1 / 8

Coexistence of Legacy & RSN STAs in Public WLAN

Coexistence of Legacy & RSN STAs in Public WLAN. Byoung-Jo “J” Kim AT&T Labs-Research March ‘03, Dallas. Purpose. A Twist in Public Access Scenario: Must Support “Simultaneously” Legacy STAs with WEP off For various reasons, at least for a while RSN (or WPA) STAs

nami
Download Presentation

Coexistence of Legacy & RSN STAs in Public WLAN

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Coexistence of Legacy & RSN STAs in Public WLAN Byoung-Jo “J” Kim AT&T Labs-Research March ‘03, Dallas

  2. Purpose • A Twist in Public Access Scenario: Must Support “Simultaneously” • Legacy STAs with WEP off • For various reasons, at least for a while • RSN (or WPA) STAs • For privacy protection if STAs capable • Not a requirement for PWLAN in general: You should assume you’re on your own. • But Use it if available: Must do more for customers for their protection.

  3. Possible Solutions • Shares many issues with doc 03-154 by Bernard Aboba, and Also maybe a special case of TSN • Use Two SSIDs with Two Radios • Use Two SSIDs with a Single Radio • Common implementation has Primary SSID in Beacon, others Revealed with Probe • Problems: Refer to 03-154 • Most importantly: Two SSID may confuse people • Trying to build a “consumer” service. • Preference toward single SSID • Risk to Network is accepted factor of any ISP

  4. Possible Solutions: continued • Single SSID: Beacon with Privacy off and RSN IE included • No problem with Legacy STAs • Not Sure How RSN STAs will behave • Not a valid option in Draft 3.1 7.3.1.4 Capability Information field Add the following paragraphs to Clause 7.3.1.4: STAs (including APs) that include the RSN IE in beacons and probe responses shall set the Privacy subfield to 1 in any frame that includes it. • Attempt to associate, auth via 1x and run RSN? Good! • Don’t even try to associate since Privacy bit is OFF?

  5. TSN Policy does not cover this case • 8.4.3.1 TSN policy selection <<snip snip>> If an AP operating within a TSN receives a (Re)association request without an RSN IE, it shall allow communications only if a WEP key has been configured to secure communication. If a WEP key is not installed, the AP shall reject the association request; if a WEP key is configured, the AP may accept the request.

  6. Observations with “one” current HW • Setup: Beacon WEP off, Some STAs configured to use 1x authentication/key exchange and Some configured no WEP. All Pre-RSN/WPA • Broadcast unencrypted by AP if non-1x STA present • No-WEP STAs associate and work fine • Some 1x STA models won’t even try to send assoc-req • Most do and associate/authenticate successfully • Some do accept unencrypted broadcast like DHCP • Some do not • Some 1x STA broadcast unencrypted but refuse reception

  7. Broadcast/Multicast • ARP for gateway, DHCP, etc are necessary for service • STA to AP is no problem, whether encrypted or not • AP can be smart about whether to encrypt or not by keeping track of the interactions. • May need to look at the IP payload, since many sloppy implementations use Broadcast addresses even when unicast address can be known, just based on the IP protocol type. • Peer-to-peer in BSS cannot be charged: APs may be configured to drop direct communication between STAs

  8. Suggestions • Make “Beacon/Probe Privacy OFF” with RSN IE” a legitimate mode, a particular mode of TSN? • Specify STA behaviors for this Case • “Attempt RSN operation based on RNS IE only, regardless of WEP bit”? • Specify what to do with broadcast/multicast traffic

More Related