1 / 9

Summary of Updates to Abbreviated Handshake

Summary of Updates to Abbreviated Handshake. Date: 2009-03-06. Abstract. This document summarizes the several changes to the Abbreviated Handshake specification Normative text in doc.:11-09/0266r0 and corresponding comment spreadsheet in doc.:11-09/0267r0

zhen
Download Presentation

Summary of Updates to Abbreviated Handshake

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Summary of Updates to Abbreviated Handshake Date: 2009-03-06 Meiyuan Zhao, Intel

  2. Abstract • This document summarizes the several changes to the Abbreviated Handshake specification • Normative text in doc.:11-09/0266r0 and corresponding comment spreadsheet in doc.:11-09/0267r0 Note: adoption of 11-09/0266r0 depends on the adoption of Mesh Peering Instance Controller (11-09/0287r0) Meiyuan Zhao, Intel

  3. Major Changes • Moved AbbrHS FSM to SME (CIDs 190, 212) • Update PMK selection procedure (CIDs 204, 226, 1254) • Remove AKM suite selection and KDF selection (CIDs 193, 205) • Resolve AbbrHS and PLM interaction (CIDs 187, 209) Meiyuan Zhao, Intel

  4. Move AbbrHS to SME • AbbrHS is for peering management and key management • Peering Management Protocol now in SME • Security associations are managed in SME • Updates • Remove unnecessary MLME primitives • Update FSM specification accordingly • CIDs: 190, 212 Meiyuan Zhao, Intel

  5. Update PMK Selection • Reasons • MKD domains removed with MSA protocols • Each pair of mesh STAs should share at most one valid PMK • Text to be added to specify protocol interactions (SAE and AbbrHS) and PMKSA requirements • PMK selection using two lists is no longer a valid case • Update • Single value confirmation using Peering Open and Peering Confirm • Update FSM specification accordingly (remove MESH_ALT_KEY status code) • CIDs • 204, 226, 1254 Meiyuan Zhao, Intel

  6. Update AKM and KDF Selection • Issues • AKM should include KDF • AKMP in fact is part of PMKSA • SAE should be updated to specify how to reach agreement on AKMP • Protocol interaction between SAE and AbbrHS should be updated accordingly • Update • Remove AKM selection and KDF selection • Remove NOAKM_RJCT and NOKDF_RJCT events from FSM • CIDs • 193, 205 Meiyuan Zhao, Intel

  7. Update AbbrHS and PLM Interaction • Issue: Both protocols use Peering Management frames that cause ambiguity in protocol initiation • Update • Add a new “Mesh Peering Protocol Version” information element in all Peering Management frames • Define two values: “Peering Management Protocol” and “Abbreviated Handshake Protocol” • CIDs • 187, 209 Meiyuan Zhao, Intel

  8. Update FSM Specification • Update • Remove CNF_ACPT event from CNF_RCVD state • Add OPN_ACPT event in OPN_RCVD state • PLM should be updated too • Remove NOAKM_RJCT and NOKDF_RJCT events • Update FSM to work with Mesh Peering Instance Controller • Remove LISTEN state • Remove NOKEY_RJCT event • CIDs • 165, 171, 210 Meiyuan Zhao, Intel

  9. Other Changes • Update GTK wrapping (CIDs 200, 202) • Add lifetime in wrapped GTK key material • Add specification on update GTK upon expiry • Remove “echo” of received GTK in Peering Confirm frame • Clean up frame processing (CIDs 189, 207) • Misc frame formating update • Remove V.5 (CIDs 217, 218, 220) • Require substantial update to reflect normative text • Served purpose of educating readers Meiyuan Zhao, Intel

More Related