RCM Procedure for Secure Parameter Obfuscation in IEEE 802.11 Networks

The document discusses the RCM procedure within IEEE 802.11 networks, focusing on obfuscating parameters like MAC addresses for enhanced security during CPE Client and CPE AP association. It outlines mechanisms for changing MAC addresses, SN, PN, AID, and TID without connection loss. The proposal suggests regular MAC address changes initiated by the AP or non-AP STAs to enhance security against eavesdroppers.

• IEEE 802.11
• RCM procedure
• Secure parameter obfuscation
• MAC address change
• CPE Client

skamp Follow

Uploaded on Oct 09, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. July 2023 doc.: IEEE 802.11-23/1148r0 RCM Follow up Date: 2023-07-06 Authors: Name St phane Baron Affiliations Canon Address Phone email Stephane.baron@crf.canon.fr Julien.sevin@crf.canon.fr Julien Sevin Canon Patrice.nezou@crf.canon.fr Patrice Nezou Canon Submission Slide 1 Stephane Baron, Canon

2. July 2023 doc.: IEEE 802.11-23/1148r0 Revision Rev 0: initial revision Submission Slide 2 Stephane Baron, Canon

3. July 2023 doc.: IEEE 802.11-23/1148r0 11bi requirement 11bi shall define a mechanism for a CPE Client to initiate changing its own OTA MAC Address used with a CPE AP in Associate STA State 4 without any loss of connection. R7 11bi shall define a mechanism for a CPE AP to initiate changing the OTA MAC Addresses of a set of associated CPE Client s in the BSS (those CPE Clients in Associate STA State 4) without any loss of connection. R8 11bi shall define a mechanism for a CPE Client and CPE AP to change the transmitted SN to an uncorrelated new value on downlink and uplink to new values in Associate STA State 4, without any loss of connection when the OTA MAC address of the CPE Client is changed R9 11bi shall define a mechanism for a CPE Client and CPE AP to change the transmitted PN to an uncorrelated new value on downlink and uplink to new values in Associate STA State 4, without any loss of connection when the OTA MAC address of the CPE Client is changed R10 11bi shall define a mechanism for a CPE Client and CPE AP to change the CPE Client s AID to an uncorrelated new value in Associate STA State 4, without any loss of connection when the OTA MAC address of the CPE Client is changed R11 11bi shall define a mechanism for a CPE Client and CPE AP to obfuscate the transmitted TID to an uncorrelated new value on downlink and uplink to new values in Associate STA State 4, without any loss of connection. R30 Submission Slide 3 Stephane Baron, Canon

4. July 2023 doc.: IEEE 802.11-23/1148r0 Overview The RCM procedure is a method for obfuscating simultaneous multiple parameters (including the MAC Address) of a CPE Client while it is associated with a CPE AP. It is based on the standardized PRF (section 12.7.1.2 -IEEE Std 802.11-2020) executed in parallel by the CPE Client and the CPE AP with the same input parameters. This procedure is made up of 3 mains steps: 1. During, or after association, encrypted information (SERCM key) is shared between AP and non-AP STA 2. Upon AP or non-AP STA request, both AP and non-AP STA compute and generate new uncorrelated values or new masks with a single execution of the standardized PRF performed in parallel 3. At the starting of the transition period, both AP and non-AP STA initiate the obfuscation of the CPE parameters Purpose of this document is to focus on the period surrounding the change of CPE Parameters. Submission Slide 4 Stephane Baron, Canon

5. July 2023 doc.: IEEE 802.11-23/1148r0 Proposal AP may initiate regular change of all non AP STAs (at once) Regular variable epoch period (~ 10 min). randomized around a 10 minutes average value. Computed, without information exchange between STA and AP, the STA MAC address change start time. Goal: difficult for eavesdroppers to determine the instant of change with no overhead. The Non-AP Station may initiate its MAC Address change by sending a change request to the AP. MAC address change time, between AP and non-AP, is then secured by introducing margins in the MAC address change time. Submission Slide 5 Stephane Baron, Canon

6. May 2022 doc.: IEEE 802.11-23/1148r0 AP or non-AP Station may request Mac Address change of a non-AP STA Non-AP Initiation AP Initiation Submission Slide 6 Stephane Baron, Canon

7. July 2023 doc.: IEEE 802.11-23/1148r0 RCM Procedure synchronization ( margin management) Before epoch transition: RCM Ready : p x TBTT before the Epoch transition. Station shall send MPDUs addressed only with Old MAC address. Station shall be ready to receive MPDUs addressed with Old MAC address or (future) new MAC address. Goal : avoid synchro issue (non AP STA late) At epoch transition: duration ~ n x TBTT Retransmission of old MPDU uses param from old epoch. A-MPDU Aggregation, TXOP contains either only old MPDUs or only new MPDUs. Station may send buffered MPDUs already addressed with Old MAC address. Station shall send new MPDUs addressed with new MAC address. Station may receive MPDUs addresses with Old or new MAC address Goal : allow soft transition (no communication break) After epoch transition: RCM Done : p x TBTT after transition Station shall send MPDUs addressed only with New MAC address. Station shall be ready to receive MPDUs addressed with New or Old MAC address. Goal : avoid synchro issue (non AP STA in advance). Submission Slide 7 Stephane Baron, Canon

8. July 2023 doc.: IEEE 802.11-23/1148r0 RCM Procedure synchronization Non-AP STA is late AP clock is the reference AP RCM ready Non-AP clock drift RCM (n+1) ready TA = @MAC(n) RA = @MAC(n) or @MAC(n+1) Trans. start transition period TA = @MAC(n) or @MAC(n+1) transition period RA = @MAC(n) or @MAC(n+1) Trans. End Trans. End TA = @MAC (n+1) RCM done RA = @MAC(n+1) or @MAC(n) RCM (n+1) done Submission Slide 8 Stephane Baron, Canon

9. July 2023 doc.: IEEE 802.11-23/1148r0 Benefits Global user privacy is enhanced by allowing a station to change a set of its CPE parameters even in case of clock drift or loss of beacon counter synchronization. Submission Slide 9 Stephane Baron, Canon

10. July 2023 doc.: IEEE 802.11-23/1148r0 Straw Poll #1 Do you support introducing margins mechanisms as described in slides 7 and 8, to ensure RCM synchronization ? Yes No Abstain Submission Slide 10 Stephane Baron, Canon

11. July 2023 doc.: IEEE 802.11-23/1148r0 Straw Poll #2 Do you support having a transition period, when changing CPE parameters to a new set, to flush MPDUs with Old CPE params (including MAC address). Yes No Abstain Submission Slide 11 Stephane Baron, Canon

12. July 2023 doc.: IEEE 802.11-23/1148r0 References [1] IEEE 802.11-21/1848r16 : Requirements Document [2] IEEE 802.11-22/0114r3 : Enhanced Randomized and Changing MAC address [3] IEEE 802.11-23/0166r1 : Mechanism of simultaneous changes to SNscrambler seed PN AID and TID [4] IEEE 802.11-23/336r1 : AID modification upon MAC address change [5] IEEE 802.11-23/411r1 : Obfuscation of Multiple CPE Parameters [6] IEEE 802.11-23/268r1 : OTA MAC Address Change Submission Slide 12 Stephane Baron, Canon