1 / 8

Dynamic Generation of Password Identifier

Dynamic Generation of Password Identifier. Date: 2018-05-04. Authors:. Abstract. This submission provides a solution to dynamically generate Password ID. The submission also provides a solution to address LB232 CID 1056 and CID 1057. Agenda. Problem Statement Proposed Solutions

gjeremy
Télécharger la présentation

Dynamic Generation of Password Identifier

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dynamic Generation of Password Identifier Date: 2018-05-04 Authors: Emily Qi, et al

  2. Abstract This submission provides a solution to dynamically generate Password ID. The submission also provides a solution to address LB232 CID 1056 and CID 1057. Emily Qi, et al

  3. Agenda • Problem Statement • Proposed Solutions • Solution Details Emily Qi, et al

  4. Problem Statements • Background • Password Identified was proposed in doc 18/0202r2, and adopted in TGmd D1.0 in the January meeting • However, it is not clear how password ID is distributed or derived. An out-of-band deliver method is assumed ? • Issues: • Usability limitation on entering the password ID offline - a new UI for typing Password ID is required. • The Password Identifier element is included in the unprotected authentication frame. It may violate the privacy of users (household). • For example, it exposes a group of devices and number of devices that are sharing the same password. Particularly, when these devices  belongs to the same household (apartment) in an apartment building, it violates the privacy of users/residents Emily Qi, et al

  5. Proposed Solution • Implicit Password ID advertisement • AP advertises “SALT” that can be used for password ID derivation. The SALT can be changed and the hacker is unable to track the password ID. • STAs use the SALT and password with hash algorithm to generate the Password ID • The Password ID is generated dynamically by the STA, without user intervention Emily Qi, et al

  6. Solution Details • Define a new IE: Password Salt IE contains a 16-octet random number generated by the AP as “SALT” • Specify password ID derivation, For example: Password ID = Truncate-32(HMAC-SHA-256 (Password, Password Salt)) Emily Qi, et al

  7. AP and STA’s behaviours • For AP • If AP supports dynamic generation of Password ID, AP shall include Password Salt IE in the Beacon and/or Probe Response frame. Otherwise, an out-of-band mechanism is assumed. • When a new Password Salt is advertised, AP will update its password ID database • For non-AP STA • During the authentication, the STA shall use the Password Salt received in the latest Beacon or Probe Response frame to calculate Password ID if the Password Salt IE is included in the frames. Emily Qi, et al

  8. Backup Emily Qi, et al

More Related