1 / 4

Proposed Changes to Tgac Specification on Cipher Suite Selection

This document discusses proposed amendments to the Tgac draft specification regarding cipher suite selection in wireless networks. The main focus is on the elimination of TKIP and GCMP as pairwise cipher suite options for VHT STAs when CCMP is used or advertised by the AP. The proposal outlines the implications of this change, which may lead to a lack of overlap in acceptable cipher suites, potentially preventing STAs from establishing secure RSN associations. The motion ultimately enhances the security framework of wireless LAN by ensuring compliance and usage of efficient encryption algorithms.

mignon
Télécharger la présentation

Proposed Changes to Tgac Specification on Cipher Suite Selection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GCMP Restriction Authors: Date: 2011-01-11 Matthew Fischer, Broadcom

  2. Summary • GCMP is tentatively added to the baseline by Tgad • Increased PHY rates of Tgad suggest the need for a more efficient encryption algorithm • GCMP is not needed for Tgac • While PHY rates for Tgac are higher than say, 802.11n, CCMP is still adequate for these rates • Propose adding an explicit connection between GCMP and Tgac • I.e. explicitly disallow GCMP use with Tgac STA Matthew Fischer, Broadcom

  3. Motion • Move to make the following changes in the Tgac draft specification: • Editor: add the following text to the end of the 3rd paragraph of REVmb D6.0 11.4.3 RSNA policy selection in an ESS • Within an ESS, A VHT STA shall eliminate TKIP and GCMP as choices for the pairwise cipher suite if CCMP is advertised by the AP or if the AP included either an HT Capabilities element or a VHT Capabilities element in its Beacon and Probe Response frames. The elimination of TKIP and GCMP as choices for the pairwise cipher suite may result in a lack of overlap of the remaining pairwise cipher suite choices, in which case the VHT STA shall decline to create an RSN association with that AP. • Editor: add the following text after the 3rd paragraph of REVmb D6.0 11.4.5 RSNA policy selection in an IBSS and for DLS: • A VHT STA that is in an IBSS or that is transmitting frames through a direct link shall eliminate TKIP and GCMP as choices for the pairwise cipher suite if CCMP is advertised by the other STA or if the other STA included either an HT Capabilities element or a VHT Capabilities element in any of its Beacon, Probe Response, DLS Request, or DLS Response messages. • NOTE—The elimination of TKIP and GCMP as choices for the pairwise cipher suite might result in a lack of overlap of the remaining pairwise cipher suites choices, in which case the STAs will not exchange encrypted frames. Matthew Fischer, Broadcom

  4. Pre-motion • Do you support a motion in Tgac to add the following text to the Tgacspecification framework document: • Editor: add the following text to the end of the 3rd paragraph of REVmb D6.0 11.4.3 RSNA policy selection in an ESS • Within an ESS, A VHT STA shall eliminate TKIP and GCMP as choices for the pairwise cipher suite if CCMP is advertised by the AP or if the AP included either an HT Capabilities element or a VHT Capabilities element in its Beacon and Probe Response frames. The elimination of TKIP and GCMP as choices for the pairwise cipher suite may result in a lack of overlap of the remaining pairwise cipher suite choices, in which case the VHT STA shall decline to create an RSN association with that AP. • Editor: add the following text after the 3rd paragraph of REVmb D6.0 11.4.5 RSNA policy selection in an IBSS and for DLS: • A VHT STA that is in an IBSS or that is transmitting frames through a direct link shall eliminate TKIP and GCMP as choices for the pairwise cipher suite if CCMP is advertised by the other STA or if the other STA included either an HT Capabilities element or a VHT Capabilities element in any of its Beacon, Probe Response, DLS Request, or DLS Response messages. • NOTE—The elimination of TKIP and GCMP as choices for the pairwise cipher suite might result in a lack of overlap of the remaining pairwise cipher suites choices, in which case the STAs will not exchange encrypted frames. Matthew Fischer, Broadcom

More Related