Month 1998 doc IEEE 802 11 00031 Proposal

  • Slides: 19
Download presentation
Month 1998 doc. : IEEE 802. 11 -00/031 Proposal to use KPS to Enhance

Month 1998 doc. : IEEE 802. 11 -00/031 Proposal to use KPS to Enhance WLAN Security Shinicihro Watanabe, Yutaku Kuchiki, Kazuaki Naito, Masayuki Ikeda Seiko Epson Corporation March 2000 Submission 1 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 Introduction • • • Problems of

Month 1998 doc. : IEEE 802. 11 -00/031 Introduction • • • Problems of the current WEP KPS Implementation SEC 9 H: MAC Chip with KPS Patents Conclusion Submission 2 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 Problems of the Current Standard -

Month 1998 doc. : IEEE 802. 11 -00/031 Problems of the Current Standard - Not specified how to control keys - Difficult to exchange shared keys - Secret data is stored in MIB, which is accessible by external users - Difficult to authenticate - Practically impossible to deliver unique keys to every STA pair in a system Submission 3 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 Default Key and Key Mapping Default

Month 1998 doc. : IEEE 802. 11 -00/031 Default Key and Key Mapping Default Key System Mapped Key System (MIB-a. WEPDefault. Keys) Submission (MIB-a. WEPKey. Mappings) 4 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 Problems of the Current Standard -

Month 1998 doc. : IEEE 802. 11 -00/031 Problems of the Current Standard - Not specified how to control keys - Difficult to exchange shared keys - Secret data is stored in MIB, which is accessible by external users - Difficult to authenticate - Practically impossible to deliver unique keys to every STA pair in a system Key Distribution Problem Submission 5 John Doe, His Company

March 2000 doc. : IEEE 802. 11 -00/031 Basic Flow of the KPS Communications

March 2000 doc. : IEEE 802. 11 -00/031 Basic Flow of the KPS Communications 1. Setting a Private-ID 2. KPS Communications KPS Center System-ID Public-ID A (MAC Address A) Private-ID A Public-ID B (MAC Address B) Private-ID B Public-ID n (MAC Address n) Private-ID n (Procedure necessary only once) Submission 6 S. Watanabe Seiko Epson Corp.

March 2000 doc. : IEEE 802. 11 -00/031 Basic Flow of the KPS Communications

March 2000 doc. : IEEE 802. 11 -00/031 Basic Flow of the KPS Communications 1. Setting a Private-ID 2. KPS Communications Sender A (MAC Address A) KPS Center System-ID Receiver B (MAC Address B) Public-ID A (MAC Address A) Private-ID A Public-ID B (MAC Address B) Private-ID B KAB (Procedure necessary only once) Submission KPS Module Private-ID A Private-ID B KAB=KBA (Generated Key is without connections) 7 S. Watanabe Seiko Epson Corp.

Month 1998 doc. : IEEE 802. 11 -00/031 Principle behind KPS Communications KAB =

Month 1998 doc. : IEEE 802. 11 -00/031 Principle behind KPS Communications KAB = KBA KAB ≠ KCA for any of C; C ≠ B KBA ≠ KCB for any of C; C ≠ A Submission 8 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 KPS Security (1) • HUB vs

Month 1998 doc. : IEEE 802. 11 -00/031 KPS Security (1) • HUB vs Switch Ethernet LAN (HUB) HUB (MAC 0) NIC 4 (MAC 4) Ethernet LAN (Switch) NIC 1 (MAC 1) NIC 2 (MAC 2) Switch (MAC 0) NIC 3 (MAC 3) NIC 4 (MAC 4) NIC : Network Interface Card NIC 4 : Network Interface Card ( Attacker NIC 1 (MAC 1) ) NIC 2 (MAC 2) NIC 3 (MAC 3) : Packet (HUB Submission ⇒ MAC 1) 9 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 KPS Security (2) • WEP vs

Month 1998 doc. : IEEE 802. 11 -00/031 KPS Security (2) • WEP vs WEP + KPS 802. 11 WEP Only Submission 802. 11 WEP + KPS 10 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 Authentication Masquerade Submission 11 John Doe,

Month 1998 doc. : IEEE 802. 11 -00/031 Authentication Masquerade Submission 11 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 Implementing KPS to 802. 11 MAC

