NIST 802.11 Wireless LAN Security Workshop

 

December 4-5, 2002

Falls Church, Virginia

 

 

On the 4th and 5th of December 2002, the National Institute of Standards and Technology (NIST) held a workshop on 802.11 Wireless LAN Security in Falls Church, Virginia. The workshop comprised approximately 30 individuals from the US Federal Government, the WiFi industry and the security and academic communities. Participants included individuals from NIST, the National Security Agency (NSA), the National Communication System (NCS), US Secret Service (USSS), Boeing Corporation, Cisco Systems, Microsoft Corporation, Intel Corporation, TruSecure, Microsoft, Agere Systems, Booz-Allen-Hamilton, Vigil Security, Virginia Tech, the University of Maryland, and the Burton Group.

 

The primary objectives of the workshop were the following:

 

 

Specific working sessions within the workshop included the following: an overview of NIST and an explanation of its roles and responsibilities; an informative session on FIPS-140 (Security Requirements for Cryptographic Modules); an enlightening “user perspective” on implementing 802.11 securely in a large enterprise; an overview of the WiFi Alliance industry organization, and very detailed discussions on the characteristics and rationale of the short-term (WPA—WiFi Protected Access) and long-term (RSN—Robust Security Networks) 802.11 security solutions.

 

At the conclusion of the second day, the broad-based group of cross-industry and government attendees developed a high-level strategy for the industry that included the following:

 

 

The 2-day workshop concluded having produced a list of “action-able” items to address the high-level strategy identified above.

 

 

Workshop Agenda

 

 

Detailed Agenda

Day 1 – Wednesday, December 4, 2002

Theme: Introductions, Overviews and Perspectives

 

 

Time

 

Session Title

Duration

Speakers

8:00A-8:10A

Opening Remarks and Welcome (Logistics)

10 mins

Marlene Wilson

8:10A-8:30A

Workshop Motivation, Objectives and Agenda Review

 

[NIST WiFi Security Workshop Opening Remarks]

20 mins

Tim Grance

8:30A-9:10A

Roundtable – Attendee Introductions and Sharing of Roles in 802.11

40 mins

All

9:10A-10:10A

Federal Cryptographic & Non-cryptographic Security Requirements – Perspectives from several fronts

 

[DoD Wireless Policies and Requirements]

 

[NIST Cryptographic Standards Program]

 

60 mins

Bill Burr (NIST) / Tim Havighurst (FWUF/NSA) 

 

10:10A-10:20A

Brief Review of Special Publication 800-48

[NIST Wireless Security Guidance SP 800-48]

10 mins

Tom Karygiannis

10:20A-10:30A

Morning Break

 

10 mins

All

10:30-11:30PM

User’s Perspective on 802.11 security – Existing challenges and thoughts about future features[802.11i: A User's Perspective]

60 mins

Steve Whitlock; Paul Dodd (Boeing)

 

 

11:30-12:30PM

Overview of FIPS140-2 and Discussion of the Validation Process

 

[The Cryptographic Module Validation Program and FIPS-140-2]

60 mins

Randy Easter (NIST)

12:30-1:30PM

Working Lunch

 

WiFi State-of-the-Industry Report

 

802.11 Wireless LAN Status and Direction – By 2005 what can we expect?

 

[Wireless Networks: Can Security Catch Up with Business?]

60 mins

John Pescatore (Gartner Group)

1:30-2:30PM

Overview of WiFi Alliance and IEEE 802.11 WGs

 (Including the organizational composition, key initiatives, mission, approval procedures, etc.)

 

Status of Activities and Current Plans – the Roadmap of 802.11 Security – WiFi Protected Access, RSN and beyond

 

[WiFi Protected Access Media Briefing]

 

[WiFi Alliance Overview]

 

[IEEE 802.11 Procedures]

60 mins

Frank Ferro (Agere, WIFI Alliance); Nancy Cam-Winget (Cisco)

 

Frank covers the WiFi Alliance

 

Nancy covers the IEEE.

