Overview of Security Task Groups in IEEE 802.15
This document provides a summary of the security-related task groups within the IEEE 802.15 working group, focusing on initiatives such as privacy enhancements, ASCON cipher integration, and the addition of the EDHOC key management protocol. It highlights the significance of EDHOC for low-complexity implementations and the adoption of ASCON as a lightweight cryptographic cipher.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Feb 2025 Doc: IEEE 802.15-25-0098-00 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Summary of security related work in the WG15] Date Submitted: [2025-02-17] Name: [Tero Kivinen] Affiliation: [Wi-SUN Alliance] E-Mail: [kivinen@iki.fi] Abstract: [This document provides summary of the security related task groups in the 802.15 working group. Submission Tero Kivinen, Wi-SUN Alliance Page 1
Feb 2025 Doc: IEEE 802.15-25-0098-00 Summary of security task groups There is currently 3 task groups working on the security TG4ac working on the privacy enhancements In letter ballot TG4ae adding ASCON cipher to the IEEE Std 802.15.4 Should be getting ready for letter ballot TG9a adding EDHOC key management protocol to IEEE Std 802.15.9 Should be going to letter ballot after this session Submission Tero Kivinen, Wi-SUN Alliance Page 2
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG9a: EDHOC This will be quite short amendment to the IEEE Std 802.15.9 It will add one new annex describing how to use IETF EDHOC (RFC9528) in IEEE Std 802.15.9. EDHOC = Ephemeral Diffie-Hellman Over COSE COSE = CBOR Object Signing and Encryption CBOR = Concise Binary Object Representation There will be two versions of the EDHOC that are supported: Raw EDHOC EDHOC over CoAP Submission Tero Kivinen, Wi-SUN Alliance Page 3
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG9a: Why EDHOC EDHOC enables a low complexity implementation with few and short messages In one example, of a three-message public key based EDHOC session including cryptographic agility and extensibility, each protocol message is smaller than 46 bytes, and the session consists of 101 bytes in total. EDHOC allows different methods for performing mutual authentication, for example using digital signatures or static Diffie- Hellman keys, with the authentication credentials passed by value or by reference. Submission Tero Kivinen, Wi-SUN Alliance Page 4
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ae: ASCON This amendment adds ASCON cryptographic cipher to IEEE Std 802.15.4. This also defines better how to use generic AEAD ciphers in the IEEE Std 802.15.4, the current text is specific to the AES-CCM and AES- CCM* ciphers. Specifies how the 13-octet nonce from IEEE Std 802.15.4 is expanded to 16-octet nonce for ASCON use case. Uses same construct as current AES-CCM, i.e., generate flags byte as first byte of nonce. ASCON does not need internal counter, thus L in flags will be set to zero, and nonce will be zero padded to 16-octets. Most of the document will be the test vectors for ASCON. Submission Tero Kivinen, Wi-SUN Alliance Page 5
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ae: Why ASCON NIST selected ASCON as Lightweight Cryptography Standards for Constrained Devices. ASCON provides: Authenticated encryption (AEAD cipher) Hash (could be used to replace SHA2/3) Extendable Output Functions (key derivation, PRF etc) Simplicity Ascon is natively defined on 64-bit words using only the bitwise Boolean functions and, xor, not, and rot (bitwise rotation). Lightweight and Flexible in Hardware Current implementation results show that Ascon provides excellent implementation characteristics in terms of size and speed. Several times faster than AES-GCM both in software and hardware Smaller code size than AES-GCM Submission Tero Kivinen, Wi-SUN Alliance Page 6
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Privacy IEEE Std 802.15.4 do include optional security that provides confidentiality and authentication of the frames, but there has not been need for privacy. Most of the IEEE Std 802.15.4 devices have been either fixed in location, or not connected to the persons. This is now changing as some mobile phones start to include IEEE Std 802.15.4 radios. IEEE Std 802.15.4 devices has used fixed 64-bit extended addresses or 16-bit short addresses, and there has not been a way to change either of them. This amendment learns from the work done earlier, and takes very 802.15.4 way of solving problem, i.e., everything is done in next higher layer. This amendment provides MLME primitives to provide the tools next higher layer needs to achieve suitable level of privacy. Submission Tero Kivinen, Wi-SUN Alliance Page 7
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Primitives Address list management (MLME-PRIV-ADDR-LIST, MLME-PRIV- ADDR-LIST-CONFIRM, MLME-PRIV-REQ-ADDR) Short address management (MLME-PRIV-ADDR-ASSIGN, MLME- PRIV-ADDR-ASSIGN-CONFIRM) Key identifier management (MLME-PRIV-UPDATE-KEY-ID, MLME-PRIV-UPDATE-KEY-ID-CONFIRM) Network discovery and device discovery (MLME-PRIV-NET- VERIFIER-GENERATE, MLME-PRIV-NET-VERIFIER-VERIFY) Submission Tero Kivinen, Wi-SUN Alliance Page 8
