Enhancing Privacy with Randomized MAC Addresses in 802.11 Networks

Slide Note
Embed
Share

This presentation discusses the use of randomized MAC addresses as a privacy-enhancing measure in 802.11 networks. Passive observation of MAC addresses poses privacy risks, and the proposal suggests assigning random MAC addresses to portable devices to mitigate tracking risks. By periodically changing MAC addresses and avoiding active probing, privacy can be enhanced without compromising network connectivity.

kgorr
kgorr Follow

Uploaded on Sep 11, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. March 2014 Randomized MAC Addresses for Privacy Enhancement Date: 2014-03-18 Authors: doc.: IEEE 11-14/0430r1 Name Dan Harkins Affiliations Address Aruba Networks Phone email dharkins at aruba networks dot com Submission Slide 1 Dan Harkins, Aruba Networks

  2. March 2014 doc.: IEEE 11-14/0430r1 Abstract This slide deck presents the idea of using randomized MAC addresses as a tool to enhance privacy in 802.11 Submission Slide 2 Dan Harkins, Aruba Networks

  3. March 2014 doc.: IEEE 11-14/0430r1 What s the Privacy Issue? Passive observation of 802.11 bands reveals MAC addresses STAs active probing when not connected to a network Communication to connected network Location plus time plus frequency plus MAC address allows sensitive information to be gleaned This MAC address pops up around the AIDs clinic twice a week This MAC address is near the liquor store at 8am every day This MAC address leaves a certain apartment building in the early morning almost every weekend Social networks of such meta data can be built with good accuracy in positive identification Submission Slide 3 Dan Harkins, Aruba Networks

  4. March 2014 doc.: IEEE 11-14/0430r1 What s the Privacy Issue? Sample headlines from 11-13/1448r1: Seattle Police Deactivate Wi-Fi Spy Grid After Privacy Outcry (Nov 2013) A DHS and Seattle police network collecting location information CreepyDOL Wi-Fi Surveillance project debuts at BlackHat/DEFCON (Aug 2013) DIY surveillance with low-cost Wi-Fi based sensors that capture MAC addresses Wi-Fi Trashcans Now Silently Tracking Your Smartphone Data (Aug 2013) ... the company boasted that the cans, which included LCD advertising screens, "provide an unparalleled insight into the past behavior of unique devices" and hence of the people who carry them around Guardian article last week: Phone call metadata does betray sensitive details about your life (Mar 2014) Stanford researchers were able accurately identify volunteers in a study that gave up their meta data, determining that one person probably had MS, another probably had an abortion, and another probably grew marijuana Submission Slide 4 Dan Harkins, Aruba Networks

  5. March 2014 doc.: IEEE 11-14/0430r1 Proposal When not attached to a network Assign a random MAC address to the wireless interface of portable and mobile STAs (not fixed STAs and APs) Periodically change to a new random MAC address Don t actively probe for known networks When attaching to a network Choose a new random MAC address and connect While attached to a network Keep the same MAC address for the life of the connection Cache PMKSAs (and the MAC address therein) in an RSN When reattaching to a network Assign the MAC address from the cached PMKSA, then connect Submission Slide 5 Dan Harkins, Aruba Networks

  6. March 2014 doc.: IEEE 11-14/0430r1 What s a Random MAC address? Take a 48-bit datum Assign the datum a random 48-bit string Set the bit indicating locally administered MAC Clear the unicast/multicast bit indicating unicast Assign that 48-bit datum to the MAC address Submission Slide 6 Dan Harkins, Aruba Networks

  7. March 2014 doc.: IEEE 11-14/0430r1 Obvious Question #1 Whaddya mean random? Make a random selection from the pool of available MAC addresses Each possible MAC address from the pool of available MAC addresses has equal probability of being chosen I mean the same thing as is meant by the use of the word in section 8.2.4.3.4 in IEEE Std 802.11-2012 But where does it say how to do that? Well, appendix M.5 of IEEE Std 802.11-2012 has some fine recommendations for implementers to follow Note: I m not blazing a new trail by using the word random! Submission Slide 7 Dan Harkins, Aruba Networks

  8. March 2014 doc.: IEEE 11-14/0430r1 Obvious Question #2 What are you gonna do about collisions? Nothing! There are 246 possible random MAC addresses The chosen MAC addresses have to be unique in the DS (or IBSS), they don t have to be globally unique There will be a few hundred, maybe a tad over a 1000 STAs Much higher and things melt down (remember Verilan in Dallas?) How many possible ways for 1000 STAs to choose 246 values? m n = m!/n!(m-n)! m choose n is with m = 246 = 7x1013, n = 1000 the number of choices is astronomical The probability of 2 of the 1000 STAs choosing the same MAC is infinitesimally small don t worry about it! Submission Slide 8 Dan Harkins, Aruba Networks

