OTA MAC Rotation

OTA MAC Rotation
Slide Note
Embed
Share

Unencrypted predictable frame fields in IEEE 802.11-23 can lead to client tracking, compromising privacy. This document proposes a method to prevent tracking of associated clients across epoch boundaries. OTA randomization is suggested to re-randomize MAC addresses at each epoch. The approach involves negotiation between APs and STAs, using HKDF for constructing new OTA MACs. By aligning hash algorithms during association, client tracking can be minimized effectively.

  • IEEE 802.11-23
  • Client Tracking
  • Privacy
  • OTA MAC Rotation
  • HKDF
clehn
clehn Follow

Uploaded on Feb 16, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Oct 2023 doc.: IEEE 802.11-23/1818r4 OTA MAC Rotation Date: 2023-10-19 Authors: Name Stephen Rodriguez Affiliations Cisco Systems Inc Address ::1 Phone email stephen.rodriguez@ieee.org sorr@cisco.com Stephen Orr Cisco Systems Inc Submission Slide 1 Stephen Rodriguez, Cisco

  2. Oct 2023 doc.: IEEE 802.11-23/1818r4 Summary Background Unencrypted predictable frame fields can enable client tracking by identifying a set of frames for which a single client is transmitter or intended receiver. This can allow tracking presence or location of the person using that client, compromising privacy. Proposal Goal: prevent tracking associated clients across epoch boundaries, within each epoch is acceptable. OTA Randomization: Prevents client frame tracking across epoch boundaries Re-randomize MAC address at every epoch Does not prevent client frame tracking within an epoch Submission Slide 2 Stephen Rodriguez, Cisco

  3. Oct 2023 doc.: IEEE 802.11-23/1818r4 Approach At association AP STA and non-AP STA shall negotiate if they both support OTA rotation; AP STA and non-AP STA shall use HKDF to construct the new OTA MAC prior to epoch HKDF-Extract requires a salt, and IKM (Input Keying Material) value to derive the PRK (pseudo random key) For the salt value we can use an FTM value the PMK derived from the 4WHS shall be used as the IKM Because FTM (Fine Time Measurement) and PMK are known to both AP and non-AP STA the new IRM can be validated by the AP There is no need to send the new IRM over the air, STA can just start using it PRK = HMAC-Hash (FTM, PMK) Hash algorithm would be aligned with the Hash algorithm used with the AKM during association (SHA256, 384,512) Submission Slide 3 Stephen Rodriguez, Cisco

  4. Oct 2023 doc.: IEEE 802.11-23/1818r4 Approach HKDF-Expand (PRK, info, L) -> OKM Pseudo Random Key calculated from HKDF-Extract function (PRK) Info context, in this case New OTA MAC L length of output keying material in octets (<= 255*HashLen) IRM_List = HMAC-Hash(PRK, "New OTA MAC , L) Hash would be aligned with the Hash algorithm used with the AKM during association (SHA256, 384,512) L = Num_Macs * 6(bytes) Num_Macs must be an integer between 1 and 42 Mac1 = IRM_List [first 6 bytes:] | Mac2 = IRM_List [second 6 bytes:] etc; second bit force to 26 A | E to align with IEEE Submission Slide 4 Stephen Rodriguez, Cisco

  5. Oct 2023 doc.: IEEE 802.11-23/1818r4 Client Initiated Rotation Before the defined epoch, allow the client to rotate the OTA mac Announce time Tell AP-STA when we will start to use new OTA IRM sent in a protected frame e.g. in 1 minute we will use new OTA IRM Once announce time has elapsed, countdown to Sunset time starts. Sunset time After old mac shall not respond and AP shall not forward packets for old IRM Fully Untrusted - DTIM * 5 Semi Untrusted DTIM * 5 Trusted DTIM * 5 Submission Slide 5 Stephen Rodriguez, Cisco

