1 / 6

Optional MAC-Level Security Enhancements for Home WLANs Carlos Rios LinCom Wireless

Optional MAC-Level Security Enhancements for Home WLANs Carlos Rios LinCom Wireless. TGeS to Date. Good solution proposed for Enterprise Security: Mutual Authentication Replay Protection Session Keys Key Management Strong Encryption The solution for the Home still relies on WEP

dorothyelias
Download Presentation

Optional MAC-Level Security Enhancements for Home WLANs Carlos Rios LinCom Wireless

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Optional MAC-LevelSecurity Enhancements for Home WLANsCarlos RiosLinCom Wireless Carlos Rios, LinCom Wireless

  2. TGeS to Date • Good solution proposed for Enterprise Security: • Mutual Authentication • Replay Protection • Session Keys • Key Management • Strong Encryption • The solution for the Home still relies on WEP • Manually generate and distribute common WEP key • Pain to regenerate and redistribute new keys • Keys WILL be forgotten • Stations can eavesdrop on each other Carlos Rios, LinCom Wireless

  3. An Idea • There is room for an optional 802.11MAC-level scheme that can readily provide • Mutual Authentication • Per Session Encryption Keys • Secure Encryption key generation and distribution • Support of WEP2 encryption ON TOP of the presently proposed 802.11eS structure Carlos Rios, LinCom Wireless

  4. That is not really new • Already have the 00/200 Intersil submission “Plug and Play Security in the Home and Small Business” • Use as an optional Authentication method in addition to Open and Shared Key • Simple Diffie-Helman multiple frame exchange • Simultaneous mutual authentication and session key generation • Use in concert with WEP2 encryption as now proposed Carlos Rios, LinCom Wireless

  5. General Details • Stations have unique, factory assigned Private keys, use to generate corresponding Public Keys • AP and Station are configured for “Public Key Authentication” • On first contact, APs, Stations learn each other’s MAC Address and Public Key pairs • Authentication consists of performing a Diffie-Helman exchange to securely mutually prove IDs AND generate a shared session WEP2 key • Key expiration and regeneration, redistribution can be handled similarly, or, more easily, by doing so directly while WEP2 encrypted with the initial key. Carlos Rios, LinCom Wireless

  6. Closing Remarks • An optional, previously presented MAC level scheme can add Home Wireless Network mutual authentication and session encryption key management to the 802.11eS proposal • Acknowledge that this is not an alternative to the Enterprise ESN proposal • Security provided is NOT strong enough for the Enterprise • It is certainly good enough for the home • This is TIMELY enough to not bog down the 802.11e standardization process Carlos Rios, LinCom Wireless

More Related