1. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Key Management for 802.15 Date Submitted: September 21, 2011 Source: Robert Moskowitz, Verizon Address 1000 Bent Creek Blvd, Mechanicsburg, PA, USA Voice:+1 (248) 968-9809, e-mail: rgm@labs.htt-consult.com Re: Key Management for 802.15 Abstract:Key Management Protocol support for 802.15 Purpose:To add Key Management capabilities to 802.15 Notice:This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release:The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15.

2. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 2 Adding Key Management Protocol support to 802.15 Robert Moskowitz Okinawa September 21, 2011

3. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 3 Abstract To provide for a Key Management Protocol for 802.15 Mechanism for 15.4,.6,.7 KMP agnostic Support: HIP, IKEv2, 802.1X,... Provide recommended functionality for KMPs

4. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 4 Functionality Functionality needed – Manage keying variables in 802.15 security Security mode, key value,key rollover,... – Manage long-lived PMK and key- lifetime PTK (including key refresh) – Distribute GTK for broadcast/multicast – Provide authentication

5. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 5 Document Organization General KMP transport method Specific instructions for – 802.15.4, 15.6, 15.7 Guidelines for specific KMPs – HIP, IKEv2, 802.1X, 4-Way Handshake, SAE Use case scenario

6. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 6 KMP Transport General KMP transport method – KMP packets vary greatly in length but can go to a couple KB When including X.509 certificates – Transport MUST provide a fragmentation/reassembly role – A simple forced in order validated transmission – KMP SHOULD be the earliest possible interaction between to nodes

7. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 7 KMP Transport General KMP transport method – A shim that fragments the KMP datagram into manageable pieces Using a standard TLV (Type/Length/Value) container “Information Element” – A command frame for actual transmission if no “EtherType” in data frames – A forced ACK to ensure in order receipt

8. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 8 KMP Transport General KMP transport method – Even with forced ACKs, duplicates WILL be received (e.g. ACK lost) Provide for recognition and dropping of duplicate content

9. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 9 Frame Content TLV format – Type assigned for 'KMP' – If Max length is less than frame payload Allow for multiple TLVs per frame to minimize transmission overhead – Value contains 1 byte control plus KMP datagram fragment

10. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 10 Frame Content Control field – 1 bit Chaining flag (yes, last/one only) Chaining REQUIRES frame ACK – 7 bit KMP type/Chain count First packet provides KMP type – (HIP, IKEv2, 802.1X, SAE, 4-Way- Handshake, vendor Chain count – C=0 is 2 nd fragment – C=1 is 3 rd fragment

11. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 11 Frame Content Control field – 7 bit count with ave 65 byte Value yields 8KB KMP datagram – Warning on processing Last packet in chain may be indistinguishable from a 1 packet only transmission Once in chaining simple to manage this

12. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 12 802.15.4 Guidelines Use 4e Multipurpose Frame – Provides support for Information Element – Can use IEs in Command Frames Pre 4e devices – Recommendation on equivalent method E.G. Work with 6lowpan on RFC

13. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 13 802.15.4 Guidelines Security Association (SA) – Indexed by peer long address Include short address once assigned – Master Key information – Transient Key information – Group Key(s) information Min Send and Receive keys – Supply KDF

14. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 14 802.15.6 and.7 Guidelines If there are equivalent features to 4e – Guidelines mirror 15.4 guidelines – Need experts If no equivalent features – Guidelines for upper layers for Shim and SA support

15. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 15 KMP Guidelines For each KMP – Text supplied by expert Supply usage scenario(s) – Referenced standard – SA population – Other advice

16. doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 16 Moving Forward Next steps