Russ Housley's Participation in IEEE 802
I have been active in the development of security standards for
Local Area Networks (LANs) developed in IEEE 802. I served as co-chair of the
IEEE 802.10 Working Group, and was the working group representative on the
IEEE 802 Executive Committee. I was an active participant in IEEE 802.11
Wireless LAN security activities.
IEEE 802.10
The IEEE Standard for Local and Metropolitan Area Networks:
Interoperable LAN/MAN Security (SILS) was developed by the IEEE 802.10 Working
Group. This work is complete, and
the working group is inactive.
IEEE 802.10-1998 This standard includes
the Secure Data Exchange (SDE). I am
co-author of the SDE protocol.
IEEE
802.10c-1998 This standard is the companion to the above standard. It defines a key management protocol. I was co-author and editor of the protocol.
IEEE 802.11 Task Group i
IEEE 802.11-1999
(also published as ISO/IEC 8802-11: 1999) includes the Wireless LAN Medium Access Control
(MAC) and Physical Layer (PHY) specifications. This document includes the specification
of the Wired Equivalent Privacy (WEP) protocol, which has major security flaws. IEEE 802.11
Task Group i (TGi) developed short-term and long-term replacements for WEP. The short-term
replacement, called TKIP, is intended to run on hardware that was originally designed for WEP,
while the long-term replacement, called CCMP, is requires hardware enhancements. I have made
contributions to both protocol developments, as well as the key management supports them. IEEE 802.11i-2004
includes the TKIP and CCMP specifications; it was approved in July 2004.
Contributions to TKIP:
02/229 Early drafts of TKIP did not increase the size of the
Initialization Vector (IV) field. This briefing recommends the use of 48-bit IV. IEEE
802.11 TGi accepted the recommendation.
02/282 Defines the Temporal Key Hash algorithm. It is used
in TKIP to derive the per-packet key from the pairwise or group key, the transmitter
address, and the IV.
Contributions to CCMP:
01/634 CCM and OCB were considered as choices for the
AES encryption mode. This briefing provides an objective comparison of the two
modes in the Wireless LAN context. Eventually, IEEE 802.11 TGi selected CCM as
the mandatory to implement mode.
02/001 This document describes the CCM authenticated encryption
mode. This AES mode was submitted to the National Institute of Standards and Technology
(NIST) for consideration as a Federal Information Processing Standard (FIPS) approved mode
of operation, and it was accepted. The NIST document that specifies CCM is NIST
Special Publication 800-38C.
Contributions to key management:
01/573 Many of the concepts in this submission,
Authenticated Key Exchange, have been included in IEEE 802.11i-2004.