1 / 7

How does the (new) Fast Initial Link Set-Up PAR address risen concerns?

How does the (new) Fast Initial Link Set-Up PAR address risen concerns?. Date: 2010-09-13. Authors:. Abstract.

muniya
Download Presentation

How does the (new) Fast Initial Link Set-Up PAR address risen concerns?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How does the (new) Fast Initial Link Set-Up PAR address risen concerns? Date: 2010-09-13 Authors: Marc Emmelmann, Fraunhofer FOKUS

  2. Abstract This document summarizes the consent reached by FIA SG on how to respond to comments received to the FIA PAR & 5C and how there is intend to editorially adjust the most recent version of the PAR & 5C. Marc Emmelmann, Fraunhofer FOKUS

  3. Scope • Comments • Scope is too narrow.  … There may be other bottlenecks such as in scanning and network/service discovery.  I would suggest that the par be for "Fast Link Setup”. (A.S.) • Given the current focus of the PAR on 802.11 security mechanisms, … can the initial link time be reduced sufficiently by only addressing 802.11 security mechanisms? Or is additional work required within 802.11 related to scanning and service discovery, and outside 802.11related to DCHP, etc. (A.M.) • The agreed problem is that it takes too long for a device to connect to an AP the first time and start doing useful stuff. The time of interest is from when the client is in range of the AP to when application level packets are sent to/from the AP   This time includes scanning though to IP address allocation. (A.M.) • Response / Changes to be included in PAR & 5C • Considered all phases of fast initial link set-up including AP discovery and potential performance gains from parallelization of processes for IP address allocation. • Extended the scope of the PAR (to be “fast initial link set-up”) such that all those phases are within the working group’s objective. Marc Emmelmann, Fraunhofer FOKUS

  4. Security related comments • Comments: • Do not replace/remove existing authentication schemes. (F.S.) • Require a security review before going to sponsor ballot (A.S.) • Assure that security level is maintained (add statement that any new mechanism will achieve same level of security as RSNA). (A.S.) • Add a statement indicating whether the changes are intended to be a replacement of 802.1x/EAP,  or to operate using 802.1x/EAP. (A.S.) • Is it possible to reduce the initial link set-up time sufficiently while maintaining security? (A.M) • Response / Changes to be included in PAR & 5C • Existing authentication schemes will not be abandoned. (added explanatory note in Section 8.1 of PAR) • Added statement to Purpose saying that “while not degrading the security currently offered by RSNA” • Statement in 5C (Cls. 17.5.2 Compatibility) assures coexistence with 802.1X architecture • Security review / comments received by Robert Moskowitz indicate that there is technical feasibility to achieve secure link set-up with at most 4 message exchanges piggybacked in (e.g.) authentication frames • Current analysis of potential performance gain is based on EAP-GPSK, i.e. it maintains the existing security level of existing implementations Marc Emmelmann, Fraunhofer FOKUS

  5. General • Comment • Section 7.1 of the PAR is untrue. There is at least one other standards body with similar scope, the EAP WG of IETF.  If the authors continue to make this claim, they cannot also claim compatibility with 802.1X in 17.5.2. (provided by Andrew on behalf of an anonymous commenter) • Creating a new authentication protocol in 802 MUST get the approval of 802.1 (provided by Andrew on behalf of an anonymous commenter) • Response / Changes to be included in PAR & 5C • IETF EAP WG has concluded its work. Instead, IETF EMU WG has been added to Section 7.1. Though the latter’s scope is not fast initial link set-up of IEEE 802.11, the group shall be informed about the ongoing activity. FIA SG Chair has attended last IETF EMU WG meeting to make the group aware of the ongoing activity. • A similar discussion [regarding required approval of 802.1] took place for 802.11s and the 802 as well as 802.11 leadership agreed that this is well within the scope of 802.11 (D.H.) Marc Emmelmann, Fraunhofer FOKUS

  6. Support for the PAR • Just saying thanks for the numerous people indicating support for the project during coffee break talks  Marc Emmelmann, Fraunhofer FOKUS

  7. References • 11-10/0832r0: Comments to FIA PAR & 5C • 11-10/0980r0: Summary & Comments FIA Security Analysis Bob Moskowitz Marc Emmelmann, Fraunhofer FOKUS

More Related