Month 1998 doc. : IEEE 802. 11 -00/031 Implementing KPS to 802. 11 MAC • Parameters – – – Public-ID: Apply the MAC address as it is. 48 bits length. System-ID: 1024 x 40 bits. Conspiracy number 1024 Private-ID size: 5 k bytes Shared key length: 40 bit (based on current standard) • MIB privacy group – Submission AKPS Invoked: 0: KPS is off (default) 1: KPS is on 12 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 KPS Module • KPS Algorithm •

Month 1998 doc. : IEEE 802. 11 -00/031 KPS Module • KPS Algorithm • Private-ID • One-Way Schemes Public-ID(48 bit) One-Way Scheme 1 RC 4 PRNG Private-ID Output Fixed Data(Secret) (40 bit) Effective-ID(1024 bit) Shared Key(40 bit) XOR Private-ID (1024 × 40) 1 × 0 × 40 bit 10110 ・・・・・・・ 10 0 × 40 bit 1024 bit ・ ・ Input (Effective-ID) RC 4 PRNG XOR Default Key #0 (40 bit) KPS Algorithm One-Way Scheme 2 RC 4 Key RC 4 PRNG 1024 Submission KPS Algorithm (40 bit) RC 4 Key 13 40 bit Output XOR 40 bit ・ ・ 1 × 40 bit 0 × 40 bit John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 Who should administrate the KPS Center

Month 1998 doc. : IEEE 802. 11 -00/031 Who should administrate the KPS Center • Private system: Each vendor can create System-IDs independently • Multi-vendor system: – Idea 1: A public organization creates and strictly controls a System-ID. The public organization duplicates and ciphers the System-ID and delivers it with a KPS Center tool to vendors. – Idea 2: A public organization creates and strictly controls a System-ID. It issues Private-IDs in response to demands from venders. The organization should inspect whether the demands are from the right vendors. We propose that 802. 11 controls the KPS Center Submission 14 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 SEC 9 H: MAC chip with

Month 1998 doc. : IEEE 802. 11 -00/031 SEC 9 H: MAC chip with KPS SEC 9 H: MAC controller with KPS Evaluation board GBT 9: Hi-datarate BB processor Submission 15 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 SEC 9 H: MAC controller with

Month 1998 doc. : IEEE 802. 11 -00/031 SEC 9 H: MAC controller with KPS • Target baseband processor – HFA 3860 B (Intersil) – GBT 9 (Seiko Epson Corporation) • IEEE 802. 11 b protocol compliant • Hi-data rate, – 5. 5 M/11 Mbps with HFA 3860 B – 3. 7 M/5. 5 M / 7. 3 M / 9. 2 M / 11. 0 M / 12. 8 Mbps with GBT 9 • KPS: Automatic shared key generation • Dual host bus: ISA and PCMCIA • Low power consumption Submission 16 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 About KPS • Inventor – Prof.

Month 1998 doc. : IEEE 802. 11 -00/031 About KPS • Inventor – Prof. Tsutomu Matsumoto, Yokohama National University – Prof. Hideki Imai, Tokyo University • Patents – Japan: Cipher Key Sharing Method Patent Number: 1984390, October 25, 1995 Owner of the patent: Advance Co. , Ltd. – US: – Patent Number 5, 016, 276 (May 14, 1991) – Europe: – Patent Number 0 277 247 (04.05. 1994) Submission 17 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 Conclusion • Use KPS to enhance

Month 1998 doc. : IEEE 802. 11 -00/031 Conclusion • Use KPS to enhance WLAN security. KPS solves the Key Distribution Problem. • Seiko Epson can provide evaluation chips and tools. • KPS Features: – It distributes unique shared keys to every sender/receiver pairs without exchanging any secret data – It performs authentication inherently, with no additional schemes – It releases the system administrator from controlling encryption keys – It does not require changing current security protocols to implement KPS – It is easy to use and implement Submission 18 John Doe, His Company

Month 1998 doc. : IEEE 802. 11 -00/031 End KPS Submission Robust cryptography 19

Month 1998 doc. : IEEE 802. 11 -00/031 End KPS Submission Robust cryptography 19 John Doe, His Company