IEEE Std 802.10-1998 Proposed Revision Purpose, Scope & 5 Criteria Purpose The purpose of this PAR is to update the Secure Data Exchange (SDE) Protocol specified in IEEE Std 802.10-1998, to accommodate newly identified security requirements for all current 802 MACs and delete unneeded header fields. Scope The scope of this PAR is to make changes to the format and processing of SDE PDUs to: – Accommodate replay protection – Integrity protect the Destination MAC address – Integrity protect additional header fields, particularly the VLAN tag, as needed The current PDU format and processing will have to be modified to incorporate a sequence number; the DA will have to be included in the computation of the ICV, and; the VLAN tag (and any other required header fields) will be included in the computation of the ICV, if protection is required by VLAN tagging rules (which are to be specified). In addition, an informative annex will be developed that discusses various scenarios for securing Layer 2 bridged networks and a normative annex will be developed that defines an SDE profile specifying a single interoperable SDE configuration that must be supported by all vendors claiming conformance to the revised SDE specification. SDE Header Format Modifications INTEGRITY PROTECTED ENCRYPTED DA SA CLEAR HEADER Current Format SDE SAID MDF Des PROTECTED HEADER DATA PAD ICV STA FRAG SEC FLAGS ID ID LABEL INTEGRITY PROTECTED ENCRYPTED DA SA VLAN TAG Revised Format SAID CLEAR HEADER SEQ MDF NO. PROTECTED HEADER Pload FLAGS EType DATA FRAG SEC ID LABEL PAD ICV 5 Criteria Broad Market Potential 1. 2. 3. Broad sets of applicability Multiple vendors & numerous users Balanced costs (LAN vs attached stations) 1. Security is applicable to most personal and business environments that utilize 802 Layer 2 products. Increased security awareness in the general user population has dramatically increased the demand for security in networks composed of 802 Layer 2 products. 2. Several hundred people representing more than a hundred companies attend various 802 working groups that require security support in their products. These currently include 802.3 (P2P & P2MP), 802.11 (WLAN), 802.15 (WPAN), 802.16 (WMAN), 802.17 (RPR), & 802.20 (MBWA). 3. Layer 2 security can be implemented in either LAN devices or attached stations. Implementation of security in bridges is the most cost effective method, since many attached stations can be supported by a single bridge. Compatibility The proposed revisions to IEEE Std 802.10-1998 are compatible with all current 802 MAC and bridging standards There are no implementations of 802.10-1998, therefore backwards compatibility is not an issue Revisions to 802.10-1998 will conform with 802 Overview & Architecture and 802 layer management, as appropriate Distinct Identity 1. 2. 3. Substantially different from other IEEE standards One unique solution per problem Easy for the document reader to select the relevant specification 1. There are no other 802-wide security standards. 802.11i security work is specific to 802.11 products, and is not intended to be a generic solution for all 802 MACs. PARs produced by the LinkSec ECSG will either support this effort, or be entirely distinct from it, but will not duplicate any of 802.10’s work. 2. The goal of the revisions to 802.10-1998 is to provide a unique security solution that is applicable to all 802 MAC and bridging Standards. 3. The proposed effort is a revision to 802.10-1998, which will have a distinct document revision number (probably IEEE Std 802.10-2004) Technical Feasibility 1. 2. 3. Demonstrated system feasibility Proven technology, reasonable testing Confidence in reliability 1. Technological revisions to 802.10-1998 are simple and straight-forward. Similar constructs are being used in a variety of products and other standards efforts today. 2. Products supporting Internet standards that incorporate similar technology have been sold world-wide and have been thoroughly tested in the field. 3. As with many security Standards, reference implementations will have to be constructed to which compliance must be proven in order to achieve the necessary confidence. Economic Feasibility 1. 2. 3. Known cost factors, reliable data Reasonable cost for performance Consideration of installation costs 1. The goal of this project is to create a Layer 2 security mechanism that balances the cost of implementing data security with the cost and performance of the access technology. 2. Security mechanisms have been incorporated in Layers 2, 3, 4, and 7 at a reasonable cost increment, in terms of both dollars and throughput. 3. Any Layer 2 security mechanism may require additional infrastructure, depending on the type of key management mechanism selected. This translates into additional installation cost for equipment, software, and/or administration.