Add to collection(s) Add to saved
  1. Social Science
  2. Psychology
  3. Conformity

Session #57 Security Contribution Summary

advertisement 
Session #57 Security Contribution Summary
IEEE 802.16 Presentation Submission Template (Rev. 9)
Document Number: C802.16m-08/1223r2
Date Submitted:
2007-09-17
Source:
David Johnston, Intel Corporation
Voice:
Ranga Reddy, US Army
Wei-peng Chen, Fujitsu
E-mail:
david.johnston@ieee.org
Venue:
Kobe, September 08
Base Contribution:
Purpose:
Informational Summary of Security contributions submitted to 802.16 session #57.
Notice:
This document does not represent the agreed views of the IEEE 802.16 Working Group or any of its subgroups. It represents only the views of the participants listed in the
“Source(s)” field above. It is offered as a basis for discussion. It is not binding on the contributor(s), who reserve(s) the right to add, amend or withdraw material
contained herein.
Release:
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an
IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s
sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this
contribution may be made public by IEEE 802.16.
Patent Policy:
The contributor is familiar with the IEEE-SA Patent Policy and Procedures:
<http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and <http://standards.ieee.org/guides/opman/sect6.html#6.3>.
Further information is located at <http://standards.ieee.org/board/pat/pat-material.html> and <http://standards.ieee.org/board/pat >.
Security Comments
#
T/E
41
T
Doc#
542
T
9075r12
543
544
E
T
907r1
545
546
T
T
1141
966
547
548
T
T
879r1
880r1
549
550
T
T
881r1
1099r2
551
T
1087
552
553
554
T
T
T
1167
1168
1169
604
T
923
Subject
Role of security management
block
Notes/Harmonization Suggestions
Erroneous doc number. Should be
Management Frame Protection
905r2. Harmonize with 987 ?
Location of security section - in
mac or on its own
Dynamic CMAC length
Harmonize with 545/Doc 1141 ?
Authenticated HCS for
signalling headers
Harmonize with 544/ Doc 907r1 ?
New encrypted PDU format
Harmonize with #604/doc 923 ?
Polynomial TEK Derivation /
Distributed trust
MS ID Privacy, through Certs Harmonize with 542 doc905r2 ?
ECC Crypto instead of RSA in
authorization
MAP Protection
MSID Privacy & MFP, using
Temporay ID.
Authentication before
capability exchange
1 byte PN
Encryption at SDU level
PDU Sequence number
replacing PN
Harmonize with 604 & 546 ?
Harmonize with #546 / Doc 966 ?
Security Contributions Without Comments (1/2)
T/E
T
Doc#
892r1
Subject
Notes
Secure Multicast. GTEK updates
etc.
T
987
Management Frame Protection
T
988
Derived TEKs
T
T
989
MAC Address Privacy through
temp IDs
1119r2
MAC Address Privacy through DH
or RSA tunnel setup
Harmonize with
905r2 ?
Harmonize with
880r1, 1087,
1119r2, 1088 ?
Proposal Concepts
•
Management Frame Protection/MAP Protection
– 905r2, 1099r2, 1087, 987
•
PN Size Reduction / Authentication Tuple overhead reduction
– 966, 1168, 923
•
MS ID Privacy
– 880r1, 1087, 989, 1119r2, 1088
•
Uplink header authentication
– 907r1, 1141,
•
Link Cipher at MAC CS
– 1169
•
Derived TEKs, Multicast GTEK Update
– 879r1, 892r1, 988
•
Dynamic SA creation
– 879r1
•
ECC Certificates
– 881r1
•
Authentication before Capability Exchange
– 1167, 760r3
•
Others/Misc – Comment #41, #543
Non Security Classified Contributions with
Security Overlap
• 760r3
– Proposes Authentication before capability exchange
• 906r1
– Compressed MAC header.
• Proposes 3-state EKS to merge EKS and EC bits.
• 1059
– Short MAC header formats
• Proposes no encryption mode & 1 bit EKS.
• 1067
– Manipulation of EC, EKS and PN
• 1081
– 1 bit EKS & removed EC
• 1088
– MS ID Hiding. Should be MAC: Security
RG Presentation Suggestions
•
Management Frame Protection/MAP Protection
– 987, 1099r4
•
PN Size Reduction / Authentication Tuple overhead reduction
– 923
•
MS ID Privacy
– 1119r2, 1088, 880r2
•
Uplink Header Authentication
– 907r1, 1141
•
Link Cipher @ MAC CS
– 1169
•
Derived TEK, Multicast GTEK Update
– 879r1, 988
•
Dynamic SA creation
– 879
•
ECC certificates
•
– 881r4
For the discussion here at the session some priority is being given to contributions that were
classified as “Security”. Contributions that are not discussed here will still be given an
opportunity during RG discussions on email reflector and text development.
Related documents
Session #57 Security Contribution Summary
Session #57 Security Contribution Summary
Session #57 Security Contribution Summary
Session #57 Security Contribution Summary
The OSI Reference Model Application
The OSI Reference Model Application
IEEE 802 Standards We’ve Got a Deal !
IEEE 802 Standards We’ve Got a Deal !
Download
advertisement