C 2013 r newman university of florida
Download
1 / 72

HomePlug AV MAC - PowerPoint PPT Presentation


  • 96 Views
  • Uploaded on

(c) 2013 R. Newman University of Florida. HomePlug AV MAC. What is HomePlug AV?. Open industry standard 4+ manufacturers (including Intellon/Atheros) Compatible with HP1.0 Developed 2003-2007 by Homeplug Powerline Alliance (HPA) Consortium of chip designers, OEMs, PLC users

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' HomePlug AV MAC' - lyndon


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
C 2013 r newman university of florida

(c) 2013 R. Newman

University of Florida

HomePlug AV MAC


What is homeplug av
What is HomePlug AV?

  • Open industry standard

    • 4+ manufacturers (including Intellon/Atheros)

    • Compatible with HP1.0

  • Developed 2003-2007 by Homeplug Powerline Alliance (HPA)

    • Consortium of chip designers, OEMs, PLC users

    • Products shipped in Q1 2006

  • Most widely available ethernet class PLC

    • 150 Mbps coded PHY data rate

    • 0ver 40 million units shipped

  • Comprises

    • PHY – modulation, coupling, FEC, etc.

    • MAC – medium access, ARQ, etc.

    • Bridging – to other PLC networks or to 803.3/11/etc.




Hpav challenges
HPAV Challenges

  • Backward compatibility with HP1.0

    • Delivered base of over 10 million chips

    • Return customers likely

  • Take advantage of high speed PHY

    • Fixed time overheads for delimiters/VCS

    • MSDUs typically less than 1500 octets

  • Provide QoS for video/audio/gaming/etc.

    • Latency and jitter control

    • Bandwidth “guarantees”

  • Deal with PHY challenges

    • Channels change – can degrade, cause loss

    • Impulse noise may destroy 1-2 symbols per impulse

    • Hidden nodes, neighbor networks


Hpav challenges 2
HPAV Challenges (2)

  • Minimize overhead

    • Aim at 80% MAC efficiency for streams

    • Low efficiency expected with low data rate streams

  • User-friendly security

    • Must be understandable

    • Must be convenient

    • Must be secure

  • Stations may leave unexpectedly

    • Consumer electronic devices

    • Not dedicated to AVLN like AP is to WLAN


Hpav solution approaches
HPAV Solution Approaches

  • Backward compatibility with HP1.0

    • Maintain common VCS

  • Take advantage of high speed PHY

    • Maximize PHY Body length for efficiency

  • Provide QoS for video/audio/gaming/etc.

    • Timestamp MSDUs with QoS needs

    • Move on if MSDU can’t be delivered on time

    • Admission control for new QoS streams

    • Scheduled access


Hpav solution approaches 2
HPAV Solution Approaches (2)

  • Deal with PHY challenges

    • Allow tone maps to vary with line cycle

    • Maintain view of channel rates

    • Maintain view of stream backlogs

    • Allow partial reception of MPDU

    • RTS/CTS for hidden nodes

    • Repeating for hidden nodes

    • Redundancy for scheduling information

    • Neighbor network coordination

  • User-friendly security

    • Mental models

    • Network password entry

    • Device password entry

    • Push-button authorization


Hpav solution approaches 3
HPAV Solution Approaches (3)

  • Minimize overhead

    • Aggregation of MSDUs, management messages

    • Minimize use of delimiters

    • Small addresses – 8-bit Terminal Equipment IDs (TEIs)

    • Allow for contention-free access

    • Integrated encryption/IV derivation

  • Stations may leave unexpectedly

    • Employ soft state

    • Use negotiation for determining coordinator

    • Allow for handover/recovery of responsibilities


Hpav solutions
HPAV Solutions

  • Backward compatibility with HP1.0

    • Hybrid delimiters – allow for common VCS

  • Central Coordinator

    • Allows admission control/scheduled access

    • Must be able to move CCo/recover from loss of CCo

    • Maintains authoritative network time base

  • Central Beacon

    • Provides common information

    • Provides synchronization for access

    • Advertises network time base (NTB) for QoS

    • Includes persistence for redundancy

    • Synchronized to line cycle

  • Proxy Coordinator

    • Repeats Central Beacon for hidden nodes


Hpav solutions 2
HPAV Solutions (2)

