Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [STDS-802-11-TGAK] 802.11ak - Encryption of EPD formated frames

Hello Philippe,

 

I personally don’t think encryption is the central issue.   The big deal, to me, is key management,  which is often the weakness

in any system of security.   Trying to merge 802.11 credential management (which focusses on ease of use,

user interface & presentation,  automatic provisioning of credentials from operators) with the wired

infrastructure credential management seems to me like something too hard to consider.

 

In my mind we have distinct types of network,  managed by distinct operators with very different infrastructure.

 

Best Regards,

 

Adrian P STEPHENS

 

Tel: +44 (1793) 404825 (office)
Tel: +1 (971) 330 6025 (mobile) ç please note new number

 

----------------------------------------------
Intel Corporation (UK) Limited
Registered No. 1134945 (England)
Registered Office: Pipers Way, Swindon SN3 1RJ
VAT No: 860 2173 47

 

From: Philippe Klein [mailto:philippe@xxxxxxxxxxxx]
Sent: 22 January 2015 21:05
To: STDS-802-11-TGAK@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-11-TGAK] 802.11ak - Encryption of EPD formated frames

 

Hi Dan,

I understand it is the case today but as EPD mode is  a totally “new” format for 802.11 should we try to unified as much as possible with the Ethernet format including encrypted frame format ? This was the initial sense of my question …

 

/Ph

 

From: Dan Harkins [mailto:dharkins@xxxxxxxxxxxxxxxxx]
Sent: Thursday, January 22, 2015 10:59 PM
To: Philippe Klein; STDS-802-11-TGAK@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-11-TGAK] 802.11ak - Encryption of EPD formated frames

 

 

  Hi Philippe, 

 

On 1/21/15 9:28 PM, "Philippe Klein" <philippe@xxxxxxxxxxxx> wrote:

 

The current P802.11ak_D0.06 draft version does not mention any requirement in regard to the encryption of EPD formatted frames.

 

I suggest we add a requirement that EPD formatted frames must be encrypted in a way compatible with IEEE 802.1AE (MACsec) as the 802.3/Ethernet frames are (notice that 802.11ad crypto mode is AES-GCM, the same crypto mode that the default Cypher Suite of 802.1AE).

 

  While the cipher mode is the same the format of the frames and the location of the AAD passed to

AES-GCM is different. I think if it's an 802.11 frame it should be protected the way the 802.11 standard

specifies. 

 

  regards,

 

  Dan. 

 

If you agree I will post a contribution that could be discuss next Monday during the conf call.

Thank you

 

/Philippe

 

Philippe Klein, PhD |Technical Director, Broadband Technology Group

Broadcom Corporation | Golan House, P.O.Box 273, Airport City, 70100 Israel

(M) +972 54 313 4500 | philippe@xxxxxxxxxxxx

 

_______________________________________________________________________________

IF YOU WISH to be Removed from this reflector, PLEASE DO NOT send your request to this CLOSED reflector. We use this valuable tool to communicate on the issues at hand.

SELF SERVICE OPTION: Point your Browser to - http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGAK and then amend your subscription on the form provided. If you require removal from the reflector press the LEAVE button.

Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html _______________________________________________________________________________

_______________________________________________________________________________

IF YOU WISH to be Removed from this reflector, PLEASE DO NOT send your request to this CLOSED reflector. We use this valuable tool to communicate on the issues at hand.

SELF SERVICE OPTION: Point your Browser to - http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGAK and then amend your subscription on the form provided. If you require removal from the reflector press the LEAVE button.

Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html _______________________________________________________________________________

_______________________________________________________________________________

IF YOU WISH to be Removed from this reflector, PLEASE DO NOT send your request to this CLOSED reflector. We use this valuable tool to communicate on the issues at hand.

SELF SERVICE OPTION: Point your Browser to - http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGAK and then amend your subscription on the form provided. If you require removal from the reflector press the LEAVE button.

Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html _______________________________________________________________________________