Progress on IEEE 802.11-23/1576r0 Password Identifiers

Attempting to address the issue of supporting multiple PSKs per SSID in IEEE 802.11 networks, this document outlines the challenges with the existing approach, proposes encrypting STAs' identities in the AP's public key using HPKE, and discusses the opposition and alternative suggestions to improve security and address the multi-credential use case.

• IEEE
• Password Identifiers
• WiFi Security
• Encryption
• Network Standards

neliagi Follow

Uploaded on Sep 16, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. September 2023 doc.: IEEE 802.11-23/1576r0 Progress On Password Identifiers Date: 2023-09-13 Authors: Name Dan Harkins Affiliations Address HPE Phone email Submission Slide 1 Dan Harkins, HPE

2. September 2023 doc.: IEEE 802.11-23/1576r0 Abstract An attempt to move forward to support a critical use case Submission Slide 2 Dan Harkins, HPE

3. September 2023 doc.: IEEE 802.11-23/1576r0 What s The Problem? Traditionally, shared key authentication was per SSID Every STA in the ESS used the same PSK SAE inherited this unfortunate architecture Many use cases want to use multiple PSKs per SSID The 11i PSK protocol (aka WPA2-PSK) was hackable Vendors sold product which supported multiple PSKs under a single SSID The AP would do a dictionary attack against itself in 4way HS to determine which PSK the STA used This is (intentionally!) not possible with SAE New PHYs are prohibiting the 11i PSK protocol It will be impossible to support the use cases which require multiple credentials This will hinder adoption of new PHYs (or encourage their insecure use) Submission Slide 3 Dan Harkins, HPE

4. September 2023 doc.: IEEE 802.11-23/1576r0 Where Are Now? Password identifiers have been part of IEEE Std 802.11 for years Handset vendors UI concerns compelled RSNXE bit use Privacy concerns have prevented their adoption into certification programs Lack of adoption in certification programs have led to non- implementation This is not a viable solution to address the multi-credential use case Proposal for adding privacy to password identifiers Use HPKE to encrypt the STA s identity in the AP s public key Add AP s public key to beacons and probe responses Use new IE to hold protected password identifiers vs old kind Submission Slide 4 Dan Harkins, HPE

5. September 2023 doc.: IEEE 802.11-23/1576r0 Where Are We Now? Opposition to privacy proposal Don t know how to age out public keys TOFU is bad . something . Proposal to use 802.1X with an EAP method that supports username/password instead of using SAE TOFU is even worse reduces security to that of WPA2-PSK If this addressed the use case it would be used already 802.1X/EAP for unique password credentials should be rejected Need to come up with a viable solution HPKE-based proposal is simplest and most secure How can we move forward? Submission Slide 5 Dan Harkins, HPE

6. September 2023 doc.: IEEE 802.11-23/1576r0 What Next? Would removing the public key from the beacon help? Define an ANQP exchange to ask for/receive AP s public key This still has TOFU issues, but still better than 802.1X/EAP Would using a new AKM exclusively for this help? A transition mode would probably require the new AKM plus AKM 24 UI would be cleaned up because if it s the old AKMs, don t include the identity widget, if it s this new one, include it. Easier to ignore if you don t want to implement this if the AKM is not supported it s not gonna show up to a user, reduces the problem of misconfiguration Submission Slide 6 Dan Harkins, HPE

7. September 2023 doc.: IEEE 802.11-23/1576r0 Straw Poll #1 Removing the public key from beacons and using ANQP to distribute public keys would improve the HPKE- protected password identifier scheme Y: N: A: Submission Slide 7 Dan Harkins, HPE

8. September 2023 doc.: IEEE 802.11-23/1576r0 Straw Poll #2 Using a unique AKM exclusively for protected password identifiers would improve the HPKE-protected password identifier scheme Y: N: A: Submission Slide 8 Dan Harkins, HPE

9. September 2023 doc.: IEEE 802.11-23/1576r0 Backup Submission Slide 9 Dan Harkins, HPE

10. September 2023 doc.: IEEE 802.11-23/1576r0 Assuming + Response to Straw Polls I would support the HPKE-protected password scheme if it used ANQP to distribute public keys and used a new AKM for its exclusive operation Y: N: A: Submission Slide 10 Dan Harkins, HPE