  • Contention-Free Periods

    • Managed by call admission through CCo

    • Regions reserved for specific streams

    • Reservations persist in same part of line cycle

    • QoS stream creation negotiated by all parties

    • Global link identifiers for efficient reference

    • Expand/squeeze as needs/channels change

  • Two-level Segmentation/Reassembly

    • Aggregate MSDUs & MMs into MAC Frame stream

    • Segment MF Stream for encryption/transmission

    • Make segments unit of reliable delivery inside MAC

    • CRC per segment

    • Selective Acknowledgements for multiple segments


Hpav solutions 3
HPAV Solutions (3)

  • MPDU bursting to save on ACKs

    • Acknowledge all segments in multiple MPDUs in SACK

    • MPDU number to know when to send SACK

    • MPDU count to know burst duration

  • AV Logical Networks based on cryptography

    • Key hierarchy

    • NMK needed to join logical network

    • NEK used for data encryption

    • Integrated segmentation/encryption

    • IV derived from MPDU and segment information

    • Push-button inherently insecure at time of join

    • Two security levels

    • Password parameter definition


Hpav networks
HPAV Networks

  • Physical Network (PhyNet)

    • Relative to a station (STA)

    • All other STAs able to communicate with the reference STA

  • Logical Network (AVLN)

    • Has a Central Coordinator (CCo) STA

    • Set of STAs with same

      • Network ID (NID) and

      • Network Membership Key (NMK) (usually)


Av logical networks
AV Logical Networks

  • Neighbor networks

  • Hidden nodes


Hpav general operation
HPAV General Operation

  • Each AVLN has a CCo

    • CCo is determined dynamically

    • CCo give general information in beacon

    • CCo admits new STAs

  • STAs join AVLN by requesting NEK

    • STA must have Network Membership Key (NMK) to get Network Encryption Key (NEK)

    • Unauthenticated STAs can do very little

    • STA gets NEK from CCo

  • Time divided into Beacon Periods (BPs)

    • Access information based on BP


Hpav sta roles
HPAV STA Roles

  • Level-0 CCo (no QoS support) – every STA

    • Assoc/Authenticate new STA

    • TEI provisioning

    • CSMA operation

    • Neighbor Network (NNW) passive coordination

  • Level-1 CCo = Level-0 plus:

    • TDMA operation/scheduling/admission control

    • GLID provisioning

    • Uncoordinated mode with NNWs

  • Level-2 CCo = Level-1 plus:

    • Coordinated mode with NNWs



Hpav beacon timing
HPAV Beacon Timing

  • Line Cycle Crossing Time (LCT)

    • PHY detection and digital phase lock loop (DPLL)

  • Beacon Offset

    • Use to keep network time base (NTB)

    • Advertise future beacon transmit times


Hpav beacon
HPAV Beacon

  • Beacon Payload holds 136 octets

    • Uses mini-ROBO modulation

  • Beacon sent periodically (once per BP)

    • Sent by Central Controller (CCo)

    • Provides reference Network Time Base (NTB)

    • Indicates offsets for future Beacons

  • Three Beacon types

    • Central Beacon – issued by CCo

      • Provides scheduling information

    • Proxy Beacon – copy of central beacon repeated by Proxy Coordinator (PCo) when hidden nodes

    • Discovery Beacon – sent for network discovery


Beacon scheduling info
Beacon Scheduling Info

  • Non-Persistent Scheduling Information

    • Can change from one Beacon Period to the next

    • Extra allocations to backlogged QoS streams

    • Extra CSMA region

    • Discover beacons

  • Persistent Scheduling Information

    • Remains constant for advertised number of BPs

    • Allows access even when Beacon is lost

    • Persistence information included in Beacon

    • Persistent CSMA allocations – for CSMA access

    • Persistent TDMA allocations – contention-free

    • May include preview schedule when changing


Beacon schedule persistence
Beacon Schedule Persistence

  • CSCD – current schedule countdown

    • Minimum # BPs for which this schedule is valid

  • PSCD – preview schedule countdown

    • # BPs in which this schedule will take effect





Channel access
Channel Access

  • Beacons

    • In Beacon Slot (Coordinated and Uncoordinated)

    • CSMA (CSMA-Only mode, and Discovery Beacons)

  • CSMA (Contention-based Access)

    • Like HomePlug 1.0.1

    • Two priority reservation slots (PRS0, PRS1)

