Enhancing MAC Header Protection in IEEE 802.11 for Improved Security

Numerous critical fields in the MAC header of IEEE 802.11 frames lack protection during encryption, making them vulnerable to attacks that can have adverse effects on receivers. By safeguarding these fields, performance goals can be met, power efficiency enhanced, and reliability improved. The document highlights issues, background on AAD construction, unprotected header fields, and example attacks like data frame replay with modified sequence numbers.

• MAC Header
• IEEE 802.11
• Encryption
• Security
• Data Frame

benniebh Follow

Uploaded on Sep 24, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. March 2023 doc.: IEEE 802.11-23/0356r0 MAC header protection Date: Name Affiliation Address Phone Email Abhishek Patil appatil@qti.qualcomm.com Duncan Ho Jouni Malinen Qualcomm Inc. George Cherian Alfred Asterjadhi Submission Abhishek P (Qualcomm), et. al., Slide 1

2. March 2023 doc.: IEEE 802.11-23/0356r0 Summary of issues There are several fields in the MAC header that are not protected during the encryption of an MPDU These fields carry critical information that influences the receiving STA s behavior Such as indication of more data, power-save, buffer status etc Over the years, some of these (unprotected) fields have been extended to provide additional functionality E.g., extension of HT Control by TGax for functionalities such as TRS, BSR etc The unprotected fields are vulnerable to attacks leading to adverse effect at the receiver UHR must consider protecting MAC header to meet its performance goals, reduce power drain and improve reliability. Submission Slide 2 Abhishek P (Qualcomm), et. al.,

3. March 2023 doc.: IEEE 802.11-23/0356r0 Background: AAD Construction Fields in the header are used to construct additional authentication data (AAD). Some of the header fields, that might change when retransmitted, are masked out during the construction of AAD Submission Slide 3 Abhishek P (Qualcomm), et. al.,

4. March 2023 doc.: IEEE 802.11-23/0356r0 Header fields that are not protected The following (sub)fields are masked during AAD construction (and hence not protected): In Frame Control field: o The 3 LSBs of the Subtype subfield (bits 4 5 6) in a Data frame masked out. Bit 7 is not modified o Retry subfield (bit 11) masked out o Power Management subfield (bit 12) masked out o More Data subfield (bit 13) masked out o +HTC subfield (bit 15) is masked out in all Data frames containing a QoS Control field Sequence Number subfield in Sequence Control field All subfield in QoS Control field except TID subfield are masked o A-MSDU Present subfield is conditionally protected (AAD) Duration/ID and HT Control fields are not part of AAD construction Submission Slide 4 Abhishek P (Qualcomm), et. al.,

5. March 2023 doc.: IEEE 802.11-23/0356r0 Header fields that are not protected Some subfields within the field are protected Field is not protected Submission Slide 5 Abhishek P (Qualcomm), et. al.,

6. March 2023 doc.: IEEE 802.11-23/0356r0 Example Attack 1: Replay of a Data frame with modified SN Attacker records a genuine (A)MPDU and replays it with modified Sequence Number(s). Since it is a replayed frame, it will pass decryption and integrity check and the attack goes unnoticed until (PN-based) replay check is performed, which is much later in the processing chain (i.e., after reorder buffer block). But by then: the scoreboard context (and possibly WinStartR) will get updated. WinStartR gets updated if the SN of the injected (fake) frame is > WinEndR receiver ignores genuine MPDUs if the updated WinStartR fall in the 2nd half of the window (i.e., > 211) duplicate detection logic gets corrupted with SN from replayed MPDU jeopardizes the processing of a genuine MPDU matching that SN Will possibly updates WinStartB WinStartB gets updated if the SN of the injected (fake) frame is > WinEndB receiver ignores genuine MPDUs if the updated WinStartB fall in the 2nd half of the window (i.e., > 211) o Assumption: An MPDU will be discarded from the re-O buffer when PN check fails but WinStartB will remain updated o i.e., there is no backtracking to undo the change due to a bad MPDU 1. 2. 3. Submission Slide 6 Abhishek P (Qualcomm), et. al.,

7. March 2023 doc.: IEEE 802.11-23/0356r0 Example Attack 2: Frame w/ modified A-Control Attacker transmits a fake QoS Null or replays an MPDU with an arbitrary value in the A-Control Such as TRS-Control which will cause the client to react in SIFS The attack will go unnoticed until PN-based replay check Will go unnoticed if it was a fake a QoS Null frame. As a result, the recipient (non-AP STA) burns power and spends it resources in preparing and transmitting a TB- PPDU Other features such as cross-link signaling via A-Control are vulnerable to such attacks causing the non-AP MLD to wake-up on additional links and consumer additional power. Submission Slide 7 Abhishek P (Qualcomm), et. al.,

8. March 2023 doc.: IEEE 802.11-23/0356r0 In summary Unprotected header fields are vulnerable to various attacks which will lead to DoS, power drain and impact performance. UHR is focused on improving reliability, reducing latencies and reducing power consumption at devices. Therefore, MAC header protection must be viewed as one of the necessary steps towards meeting these goals. Submission Slide 8 Abhishek P (Qualcomm), et. al.,

9. March 2023 doc.: IEEE 802.11-23/0356r0 Some considerations A scheme to protect the MAC header needs to account for the header field value(s) getting updated when an MPDU is retried. Such as Retry bit, PM bit, A-Control etc In addition, the scheme needs to preserve the requirement that the contents of the MPDU are not re-encrypted during a retry Consequently, MAC header protection cannot be combined with MPDU encryption. i.e., needs to be a separate step such that the protection is re-applied only to the MAC header fields when an MPDU is retried. Submission Slide 9 Abhishek P (Qualcomm), et. al.,