carta hiroki final · Title: carta hiroki final.cdr Author: SUSO Created Date: 4/23/2019 3:56:06 PM
Doc.: IEEE 802.11-10/0361r0 Submission March 2010 Hiroki Nakano, Trans New Technology, Inc.Slide 1...
-
Upload
ursula-lewis -
Category
Documents
-
view
217 -
download
0
description
Transcript of Doc.: IEEE 802.11-10/0361r0 Submission March 2010 Hiroki Nakano, Trans New Technology, Inc.Slide 1...
doc.: IEEE 802.11-10/0361r0
Submission
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 1
Fast Initial AuthenticationDate: 2010-03-16
Authors:Name Company Address Phone emailHiroki NAKANO Trans New
Technology, Inc.
Sumitomo-Seimei Kyoto Bldg. 8F, 62 Tukiboko-cho Shimogyo-ku, Kyoto 600-8492 JAPAN
+81-75-213-1200 [email protected]@trans-nt.com
Hitoshi MORIOKA ROOT Inc. #33 Ito Bldg. 2-14-38 Tenjin, Chuo-ku, Fukuoka 810-0001 JAPAN
+81-92-771-7630 [email protected]
Hiroshi MANO ROOT Inc. 8F TOC2 Bldg. 7-21-11 Nishi-Gotanda, Shinagawa-ku, Tokyo 141-0031 JAPAN
+81-3-5719-7630 [email protected]
doc.: IEEE 802.11-10/0361r0
Submission
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 2
The purpose of this presentation
“Fast Initial Authentication” and any other preparation require cooperation among all layers including IEEE802.11, IP etc. We are focusing on the procedure of IEEE802.11 to set up communication channel between AP and Non-AP STA.
This presentation just introduces some ideas to make the procedure faster in order to show their technical possibilities and to help you to consider starting official discussion about “Fast Initial Authentication” in 802.11 WG.
doc.: IEEE 802.11-10/0361r0
Submission
Why “Fast Initial Authentication?”
• We should prepare for “Fast Initial Authentication” because of…1. Moving users with HIGH VELOCITY through a cell of AP2. HUGE NUMBER of users within reach of each AP3. Very SMALL CELL of each AP
• See IEEE802.11-10/0286r0 and come to the tutorial session for more detail
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 3
doc.: IEEE 802.11-10/0361r0
Submission
Quick update contents and push services
– You can update new messages and location data while just passing an AP's coverage.
– You do not have to stop many times like serious landing operation.– Service provider can distribute the handbill without stopping the foot
of the customer.– Pop E-mail
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 4
Location
Messages
Handbill
New location and presenceUpdated new twitters and messagesGet new handbills
No need stop! Just pass through!
doc.: IEEE 802.11-10/0361r0
Submission
Who consume time for authentication and setting up channel?
• AP Discovery (802.11?)• Association (802.11)• Authentication (802.11, 802.1X)• DHCP (IPv4), RA (IPv6)• ARP (IPv4), NDP (IPv6)• Protocols on more upper layer
– Mobile IPv4/6– DNS– VPN– HTTP…
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 5
doc.: IEEE 802.11-10/0361r0
Submission
An Example of Packet ExchangeMarch 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 6
STA AP RADIUS ServerBeacon
Probe RequestProbe Response
Association RequestAssociation Accept
EAPOL-StartEAP-Request/IdentityEAP-Response/Identity
EAP-Request/TLS-Start
RADIUS-Access-Request/IdentityRADIUS-Access-Challenge/TLS-Start
EAP-Response/TLS-client Hello
EAP-Success
RADIUS-Access-Request/Pass ThroughRADIUS-Access-Challenge/ Server Certificate
EAP-Key
EAP-Request/Pass ThroughEAP-Response/Client Certificate RADIUS-Access-Request/Pass Through
RADIUS-Access-Challenge/Encryption TypeEAP-Request/Pass ThroughEAP-Response RADIUS-Access-Request
RADIUS-Access-Accept
Open System AuthenticationOpen System Authentication
DHCP DiscoverDHCP OfferDHCP RequestDHCP Ack
Mobile IPv4 Registration Request
Mobile IPv4 Registration Reply
Home Agent
Mobile IPv4 Registration RequestMobile IPv4 Registration Reply
doc.: IEEE 802.11-10/0361r0
Submission
Challenge to minimum procedure
• We employ too many packets to pile up layers.Can we decrease packets for initial setup?