    • Contention window depending on priority, history

    • May use RTS/CTS for hidden nodes

  • TDMA (Contention-free Access)

    • Must have global link identifier (GLID)

    • CCo does admission control, scheduling

    • Schedule advertised in central beacon

    • Backlog advertised for non-persistent extra allocation


Links and connections
Links and Connections

  • Connections – higher layer abstraction

    • May be unidirectional unicast, bidirectional, or multicast

    • Do not reflect the asymmetry of PLC channels

  • Links - Used by Convergence Layer (CL)

    • Unidirectional (single source)

    • May be unicast or multicast/broadcast

    • Reflect underlying channel characteristics

    • Allow for scheduling based on channel

    • Local links for CSMA (source + link ID unique)

    • Global links for TDMA (assigned by CCo)

    • Connection Manager determines mapping to link

    • Connectionless traffic assigned a “priority link”

    • Priority Link IDs (PLIDs) only identify priority


Links and scheduling
Links and Scheduling

  • Priority Link IDs (PLIDs): 0x00-0x03

    • Only indicate priority of traffic

    • Compete in CP

  • Local Link IDs (LLIDs): 0x04-0x7F

    • Assigned by local STA’s CM

    • Compete in CP

  • Global Link IDs (GLIDs): 0x80-0xFF

    • Used in Beacon Entries for scheduling

    • Special values:

      • 0xFF = local CSMA allocation

      • 0xFE = shared CSMA allocation

      • 0xFD = Discover Beacon by designated STA

      • 0xFC = Contention Free Period Initiation region

    • 0x80-0xF7 = CCo-assigned global link IDs

    • Rest are reserved


Connection ids and cspecs
Connection IDs and CSPECs

  • Connection ID (CID)

    • Assigned by initiating STA’s CM

    • 16-bit concatenation of TEI and initial LLID

    • Globally unique in AVLN

  • Connection Specification (CSPEC)

    • Associated with each connection

    • Contains QoS parameters for connection

  • Connection setup

    • HLE gives Connection Manager (CM) CSPEC

    • If feasible, CM contacts destination CM

    • If destination CM/HLE agree, connection formed

    • If GLID needed (based on CSPEC), then CCo asked

    • If CCo agrees, assigns GLID and schedules cnx

    • Release messages needed on failure


Hpav channel estimation
HPAV Channel Estimation

  • Performed using SOUND MPDUs

    • Predetermined pattern using all carriers

    • May also used ROBO modulated data MPDUs

  • Determines Tone Map:

    • Modulation method for each carrier

    • FEC rate

    • Cyclic Prefix (CP) duration

    • Interval of line cycle in which TM applies

  • TM and TMI reported to STA and to CCo

    • Sender uses for forming MPDUs and PPDUs

    • CCo uses for allocation algorithms

  • Initial and Dynamic CE processes

    • TMs expire on demand or time-out in 30 sec.


Hpav mac protocol data units
HPAV MAC Protocol Data Units

  • 4 MPDU Formats

    • AV-Only Short MPDU

      • Only HPAV preamble and Frame Control (FC)

    • AV-Only Long MPDU

      • Like above, but with (data) payload

    • Hybrid Short MPDU

      • Hybrid preamble, HP1.0 FC and HPAV FC

    • Hybrid Long MPDU

      • Like above, but with (data) payload

  • HP1.0 FC is just to give HP1.0 nodes VCS

    • Need for backward compatibility




Hpav mpdu structure
HPAV MPDU Structure

  • Delimiter

    • Hybrid or AV-mode

  • HP1.0 FC is as in HomePlug 1.0.1 (25 bits)

    • FC_AV holds 128 bits

    • Mapped by PHY to preamble and coded FC(s)

    • 7 Delimiter Types

  • Two sizes

    • Long MPDUs have payload

    • Short MPDUs have no payload (delimiter only)

  • Payload (if present) consists of PHY Blocks (PBs)

    • 520 octet or 136 octet length

    • Encoded by PHY as FEC blocks


Hpav frame control fc
HPAV Frame Control (FC)

  • 3 bits Delimiter Type (DT)

    • Beacon

    • SOF, RSOF

    • SACK

    • Sound

    • RTS/CTS

  • 1 bit Access Field (ACCESS)

    • True iff MPDU transmitted on an Access NW

  • 4 bits Short Network Identifier (SNID)

  • 96 bits variant field (depends on DT)

