60 likes | 69 Views
This study by Paul Lambert explores the importance of decoupling the Privacy Field from the RSN Information Element for enabling encryption in hotspots. Lambert discusses the current usage, background, issues with always setting the Privacy Field, recommendations for improving privacy, and proposes a motion to enhance security. By allowing mixed-mode traffic, encrypted and non-encrypted users can coexist securely.
E N D
Enabling Encryption in Hotspots by Decoupling the Privacy Field from the RSN Information Element Paul A. Lambert Paul Lambert, Airgo Networks
Privacy Field Current Usage • Current specification requires the “Privacy Field” in the IE to always be set when there is an RSN IE: 7.3.1.4 Capability Information field STAs (including APs) that include the RSN IE in beacons and probe responses shall set the Privacy subfield to 1 in any frame that includes it. 7.3.2.17 ...A STA sets the Privacy bit set in the same way as WEP. Paul Lambert, Airgo Networks
Background • “Privacy Field/Bit” is the legacy WEP encryption negotiation • RSN IE is the new cipher suite negotiation • Setting Privacy Field on with RSN forces all legacy (WEP) devices to only use WEP if they are not RSN capable Paul Lambert, Airgo Networks
What’s Wrong with Always Setting the Privacy Field • A client STA may not always have a key! • Hotspot example: • “New users’ will never have existing keys or credentials and must join with no authentication or encryption • It would be desirable to encrypt the traffic of users (over the same AP) that have credentials. • Since the Privacy bit must be set for RSN, there can be no RSN security and all users must have no encryption. Paul Lambert, Airgo Networks
Privacy Field Recommendations • Make WEP/legacy negotiation be independent from RSN IE negotiation • Allow mixed mode traffic (encrypted an non-encrypted) • Mixed mode (encrypted/unencrypted) need not be insecure since traffic can be segregated at the AP (e.g. VLAN tags) Paul Lambert, Airgo Networks
Motion • Replace the first paragraph in section "7.3.1.4 Capability Information field” with: "STAs (including APs) that include the RSN IE in beacons and probe responses may set the Privacy Subfield to 0 or 1 independent of the RSN IE. STAs that are only IEEE 802.11 1999 compatible will not recognize the RSN IE and will continue to use the Privacy Subfield to determine if the WEP algorithm must be used." Paul Lambert, Airgo Networks