  6. Oct 2023 doc.: IEEE 802.11-23/1818r4 Straw Poll Would you agree that HKDF could solve the OTA mac rotation issue? Would you agree that computing multiple future OTA at one time would be beneficial? Submission Slide 6 Stephen Rodriguez, Cisco

Related


Michigan OTA Programs

Michigan OTA Programs

morwenna
Over-the-air (OTA) Market to be Worth $20.7 Billion by 2031—Exclusive Report by Meticulous Research®”

Over-the-air (OTA) Market to be Worth $20.7 Billion by 2031—Exclusive Report by Meticulous Research®”

Dips
Proposed Approach for MAC Address Assignment in IEEE 802.11

Proposed Approach for MAC Address Assignment in IEEE 802.11

adlai
Over-the-air (OTA) Market - Global Opportunity Analysis and Industry Forecast

Over-the-air (OTA) Market - Global Opportunity Analysis and Industry Forecast

RAJUL
Developing Effective Rotation Activities for Pharmacy Students

Developing Effective Rotation Activities for Pharmacy Students

ashwin
Approval and Validation Updates for NR MIMO OTA in 3GPP TSG-RAN.WG4 Meeting

Approval and Validation Updates for NR MIMO OTA in 3GPP TSG-RAN.WG4 Meeting

abram
IEEE 802.11-20/0054r1 MLD MAC Address and WM Address

IEEE 802.11-20/0054r1 MLD MAC Address and WM Address

case
Proposal for OTA MAC Change in IEEE 802.11-23/268r1

Proposal for OTA MAC Change in IEEE 802.11-23/268r1

kason
Proposal for IEEE 802.11-23/1984r1 TGbi Coordinated MAC Rotation

Proposal for IEEE 802.11-23/1984r1 TGbi Coordinated MAC Rotation

nata_o
Enhancing Privacy with Randomized MAC Addresses in 802.11 Networks

Enhancing Privacy with Randomized MAC Addresses in 802.11 Networks

kgorr
Atomtronic Rotation Sensor Design Using Double-Target BECs

Atomtronic Rotation Sensor Design Using Double-Target BECs

samer
Privacy Issues in IEEE 802.11 Networks: Tracking and MAC Randomization

Privacy Issues in IEEE 802.11 Networks: Tracking and MAC Randomization

kard154
Summary of MAC Address Policy Contribution to IEEE 802.11

Summary of MAC Address Policy Contribution to IEEE 802.11

desl_84
IEEE 802.11-21/1585r10: Identifiable Random MAC Address Presentation Summary

IEEE 802.11-21/1585r10: Identifiable Random MAC Address Presentation Summary

buchholtz_b
Addressing Privacy Concerns in IEEE 802.11-21: Changing MAC Addresses for Improved Security

Addressing Privacy Concerns in IEEE 802.11-21: Changing MAC Addresses for Improved Security

gain_53
IEEE 802.11-23/1984r3 TGbi Proposal for Coordinated MAC Rotation

IEEE 802.11-23/1984r3 TGbi Proposal for Coordinated MAC Rotation

kazimir
Local MAC Address Assignment Protocol (LAAP) and 802.1CQ

Local MAC Address Assignment Protocol (LAAP) and 802.1CQ

hill_z
Comprehensive Geriatrics and Palliative Medicine M4 Rotation Program Overview

Comprehensive Geriatrics and Palliative Medicine M4 Rotation Program Overview

montser
Introduction to IEEE 802c SLAP

Introduction to IEEE 802c SLAP

slabaugh_h
Caseous Mitral Valve Calcification (C-MAC) and Stroke: Overview and Management

Caseous Mitral Valve Calcification (C-MAC) and Stroke: Overview and Management

dean_358
IEEE 802.11-22/0424r1 - MAAD MAC Protocol Overview

IEEE 802.11-22/0424r1 - MAAD MAC Protocol Overview

aliyannah
Charlotte Rollin Hornets Wheelchair Basketball Tournament 2015

Charlotte Rollin Hornets Wheelchair Basketball Tournament 2015

emer_va

More Related Content