  • 24 bits Frame Control Check Sequence (FCCS)


Hpav start of frame sof
HPAV Start of Frame (SOF)

96-bit Variant Field includes

  • Demodulation and Virtual Carrier Sense Info

    • Modulation (TMI) – indexes tone map (TM)

    • Length (for VCS) – number of OFDM symbols

    • PHY Block size (520 or 136 octet)

  • Addressing

    • Source Terminal Equipment ID (STEI)

    • Destination TEI (DTEI)

    • Link Identifier (LID)

  • Encryption Key Select (EKS) – for decryption

  • Lots of other stuff (cover later)


Hpav selective ack sack
HPAV Selective ACK (SACK)

96-bit Variant Field includes

  • Destination TEI (DTEI)

  • Coordination information

  • Encoded bitmap of correctly received PBs

    • Bits correspond to BP position in received transmission

    • Custom compression capability

  • A little other stuff (cover later)


Hpav reverse sof rsof
HPAV Reverse SOF (RSOF)

Carries SACK info plus a return payload

96-bit RSOF Variant Field includes

  • SACK Information (like SACK)

  • Demodulation and Virtual Carrier Sense Info

    • Modulation (TMI) – indexes tone map (TM)

    • Length (for VCS) – number of OFDM symbols

    • PHY Block size (520 or 136 octet)

  • Addressing

    • DTEI only (why? Why not STEI/LID?)

  • A little other stuff (cover later)


Hpav request clear to send rts cts
HPAV Request/Clear to Send (RTS/CTS)

Needed when hidden nodes present

96-bit Variant Field includes

  • Addressing

  • Source Terminal Equipment ID (STEI)

    • Destination TEI (DTEI)

    • Link Identifier (LID)

  • Coordination information

  • Duration

    • How long is medium busy

  • A little other stuff (cover later)

    BUT – only deals with one level of hidden nodes!


Hpav sound soundack
HPAV Sound/SoundAck

Similar to SOF, but used for channel estimation

Fixed modulation (ROBO)

96-bit Variant Field includes

  • Channel Estimation and Virtual Carrier Sense Info

    • Maximum TMs requested

    • Length (for VCS) – time of payload

    • PHY Block size (520 or 136 octet)

    • Last SOUND flag

    • Sound ACK flag – indicates this is an ACK

    • Reason for SOUND

  • Addressing

    • STEI, DTEI, LID

  • Some other stuff (cover later)


Hpav long mpdu structure
HPAV Long MPDU Structure

  • Delimiter

    • Determines length explicitly or implicitly

  • SOF or RSOF

    • One or more PB-520s (length & TMI)

    • One PB-136 (if PB size indicates small PB)

  • Beacon

    • One PB-136

  • Sound

    • One 520 octet or one 136 octet length

      Sizes can’t be mixed

      Only one PB-136 per MPDU

      Only one PB in last symbol

      allow for processing time


Hpav data plane
HPAV Data Plane

  • Data carried

    • MSDUs or Management Messages

  • Encapsulated in MAC Frames

    • For recovery and error checking

  • MAC Frames aggregated into MF Stream

    • MF Stream segmented for delivery


Hpav mac frames
HPAV MAC Frames

  • Delimit messages

    • Aggregation for efficient transmission at high speeds

    • Needed for disaggregation

  • Provide timing information

    • Needed for jitter control, delivery guarantees

  • Check correct reassembly, decryption

    • Integrity Check Value (ICV)


Mac frame fields
MAC Frame Fields

  • MF Header

    • MF Type (2 bits)

      • Bit pad to end of segment

      • MSDU without ATS

      • MSDU with ATS

      • Management Message with confounder

    • MF Length (14 bits)

  • ATS/Confounder (0 or 32 bits)

    • Arrival timestamp for AV streams

    • Random confounder for Management Messages

  • Body

    • MSDU from higher layer or Management Message

  • Integrity Check Value (32 bit CRC)

  • Total overhead = 6-10 octets



Hpav phy block structure
HPAV PHY Block Structure

  • PBs are mapped by PHY to FEC Blocks

    • FEC succeeds or fails

  • PBs are basic unit of delivery by MAC internally

    • PB is ACKed or retransmitted using SR-ARQ

    • SACK specifies ACK/NAK

  • PH Header (PBH) – 4 octets

    • Info for reassembly, disaggregation, recovery

  • PB Body (PBB)

