Re: [STDS-802-16-MOBILE] [security] Replay protection

[JunHyuk Song <junhyuk.song@SAMSUNG.COM>]

Title:

Hi Jeff,

 

My comment is inlined.

 

2.   Is the PHY Sync field something that will reliably not repeat
within a AK lifetime?
    

Actually, it could be reapted, since PHY Sync field is only 24bits and default AK lifetime is 7 days.
But in 16e system MSS is more likely to be handoffed to other BS or AK can be set to just a couple of hours.
  

One other way to enchance it is adding BS specific info on MAC generation, such as BSID.
It will ensure that message cannot be repeated in case of HO.

  

 

In my opinion, we shouldn't assume that 16e devices will always be moving .16e compliant systems will also provide fixed service, and mobile devices can stay put for a long time.

You are right, we cannot assume that Mobile could be fixed in one location

 

 

Another thing is that most of the 24 bits are "wasted".  What I mean by this is that within a particular cycle of the Frame Number, only a few values will be used to protect a particular MAC management message type. 

I cannot agree you on that.  frame number is incremented sequentially in every 5 msec, it means that same value will be only repeated in every 4 hours.

 

Alternative Suggestion:  Substitute a specialized Counter rather than using the Frame Number. 

That is one way, we can prevent replay attack.

My concern is synchronization of the counter between MSS and BS.

It will be very difficult to re-synchronize counter between MSS and BS.

We can use window approach, but it will cause extra signaling message when MSS and BS loss synchronization.  Moreover it will impact on existing MAC generic header

 

 

Thanks,

JH SONG

 

What do you think?

- Jeff