[Home] . [What's New?] . [Active Ballots] . [Minutes] . [Meetings] . [Maintenance] . [Interpretations] . [Public Docs] . [Committee Docs]
[Local Address Study Group] . [802 Architecture Group] . [Data Center Bridging Task Group] [Time-Sensitive Networking Task Group]
[Email] . [Ancient Email] . [802.1 MIBs] . [802.1 OIDs] . [IEEE 802] . [IEEE 802 PARs]
TSN: [802] . [802a] . [802b] . [802.1D] . [802.1D-2004] . [802.1G] . [802.1H-REV] . [802.1Q] . [802.1Q-2014] . [802.1s] . [802.1v] . [802.1w] . [802.1AB-2005] . [802.1AB-2009] . [802.1AC-2012] . [802.1AC-2016] . [802.1ad] . [802.1ag] . [802.1ah] . [802.1aj] . [802.1ak] . [802.1ap] . [802.1aq] . [802.1Qaw] . [802.1AX-2008] . [802.1Qay] . [802.1Qbc] . [802.1Qbe] . [802.1Qbf] . [802.1AXbk] . [802.1Qbp] . [802.1AX-2014] . [802.1AX-Rev] . [802.1Qbz] . [802.1Qca]
[802.1AS] . [802.1AS-Rev] . [802.1Qat] . [802.1Qav] . [802.1BA] . [802.1Qbu] . [802.1Qbv] . [802.1CB] . [802.1Qcc] . [802.1Qch] . [802.1CM] . [802.1Qcn] . [802.1Qcp] . [802.1Qcr]
Security: [802.1X-2001] . [802.1X-2004] . [802.1X-2010] . [802.1AE] . [802.1af] . [802.1AR] . [802.1AEbn] . [802.1AEbw] . [802.1Xbx] . [802.1ARce] . [802.1AEcg] . [802.1Xck] . [802E]
DCB: [802.1Qau] . [802.1Qaz] . [802.1Qbb] . [802.1Qbg] . [802.1Qbh] . [802.3bd] . [802.1BR] . [802.1Qcd] . [802.1Qcj] . [802c] . OmniRAN: [802.1CF]

802.1ARce - Secure Device Identity Amendment 1: SHA-384 and P-384 Elliptic Curve

This standard specifies unique per-device identifiers (DevID) and the management and cryptographic binding of a device to its identifiers, the relationship between an initially installed identity and subsequent locally significant identities, and interfaces and methods for use of DevIDs with existing and new provisioning and authentication protocols. Amendment 1 specifies the optional use of the secure hash algorithm SHA-384 and the P-384 elliptic curve for use in Elliptic Curve Digital Signature Algorithm (ECDSA), and SHA-384 for hashing by the DevID module.

This standard defines a standard identifier for IEEE 802 devices that is cryptographically bound to that device, and defines a standard mechanism to authenticate a device's identity. A verifiable unique device identity allows establishment of the trustworthiness of devices. This facilitates secure device provisioning.

The cybersecurity community wants to take advantage of recent improvements in cryptographic technology to use a stronger digital signature algorithm with IEEE Std 802.1AR, and in particular to use SHA-384 and the P-384 elliptic curve to align with the Suite B Certificate Profile (IETF RFC 5759) and with expected updates to the TPM 2.0 specification in the Trusted Computing Group. To promote interoperability and ensure cryptographic quality, IEEE Standard 802.1AR requires that the cryptography used while claiming conformance is limited to that which is specified in the standard. This project will add the support for SHA-384 hash and P-384 elliptic curve as options.

Status	PAR approved Aug 21st, 2014
Editor	Mick Seaman

Date	Document
28 Oct 2013	802.1ARce, initial editor's draft 0.1
15 Oct 2014	ce.drafts/802, Draft d0-4
30 Oct 2014	ce.drafts/802, Draft d0-5
06 Jan 2015	802.1ARce, Draft 0.7
11 Jul 2016	802.1ARce, Draft 0.7 proposed comment dispositions
02 Sep 2016	802.1ARce, Draft 1.0
21 Oct 2016	802.1ARce, Draft 1.1
08 Dec 2016	802.1ARce, Draft 1.1 comment dispositions
08 Dec 2016	802.1ARce, Draft 1.2

Date	Document
21 May 2014	Presentation ce-draft-arce-csd-0514-v2.pdf
16 Jul 2014	Presentation ce-draft-arce-par-0714-v3.pdf
16 Jul 2014	Presentation ce-draft-arce-par-v2-0714.pdf
14 Sep 2016	Presentation ce-moskowitz-newusecases-0916-v01.pdf

Pages copyright © Institute of Electrical and Electronics Engineers, Inc. Please read the rules on Confidentiality Statements and Copyright Notices on Communications. Information on Privacy and opting out of cookies is available. If you have any comments on these pages, please send them to me.

Last status: 0 Last modified by jmesseng, at 3:10AM on Thu, 08 Dec 2016