This time actually +Jouni!
I'm leaning towards saying "SNs, security keys, PNs and replay counters"
as the general set of things shared for transparent FST. Any objections?
Thanks,
Mark
--
Mark RISON, Standards Architect, WLAN English/Esperanto/Français
Samsung Cambridge Solution Centre Tel: +44 1223 434600
Innovation Park, Cambridge CB4 0DS Fax: +44 1223 434601
ROYAUME UNI WWW: http://www.samsung.com/uk
From: Mark Rison
Sent: Friday, 29 July 2022 10:07
To: 'mark.hamilton2152@xxxxxxxxx' <mark.hamilton2152@xxxxxxxxx>; M Montemurro (montemurro.michael@xxxxxxxxx) <montemurro.michael@xxxxxxxxx>
Subject: RE: 11me/D1.0 CID 1938 ("sequence counter")
Hello,
+Jouni because I've decided I'm not sure about
At 354.51 change “When transparent FST is used, the same security keys, sequence counter, and PN counter are used by the MAC data plane to encrypt the MPDU prior to and following an FST, and the same security keys are used to check the integrity and perform the protection of MSDUs. When nontransparent FST is used, independent RSNAs, security keys, sequence counters, and PN counters have to be established” to “When transparent FST is used, the same security keys, replay counters, and PN counter are used by the MAC data plane to encrypt the MPDU prior to and following an FST, and the same security keys are used to check the integrity and perform the protection of MSDUs. When nontransparent FST is used, independent RSNAs, security keys, replay counters, and PN counters have to be established”.
because the replay counters are not used "to encrypt the MPDU prior to and following an FST".
So what could "sequence counter" possibly mean in "When transparent FST is used, the same security keys, sequence counter, and PN counter are used by the MAC data plane to encrypt the MPDU prior to and following an FST"? It's not the sequence number, because that's not
part of the AAD.
Thanks,
Mark
--
Mark RISON, Standards Architect, WLAN English/Esperanto/Français
Samsung Cambridge Solution Centre Tel: +44 1223 434600
Innovation Park, Cambridge CB4 0DS Fax: +44 1223 434601
ROYAUME UNI WWW: http://www.samsung.com/uk
From: Mark Rison
Sent: Thursday, 28 July 2022 17:45
To: 'mark.hamilton2152@xxxxxxxxx' <mark.hamilton2152@xxxxxxxxx>; M Montemurro (montemurro.michael@xxxxxxxxx) <montemurro.michael@xxxxxxxxx>
Subject: 11me/D1.0 CID 1938 ("sequence counter")
Hello,
I've come up with the following. How does it look to you?
Identifiers
Comment
Proposed change
CID 1938
Mark RISON
1.5
There are references to "sequence counter"s (with varying capitalisation) in 4.9.4, 5.1.5.1 inc. F5-2, 6.4.3.3, 10.23.2.12.1, 10.25.8.4, 12.5.4.4, but what does this refer to? SN? PN/IPN/BIPN/etc.? Something else?
At the end of 1.5 add "A sequence counter is to be understood as the value in the Sequence Number field or as the PN/IPN/BIPN, as appropriate to the context."
Discussion:
The location should have been 1.4, not 1.5. However, the group didn’t like the proposed global change anyway.
Instead, say what it means in each case. For FST, it appears to refer to the replay counters. For other contexts, it appears to refer to the sequence number space (for the Sequence Number field) or to the PN.
Proposed changes:
Delete the definition of per-frame sequence counter at 233.51 (term not used anywhere else).
At 335.65 (for transparent FST) change “the state information includes block ack agreements, TSs, association state, RSNA, security keys, sequence counter, and PN counter” to “the state information includes block ack agreements, TSs, association state, RSNA, security keys, replay counters, and PN counter”.
At 354.51 change “When transparent FST is used, the same security keys, sequence counter, and PN counter are used by the MAC data plane to encrypt the MPDU prior to and following an FST, and the same security keys are used to check the integrity and perform the protection of MSDUs. When nontransparent FST is used, independent RSNAs, security keys, sequence counters, and PN counters have to be established” to “When transparent FST is used, the same security keys, replay counters, and PN counter are used by the MAC data plane to encrypt the MPDU prior to and following an FST, and the same security keys are used to check the integrity and perform the protection of MSDUs. When nontransparent FST is used, independent RSNAs, security keys, replay counters, and PN counters have to be established”.
At 356.31 (for transparent FST) change “Same security keys and Sequence counter” to “Same security keys and replay counters”.
At 847.6 change “the imminent invalidation of cryptographic keys because of usage limits (such as sequence counter exhaustion)” to “the imminent invalidation of cryptographic keys because of usage limits (such as PN exhaustion)”.
At 2224.1 (for retransmit procedures) change “a QoS STA shall not initiate the transmission of any Management or Data frame to a specific RA while the transmission of another Management or Data frame with the same RA and having been assigned its sequence number from the same sequence counter has not yet completed” to “a QoS STA shall not initiate the transmission of any Management or Data frame to a specific RA while the transmission of another Management or Data frame with the same RA and having been assigned its sequence number from the same sequence number space has not yet completed”.
At 2288.24 (for GCR BA) change “Since these are transmitted using a single sequence counter,” to “Since these are transmitted using a single sequence number space,”.
Proposed resolution:
REVISED
Make the changes shown under “Proposed changes” for CID 1938 in <this document>, which replace the term “sequence counter” (other than receive/TKIP) with a more precise term.
Thanks,
Mark
--
Mark RISON, Standards Architect, WLAN English/Esperanto/Français
Samsung Cambridge Solution Centre Tel: +44 1223 434600
Innovation Park, Cambridge CB4 0DS Fax: +44 1223 434601
ROYAUME UNI WWW: http://www.samsung.com/uk