Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [STDS-802-11-TGBH] ID encoding in pre-schemes

To: STDS-802-11-TGBH@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-11-TGBH] ID encoding in pre-schemes
From: Jouni Malinen <jkmalinen@xxxxxxxxx>
Date: Wed, 16 Nov 2022 15:23:52 +0200

Thanks, I added use of HPKE AAD and some discussion on resource needs in 2013r1.

- Jouni

On Wed, Nov 16, 2022 at 9:58 AM Harkins, Dan <daniel.harkins@xxxxxxx> wrote:
>
>
>   I like this approach. I would suggest using A2 as AAD in the HPKE wrapping instead of including it in the keyed hash as part of the body of the data being wrapped. In fact, it might make sense to bind some more of the header into AAD.
>
>   HPKE does a one-way wrapping to a public key-- that is, it's not a bi-directional security association-- but it also includes a secret export capability from the state created by the single-shot operation. This secret export could be used to possibly protect a response from the AP, imagine possibly FTM or some pre-association interaction like that.
>
>   One request (and this gets back to my comment to Graham today) is to describe the impact on the AP this approach has. Are there DOS considerations?
>
>   regards,
>
>   Dan.
>
> --
> "the object of life is not to be on the side of the majority, but to
> escape finding oneself in the ranks of the insane." – Marcus Aurelius
>
> On 11/15/22, 11:14 PM, "Jouni Malinen" <jkmalinen@xxxxxxxxx> wrote:
>
>     Based on the discussion today, I prepared a document to provide some
>     more detail for an alternative mechanism of encoding ID information
>     for pre-association use cases (i.e., something that does not use the
>     MAC address field in the frame header). I posted an initial draft (*)
>     of that if someone wants to review it before the next slot where I'm
>     hoping to get agenda time to go through the presentation. Please let
>     me know if you have any questions or comments on the contents and in
>     particular, if you would like something to be changed or added before
>     the presentation.
>
>     (*) https://mentor.ieee.org/802.11/dcn/22/11-22-2013-00-00bh-id-encoding-in-pre-schemes.pptx
>
>     - Jouni
>
>     ________________________________________________________________________
>     To unsubscribe from the STDS-802-11-TGBH list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBH&A=1
>
>

________________________________________________________________________
To unsubscribe from the STDS-802-11-TGBH list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBH&A=1

References:
- [STDS-802-11-TGBH] ID encoding in pre-schemes
  - From: Jouni Malinen
- Re: [STDS-802-11-TGBH] ID encoding in pre-schemes
  - From: Harkins, Dan

Prev by Date: [STDS-802-11-TGBH] Comment Resolutions for 12.2.11 11-22/1329r10
Next by Date: Re: [STDS-802-11-TGBH] ID encoding in pre-schemes
Previous by thread: Re: [STDS-802-11-TGBH] ID encoding in pre-schemes
Next by thread: [STDS-802-11-TGBH] Comment Resolutions for 12.2.11 11-22/1329r10
Index(es):
- Date
- Thread