1 / 8

Overview of Key Holder Security Association Teardown Mechanism

Overview of Key Holder Security Association Teardown Mechanism. Authors:. Date: 2007-09-05. Abstract.

lorne
Download Presentation

Overview of Key Holder Security Association Teardown Mechanism

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Overview of Key Holder Security Association Teardown Mechanism Authors: Date: 2007-09-05 Steve Emeott, Motorola

  2. Abstract This submission provides an overview of document 11-07/2372r0, which proposes a protocol for tearing down a mesh key holder security association that had been set up between a mesh authenticator and a mesh key distributor Steve Emeott, Motorola

  3. Outline • Overview • Mesh Key Holder Security Associations • Teardown Mechanism • Discussion of questions received Steve Emeott, Motorola

  4. mesh key distributor mesh authenticator Mesh Key Holder Security Handshake message 1 Mesh Key Holder Security Handshake message 2 Mesh Key Holder Security Handshake message 3 Mesh Key Holder Security Handshake message 4 Mesh Key Holder Security Association • A MP is elevated to a Mesh Authenticator after establishing a Mesh Key Holder Security Association (MKHSA) with an MKD • A MKHSA between an MA and its MKD is identified by • MPTK-KDShortName • The MKHSA state consists of • MPTK-KD (session key) • Key Replay Counters • If an MP moves to a new MKD domain, it should attempt to tear down the MKHSA in its old domain • Allows the MKD to delete old state Figure: Mesh Key Holder Security Association Handshake Steve Emeott, Motorola

  5. Example of MA behavior when changing MKD domains MKD 1 MA 1 MA3 MKD 2MA 2 After the Key Holder Security Teardown, MA3 has a secure peer link with both MA1 and MA2, but it only has a MKHSA with MKD2. Initial MSA Authentication In MKDD 1 Key Holder Security HS Initial MSA Authentication Proposed in 07/2372 Key Holder Security HS Key Holder Security Teardown In MKDD 2 Steve Emeott, Motorola

  6. The MKHSA torn down is identified by MPTK-KDShortName The teardown allows the MKD and MA to clean up state The Key Holder Security Teardown protocol permits the MA to delete a prior session, when joining a new MKD domain. The protocol may also be used by an MKD if it must stop its services as an MKD to one or more MAs. Key Holder Security Teardown protocol details Either MA or MKD may initiate Requester Responder Teardown Request Teardown Response Steve Emeott, Motorola

  7. Earlier Questions Received • Question: What happens if the MA initiates a new security session while the MKD is tearing down a pre-existing security association? Can this lead to livelock, where one side keeps proposing a new security association and the other tears it down • Answer: The MKHSA to be torn down is identified in the teardown request message by its MPTK-KDShortName, which will be different than the identifier for the new security session. Of course, the MKD is free to accept or decline a request for the new session Steve Emeott, Motorola

  8. Earlier Questions Received (cont.) • Question: How does it work if the MA and MKD both initiate the teardown simultaneously. • Answer: protocol supports timeout and retry features to increase the probability of success • Any party sending a teardown request starts a timer, waits for response. When the timer expires it may retransmit request • If a teardown response is not received after the teardown retransmission limit is reached, the MKHSA is deleted. • Any party receiving a teardown request sends out a teardown response and starts a timer. The identified MKHSA is deleted when the timer expires. • Any party receiving a duplicate request while decrementing the timer should send out a duplicate response • When a party receives a valid response after sending out a teardown request, it deletes the identified MKHSA • Any party receiving a teardown request while waiting for a response to its own teardown request for the same MKHSA should send a teardown response Steve Emeott, Motorola

More Related