Enhancing MAC Address Privacy and Security Association in IEEE 802.11

october 2021 n.w
1 / 8
Embed
Share

Explore a solution in IEEE 802.11 for maintaining privacy and security when changing MAC addresses. This proposal allows for PMKSA caching while enabling MAC address changes to enhance security associations. Learn about the high-level solution model, requirements, and implementation details for seamless association with improved privacy and security measures.

  • IEEE
  • Privacy
  • Security
  • MAC Address
  • Association
rayaanacharya
cerinit Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. October 2021 doc.: IEEE 802.11-21/1697r0 MAC Privacy and PMKSA Caching Date: 2021-10-21 Authors: Name Michael Montemurro Affiliations Self Address Phone email montemurro.michael@gmail.com 250 Innovation Drive, San Jose CA 95134 16340 W Bernardo Dr, San Diego CA 92127 RTP 7, Research Triangle Park, NC 27560 Nehru Bhandaru Broadcom Ltd. +1 408 922 5924 nehru.bhandaru@broadcom.com Thomas Derham Broadcom Ltd. thomas.derham@broadcom.com jerhenry@cisco.com Jerome Henry Cisco Submission Slide 1 Michael Montemurro, Self

  2. October 2021 doc.: IEEE 802.11-21/1697r0 Abstract When dot11MACPrivacyActivated is equal to True, a STA cannot change its MAC address without all state with a BSS, including the security state. This contribution provides a means for a STA to maintain a PMKSA while allowing its MAC address to be changed. Submission Slide 2 Michael Montemurro, Self

  3. October 2021 doc.: IEEE 802.11-21/1697r0 High Level Solution Description The model for association is as follows: STA associates to a BSS with a first random MAC address and establishes an SA As part of the security association, a PMKID is generated. STA disassociates from network STA changes MAC address to new random address. STA attempts to associate to BSS with cached PMK and the PMKID. AP recognizes the PMKID and STA establishes a new SA (and generates a new PMKID) Note that any network state associated with the old MAC address would be lost. Submission Slide 3 Michael Montemurro, Self

  4. October 2021 doc.: IEEE 802.11-21/1697r0 Requirements The AP and STA would advertise/negotiate an association with this capability. A new PMKID will be generated for each subsequent association (to prevent tracking) The STA and AP generate a new PMKID (rPMKID) each association The feature expedites the establishment of a security association changing the MAC address will affect bridging and higher layer communications. The solution will work for any AKM. Submission Slide 4 Michael Montemurro, Self

  5. October 2021 doc.: IEEE 802.11-21/1697r0 Solution AP advertises support for rPMKSA caching in Extended RSNE STA associates and signals intention to use rPMKSA caching A new PMKID will be generated for each subsequent association (to prevent tracking) The STA and AP generate a new PMKID (rPMKID) each association If this feature is supported by both STA and AP, the STA includes the rPMKID in the PMKID List field at Association. NOTE: The feature expedites the establishment of a security association changing the MAC address will affect bridging and higher layer communications. Submission Slide 5 Michael Montemurro, Self

  6. October 2021 doc.: IEEE 802.11-21/1697r0 rPMKID derivation Recently, TGaz and TGbe provided a generalized scheme for deriving new keying material from the PTK. The rPMKID is derived from the PTK (KDK) for each association: (NOTE: FT and FILS have different PTK derivations) Submission Slide 6 Michael Montemurro, Self

  7. October 2021 doc.: IEEE 802.11-21/1697r0 rPMKID Derivation Options Adopt an approach using the KDK based on TGba D8.0 and TGaz D2.6: Option 1. Using IEEE 802.11 KDF rPMKID = L(0, 128, HMAC-HASH(KDK, "rPMKID expansion") Option 2. Using IETF RFC 5869 rPMKID-PRK = HKDF-Extract(current PMKID, KDK) rPMKID = HKDF-Expand(rPMKID-PRK, "rPMKID expansion", 16) Submission Slide 7 Michael Montemurro, Self

