Project Title 2004-06-28 IEEE C802.20-04/62
advertisement
2004-06-28 IEEE C802.20-04/62 Project IEEE 802.20 Working Group on Mobile Broadband Wireless Access <http://grouper.ieee.org/groups/802/20/> Title Moving forward on IEEE 802.20 security: where are we and where do we want to go? Date Submitted 2004-06-28 Source(s) Florent Bersani Re: MBWA Call for Contributions Abstract Providing security to wireless communication technologies is a rather well-understood problem from a theoretical point of view. However, effectively delivering it in real world standards is something quite different. Security must de done by experts to which a clear set of requirements is provided. Purpose Prompt the 802.20 WG to refine its security requirements and plan the way it will want security to be handled. Notice This document has been prepared to assist the IEEE 802.20 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.20. Patent Policy The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual <http://standards.ieee.org/guides/opman/sect6.html#6.3> and in Understanding Patent Issues During IEEE Standards Development <http://standards.ieee.org/board/pat/guide.html>. Email: florent.bersani@francetelecom.com 2004-06-28 IEEE C802.20-04/XX What this presentation is about: • The previous contributions to MBWA on security • The way the security of MBWA is perceived by a newbie • How security could/should be handled by MBWA 2004-06-28 IEEE C802.20-04/XX What this presentation is not about: • The state of the art on the security for wireless communication technologies 2004-06-28 IEEE C802.20-04/XX Caveat (1/2) • When you listen to a presentation on security: be paranoid and use your brain! – Never trust a speaker that is not recognized as a security expert, for instance, do not trust this presentation ;-) – Even if the speaker is recognized as a security expert, make sure there are no misunderstandings with him and that his position reflects a consensus 2004-06-28 IEEE C802.20-04/XX Caveat (2/2) • This presentation is not made by: – A security expert – A networking expert – An IEEE 802 expert • Feel free to correct or interrupt! 2004-06-28 IEEE C802.20-04/XX The security contributions to 802.20 so far (1/2) • IEEE C802.20-03/06&07 - Wireless Security Threats – A tentative threat model and some solutions? • IEEE C802.0-03/21 - Distributed Security Proposal Certicom – Distributed vs. Centralized security architecture • IEEE C802.20-03/74&88 - An Alternative Approach for Enhancing Security of WMANs using Physical Layer Encryption – Physical layer encryption 2004-06-28 IEEE C802.20-04/XX The security contributions to 802.20 so far (2/2) • IEEE C802.20-04/09 - DoD Wireless Security Requirements for Sensitive but Unclassified information – Prompting 802.20 to meet US DoD requirements • IEEE C802.20-04/41- IEEE 802.20 MBWA Security Architecture – Security Requirements and proposed solutions • IEEE C802.20-04/56r1 - On Security Issues In Wireless Communications Systems – Selection of cryptographic primitives (AES and/or RC4) 2004-06-28 IEEE C802.20-04/XX The way 802.20 security is perceived by a newbie (1/5) • The PAR: – « Security Support AES (Advanced Encryption Standard) » • The 802.20 requirements document: – « 4.1.11 Network Security • Network security in MBWA systems shall protect the service provider from theft of service, the user’s privacy and mitigate against denial of service attacks. Provision shall be made for authentication of both base station and mobile terminal, for privacy, and for data integrity consistent with the best current commercial practice. 802.20 security is expected to be a partial solution complemented by end-to-end solutions at higher protocol layers such as EAP, TLS, SSL, IPSec, etc. » 2004-06-28 IEEE C802.20-04/XX The way 802.20 security is perceived by a newbie (2/5) • The 802.20 requirements document (continued): – « • 4.1.11.1 Access Control – Access control shall be provided using a cryptographic method. • 4.1.11.2 Privacy Methods – A method that will provide message integrity across the air interface to protect user data traffic, as well as signaling messages from unauthorized modification will be specified. – Encryption across the air interface to protect user data traffic, as well as signaling messages, from unauthorized disclosure will be incorporated. • 4.1.11.3 User Privacy – The system will prevent the unauthorized disclosure of the user identity. » 2004-06-28 IEEE C802.20-04/XX The way 802.20 security is perceived by a newbie (3/5) • The 802.20 requirements document (continued): – « • 4.1.11.4 Denial of Service Attacks – It shall