Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: stds-80220-requirements: Network Access Requirements Sec. 4.1.16.1

To: Michael Youssefmir <mike@arraycomm.com>, Jim Tomcik <jtomcik@qualcomm.com>
Subject: RE: stds-80220-requirements: Network Access Requirements Sec. 4.1.16.1
From: "Roy, Aloke" <aloke.roy@honeywell.com>
Date: Wed, 10 Sep 2003 14:36:36 -0700
Cc: stds-80220-requirements@ieee.org
Sender: owner-stds-80220-requirements@majordomo.ieee.org

I agree with Michael's concern about man-in-the-middle attacks.  Also, we are seriously hoping that we should be able to
use the upcoming 802.20 standards for aeronautical communications at the airport.  By aeronautical, I mean communication
between aircraft and ground system for air-traffic control and airline operational control.  In this application, the
wireless network is likely to be operated by the airline, or the airport authority or a trusted network service provider
(which is not likely to be the provider of hot-spots in the airport).  Even with a trusted network operator, the civil
aviation and the airlines are very concerned that an attacker can cause a lot of harm to the aircraft by masquerading as
a valid ground system.  Therefore, we would like to see cryptographically strong, mutual authentication capabilities
where both the network and the client (mobile station) can authenticate each other.  Because aircraft tend to move all
over the World, we would prefer a certificate-based authentication scheme rather than simple password-based challenge
response.    

Regards,
Aloke Roy
AES Center of Excellence
Communications & Surveillance Technology
HONEYWELL
7000 Columbia Gateway Drive
Columbia, MD   21046-2119

TEL:  +1 (410) 964-7341
FAX:  +1 (410) 964-7322	
e-mail:  mailto:Aloke.Roy@honeywell.com

-----Original Message-----
From: Michael Youssefmir [mailto:mike@arraycomm.com]
Sent: Wednesday, September 10, 2003 4:44 PM
To: Jim Tomcik
Cc: stds-80220-requirements@ieee.org; Michael Youssefmir
Subject: Re: stds-80220-requirements: Network Access Requirements Sec.
4.1.16.1

Jim,

I don't think that authentication of the network by the mobile is
optional. In the voice world (using licensed bands) this has not
been so much of an issue but, in the data world, this exposes us
to man in the middle attacks. Given the "PR nightmare" that this could
cause, I think we need to be much more careful.

Also your proposal has changed "authentication of the user" to
"authentication of the mobile station". These are not necessarily the
same thing.

While user authentication is user challenge response based, mobile station
authentication could either follow a challenge-response shared secret paradigm
or a certificate based one quite easily. The latter has the advantage of
limiting the need for communication with higher layer entities in the
network. Also certificate based schemes could be viewed as
challenge response based, so, to avoid confusion, we should either
mention both as viable schemes or not mention the scheme at all.

Finally we need to be careful in scoping this within the PHY and
MAC.

So I suggest instead:

Proposal:

Replace section 4.1.16.1

The 802.20 PHY and MAC shall support a cryptographic mechanism
for the network to authenticate the mobile stations. Mechanisms
for the mobile station to authenticate the network shall also be
a requirement.

The 802.20 PHY and MAC shall support a cryptographic mechanism
for the network to authenticate the user.

Mike

On Sat, Sep 06, 2003 at 09:44:22PM -0700, Jim Tomcik wrote:
> I thought this comment was put in previously.  Here it is...
> 
> 
> The current text states:
> 
> A cryptographically generated challenge-response authentication mechanism 
> for the user to authenticate the network and for the network to 
> authenticate the user must be used.
> 
> I suggest that we change this to read:
> 
> A cryptographically generated challenge-response authentication mechanism 
> for the network to authenticate the mobile station shall be 
> used.  Mechanisms for the mobile station to authenticate the network shall 
> be optional.
> 
> Rationale:
> In section 4.1.16.1, the text seems to read that both authentication 
> directions are required.  Since 802.20's scope is licensed operation, the 
> likelihood and problems associated with rogue base stations (or rogue APs) 
> is minimal.  The required direction for authentication is from network to 
> mobile station, so that network security is maintained and theft-of-service 
> for the license holder is minimized.
> 
> ..................................................................................
> 
>                 James D. Tomcik
>                 QUALCOMM, Incorporated
>                 (858) 658-3231 (Voice)
>                 (619) 890-9537 (Cellular)
>                 From:  San Diego, CA
>                 PGP: 5D0F 93A6 E99D 39D8 B024  0A9B 6361 ACE9 202C C780
> ..................................................................................

Prev by Date: RE: stds-80220-requirements: comments on rev5 - Channel bandwidth resolution
Next by Date: RE: stds-80220-requirements: comments on rev5 - Channel bandwidth resolution
Prev by thread: RE: stds-80220-requirements: Network Access Requirements Sec. 4.1.16.1
Next by thread: stds-80220-requirements: Requirements Call Schedules
Index(es):
- Date
- Thread