  9. March 2014 doc.: IEEE 11-14/0430r1 Obvious Question #3 Won t this screw up a whole bunch of 802.11? Don t think so, unless pervasive monitoring is viewed as a positive Won t this screw up services provided to users of 802.11? Depends on the service, but probably there are some. It s optional; UIs (not done here) can make this an opt-in If you want to take advantage of a service that requires you to be tracked then don t use this optional feature Patient: Doctor it hurts when I do this Doctor: Don t do that Submission Slide 9 Dan Harkins, Aruba Networks

  10. March 2014 doc.: IEEE 11-14/0430r1 References 11-13/1448r1 802.11 privacy Submission Slide 10 Dan Harkins, Aruba Networks

Related


Privacy Issues in IEEE 802.11 Networks: Tracking and MAC Randomization

Privacy Issues in IEEE 802.11 Networks: Tracking and MAC Randomization

kard154
Local MAC Address Assignment Protocol (LAAP) and 802.1CQ

Local MAC Address Assignment Protocol (LAAP) and 802.1CQ

hill_z
IEEE 802.11-21/1585r10: Identifiable Random MAC Address Presentation Summary

IEEE 802.11-21/1585r10: Identifiable Random MAC Address Presentation Summary

buchholtz_b
Proposed Approach for MAC Address Assignment in IEEE 802.11

Proposed Approach for MAC Address Assignment in IEEE 802.11

adlai
IEEE 802.11-22/0955r0 TGbh Pre-association Schemes Exploration

IEEE 802.11-22/0955r0 TGbh Pre-association Schemes Exploration

omcpi
IEEE 802.11-20/0054r1 MLD MAC Address and WM Address

IEEE 802.11-20/0054r1 MLD MAC Address and WM Address

case
Addressing Privacy Concerns in IEEE 802.11-21: Changing MAC Addresses for Improved Security

Addressing Privacy Concerns in IEEE 802.11-21: Changing MAC Addresses for Improved Security

gain_53
Understanding Bluetooth Low Energy Addresses in IEEE 802.11-21/1535r0

Understanding Bluetooth Low Energy Addresses in IEEE 802.11-21/1535r0

elio
Understanding the Privacy Paradox: Attitudes vs. Behaviors

Understanding the Privacy Paradox: Attitudes vs. Behaviors

clai_evi
Proposal for OTA MAC Change in IEEE 802.11-23/268r1

Proposal for OTA MAC Change in IEEE 802.11-23/268r1

kason
RCM Procedure for Secure Parameter Obfuscation in IEEE 802.11 Networks

RCM Procedure for Secure Parameter Obfuscation in IEEE 802.11 Networks

skamp
Privacy Address Requirements for Wireless Personal Area Networks

Privacy Address Requirements for Wireless Personal Area Networks

vkob
Summary of MAC Address Policy Contribution to IEEE 802.11

Summary of MAC Address Policy Contribution to IEEE 802.11

desl_84
Understanding Address Resolution Protocol (ARP) in Computer Networks

Understanding Address Resolution Protocol (ARP) in Computer Networks

tat_sch
Implications of IEEE 802.11 State Machine and MAC Randomization

Implications of IEEE 802.11 State Machine and MAC Randomization

azarel
Enhancing MAC Header Protection in IEEE 802.11 Networks

Enhancing MAC Header Protection in IEEE 802.11 Networks

myaleeab
IEEE 802.11bh Overview: RCM and TGbh Activities

IEEE 802.11bh Overview: RCM and TGbh Activities

islagrace
IEEE 802.1CQ: Address Assignment and Validation Protocols

IEEE 802.1CQ: Address Assignment and Validation Protocols

coia227
IEEE 802.11-22/0424r1 - MAAD MAC Protocol Overview

IEEE 802.11-22/0424r1 - MAAD MAC Protocol Overview

aliyannah
Data Privacy Best Practices Training for Libraries

Data Privacy Best Practices Training for Libraries

teo_nah
Introduction to IEEE 802c SLAP

Introduction to IEEE 802c SLAP

slabaugh_h
Randomized Algorithms for Approximate Median with Elementary Probability

Randomized Algorithms for Approximate Median with Elementary Probability

jhck213
Understanding Network Analysis: Whole Networks vs. Ego Networks

Understanding Network Analysis: Whole Networks vs. Ego Networks

kayliee
Understanding Privacy Rights in Europe: A Comprehensive Overview

Understanding Privacy Rights in Europe: A Comprehensive Overview

jesu_26

More Related Content