Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [STDS-802-16-MOBILE] [security] Revised Security Adhoc Document includes Replay protection

To: STDS-802-16-MOBILE@LISTSERV.IEEE.ORG
Subject: Re: [STDS-802-16-MOBILE] [security] Revised Security Adhoc Document includes Replay protection
From: On behalf of Seong Choon Lee <youngman@KT.CO.KR>
Date: Tue, 22 Jun 2004 11:38:45 +0900
References: <40D25AFC.8070802@streetwaves-networks.com>
Reply-To: On behalf of Seong Choon Lee <youngman@KT.CO.KR>
Sender: owner-stds-802-16-mobile@LISTSERV.IEEE.ORG

Hi all

I think that we may use AES in the CBC-MAC(Cipher Block chaining-Message Authentication Code) mode to compute integrity for MAC management messages.

According to the paper("Performance Comparison of MAC Algorithms for the IPSEC", http://www.engr.mun.ca/~howard/PAPERS/necec_2003b.pdf), the timing performance of HMAC-SHA-1 and CBC-MAC-AES do not have significant difference.

HMAC based on secure hash algorithm (HMAC-SHA) has been recommended for message authentication in several network security protocols. The key reasons behind this are the free availability, flexibility of changing the hash function and reasonable speed, among others.

Therefore, I think that the HMAC-SHA is used to compute integrity for MAC management messages (if CBC-MAC-AES is required, it will be optional). And, AES-CCM(Counter with CBC-MAC) is applied in data messages( not in MAC management messages) because it can provide the confidentiality(counter mode) and integrity(CBC-MAC mode).

What do other people think about AES-MAC ?

Thanks

- Seong Choon Lee, (Young Man Park)
  KT



----- Original Message -----
From: "Jeff Mandin" <jmandin@STREETWAVES-NETWORKS.COM>
To: <STDS-802-16-MOBILE@listserv.ieee.org>
Sent: Friday, June 18, 2004 12:01 PM
Subject: [STDS-802-16-MOBILE] [security] Revised Security Adhoc Document includes Replay protection


> The latest revision of the Security Adhoc working document includes
> revisions for Replay protection.
>
> I made the following changes to JunHyuk's text:
>
> 1.  Binding of the Frame Number in the HMAC (ie. "cryptosynchronized")
> must always be performed in PKMv2.  So it doesn't need to be an option
> in SBC-REQ/RSP.
>
> 2.  The HMAC function can accept an arbitrarily long text, so we might
> as well prepend the PHY Sync field  to the message text (rather than
> applying XOR).
>
> Comments.are invited.  There is also some initial text about AES-MAC
> which I invite people to review.
>
> - Jeff Mandin
> Security Adhoc chair
>

References:
- [STDS-802-16-MOBILE] [security] Revised Security Adhoc Document includes Replay protection
  - From: Jeff Mandin <jmandin@STREETWAVES-NETWORKS.COM>

Prev by Date: Re: [STDS-802-16-MOBILE] [security] Revised Security Adhoc Document includes Replay protection
Next by Date: [STDS-802-16-MOBILE] [Handoff] Minutes from Day 1 of Handoff adhoc F2F
Prev by thread: [STDS-802-16-MOBILE] [security] Revised Security Adhoc Document includes Replay protection
Next by thread: Re: [STDS-802-16-MOBILE] [security] Revised Security Adhoc Document includes Replay protection
Index(es):
- Date
- Thread