be possible to prevent replay attacks by minimizing the likelihood that authentication signatures are reused. – It shall be possible to provide protection against Denial of Service (DOS) attacks. • 4.1.11.5 Security Algorithm – The authentication and encryption algorithms shall be publicly available on a fair and non-discriminatory basis. – National or international standards bodies shall have approved the algorithms. • The algorithms shall have been extensively analysed by the cryptographic community to resist all currently known attacks. » 2004-06-28 IEEE C802.20-04/XX The way 802.20 security is perceived by a newbie (4/5) • The security contributions – A collection of motley documents: • Large tutorials vs. concrete propositions • Correct vs. Incorrect assertions* • Low level vs. High level preoccupations * The latter is really a major concern!!! 2004-06-28 IEEE C802.20-04/XX The way 802.20 security is perceived by a newbie (5/5) • Yet another standard that does not take into account: – The lessons of the past? • IPsec (http://www.schneier.com/paper-ipsec.html*) • IEEE 802.11 (http://www.drizzle.com/~aboba/IEEE/wep-draft.zip*) – The work that is going/has gone on elsewhere? • IEEE 802.1AE&AF (http://www.ieee802.org/1/pages/802.1ae.html) • IEEE 802.16&IEEE 802.11i… * among others 2004-06-28 IEEE C802.20-04/XX How security could/should be handled by MBWA • Further refine the security requirements so that they can fed as unique input to security experts, in an ad-hoc group? • Organize the security experts group that will be fed the input requirements and the proposed solution outputs? • Keep up the good work and the positive attitude demonstrated so far towards security , e.g. – Taking security into account right from the start – Requiring « standard » and public security solutions 2004-06-28 IEEE C802.20-04/XX Example questions to be discussed (1/7) • What is the target architecture? – Ad-hoc networks, e.g. IBSS in 802.11 jargon (only STAs) – Infrastructure networks, e.g. BSS in 802.11 jargon (STAs communicating thanks to an AP) • What is the time-line for 802.20? – Tentative answer in IEEE C802.20-04/59 – Necessary if 802.20 wishes to reuse security standards that are not yet finished like .1ae&.1af 2004-06-28 IEEE C802.20-04/XX Example questions to be discussed (2/7) • How much flexibility in the security? – Supporting many cipher suites and versions • Expected performances of the cryptographic&security algorithms: – Latency, Throughput, Resource consumption (on which devices?) – Ease of deployment&ease of use Example questions to be discussed (3/7) • Placement of the of the security sublayer and interface to it – Where does the security sublayer fit in? • Below the MAC, at the PHY? C802.20-03/74&88 • Just below LLC? – see e.g. IEEE 802.10-1998* • Integrated to the MAC? – Which frames shall be protected? • Data • Control • Management – Which different types of protection will be available? • Confidentiality and Integrity/Replay protection • Only Integrity/Replay protection *withdrawn standard Example questions to be discussed (4/7) • Broadcast/multicast handling – Many ways to secure this trafic: how to compare them: • Bandwidth consumption • Resource requirements • Security/Functional issues (e.g., synchronization) • Handover impacts – Delay possibly added to handover by security – Various ways to deal with this (architectural, protocolary,…) Example questions to be discussed (5/7) • Security architecture: « . 802.20 security is expected to be a partial solution complemented by end-to-end solutions at higher protocol » – To what extent is the solution partial? • Denial of service attacks – Be prepared to much discussion on what is a serious DoS attack and what is not – Anyway, there still is the bovine jamming attack Example questions to be discussed (6/7) • Identity protection: « system will prevent the unauthorized disclosure of the user identity » – Current wording allows protocol that prompt authorized disclosure of identity ;-) – Anyway what is the user’s identity? • MAC address? See the debate on this in 802.1 Link Sec • Other, e.g., NAI for EAP? • How many bytes per frame can be sent on security? – Security typically needs a Nonce, a MIC tag, a SPI… – Can be problematic, see discussions between 802.1ae and 802.3ah! Example questions to be discussed (7/7) • Random numbers vs. Counters/timestamps – Any preference? • Key management is currently not evoked in the requirements document ! – It MUST be included with the corresponding requirements… – What are the requirements on a key management scheme? 2004-06-28 IEEE C802.20-04/XX Questions?
