
Access Control Mechanism for FILS

Access Control Mechanism for FILS
Omission of Probe Request

Omission of Probe Request
Month Year doc.: IEEE yy/xxxxr0 May 2012

Month Year doc.: IEEE yy/xxxxr0 May 2012
AP discovery with FILS beacon

AP discovery with FILS beacon
Proposed SFD Text for ai Link Setup Procedure

Proposed SFD Text for ai Link Setup Procedure

Similar presentations

Ads by Google