; 11-09-0315-04-0wng-enhanced-security
Learning Center
Plans & pricing Sign in
Sign Out
Your Federal Quarterly Tax Payments are due April 15th Get Help Now >>



  • pg 1
									July 2009                                         doc.: IEEE 802.11-09/0315r4

               Enhanced 802.11 Security
                             Date: 2008-07-10
Name          Affiliations   Address            Phone        email
Dan Harkins   Aruba Networks 1322 Crossman ave, +1 408 227   dharkins@arubanetworks.
                             Sunnyvale, CA      4500

Submission                           Slide 1                 Dan Harkins, Aruba Networks
July 2009                            doc.: IEEE 802.11-09/0315r4


 This document describes some missing features from
   802.11 and proposes a way to add them to IEEE 802.11.

Submission                 Slide 2             Dan Harkins, Aruba Networks
July 2009                                              doc.: IEEE 802.11-09/0315r4

                  Security Services in 802.11
 • Key Management
       – Authentication: A STA can prove its identity to the network and vice
       – Authorization and Access Control: Once authenticated a STA can be
         given access to the network, or a subset of it, or denied access to the
       – Key derivation: each side derives a key known bound to each other.
 • Ciphers
       – Data Confidentiality: Data sent between the STA and AP is hidden from
         all but the source and destination of the data.
       – Data Integrity: The recipient of a frame is able to verify that the frame
         was not modified in transit and that a false frame has not been substituted
         for a valid frame.
       – Data Source Authentication: The recipient of a frame is able to ascertain
         the origin of the frame and it is not possible for anyone else to masquerade
         as the claimed originator.

Submission                               Slide 3                  Dan Harkins, Aruba Networks
July 2009                                                    doc.: IEEE 802.11-09/0315r4

   How are These Services Provided Today?
 • Wired Equivalent Privacy (WEP)
       – Key Management
             • Shared key: insecure simple proof-of-possession of a shared key
       – Cipher
             • WEP: insecure, numerous fundamental flaws in design
 • Robust Security Network (RSN)
       – Key Management
             • 802.1x: provides mutual authentication, allows for authorization and access
               control decision making, generates secure and cryptographically strong keys.
             • PSK: provides a limited type of authentication, generates weak keys that void
               some features of RSN ciphers.
       – Ciphers
             • TKIP: provides confidentiality, data integrity (sub-optimally), and data source
             • CCMP: provides confidentiality, data integrity, and data source authentication.

Submission                                    Slide 4                     Dan Harkins, Aruba Networks
July 2009                                              doc.: IEEE 802.11-09/0315r4

                      What’s The Problem?
• 802.11’s current cryptographically strong security is limited to one
  particular use case– the enterprise-- where:
      – a AAA server is used to aggregate security services and policy.
      – strict roles are enforced: clients obtain network access through APs.
• 802.11’s current cryptographically strong security doesn’t really
  work for other deployments.
      – Small office/home office– a stand-alone AAA server is problematic.
      – Networks of consumer electronics devices– a stand-alone AAA server is a
        non-starter and there is no real “client” and “AP” role.
      – Mesh and peer-to-peer applications– there is no “client” and “AP” role.
• The PSK mode of 802.11i is insecure. This is a source of continued
  bad press for 802.11– “802.11 is still not secure”.
• CCM in software is reaching performance limits with current
  802.11 high-rate PHYs
Submission                               Slide 5                  Dan Harkins, Aruba Networks
July 2009                                                    doc.: IEEE 802.11-09/0315r4

                         What’s the Problem?
 • People right now want to use 802.11 in ways that are not
       – 11-09-0558-00-0000-bluetooth-sig-liaison-report-may-2009
             • Need for secure high-speed data transfer between personal devices (non-AP
               STAs) but 802.11 doesn’t support that. So, use insecure Bluetooth key
               management to get a key and then use 802.11 for data transport.
       – Wi-Fi Alliance liaison report from May 2009 (verbal)
             • There is a compelling use case for peer-to-peer use of 802.11 but that isn’t
               supported in 802.11, so WFA is defining a new layer to provide the appearance
               of peer-to-peer.
             • PSK mode in 802.11 is insecure but a compelling use case for PSKs still exists
               so WFA is trying to come up with an adjunct protocol to lessen the security
               exposure– it does not eliminate it though, the solution does not achieve
               provable security..
 • People will soon want to use 802.11 in ways that are not supported:
       – “smart grid” applications
 • People trade security for usability because 802.11 does not give
   them both (see 11-09-0580-00-0wng-future-security-activities).
Submission                                    Slide 6                    Dan Harkins, Aruba Networks
July 2009                                                doc.: IEEE 802.11-09/0315r4

                         What’s The Solution?
• Support currently unsupported use cases in 802.11 to
  make hacks by other SDOs unnecessary.
• Provide security and usability to 802.11
• A Study Group to come up with a PAR & 5C to work on:
     – Secure, de-centralized, peer-to-peer authentication and key
       management protocols– address the Bluetooth and WFA issues
             • A password-based key exchange that is resistant to attack
             • A certificate-based key exchange
     – Definition (not development) of new ciphers
             • AES-GCM: a high-performance, single-pass, cipher for authenticated
             • AES-SIV: a misuse-resistant cipher for authenticated encryption

Submission                                  Slide 7                  Dan Harkins, Aruba Networks
July 2009                                            doc.: IEEE 802.11-09/0315r4

              A Focus on Enhanced Security
 • Tight focus ensures timely results
       – Keep a focus on security enhancements to existing 802.11 functionality
         and not creation of new security algorithms, ciphers, etc.
       – Much of this has already been designed– GCM, SIV, SAE– so it’s a
         problem of defining use in 802.11.
 • There is a need for de-centralized security in 802.11
       – Use of a PSK/password is widespread and will remain so. Unfortunately it
         is not secure; we should make it so.
       – There is market demand as shown by the work of other SDOs.
       – It makes sense for 802.11 to provide it instead of hoping other
         organizations do it (and do it right).
 • Data rates keep increasing, ciphers cannot be bottlenecks!
 • More efficient ciphers consume less power which results in longer
   battery life, and it’s also green.
 • Do security work in a security group; keep experts focused on
   their area of expertise.

Submission                              Slide 8                 Dan Harkins, Aruba Networks
July 2009                                                 doc.: IEEE 802.11-09/0315r4

 •    Move to request the 802.11 Working Group to approve and forward to
      the IEEE 802 Executive Committee the creation of a new IEEE 802.11
      Study Group, called the Enhanced 802.11 Security Study Group (ESSG),
      to investigate ways to provide security enhancements to 802.11 on the
       – Secure, robust, de-centralized, peer-to-peer key management.
       – Faster, more robust, or more power-efficient ciphers.

      Upon confirmation of feasibility and per 802 operating rules, the ESSG
      shall draft a PAR and 5 criteria to be submitted to the 802.11 WG.



Submission                                  Slide 9                     Dan Harkins, Aruba Networks

To top