    • 512 octets or 128 octets long – not interpreted here

  • PB Check Sequence (PBCS)

    • CRC-32 – not encrypted – for checking PB reception

    • PB discarded and NAKed if incorrect



Hpav phy block header
HPAV PHY Block Header

  • Segment Sequence Number (SSN)

    • 16 bits – segment # in MAC Frame stream

      • Init to 0, increment on each new segment sent

      • Discard duplicates

  • MAC Frame Boundary Offset (MFBO)

    • 9 bits to indicate first octet of first MF in PB Body

    • Resynch if a segment is never received

  • Flags (1 bit each)

    • Valid PB Flag – in case whole PB is padding

    • Management Message Queue Flag

      • reassemble in MM queue instead of message queue

    • MAC Frame Boundary Flag – is MFBO valid

    • Oldest Pending Segment Flag

      • No older segment will be sent again


Hpav reassembly
HPAV Reassembly

  • MPDU Header

    • Provides STEI, DTEI, LID

    • These identify reassembly stream

  • Segment Sequence Number (SSN)

    • Used to place segment in PBB into buffer position

    • Recreate MAC Frame Stream

  • MAC Frame Boundary Offset + MFB Flag

    • If segment(s) never received, these allow next intact MAC frame to be found

  • MAC Frame Header

    • Type and Length fields used to find next MAC Frame

    • Also used to locate MAC Frame Body

    • ATS (if present) determines when to deliver MSDU


Hpav data encryption
HPAV Data Encryption

  • Cipher Suite used

    • AES in CBC mode

    • CRC-32 used as ICV for MIC

    • IV derived from MPDU SOF, PB Header, PB location

      • SOF variant field (12 octets)

      • 3 least significant octets of PBH

      • 1 octet of PB Count (location in MPDU)

  • Encryption done on PB Body

    • PBB is multiple of cipher block size – no waste

    • PBB is encrypted anew each time it is sent

    • Once a MF Stream segment is placed in a PBB, it will always be sent as that PBB


Hpav mpdu bursting
HPAV MPDU Bursting

  • MPDU Bursting

    • Multiple MPDUs sent before SACK returned

    • Reduces delimiters and interframe space overhead

  • MPDU Count

    • MPDUCnt counts down to zero

    • When MPDUCnt=0, time to send SACK

  • Total time in CP <= 5 msec (including SACK)

  • Sender may request SACK retransmission if lost


Hpav sr arq
HPAV SR-ARQ

  • Selective ACK (SACK) expected after burst

    • SACK holds SACK Information fields for four MDPUs

    • Each SACKI can be

      • All Bad (default value)

      • All Good

      • Corresponding MPDU was not detected

      • Mixed results

        • One bit per PB in order (bit map)

        • One bit per pair of PBs (consolidated bit map)

        • Compressed bit map (custom compression)

  • MPDU Count field

    • Used to detect entire missing MPDUs in burst

  • Request SACK Retransmission

    • Only available for Global Links


Hpav retransmission
HPAV Retransmission

  • SACK indicates lost PBs

    • Sender knows which segments have been received

    • May retransmit (may even duplicate in same MPDU)

  • Number of retransmission attempts

    • Limited by AV parameter on maximum tries

    • Limited by delivery deadline for QoS streams

  • Sender may develop backlog

    • Pending PBs reported in SOF

    • CCo can grant extra allocation if possible

    • CF stream may use CP for retransmission also

    • Sender may discard segment – receiver finds this out from oldest pending segment flag


Hpav bidirectional bursting
HPAV Bidirectional Bursting

  • Allows data to be piggybacked on SACK

    • Reduces delimiters and interframe space overhead

  • Must be requested and granted

    • SACK has RRTL field to specify length requested

    • SOF’s BBF flag and MRTFL field specify grant length

    • EKS is same as the forward transmission’s

  • ACK field in SOF for reverse transmission


Cf region interframe spacing
CF Region Interframe Spacing

  • CIFS, RIFS, EIFS similar to HP1.0.1

    • RIFS_AV may vary – set by receiver

  • B2BIFS needed before/after each beacon

  • AIFS needed before new CF allocation


Csma interframe spacing
CSMA Interframe Spacing

  • CIFS, RIFS, EIFS similar to HP1.0.1

  • B2BIFS needed before/after each beacon

  • AIFS needed before SOF of new CF allocation

    • Unless CF allocation is for contention period


Burst interframe spacing
Burst Interframe Spacing

  • BIFS needed between burst MPDUs


Extended interframe spacing
Extended Interframe Spacing

  • EIFS used when VCS is lost

    • Maximum long MPDU along with SACK and IFSs


Central coordinator cco
Central Coordinator (CCo)