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Identifiers Uses IEEE Std 802c Administratively Assigned Identifiers (AAI-64) i.e., XYZ bits are set to one, zero, zero. Adds two more bits (S, T) to indicate what type of identifiers it is uses to keep the different types of identifiers distinct. Types of identifiers: Extended privacy address Device identifier (DI) Network ID Short addresses Short address nonce generation prefix (SANGP) Submission Tero Kivinen, Wi-SUN Alliance Page 9
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Extended privacy address Extended address used in the MAC header, this shall replace the static 64-bit extended address in MAC header. This is the only type of address that is sent over the air in clear (in MAC header). Randomly generated. Device may generate this whenever it needs or feels like. Device may have multiple addresses in use at the same time in the same network. Device should use different extended privacy address lists in different networks. Device will send list of extended privacy address to its peers when it changes Submission them (or it can use broadcast/multicast frames to update addresses). Tero Kivinen, Wi-SUN Alliance Page 10
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Device identifier (DI) Device identifier is stable identifier for the device for the lifetime of the network. Randomly generated. When sent in any frames, the frames shall be encrypted. Device may use different DIs in different networks. It is used for example in the frames where device updates its list of extended privacy addresses to indicate originating device sending the update. Submission Tero Kivinen, Wi-SUN Alliance Page 11
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Network ID Network ID is used to identify network during the lifetime of the network. Randomly generated when network is created by the creator of the network. Never sent over the air. Needs to be provided by the provision system to allow device to join network (provision system is out of scope). Different networks use different network ID, and there is one owner of the network identified by the network ID. Submission Tero Kivinen, Wi-SUN Alliance Page 12
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Short addresses 16-bit addresses that can be used in the IEEE Std 802.15.4 MAC header as source or destination address. In IEEE Std 802.15.4 there can be only one short address at one time. Privacy enhancements allows multiple. Not stable, they are provided by the some entity in the network to the device when it joins. Normally they do not change while device is connected. The entity providing addresses needs to make sure they are unique at that time. Same short address may be given to another device later when the first device has disassociated from the network. Each short address is associated to one 16-bit PAN ID. Submission Tero Kivinen, Wi-SUN Alliance Page 13
Feb 2025 TG4ac: Short address nonce generation prefix (SANGP) Doc: IEEE 802.15-25-0098-00 48-bit prefix used to generate extended addresses used in the IEEE Std 802.15.4 security layer when using short addresses. Security layer requires extended address to generate nonce even when using short addresses. This extended address needs to be unique over the lifetime of the key used in the network. Generate 64-bit extended address for nonce generation use by combining the 48-bit SANGP and 16-bit short address. Device assigning short addresses also assign SANGP associated with the list of short addresses. Can be randomly generated in small networks (up to few thousands). In larger networks needs to make sure they are unique, thus using counter is acceptable way of making sure each are unique (they do not need to be random). Submission Tero Kivinen, Wi-SUN Alliance Page 14
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Address list sequence number In case device uses multiple extended privacy addresses at the same time (simultaneously, not sequently). It is used to provide ordering for the address lists received. If only one extended privacy address or one short address is used, then replay prevention mechanism provided by the security layer prevents replays and no sequence number is needed. Submission Tero Kivinen, Wi-SUN Alliance Page 15
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Frame counters In IEEE Std 802.15.4 there is one frame counter for a device or one per key. Privacy enhancements adds separate frame counters for each address. Frame counters are initialized to random value when they are taken in to use. Submission Tero Kivinen, Wi-SUN Alliance Page 16
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Sending list of addresses Next higher layer Device MAC Device MAC Next higher layer MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication Submission Tero Kivinen, Wi-SUN Alliance Page 17
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Sending address list retry Next higher layer Device MAC Device MAC Next higher layer MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command ErrorCode = Unknown Source Address MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication MLME-PRIV-SEND-ADDR-LIST.request Address List command with Sender ID MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication Submission Tero Kivinen, Wi-SUN Alliance Page 18
