Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [STDS-802-11] CID 1109 from 11mc LB193



--- This message came from the IEEE 802.11 Working Group Reflector ---

Since the A-MSDU header is part of the payload, the encrypted portion of the payload is different between the original and the "retransmission" (it really should be called something else, to distinguish it from a normal MAC-layer retransmission).

A different PN has to be used for the GCR "retransmission".

---
Henry Ptasinski
henry@xxxxxxxxxx

On 04/26/2013 09:53 AM, Alex Ashley wrote:
--- This message came from the IEEE 802.11 Working Group Reflector ---

When a frame is retransmitted by GCR, the original MSDU is encapsulated inside an A-MSDU and then transmitted to the GCR concealment address. The encapsulation is used so that the original destination group address is preserved. The frame is sent to the GCR concealment address so that legacy STAs don't receive the retransmission.


Alex


----------------------------------------
Date: Fri, 26 Apr 2013 15:13:43 +0000
From: dharkins@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-11] CID 1109 from 11mc LB193
To: STDS-802-11@xxxxxxxxxxxxxxxxx

--- This message came from the IEEE 802.11 Working Group Reflector ---

That would only be true if the data being protected by CCMP differed.
If CCMP protected data is just encapsulated in some different container
then there would be no leakage.

(Full disclosure: I don't really understand how GCR works)

Dan.

On 4/26/13 7:09 AM, "Henry Ptasinski" <henry@xxxxxxxxxx> wrote:

--- This message came from the IEEE 802.11 Working Group Reflector ---

If the payloads between the original transmission and the
"retransmission" are different because of e.g. encapsulation changes,
using the same PN breaks the 802.11 security design. At a minimum, it
would leak information about the payload.

---
Henry Ptasinski
henry@xxxxxxxxxx

On 04/20/2013 10:32 AM, Hamilton, Mark wrote:
--- This message came from the IEEE 802.11 Working Group Reflector ---

Henry,

That sort of logic was our conclusion in Orlando discussions as well.
However, note the unsolicited retry (non GCR-SP mode) uses the same
sequence number as was used for the original transmission (despite the
MSDU having been reframed into a different MPDU). So, we definitely
have "special rules" at play. The question to the GCR experts is
whether this was intended to extend to the PN.

My personal opinion is that it can/should not cover the PN. The
sequence number 'intentional replay' provides enough information to
GCR-aware receivers to correctly understand the frames being sent, and
to not confuse non-GCR-aware STAs. There is no reason to apply special
rules to the PN, which would require 'pushing higher up the stack'
special-case GCR-awareness.

Mark

-----Original Message-----
From: *** IEEE stds-802-11 List *** [mailto:STDS-802-11@xxxxxxxx] On
Behalf Of Henry Ptasinski
Sent: Friday, April 19, 2013 5:58 PM
To: STDS-802-11@xxxxxxxxxxxxxxxxx
Subject: Re: [STDS-802-11] CID 1109 from 11mc LB193

--- This message came from the IEEE 802.11 Working Group Reflector ---

If I understand clause 10.24.16.3.5 correctly, the payload of the
retransmission may be different than the payload of the original frame
(specifically, by the addition of A-MSDU framing in some cases). If
that's true, the "retransmission" would need to use a different PN to
avoid encrypting two different payloads with the same PN.

---
Henry Ptasinski
henry@xxxxxxxxxx

On 04/19/2013 01:47 PM, Dan Harkins wrote:
--- This message came from the IEEE 802.11 Working Group Reflector ---

Hello,

CID 1109 from LB193 concerns CCMP protection of multicast
frames that get concealed with GCR, specifically is a different
PN used when retransmitting using GCR? The 11mc group discussed
this in Orlando and decided the discussion should go to the list.
And here it is, on the list.

The assumption in Orlando was that a different PN will be used
for the retransmitted MSDU because it will be concealed inside a
different MPDU. But that assumption was made by people (like
me) who are not familiar with GCR and therefore the assumption
might very well be wrong.

Can anyone who is familiar with GCR please comment? If anyone
has implemented GCR, please say what you did so this CID is
resolved properly.

thank you,

Dan.


________________________________________________________________________
_______

If you wish to be removed from this reflector, do not send your
request to this reflector - it will have no effect.

Instead, go to http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11
and then press the LEAVE button.

If there is no LEAVE button here, try
http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-RO.

Further information can be found at:
http://www.ieee802.org/11/Email_Subscribe.html

________________________________________________________________________
_______



_________________________________________________________________________
______

If you wish to be removed from this reflector, do not send your request
to this reflector - it will have no effect.

Instead, go to http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11
and then press the LEAVE button.

If there is no LEAVE button here, try
http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-RO.

Further information can be found at:
http://www.ieee802.org/11/Email_Subscribe.html

_________________________________________________________________________
______


_________________________________________________________________________
______

If you wish to be removed from this reflector, do not send your request
to this reflector - it will have no effect.

Instead, go to http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11
and then press the LEAVE button.

If there is no LEAVE button here, try
http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-RO.

Further information can be found at:
http://www.ieee802.org/11/Email_Subscribe.html

_________________________________________________________________________
______


__________________________________________________________________________
_____

If you wish to be removed from this reflector, do not send your request
to this reflector - it will have no effect.

Instead, go to http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11 and
then press the LEAVE button.

If there is no LEAVE button here, try
http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-RO.

Further information can be found at:
http://www.ieee802.org/11/Email_Subscribe.html
__________________________________________________________________________
_____

_______________________________________________________________________________

If you wish to be removed from this reflector, do not send your request to this reflector - it will have no effect.

Instead, go to http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11 and then press the LEAVE button.

If there is no LEAVE button here, try http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-RO.

Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html
_______________________________________________________________________________ 		 	   		

_______________________________________________________________________________

If you wish to be removed from this reflector, do not send your request to this reflector - it will have no effect.

Instead, go to http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11 and then press the LEAVE button.

If there is no LEAVE button here, try http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-RO.

Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html
_______________________________________________________________________________


_______________________________________________________________________________

If you wish to be removed from this reflector, do not send your request to this reflector - it will have no effect.

Instead, go to http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11 and then press the LEAVE button.

If there is no LEAVE button here, try http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-RO.

Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html
_______________________________________________________________________________