  • Issues central beacon

  • Associates new stations

    • Issues TEI with lease, announces to AVLN

  • Authenticates new stations

    • Verifies possession of NMK, issues NEK

    • Rotates NEK

  • Performs admission control

    • Determines resource needs and availability

    • Issues Global LID

    • Performs scheduling

  • May perform handover

    • Transfer CCo functions to another STA

  • Performs neighbor network coordination


Power on behavior
Power-on Behavior

  • State of STA

    • Has it ever been a member of an AVLN?

  • Search for AVLNs

    • Listen for Central and Proxy Beacons

    • Listen for Discovery Beacons

    • Listen for Unassociated STA advertisements

  • If find matching Network ID (NID)

    • Associate

    • Attempt to authenticate (get NEK)

    • End if successful, else continue (mark NID)

  • If time runs out

    • If matching Unassociated STA NID, try to form AVLN

    • Else if AVLN present, advertise Unassociated STA

    • Else become Unassociated CCo (issue beacon)


Unassociated sta
Unassociated STA

  • Advertise infrequently

    • Issue Unassociated STA advertisements

    • Send once per Discovery Period, more or less

  • Synchronize to an existing AVLN

    • Adopt mode (Hybrid or AV-Only) from Beacon

    • Use NTB of AVLN

    • Use SNID of AVLN in multi-network broadcasts

  • If find matching Network ID (NID)

    • If beacon, try to join AVLN

    • If unassociated STA, try to form AVLN

  • If AVLN disappears

    • Become Unassociated CCo


Authenticated sta
Authenticated STA

  • Determine whether should become CCo

    • If STA is a User-appointed CCo, and current CCo is not a User-appointed CCo, request handover

    • May also execute CCo Selection process, become CCo if more capable or better positioned

    • May become CCo if current CCo fails and STA is backup

  • Adopt mode of operation from Beacon

    • Advertise detection of HP1.0/HP1.0.1 delimiters

    • Piggybacked in SOF, SACK, etc.

  • If AVLN lost

    • No central/proxy beacon for timeout period

    • Start Power-on Procedure

  • If asked to leave

    • Become Unassociated STA


Cco behavior
CCo Behavior

  • Perform CCo Duties

    • As long as there are other STAs in AVLN

  • If all other STAs leave AVLN

    • Remain CCo for at least Discovery period

    • If no STA joins and another AVLN is present, become Unassociated STA

    • Else become Unassociated CCo

  • If STA in AVLN should become CCo

    • Other STA is User-appointed and this one is not

    • Other STA is more capable or better positioned

    • Execute handover procedure

    • Become STA in AVLN


Mode of operation
Mode of Operation

  • AV-Only Mode

    • Use AV-Only delimiters

  • Hybrid Mode

    • Use Hybrid delimiters

  • Deciding Mode

    • STA adopts mode of AVLN

    • All STAs listen for HP1.0/HP1.0.1 delimiters

    • If seen often enough, advertise using flags

    • CCo adopts mode based on detection

    • Revert to AV-Only if HP1.0/HP1.0.1 delimiters no longer detected


Avlns
AVLNs

  • Have a CCo

    • CCo issues central beacon, acts as coordinator

    • May have Proxy Coordinator(s) also

  • Share same Network ID (NID)

    • NID normally derived from NMK

    • Should uniquely identify AVLN

    • Remains constant regardless of CCo

  • Share same Security Level

    • NMK associated with SL

    • SL must be the same throughout AVLN

  • Share same NEK

    • CCo provides NEK during authentication using NMK

    • NEK used to encrypt traffic in AVLN


Sub avlns
Sub-AVLNs

  • One AVLN may have multiple sub-AVLNs

    • Share a single CCo

  • Share same Network ID (NID)