  8. October 2021 doc.: IEEE 802.11-21/1697r0 Next Steps Include as an issue for P802.11bi Use Case Provide a mechanism for a STA to use a cached PMK while changing its MAC address STA associates to AP and generates PMKSA/PMKID STA disassociates or loses connectivity STA changes MAC address STA associates to AP with new MAC address and cached PMK Submission Slide 8 Michael Montemurro, Self

Related


Proposed Approach for MAC Address Assignment in IEEE 802.11

Proposed Approach for MAC Address Assignment in IEEE 802.11

adlai
Enhancing Scalability and Performance in Deep Recommendation Systems with EVStore

Enhancing Scalability and Performance in Deep Recommendation Systems with EVStore

tyson
Privacy in Information Security Training

Privacy in Information Security Training

lillia
NCVHS Subcommittee on Privacy Comments on HIPAA Privacy Rule for Reproductive Health Care

NCVHS Subcommittee on Privacy Comments on HIPAA Privacy Rule for Reproductive Health Care

haley
Privacy-Preserving Analysis of Graph Structures

Privacy-Preserving Analysis of Graph Structures

bilal
Parity-Only Caching for Robust Straggler Tolerance in Large-Scale Storage Systems

Parity-Only Caching for Robust Straggler Tolerance in Large-Scale Storage Systems

livia
Taking Web Caching to the Next Level: Challenges and Solutions

Taking Web Caching to the Next Level: Challenges and Solutions

turquoise
Enhancing Privacy with Randomized MAC Addresses in 802.11 Networks

Enhancing Privacy with Randomized MAC Addresses in 802.11 Networks

kgorr
Privacy Issues in IEEE 802.11 Networks: Tracking and MAC Randomization

Privacy Issues in IEEE 802.11 Networks: Tracking and MAC Randomization

kard154
The Privacy Paradox: Attitudes vs. Behaviors

The Privacy Paradox: Attitudes vs. Behaviors

clai_evi
Summary of MAC Address Policy Contribution to IEEE 802.11

Summary of MAC Address Policy Contribution to IEEE 802.11

desl_84
IEEE 802.11-21/1585r10: Identifiable Random MAC Address Presentation Summary

IEEE 802.11-21/1585r10: Identifiable Random MAC Address Presentation Summary

buchholtz_b
Enhancing MemC3: Compact and Concurrent MemCache for Improved Performance

Enhancing MemC3: Compact and Concurrent MemCache for Improved Performance

kael_6
Analyzing Information Spread on Twitter for Improved Content Distribution

Analyzing Information Spread on Twitter for Improved Content Distribution

canales_a
Web Caching: An Overview

Web Caching: An Overview

afelk
Local MAC Address Assignment Protocol (LAAP) and 802.1CQ

Local MAC Address Assignment Protocol (LAAP) and 802.1CQ

hill_z
Data Privacy Best Practices Training for Libraries

Data Privacy Best Practices Training for Libraries

teo_nah
Web Caching, Proxies, and CDNs in Web Architecture

Web Caching, Proxies, and CDNs in Web Architecture

jakaylahs
IEEE 802.11-23/0421r1: Understanding the IRM Scheme for MAC Address Privacy

IEEE 802.11-23/0421r1: Understanding the IRM Scheme for MAC Address Privacy

kyl_sc
Locality-Aware Caching Policies for Hybrid Memories

Locality-Aware Caching Policies for Hybrid Memories

oba_sau
MAC Address Randomization in IEEE 802.11: Privacy Concerns and Solutions

MAC Address Randomization in IEEE 802.11: Privacy Concerns and Solutions

prestage_d
Improving System Performance with Fine-Grained In-DRAM Data Relocation and Caching

Improving System Performance with Fine-Grained In-DRAM Data Relocation and Caching

mckendree_a

More Related Content