• The least procedure is “single roundtrip.”Can we do that?
• Let’s think about IEEE802.11 first.
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 7
doc.: IEEE 802.11-10/0361r0
Submission
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 8
Assumed Goal
• Employ just SINGLE round-trip exchange of frames– STA to AP, then AP to STA
• Do all things to start user’s data exchange– Association– Authentication– Key Exchange
• No direct contract between AP and non-AP STA– ‘Authentication Server’ mediates between AP and non-AP STA– For separation of service providers and AP infrastructure
• Possibly compatible with existing 802.11 framework– Old STAs can be still operated together.
doc.: IEEE 802.11-10/0361r0
Submission
Ideas?
1. Omit Pre-RSNA authentication process2. Piggyback authentication information onto
Association Request/Response3. Piggyback upper information onto Association
Request/Response
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 9
doc.: IEEE 802.11-10/0361r0
Submission
Idea 1: Omit Pre-RSNA Auth. Process
• We use “Open System” authentication on Pre-RSNA framework at anytime. – Anyone using Shared Key auth?
• “Open System auth. is a null auth. algorithm. Any STA requesting Open System auth. may be authenticated”
Quoted from 802.11-2007 section 8.2.2.2
• Nevertheless, it takes ONE round-trip time to do that!
• Standard should be changed to allow to run Association process without Open System authentication process.– Any problem occurs?
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 10
doc.: IEEE 802.11-10/0361r0
Submission
Reason of existence of Open System auth.
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 11
doc.: IEEE 802.11-10/0361r0
Submission
802.11-2007 Figure 11-6
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 12
doc.: IEEE 802.11-10/0361r0
Submission
Modified Figure?
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 13
Successful Association by new protocol
doc.: IEEE 802.11-10/0361r0
Submission
Backward Compatibility
Old APnot supporting FastAKM
New APsupporting FastAKM
Old STAnot supporting FastAKM N.P.
Old STA begins to talk in old protocol and New AP
speaks in the old protocol.
New STAsupporting FastAKM
New STA tries new protocol but Old AP
doesn’t accept.And then New STA goes
in old protocol.
N.P.
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 14
doc.: IEEE 802.11-10/0361r0
Submission
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 15
Idea 2: Piggyback Auth. Info. onto Association Request/Response
• Can “Mutual Authentication” be done by just A round-trip of Association Request/Response?– “Single Round-trip Authentication” is a common problem.
STA AP Authentication ServerBeacon
(Probe Request)(Probe Response)
Authentication (Open System)Authentication (Open System)
Access RequestAccess Response
Association Request
Association Response (Accept)
doc.: IEEE 802.11-10/0361r0
Submission
Supposed Service Model
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 16
doc.: IEEE 802.11-10/0361r0
Submission
Relations in Real World
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 17
Contract to provide wireless access via AP infrastructure.Share information to identify each other properly, e.g. username, password, digital certificate, etc.
Contract to provide wireless access to users specified by Authentication Server (i.e. Service Provider)Set up secure communication channel to exchange information about users
doc.: IEEE 802.11-10/0361r0
Submission
Cryptographic Keys
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 18
Set up in advanceby contract USER-KEYAP-KEY
doc.: IEEE 802.11-10/0361r0
Submission
Relations in Computer Network
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 19
Secure channel bycryptographic keyset up inadvance
Encrypted bundle including the followings:•User ID•Key
How can we exchange keys safely?
doc.: IEEE 802.11-10/0361r0
Submission
Step 1: Make Key on Non-AP STA
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 20
TMP-KEYSTA generates a Key fromrandom number generator
doc.: IEEE 802.11-10/0361r0
Submission
Step 2: Send Encrypted Bundle toward AP
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 21
Bundle encrypted by USER-KEYincludes the followings:• User’s ID• TMP-KEY
Auth. Server Selector
doc.: IEEE 802.11-10/0361r0
Submission
Step 3: AP Forwards data to Auth Server
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 22
Auth. Server Selector
AP doesn’t see data inside bundlebecause data are encrypted by USER-KEYwhich AP doesn’t have any knowledge about.
