Enhanced Rule-Based MAC Identification for IEEE 802.11 Networks
Discover how rule-based MAC identification enhances security and privacy in IEEE 802.11 networks by providing a unique rule for generating random MAC addresses. This approach reduces overhead while ensuring secure STA identification without frequent reassignments of identifiers.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Mar 2022 Doc.: IEEE 802.11-22/473r0 Rule-based random MAC STA identification Date: 2022-03-10 Authors: Name Okan Mutgan Affiliations Nokia Address Phone email okan.mutgan@nokia-sbell.com Jay Yang zhijie.yang@nokia-sbell.com Max Riegel Mika Kasslin Jianguo Liu Submission Nokia internal use Slide 1 Okan Mutgan, et al. (Nokia)
Mar 2022 Doc.: IEEE 802.11-22/473r0 OUTLINE Background Motivation Rule-based random MAC STA Identification Reference Submission Okan Mutgan, et al. (Nokia) Nokia internal use
Mar 2022 Doc.: IEEE 802.11-22/473r0 Background Conventional 802.11 standards are designed in a way that each STA uses its own fixed unencrypted MAC address. This causes a security concern by allowing others to track STAs based on their MAC address. To reduce this privacy risk, using MAC randomization (STAs using random MAC address) became a common technique. Within this context, 11bh focuses on the identification issue on the STA with Random Mac Address (RMA) in pre-association phase: The STA uses a MAC address in the first-time association, and connects to AP. After a while, STA disassociates and wants to connect to the AP with a new MAC address (RMA). In this case (pre-association phase), how can AP identify the STA with its new MAC address (RMA)? Note that STA never changes its MAC address after association (post-association). Submission Okan Mutgan, et al. (Nokia) Nokia internal use
Mar 2022 Doc.: IEEE 802.11-22/473r0 MOTIVATION 11bh provides several identification solutions [1]: Signature ID (device ID, SID, any ID) Designated MAC Public-Private Key Generally speaking, all these solutions can address the identification issue requested by 11bh group. However, the overhead becomes a problem for these solutions: AP assigns some kinds of RMA/ID/KEY to a STA in an action frame (if used) after association. This action frame causes overhead. AP assigns some kinds of RMA/ID/KEY to a STA very frequently (i.e. each association). This frequent assignments cause overhead. Using long IDENTIFIER in management frame or EPOL frame also causes high overhead. Our proposal would like to provide a secure RMA identification in pre-association without much overhead issue. Submission Okan Mutgan, et al. (Nokia) Nokia internal use
Mar 2022 Doc.: IEEE 802.11-22/473r0 Rule-based random MAC STA Identification Basic Idea ( rule-based mechanism) Based on RAAD solution, we provide an enhanced designated RMA solution to mitigate the overhead issue. AP designates the rule of generating RMA to the STA instead of sending any form of RMA/ID/KEY itself. Afterwards, whenever STA with RMA establishes a new connection with AP, because both AP and STA generates the RMA based on the same rule, AP can recognize STA with RMA For security reasons, each user gets a unique rule. Note: The Rule of generating RMA is TBD. Submission Okan Mutgan, et al. (Nokia) Nokia internal use
Mar 2022 Doc.: IEEE 802.11-22/473r0 Rule-based random MAC STA Identification Basic Idea ( rule-based mechanism) AP side: MAC1 x Rule1 -> RMA1 MAC2 x Rule2 -> RMA2 MAC3 x Rule3 -> RMA3 Additional information: AP shares a unique rule to each STA only one time (such as in the first association phase) => resulting in less overhead (no extra additional frame exchange needed) Each STA and AP use the same rule for future associations (rule will not change for a particular STA. If rule needs to change, AP assigns a new rule) AP needs to keep a database to match RMA- MAC relationship The rule of generating RMA can be possibly: Unique token Unique key Some sort of function (other possible solutions) STA1 side: MAC1 x Rule1 -> RMA1 Rule1 STA1 (RMA1) STA1 (MAC1) STA2 side: MAC2 x Rule2 -> RMA2 Rule2 STA2 (RMA2) STA2 (MAC2) AP AP Rule3 STA3 side: MAC3 x Rule3 -> RMA3 STA3 (RMA3) STA3 (MAC3) 2ndtime Association 1sttime Association Submission Okan Mutgan, et al. (Nokia) Nokia internal use
Mar 2022 Doc.: IEEE 802.11-22/473r0 Reference [1] 11-22-0296-08-00bh-tgbh-proposals.pptx Submission Okan Mutgan, et al. (Nokia) Nokia internal use
Mar 2022 Doc.: IEEE 802.11-22/473r0 THANK YOU Submission Okan Mutgan, et al. (Nokia) Nokia internal use