    • NID not derived from NMK

    • CCo must use MAC address to decide which NMK to use for a given STA


User friendly avln and sta ids
User-Friendly AVLN and STA IDs

  • User-friendly name is printable ASCII string

    • Use for humans to identify conveniently

    • Not guaranteed to be unique

    • STA and AVLNs may have these assigned

  • Assigning HFIDs

    • Use primitive over the H1 interface for either

    • Use Management Message to CCo for AVLN

  • Getting HFIDs

    • Management Message to request from STA or CCo

    • Request not required to be encrypted

    • Response to non-encrypted request need not provide actual HFID


Association with an avln
Association with an AVLN

  • Association provides a unique identifier

    • CCo assigns a valid TEI with lease on request

    • STA uses special TEI=0x00 before obtaining TEI

    • NID or SNID must be used to disambiguate TEIs

  • Obtaining a TEI

    • STA makes request

    • CCo responds (decline or provide valid TEI/lease)

    • If accepted, CCo advertises all TEI/MAC addresses

    • TEI must be renewed before lease expires

  • Leaving an AVLN

    • STA may leave voluntarily – send disassociate message

    • TEI lease may expire

    • CCo may ask STA to leave – send leave message


Authentication
Authentication

  • Process Steps

    • Associationis obtaining a valid TEI

    • Authorization is obtaining a valid NMK

    • Authentication is obtaining a valid NEK

  • Obtaining a valid NEK

    • STA must have NMK first

    • STA requests NEK from CCo using NMK, provide nonce

    • If CCo decrypts, NMK is valid; provide NEK and nonce using NMK, else CCo indicates failure

  • Updating NEK

    • NEK rotated at least once per hour

    • CCo requests nonce (NEK encrypted); STA responds with nonce (NEK encrypted)

    • CCo sends set key msg with nonce encrypted with NMK and old NEK; STA acknowledges using same keys


Forming a new avln
Forming a New AVLN

  • Circumstances for new AVLN formation

    • Two Unassociated STAs with matching NID

    • Two Unassociated STAs using DAK

    • Two Unassociated STAs, one in Join, one in Add

    • Two Unassociated STAs, both in Join

  • Matching NID

    • Determine from Unassociated STA advertisements

    • Decide who becomes CCo from CCo capabilities and MAC address in Unassociated STA advertisements

    • Winner becomes Unassociated CCo, sends beacons

    • Other STA(s) join it by associating, authenticating

    • Loser(s) continue to send Unassociated STA advertisements until beacon with NID detected

    • Multiple AVLNs with same NID/NMK can merge


Forming a new avln 2
Forming a New AVLN (2)

  • DAK-based Protocol

    • STA with Device Access Key (DAK) of another STA broadcasts a set-key message encrypted with DAK holding a TEK

    • Any STA receiving a message like this tries to decrypt it

    • If it succeeds, then it replies (unicast) encrypting with the Temporary Encryption Key (TEK) the message held

    • If the initiating STA decrypts a response encrypted with the TEK, it sends a set-key message with the new NMK and the nonce in the reply encrypted with the DAK

    • If the new STA decrypts this message with its DAK and the nonce matches, it sets its NMK and NID

    • STAs decide who becomes the CCo from capabilities in the exchanged messages

    • CCo issues beacons, other STA associates, authenticates


Forming a new avln 3
Forming a New AVLN (3)

  • Push-button Mechanism

    • Button press causes STA in AVLN to admin another one

    • STA never in AVLN (or reset) will join an AVLN

  • Two Unassociated STAs, one in Join, one in Add

    • STA that has been in an AVLN will enter silent Add state

    • STA in Join state will broadcast its desire to join an AVLN

    • STA in Add state will respond unicast and become CCo

    • STA in Join will associate with new AVLN

    • STAs should perform channel adaptation

    • STAs then start UKE protocol

      • Exchange hash keys

      • Hash these to form temporary encryption key (TEK)

      • Use TEK to send NMK from CCo to new STA

    • STA then authenticates using NMK


Forming a new avln 4
Forming a New AVLN (4)

  • Two Unassociated STAs, both in Join

    • STA in Join state will broadcast its desire to join an AVLN

    • STAs will see each other’s advertisements

    • STAs decide who should become CCo from capabilities

    • Winner becomes CCo, generates new random NMK, switches to Add state, sends confirmation to other STA

    • STA in Join will associate with new AVLN

    • STAs should perform channel adaptation

    • STAs then start UKE protocol

      • Exchange hash keys

      • Hash these to form temporary encryption key (TEK)

      • Use TEK to send NMK from CCo to new STA

    • STA then authenticates using NMK


ad