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Requesting address list Device higher layer Device MAC Device MAC Device higher layer MLME-PRIV-REQ-ADDR.request Request Addresses command MLME-PRIV-REQ-ADDR.confirm MLME-PRIV-REQ-ADDR.indication MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication Submission Tero Kivinen, Wi-SUN Alliance Page 19
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Assigning addresses Device higher layer Device MAC Device MAC Device higher layer MLME-PRIV-ADDR-ASSIGN.request Assign Addresses command MLME-PRIV-ADDR-ASSIGN.confirm MLME-PRIV-ADDR-ASSIGN.indication MLME-PRIV-ADDR-ASSIGN.response Assign Addresses Confirm command MLME-PRIV-ADDR-ASSIGN-CONFIRM. indication Submission Tero Kivinen, Wi-SUN Alliance Page 20
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Updating key identifiers 1 Device higher layer Device MAC Device MAC Device higher layer MLME-PRIV-UPDATE-KEY-ID.request Key Id Update MAC Command frame MLME-PRIV-UPDATE-KEY-ID.confirm MLME-PRIV-UPDATE-KEY-ID.indication MLME-PRIV-UPDATE-KEY-ID.response Key Id Update Confirm MAC Command MLME-PRIV-UPDATE-KEY-ID-CONFIRM. indication MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication MLME-PRIV-ADDR-ASSIGN.request Assign Addresses command Submission Tero Kivinen, Wi-SUN Alliance Page 21 MLME-PRIV-ADDR-ASSIGN.confirm MLME-PRIV-ADDR-ASSIGN.indication MLME-PRIV-ADDR-ASSIGN.response Assign Addresses Confirm command MLME-PRIV-ADDR-ASSIGN-CONFIRM. indication Take new key source and new addresses in to use Any frame using new key source and addresses Take new key source and new addresses in to use Remove old key source and addresses Remove old key source and addresses
Device higher layer Device MAC Device MAC Device higher layer MLME-PRIV-UPDATE-KEY-ID.request Key Id Update MAC Command frame MLME-PRIV-UPDATE-KEY-ID.confirm MLME-PRIV-UPDATE-KEY-ID.indication MLME-PRIV-UPDATE-KEY-ID.response Key Id Update Confirm MAC Command MLME-PRIV-UPDATE-KEY-ID-CONFIRM. indication MLME-PRIV-SEND-ADDR-LIST.request Feb 2025 Doc: IEEE 802.15-25-0098-00 Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication TG4ac: Updating key identifiers 2 MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication MLME-PRIV-ADDR-ASSIGN.request Assign Addresses command MLME-PRIV-ADDR-ASSIGN.confirm MLME-PRIV-ADDR-ASSIGN.indication MLME-PRIV-ADDR-ASSIGN.response Assign Addresses Confirm command MLME-PRIV-ADDR-ASSIGN-CONFIRM. indication Take new key source and new addresses in to use Any frame using new key source and addresses Take new key source and new addresses in to use Remove old key source and addresses Remove old key source and addresses Submission Tero Kivinen, Wi-SUN Alliance Page 22
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Network announcement detect Device higher layer Device MAC Device MAC Device higher layer MLME-PRIV-NET-VERIFIER- GENERATE.request MLME-PRIV-NET-VERIFIER- GENERATE.confirm Beacon frame containing Net Announcement IE MLME-BEACON-NOTIFY.indication MLME-PRIV-NET-VERIFIER- VERIFY.request MLME-PRIV-NET-VERIFIER- VERIFY.confirm MLME-PRIV-REQ-ADDR.request Request Addresses command MLME-PRIV-REQ-ADDR.confirm MLME-PRIV-REQ-ADDR.indication Submission Tero Kivinen, Wi-SUN Alliance Page 23 MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication
Device higher layer Device MAC Device MAC Device higher layer MLME-PRIV-NET-VERIFIER- GENERATE.request MLME-PRIV-NET-VERIFIER- GENERATE.confirm Beacon frame containing Net Announcement IE MLME-BEACON-NOTIFY.indication Feb 2025 Doc: IEEE 802.15-25-0098-00 MLME-PRIV-NET-VERIFIER- VERIFY.request TG4ac: Network announcement address list 1 MLME-PRIV-NET-VERIFIER- VERIFY.confirm MLME-PRIV-REQ-ADDR.request Request Addresses command MLME-PRIV-REQ-ADDR.confirm MLME-PRIV-REQ-ADDR.indication MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication Submission Tero Kivinen, Wi-SUN Alliance Page 24 MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication
Device higher layer Device MAC Device MAC Device higher layer MLME-PRIV-NET-VERIFIER- GENERATE.request MLME-PRIV-NET-VERIFIER- GENERATE.confirm Beacon frame containing Net Announcement IE MLME-BEACON-NOTIFY.indication MLME-PRIV-NET-VERIFIER- VERIFY.request MLME-PRIV-NET-VERIFIER- VERIFY.confirm MLME-PRIV-REQ-ADDR.request Request Addresses command MLME-PRIV-REQ-ADDR.confirm MLME-PRIV-REQ-ADDR.indication MLME-PRIV-SEND-ADDR-LIST.request Feb 2025 Doc: IEEE 802.15-25-0098-00 Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication TG4ac: Network announcement address list 2 Address List Confirm command MLME-PRIV-SEND-ADDR-LIST.response MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication Submission Tero Kivinen, Wi-SUN Alliance Page 25
Feb 2025 Doc: IEEE 802.15-25-0098-00 TG4ac: Network request start Device higher layer Device MAC Device MAC Device higher layer MLME-PRIV-NET-VERIFIER- GENERATE.request MLME-PRIV-NET-VERIFIER- GENERATE.confirm Frame containing Net Request IE MCPS-DATA.indication MLME-PRIV-NET-VERIFIER- VERIFY.request MLME-PRIV-NET-VERIFIER- VERIFY.confirm MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Submission Tero Kivinen, Wi-SUN Alliance Page 26 Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication MLME-PRIV-SEND-ADDR-LIST.request Address List command MLME-PRIV-SEND-ADDR-LIST.confirm MLME-PRIV-SEND-ADDR-LIST.indication MLME-PRIV-SEND-ADDR-LIST.response Address List Confirm command MLME-PRIV-SEND-ADDR-LIST- CONFIRM.indication
