40 likes | 264 Views
AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments. AES-GCM should be incorporated in 802.11 as part of 802.11ac and 802.11ad developments. Situation
E N D
AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments Salowey et al (Cisco)
AES-GCM should be incorporated in 802.11 as part of 802.11ac and 802.11ad developments • Situation • AES-GCM should be added as a highly efficient mode of encryption to meet the high throughput needs of 802.11ac and 802.11ad • Complication • A proposal has been made to incorporate a new cipher, AES-GCM, into 802.11mb maintenance update to satisfy a perceived NSA Suite B requirement • Question • Is it appropriate to add AES-GCM in the 802.11mb maintenance update? • Answer • 802.11mb is neither the right time or right project for this new feature • AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments Salowey et al (Cisco)
AES-GCM is not required in the near term for 802.11, even for Suite B • AES-CCM works fine and does not need maintenance work • Adding a new cipher at this time sends a mixed message, suggesting that AES-CCM is broken in some way; this is false! • NSA Suite B does *not* specifically require or even recommend GCM • The Suite B web page does not require or recommend AES-GCM • Anecdotal evidence suggests that NSA prefers GCM, but this is not explicitly stated • The NSA has not published an expected timeline for Suite B support • The fact that RFC 5430 allows interoperability with AES-CBC suggests that the NSA is expecting a period of transition • RFC 5430, Suite B Profile for Transport Layer Security (TLS) Salowey et al (Cisco)
AES-GCM should be incorporated into 802.11 in conjunction with the 802.11ac/ad amendments • The high speed capabilities of AES-GCM are well matched to the expected properties of (operating at >1Gb/s) of 802.11ac/ad • AES-GCM may be mandatory in ac/ad, optional for other modes. • The timeline of 802.11ac/ad (currently no earlier than July 2012) is reasonable in terms of satisfying the long term NSA preference for AES-GCM in Suite B • Any effort to replace AES-CCM with AES–GCM today runs the risk of falsely suggesting to the market that AES-CCM is flawed from a security perspective • AES-GCM is not required for the maintenance of 802.11, AES-CCM works fine • Focusing on incorporation of AES-GCM into 802.11ac/ad mitigates the danger of doing something today that makes incorporation into 802.11ac/ad more difficult Salowey et al (Cisco)