Select Auth. Server
doc.: IEEE 802.11-10/0361r0
Submission
Step 4: Auth Server sends back to AP
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 23
Auth. Server Selector
Send back TMP-KEY to APRemind that there is a securechannel by AP-KEY
doc.: IEEE 802.11-10/0361r0
Submission
Final Step: AP Acknowledges to STA
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 24
Acknowledge and additional informationencrypted by TMP-KEY
Now, both share TMP-KEY!
doc.: IEEE 802.11-10/0361r0
Submission
After Exchanging Key…
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 25
Normal communication encrypted by TMP-KEY
doc.: IEEE 802.11-10/0361r0
Submission
Attack 1: Fake STA
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 26
Bundle reaches Auth. Server
No USER-KEYshared
Auth. Server can not extract data from bundle because of lack of USER-KEY.
doc.: IEEE 802.11-10/0361r0
Submission
Attack 2: Fake AP
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 27
No secure channelbecause of nocryptographickey shared
AP can not send anything to Auth. Server
doc.: IEEE 802.11-10/0361r0
Submission
Attack 3: Fake AP and Fake Auth Server
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 28
Bundle reaches Auth. Server
No USER-KEYshared
Auth. Server can not extract data from bundle because of lack of USER-KEY.
doc.: IEEE 802.11-10/0361r0
Submission
Attack 4: Man In The Middle of AP and STA
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 29
Normal communication encrypted by TMP-KEY
He can not have TMP-KEY…
??
doc.: IEEE 802.11-10/0361r0
Submission
Attack 5: DoS by Auth Request
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 30
Numerous Auth Request
Numerous Auth Request
doc.: IEEE 802.11-10/0361r0
Submission
Attack 6: DoS by Fake “Auth Failed”
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 31
Fake “Auth Failed” messages
Acknowledge and additional informationencrypted by TMP-KEY
?
doc.: IEEE 802.11-10/0361r0
Submission
Attack 2: Someone between AP and STA
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 32
Normal communication encrypted by TMP-KEY
doc.: IEEE 802.11-10/0361r0
Submission
Idea 3: Piggyback upper information onto Association Request/Response
• Association Request/Response can be open to upper layers in order to bring back their information like IP address, Netmask etc.
• IEEE802.11 can provide framework for this.
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 33
STA AP Authentication ServerBeacon
(Probe Request)(Probe Response)
Authentication (Open System)Authentication (Open System)
Access RequestAccess Response
Association Request
Association Response (Accept)With upper network configuration
doc.: IEEE 802.11-10/0361r0
Submission
Difference from 802.11-2007
• Additional state transition to skip Open System Auth.– Figure 11-6—Relationship between state variables and services
• Few additional elements to Table 7-26 Element IDs– Authentication Server Selector (240 temporally)– Bundle for User Information (241 temporally)– Upper layer data
• RSN with key obtained by new FastAKM framework– 7.3.2.25 RSN information element (for beacon and probe resp.)– Both Group and Pairwise Cipher Suites are set to CCMP.– AKM Suite is set to the brand-new one!
• Define new AKM Suite (00-d0-14-01 is used temporally.)• Assign officially on Table 7-34 AKM suite selectors in future…
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 34
doc.: IEEE 802.11-10/0361r0
Submission
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 35
Conclusion
• Not-so-many changes enables FastAKM framework.
• IEEE802.11 can help upper layers to be configured quickly.
• We need place to keep more technical discussion; – to build and verify authentication method– about any effect of changing standard– to write down detailed specification
doc.: IEEE 802.11-10/0361r0
Submission
Straw Poll
“Does WNG think that we need another place to discuss this topic ?”
• Yes: • No: • Don’t Care:
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 36
doc.: IEEE 802.11-10/0361r0
Submission
March 2010
Hiroki Nakano, Trans New Technology, Inc.Slide 37