Hi Bo,
Please add the following SFD SP (reference 11-26/0598) in your list (replacing SFD SPs reference 11-26/0118)
11-26/0598 SP1
Do you agree to add the following text in the TGbp SFD --- 802.11bp shall specify the following secure AMP communication method, in which
- A non-AP AMP STA has a high-entropy PSK and may have a high-entropy PMKv1 stored in persistent memory. An AMP AP (denoted as AP1) has a parameter
Modifier1 and a PMK1, with PMK1 = hash(Modifier1, PMKv1) if the non-AP AMP STA has the PMKv1 or PMK1 = hash(Modifier1, PSK) otherwise, where PMKv1 or PSK is unknown to AP1.
- AP1 sends an ANonce
and the Modifier1 in a downlink AMP frame to the non-AP AMP STA.
- Upon receiving the downlink AMP frame, the non-AP AMP STA generates an SNonce,
computes PMK1 = hash(Modifier1, PMKv1) if it has the PMKv1 stored in its persistent memory or PMK1 = hash(Modifier1, PSK) otherwise, derives a PTK using the PMK1, the ANonce, the SNonce, an Authenticator Address
(AA), and a Supplicant Address (SA), generates a MIC using a KCK derived from the PTK, and sends back the SNonce and the MIC in an uplink AMP frame to AP1.
- If the uplink AMP frame is carrying any UL data, the data payload portion of the uplink AMP frame may be
protected using the TK derived from the PTK.
- AP1 computes a PTK using the PMK1, the ANonce, the SNonce, the AA, and the SA, and verifies the MIC using the KCK derived from the PTK. If
the MIC is invalid, AP1 aborts.
- If the uplink AMP frame contains
protected data, the AMP AP processes the UL data using the TK derived from the PTK. If there are any subsequent AMP frames to be exchanged, the AMP frames may be
protected using the TK derived from the PTK.
Note: this does not apply to mono-static backscatter non-AP STAs
Reference: 11-26/0598, 11-26/0118, 11-26/1437
Thanks,
Hui
To unsubscribe from the STDS-802-11-TGBP list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBP&A=1
|