Extra MIC for use in Public Access WLAN

Extra MIC for use in Public Access WLAN

May 2002 doc.: IEEE 802.11-02/346r0 Extra MIC for use in Public Access WLAN Stefan Rommer, Mats Nslund (Ericsson) Submission Slide 1 Stefan Rommer, Mats Nslund (Ericsson) May 2002 doc.: IEEE 802.11-02/346r0 Motivation Public Access WLAN has special properties not present in corporate WLAN. Security in the AP and between the AP and a WLAN Serving Node (WSN) is important.

Public Access Hotspot AP WSN/FA AP Submission Could be highly untrusted! Slide 2 Stefan Rommer, Mats Nslund (Ericsson) May 2002 doc.: IEEE 802.11-02/346r0 Motivation (2) Operators are very concerned about robust billing. Robust billing requires at least integrity protection between mobile terminal and WSN. Public Access Hotspot AP

WSN/FA Billing data collected here AP Submission Could be highly untrusted! Slide 3 Stefan Rommer, Mats Nslund (Ericsson) May 2002 doc.: IEEE 802.11-02/346r0 Solution alternatives 1. Extend the 802.11i security association (authentication, encryption etc.) from the Mobile all the way to the WSN.

Difficult since 802.11i is closely tied to the 802.11 MAC layer. 2. Let higher layers and/or other standards perform the needed functions A layer-2 solution is to prefer. IEEE 802.10 is not well supported. 3. Use proprietary solutions Not good for interoperability and market acceptance 4. Add needed functions to 802.11i Submission Slide 4 Stefan Rommer, Mats Nslund (Ericsson) May 2002

doc.: IEEE 802.11-02/346r0 Add needed functions to 802.11i: Extra MIC Add a (optional) transparent MIC that is not closely tied to the 802.11 MAC layer MIC calculated over the whole payload (MSDU) Payload = Payload || extra MIC The AP can be configured to not add/verify the MIC The AP can transparently forward the Payload || MIC Submission Slide 5 Stefan Rommer, Mats Nslund (Ericsson) May 2002 doc.: IEEE 802.11-02/346r0 Possible message flow 802.11i MIC Basic 802.11i

AP WSN/FA Payload RC Payload MIC TAG Payload MIC Payload AES Encrypted IV Payload MIC

Michael ICV TKIP Encrypted Submission Slide 6 Stefan Rommer, Mats Nslund (Ericsson) May 2002 doc.: IEEE 802.11-02/346r0 Motivation (3): Why specify it in 802.11i? A single standardised WLAN-solution will promote interoperability. Possible to reuse existing 802.11i functions, e.g. the key management. Possible to reuse the existing algorithms (e.g. Michael).

Submission Slide 7 Stefan Rommer, Mats Nslund (Ericsson) May 2002 doc.: IEEE 802.11-02/346r0 Key details AP WSN Trusted RADIUS Trusted RADIUS WSN acts as a RADIUS Proxy and can extract the EAP Master Key. A key for the new MIC can then be derived both at the Mobile and at the WSN. Submission

Slide 8 Stefan Rommer, Mats Nslund (Ericsson) May 2002 doc.: IEEE 802.11-02/346r0 Can we use the existing 802.11i MICs instead of adding a new one? Add MIC in the WSN, do the encryption in the AP. MIC should be applied to whole MSDU TKIP: Should be possible to add Michael in the WSN AES: OCB: Not easy, encryption and authentication coupled. CCM: Add CBC-MAC in WSN. Submission Slide 9 Stefan Rommer, Mats Nslund (Ericsson)

May 2002 doc.: IEEE 802.11-02/346r0 Conclusions Public access sites need extended protection. Robust billing requires at least integrity protection. An extra MIC is one option. 802.11i has the possibility to provide it. Existing security functions can be reused. Submission Slide 10 Stefan Rommer, Mats Nslund (Ericsson)

Recently Viewed Presentations

  • Information Organization and Retrieval

    Information Organization and Retrieval

    SIMS 202: Information Organization and Retrieval ... Thesaurus design (next week) Names Cutter's objectives of bibliographic description: To enable a person to find a document of which the author is known. To show what the library has by a given...
  • Silvia's Gymnastics

    Silvia's Gymnastics

    Laura Baker (Vault & All-Around Champion) Brooke Hurley (Beam & Floor Champion) Julia Leidelmeyer ... Conner Leap (Qualifier) Allison Smith (Qualifier) Molly Martin (Qualifier) Level 8 State Champion Team. Molly Martin Jessica Hutchinson. Carli Bingaman.
  • Stochasticity in Signaling Pathways and Gene Regulation: The

    Stochasticity in Signaling Pathways and Gene Regulation: The

    Lipniacki T, Paszek P, Brasier AR, Luxon B, Kimmel M. Mathematical model of NF-kappaB regulatory module. J Theor Biol. 2004 May 21;228(2):195-215. Stochasticity in Signaling Pathways and Gene Regulation: The NFκB Example and the Principle of Stochastic Robustness Marek Kimmel...
  • mrfullersclassrooms.weebly.com

    mrfullersclassrooms.weebly.com

    Long live the king. France. At the time, Robert La Salle had no idea of just how large this area was. This now meant the "New France" was a vast empire. This "new france" ended up being the Louisiana Purchase...
  • Phase 2 Human Health Risk Assessment of Oil

    Phase 2 Human Health Risk Assessment of Oil

    Recommendation 12: Consider the overall goals of the existing environmental monitoring programs for soil, water and biota, along with the presentation and quality of these data within the existing databases, specifically as these relate to the value that these data...
  • Prayer #2 Deliverance from Bloodline sins A Praye

    Prayer #2 Deliverance from Bloodline sins A Praye

    Thank you for always being mindful of me through Your death, burial and resurrection and now seated on the Throne to make intercession for me. Holy Spirit do the work of Yah's kingdom in my heart and my families in...
  • H Geography Exam-style questions Exam Questions Learning intentions

    H Geography Exam-style questions Exam Questions Learning intentions

    The shape can change through time to become curved or hooked at the end in response to changes in wind direction and currents (1 mark). Glaciation Explain the formation of one erosional landform and one depositional landform from You may...
  • THE HOLOCAUST 1933-1945 D. Smith/MBSS History 12 -Based

    THE HOLOCAUST 1933-1945 D. Smith/MBSS History 12 -Based

    Scholars today estimate the number of victims at between 5.2 million and 5.7 million, with the latter figure the most widely accepted estimate. The identities of roughly half the victims is known. Jews died in ghettos, in Einsastzguppenaktions, inwork camps,...