Vff roaming
This presentation is the property of its rightful owner.
Sponsored Links
1 / 5

VFF Roaming PowerPoint PPT Presentation


  • 49 Views
  • Uploaded on
  • Presentation posted in: General

VFF Roaming. Keith Amann, Spectralink Pat Calhoun, Airespace Darwyn Engwer, Nortel Networks Kevin Hayes, Atheros Haixiang He, Nortel Networks Bob O’Hara, Airespace Dorothy Stanley, Agere Henry Ptasinski, Broadcom. Design Principle. Follows 802.11r scope/definition

Download Presentation

VFF Roaming

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Vff roaming

VFF Roaming

Keith Amann, Spectralink

Pat Calhoun, Airespace

Darwyn Engwer, Nortel Networks

Kevin Hayes, Atheros

Haixiang He, Nortel Networks

Bob O’Hara, Airespace

Dorothy Stanley, Agere

Henry Ptasinski, Broadcom

Calhoun et al.


Design principle

Design Principle

  • Follows 802.11r scope/definition

    • Transition time = first packet on new AP – last packet on old AP

Calhoun et al.


Key circle

Key Circle

EKC

AAA

KC 1

KC 3

Controller

D-PMK

Controller

PMK

DB-PMK

D-PMK

KC 2

PMK

AP

AP

D-PMK

AP

AP

AP

DB-PMK

D-PMK

PTK

PTK

PTK

PTK

PTK

Tightly coupled AP

Loosely coupled AP

Derived Key

via PRF

Calhoun et al.


Key exchange

Key Exchange

STA

AP

PMK Established

<Roaming Event Occurs>

AUTH (VFF, M1, ContextReq)

AUTH (VFF, Come Back, MinTime, MaxTime)

<AP fetches STA context>

AUTH (VFF, M1, ContextReq)

AUTH (VFF, OK, M2, MaxTime)

AUTH (VFF, M3)

AUTH (VFF, OK, M4, MaxTime, Key Lifetime, ContextAck)

<PTK Established – Start of secure window>

Authenticated

(optional) Action()

Assoc-Req (PTKID, RSNIE, Nonce, GTK, MIC)

Assoc-Resp(PTKID, RSNIE, Nonce, MIC)

XID

Calhoun et al.


Benefits

Benefits

  • Pre-computation of Derived PMK values by both peers at each AP

    • Each BSSID has a cryptographically separate PMK for the same station (No PMK Sharing)

    • Introduces a hierarchy

  • Pre-computation of PTK prior to (re)association

  • STA driven authentication

    • Power saving & QOS benefits

  • Decoupling key exchange from associated state

    • Minimizes packet loss

  • Provides a framework for protected mgmt frames

  • Association is bound to the PTK

    • Association messages are MIC’ed

    • Provides key liveness

  • PMK lifetime is controlled by the AP and communicated to the STA

    • Bounds key liveness

  • Maintains the 4 way hand-shake

    • Optimizations are possible, but not described at this time

Calhoun et al.


  • Login