Wi-Fi Protected Setup Specification 1. Protected Setup Specification 1.0h.pdf¢  Components...

download Wi-Fi Protected Setup Specification 1. Protected Setup Specification 1.0h.pdf¢  Components and Interfaces

of 110

  • date post

    17-Oct-2020
  • Category

    Documents

  • view

    0
  • download

    0

Embed Size (px)

Transcript of Wi-Fi Protected Setup Specification 1. Protected Setup Specification 1.0h.pdf¢  Components...

  • Wi-Fi Alliance Confidential

    Wi-Fi Protected Setup Specification Page 1 of 110 Version: 1.0h

    Wi-Fi Protected Setup Specification

    Version 1.0h December 2006

    This document contains a proposal for easy, secure setup and introduction of devices into WPA-enabled 802.11 networks. It is intended to meet the requirements determined by the Wi-Fi Protected Setup working group in the Wi-Fi Alliance.

  • Wi-Fi Alliance Confidential

    Wi-Fi Protected Setup Specification Page 2 of 110 Version: 1.0h

    Table of Contents

    1. Introduction........................................................................................................................ 7 1.1. Purpose ...............................................................................................................................................7

    1.2. Scope ...................................................................................................................................................7

    1.3. Related Documents ...........................................................................................................................7

    1.4. Supported Usage Models .................................................................................................................7

    Primary Usage Models..................................................................................................................................7

    Secondary Usage Models ..............................................................................................................................7

    1.5. Mental Model .....................................................................................................................................8

    1.6. Design Approach ...............................................................................................................................8

    1.7. Solution Flexibility ............................................................................................................................8

    1.8. User Experience.................................................................................................................................9

    1.8.1. In-band Setup ................................................................................................................................9

    1.8.2. Out-of-band Setup ........................................................................................................................9

    2. Core Architecture ............................................................................................................. 11 2.1. Definitions ....................................................................................................................................... 11

    2.2. Components and Interfaces .......................................................................................................... 12 2.2.1. Architectural Overview........................................................................................................................... 12 2.2.2. Interface E................................................................................................................................................ 12 2.2.3. Interface M .............................................................................................................................................. 13 2.2.4. Interface A ............................................................................................................................................... 14

    2.3. Registration Protocol ..................................................................................................................... 15

    2.4. Security Overview.......................................................................................................................... 16

    2.4.1. In-band Configuration .............................................................................................................. 16

    2.4.2. Guidelines and Requirements for PIN values ....................................................................... 18

    2.4.3. Out-of-band Configuration ...................................................................................................... 18

    3. Initial WLAN Setup.......................................................................................................... 19 3.1. Standalone AP ................................................................................................................................ 19

    3.2. Legacy AP........................................................................................................................................ 19

    3.3. AP With an External Registrar ................................................................................................... 20

    3.3.1. EAP-based Setup of External Registrar................................................................................. 21

    3.3.2. Ethernet-based Setup of External Registrar ......................................................................... 23

  • Wi-Fi Alliance Confidential

    Wi-Fi Protected Setup Specification Page 3 of 110 Version: 1.0h

    4. Adding Member Devices................................................................................................... 25 4.1. In-band Setup Using a Standalone AP/Registrar ..................................................................... 25

    4.2. Out-of-band Setup Using a Standalone AP/Registrar.............................................................. 27

    4.3. Out-of-band Setup Using an External Registrar ...................................................................... 28

    4.4. Secure Setup with Legacy AP ...................................................................................................... 29

    4.5. Secure Setup with Legacy Enrollee ............................................................................................. 29

    4.5.1. Mental model mapping ............................................................................................................. 29

    4.6. No-Security Out-of-band Setup Using a Standalone AP ......................................................... 29

    4.6.1. Mental model mapping ............................................................................................................. 30

    5. Secondary Usage Models.................................................................................................. 31 5.1. Removing Members from the WLAN ........................................................................................ 31

    5.2. Guest access..................................................................................................................................... 31

    5.3. Re-keying credentials .................................................................................................................... 31

    5.4. Expanding the network - Adding additional AP or Router .................................................... 31

    5.5. Changing Network Name (SSID), radio channels, etc. ............................................................ 31

    6. Registration Protocol Definition....................................................................................... 33 6.1. Registration Protocol Initiation ................................................................................................... 33

    6.2. Registration Protocol Messages ................................................................................................... 34 6.2.1. Optional Parameters ................................................................................................................................ 35

    6.3. Key Derivation................................................................................................................................ 36

    6.4. Proof-of-possession of Device Password..................................................................................... 38

    6.4.1. PIN Checksums .......................................................................................................................... 38

    6.4.2. Device Password Splitting ........................................................................................................ 39

    6.4.3. Device Password Usage ............................................................................................................. 39

    6.5. Key Wrap Algorithm..................................................................................................................... 40

    6.6. Rekeying .......................................................................................................................................... 41

    6.7. Key Summary and Classification ................................................................................................ 41

    6.8. Security Analysis ............................................................................................................................ 42

    6.9. Out-Of-Band Channels ................................................................................................................. 43 6.9.1. Out-of-band Channel Characteristics..................................................................................................... 43

    6.10. EAP Transport of Registration Protocol ...........................................................