1 / 7

TDLS Inconsistent Security Problem

TDLS Inconsistent Security Problem. Authors:. Date: 2007-11-15.

ecarman
Download Presentation

TDLS Inconsistent Security Problem

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TDLS Inconsistent Security Problem Authors: Date: 2007-11-15 Notice:This document has been prepared to assist IEEE 802.11. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Sihoon Yang

  2. Abstract TDLS currently support security even though AP can’t support security. But it is very confusing. We need a method to provide a consistent security mechanism. Sihoon Yang

  3. I’m considering AP can’t support an RSNA, but STAs support an RSNA STAs established non-RSNA with AP. STA establish an RSNA with each other for Direct Link Is it secure or not? It depends on Path AP Path : not secure DLS Path : secure It doesn’t support consistent security. It’s very confusing to user or higher layer application. Background AP Path AP Not secure Secure Initiator STA Peer STA DLS Path Sihoon Yang

  4. Scinario AP established non-RSNA with STAs STAs set up secure TDLS Initiator STA send the file including the list of ID and password First they use DLS path and can send data securely Peer STA moves away and they use AP path Data is not secure any more What happened? Passive attacker can sniff and get some ID, password. It is not secure as a whole communication Background (cont) AP Path Not secure AP Secure Initiator STA Peer STA DLS Path Sihoon Yang

  5. Solution #1 DLS path support security only if AP path support security • AP must establish an RSNA with each STAs prior to TDLS Peer key handshake • If STAs established an RSNA with AP, STAs can establish an secure TDLS setup. • If STAs didn’t establish an RSNA with AP, STAs can’t establish an secure TDLS setup. AP Secure Secure Initiator STA Peer STA Sihoon Yang

  6. Solution #2 Make AP path to be secure even if AP don’t support RSNA • Need new mechanism which make AP path to be secure even if AP don’t support RSNA Secure AP Not secure Secure Initiator STA Peer STA Sihoon Yang

  7. Straw poll • What solution are you in favor of to resolve the inconsistent security problem? Solution #1 : • DLS path support security if and only if AP path support security Solution #2 : • Make AP path to be secure even if AP don’t support RSNA Don’t Know/Care : Sihoon Yang

More Related