Preventing Client Tracking in IEEE 802.11-23: OTA MAC Rotation Approach

oct 2023 n.w
1 / 5
Embed
Share

"Learn about preventing client tracking in IEEE 802.11-23 by implementing OTA MAC rotation to avoid privacy compromises. The proposal aims to hinder tracking across epoch boundaries, enhancing user privacy within each epoch. Details include the approach, HKDF negotiation, HKDF-Extract process, IRM generation, and more."

  • IEEE
  • Privacy
  • Tracking
  • OTA MAC Rotation
  • HKDF
rayaanacharya
ccar Follow

Uploaded on | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Oct 2023 doc.: IEEE 802.11-23/1818r0 OTA MAC Rotation Date: 2023-10-19 Authors: Name Stephen Rodriguez Affiliations Cisco Systems Inc Address ::1 Phone email stephen.rodriguez@ieee.org sorr@cisco.com Stephen Orr Cisco Systems Inc Submission Slide 1 Stephen Rodriguez, Cisco Systems Inc

  2. Oct 2023 doc.: IEEE 802.11-23/1818r0 Summary Background Unencrypted predictable frame fields can enable client tracking by identifying a set of frames for which a single client is transmitter or intended receiver. This can allow tracking presence or location of the person using that client, compromising privacy. Proposal Goal: prevent tracking associated clients across epoch boundaries, within each epoch is acceptable. OTA Randomization: Prevents client frame tracking across epoch boundaries Re-randomize MAC address at every epoch Does not prevent client frame tracking within an epoch Submission Slide 2 Stephen Rodriguez, Cisco Systems Inc

  3. Oct 2023 doc.: IEEE 802.11-23/1818r0 Approach At association AP STA and non-AP STA shall negotiate if they both support OTA rotation; AP STA and non-AP STA shall use HKDF to construct the new OTA MAC prior to epoch HKDF-Extract requires a salt, and IKM (Input Keying Material) value to derive the PRK (pseudo random key) For the salt value we can use an FTM value the PMK derived from the 4WHS shall be used as the IKM Because FTM (Fine Time Measurement) and PMK are known to both AP and non-AP STA the new IRM can be validated by the AP There is no need to send the new IRM over the air, STA can just start using it PRK = HMAC-Hash (FTM, PMK) Hash algorithm would be aligned with the Hash algorithm used with the AKM during association (SHA256, 384,512) Submission Slide 3 Stephen Rodriguez, Cisco Systems Inc

  4. Oct 2023 doc.: IEEE 802.11-23/1818r0 Approach HKDF-Expand (PRK, info, L) -> OKM Pseudo Random Key calculated from HKDF-Extract function (PRK) Info context, in this case New OTA MAC L length of output keying material in octets (<= 255*HashLen) IRM_List = HMAC-Hash(PRK, "New OTA MAC , L) Hash would be aligned with the Hash algorithm used with the AKM during association (SHA256, 384,512) L = Num_Macs * 6(bytes) Num_Macs must be an integer between 1 and 42 Mac1 = IRM_List [first 6 bytes:] | Mac2 = IRM_List [second 6 bytes:] etc; second bit force to 26 A | E to align with IEEE Submission Slide 4 Stephen Rodriguez, Cisco Systems Inc

  5. Oct 2023 doc.: IEEE 802.11-23/1818r0 Client Initiated Rotation Before the defined epoch, allow the client to rotate the OTA mac Announce time Tell AP-STA when we will start to use new OTA IRM sent in a protected frame e.g. in 1 minute we will use new OTA IRM Once announce time has elapsed, countdown to Sunset time starts. Sunset time After old mac shall not respond and AP shall not forward packets for old IRM Fully Untrusted - DTIM * 5 Semi Untrusted DTIM * 5 Trusted DTIM * 5 Submission Slide 5 Stephen Rodriguez, Cisco Systems Inc

Related


Michigan OTA Programs

Michigan OTA Programs

morwenna
Over-the-air (OTA) Market to be Worth $20.7 Billion by 2031—Exclusive Report by Meticulous Research®”

Over-the-air (OTA) Market to be Worth $20.7 Billion by 2031—Exclusive Report by Meticulous Research®”

Dips
Proposed Approach for MAC Address Assignment in IEEE 802.11

Proposed Approach for MAC Address Assignment in IEEE 802.11

adlai
Over-the-air (OTA) Market - Global Opportunity Analysis and Industry Forecast

Over-the-air (OTA) Market - Global Opportunity Analysis and Industry Forecast

RAJUL
Approval and Validation Updates for NR MIMO OTA in 3GPP TSG-RAN.WG4 Meeting

Approval and Validation Updates for NR MIMO OTA in 3GPP TSG-RAN.WG4 Meeting

abram
IEEE 802.11-20/0054r1 MLD MAC Address and WM Address

IEEE 802.11-20/0054r1 MLD MAC Address and WM Address

case
Proposal for OTA MAC Change in IEEE 802.11-23/268r1

Proposal for OTA MAC Change in IEEE 802.11-23/268r1

kason
Enhancing Privacy with Randomized MAC Addresses in 802.11 Networks

Enhancing Privacy with Randomized MAC Addresses in 802.11 Networks

kgorr
Privacy Issues in IEEE 802.11 Networks: Tracking and MAC Randomization

Privacy Issues in IEEE 802.11 Networks: Tracking and MAC Randomization

kard154
Summary of MAC Address Policy Contribution to IEEE 802.11

Summary of MAC Address Policy Contribution to IEEE 802.11

desl_84
IEEE 802.11-21/1585r10: Identifiable Random MAC Address Presentation Summary

IEEE 802.11-21/1585r10: Identifiable Random MAC Address Presentation Summary

buchholtz_b
Addressing Privacy Concerns in IEEE 802.11-21: Changing MAC Addresses for Improved Security

Addressing Privacy Concerns in IEEE 802.11-21: Changing MAC Addresses for Improved Security

gain_53
Local MAC Address Assignment Protocol (LAAP) and 802.1CQ

Local MAC Address Assignment Protocol (LAAP) and 802.1CQ

hill_z
Key Derivation Techniques in Cryptography

Key Derivation Techniques in Cryptography

mutschler_d
Introduction to IEEE 802c SLAP

Introduction to IEEE 802c SLAP

slabaugh_h
Caseous Mitral Valve Calcification (C-MAC) and Stroke: Overview and Management

Caseous Mitral Valve Calcification (C-MAC) and Stroke: Overview and Management

dean_358
History of the Marathas: A.D. 1707 - A.D. 1818 Presentation

History of the Marathas: A.D. 1707 - A.D. 1818 Presentation

sangster_o
IEEE 802.11-22/0424r1 - MAAD MAC Protocol Overview

IEEE 802.11-22/0424r1 - MAAD MAC Protocol Overview

aliyannah
IEEE 802.11-23/0421r1: Understanding the IRM Scheme for MAC Address Privacy

IEEE 802.11-23/0421r1: Understanding the IRM Scheme for MAC Address Privacy

kyl_sc
Charlotte Rollin Hornets Wheelchair Basketball Tournament 2015

Charlotte Rollin Hornets Wheelchair Basketball Tournament 2015

emer_va
Enhancement of Rule-based Random and Changing MAC Proposal in IEEE 802.11-22/1802r0

Enhancement of Rule-based Random and Changing MAC Proposal in IEEE 802.11-22/1802r0

nval
Over-the-air (OTA) Market to be Worth $20.7 Billion by 2031

Over-the-air (OTA) Market to be Worth $20.7 Billion by 2031

Dips

More Related Content