1 / 4

AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments

AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments. AES-GCM should be incorporated in 802.11 as part of 802.11ac and 802.11ad developments. Situation

dora
Download Presentation

AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments Salowey et al (Cisco)

  2. AES-GCM should be incorporated in 802.11 as part of 802.11ac and 802.11ad developments • Situation • AES-GCM should be added as a highly efficient mode of encryption to meet the high throughput needs of 802.11ac and 802.11ad • Complication • A proposal has been made to incorporate a new cipher, AES-GCM, into 802.11mb maintenance update to satisfy a perceived NSA Suite B requirement • Question • Is it appropriate to add AES-GCM in the 802.11mb maintenance update? • Answer • 802.11mb is neither the right time or right project for this new feature • AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments Salowey et al (Cisco)

  3. AES-GCM is not required in the near term for 802.11, even for Suite B • AES-CCM works fine and does not need maintenance work • Adding a new cipher at this time sends a mixed message, suggesting that AES-CCM is broken in some way; this is false! • NSA Suite B does *not* specifically require or even recommend GCM • The Suite B web page does not require or recommend AES-GCM • Anecdotal evidence suggests that NSA prefers GCM, but this is not explicitly stated • The NSA has not published an expected timeline for Suite B support • The fact that RFC 5430 allows interoperability with AES-CBC suggests that the NSA is expecting a period of transition • RFC 5430, Suite B Profile for Transport Layer Security (TLS) Salowey et al (Cisco)

  4. AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments • The high speed capabilities of AES-GCM are well matched to the expected properties of (operating at >1Gb/s) of 802.11ac/ad • AES-GCM may be mandatory in ac/ad, optional for other modes. • The timeline of 802.11ac/ad (currently no earlier than July 2012) is reasonable in terms of satisfying the long term NSA preference for AES-GCM in Suite B • Any effort to replace AES-CCM with AES–GCM today runs the risk of falsely suggesting to the market that AES-CCM is flawed from a security perspective • AES-GCM is not required for the maintenance of 802.11, AES-CCM works fine • Focusing on incorporation of AES-GCM into 802.11ac/ad mitigates the danger of doing something today that makes incorporation into 802.11ac/ad more difficult Salowey et al (Cisco)

More Related