2:30-3:30PM

Detailed Presentations on WiFi Protected Access (WPA)

 

1) What security is offered and what is not?

2) Salient differences from RSN should be identified.

3) Points of known vulnerability identified.

 

[802.11i Overview]

60 mins

Jesse Walker

 

With Tim Moore and Nancy Cam-Winget

3:30-3:40PM

Afternoon Break / BAH FVP Lab Tour and IA Demonstrations

10 mins

FVP Information Assurance Staff (BAH) / All

3:40-4:40PM

Detailed Presentations Robust Secure Networks (RSN)

 

What are the elements of RSN? What security is offered and what is not? How are authentication, integrity, confidentiality, and key management handled?

60 mins

Jesse Walker

 

With Tim Moore and Nancy Cam-Winget 

4:40-5:30PM

Detailed Presentations on IETF Activities with respect to standardization of AAA and EAP Methods

 

[EAP and AAA Update]

 

[IETF/IEEE 802.11 Liaison Status Report]

60 mins

Bernard Aboba (Microsoft)

 

5:30-5:45PM

Day 1 Summary / Wrap-Up

15 mins

Les Owens (BAH)

 


 

 

Detailed Agenda

Day 2 – Thursday, December 5, 2002

Theme: Technology, Tutorials and Collaboration

 

 

Time

 

Session Title

Duration

Speakers

8:00-8:10A

Day 1 Review and Day 2

Agenda Review

10 mins

Les Owens (BAH)

8:10-9:10A

Continued – Detailed Presentations Robust Secure Networks (RSN)

 

What are the elements of RSN? What security is offered and what is not? How are authentication, integrity, confidentiality, and key management handled?

60 mins

Jesse Walker

 

With Tim Moore, Nancy Cam-Winget and Dorothy Stanley

9:10-10:00A

Panel/Open discussion “Will WiFi Protected Access gain so much momentum that RSN will never happen?”

 

[Wireless LAN Security: Where do we go from here?]

50 mins

Mike DiSabato (Burton Group), Steve Whitlock (Boeing),Bob Moskowitz

 

All to discuss

10:00-10:10A

Morning Break

 

10 mins

All

10:10-11:15AM

WPA Security Feature rational, motivation, and genesis plus initial Security analysis/discussion

 

TKIP, 802.1X, PEAP, eap-TTLS and other versions of extensible authentication protocol

 

Why is WPA what it is?

65 mins

Russ Housley (Vigil Security) leads discussion

 

Interactive discussion with security experts ( Gligor, Giorgio, Arbaugh, McGrew et. al.)

11:15-12:30PM

RSN Security Feature rational, motivation, and genesis plus initial Security analysis/discussion

 

Key management

 

[Wireless LAN Security Solution and Rationale]

75 mins

Russ Housley (Vigil Security) leads discussion

 

Interactive discussion with security experts ( Gligor, Giorgio, Arbaugh, McGrew et. al.)

 

12:30-1:30PM

Working Lunch – Continue security analysis discussions

60 mins

All

1:30-2:15PM

Continued – RSN Security Feature rational, motivation, and genesis plus initial Security analysis/discussion

 

Key management

 

Why is RSN what it is?

45 mins

Russ Housley (Vigil Security) leads discussion

 

Interactive discussion with security experts ( Gligor, Giorgio, Arbaugh, McGrew, Bob Moskowitz

 et. al.)

 

2:15-2:30PM

Afternoon Break

FVP Information Assurance Center of Excellence Tour (optional)

 

15 mins

All

2:30-4:40PM

Strategy Session on Partnership

 

 

- What are the risks of WPA and addressing WPA inadequacies in the interim;

 

-How to embed FIPS140-2 in the RSN standard;

 

-Improving RSN security even further;

 

-Analyzing RSN to ensure it’s the right set of security features;

 

-What are the pitfalls? Are there weaknesses in a protocol that we need to address or avoid;

 

-Shortening the time to RSN;

 

-Development of partnership and plan; to work together;

 

-Open Discussion

 

[Strategy Session]

 

2 hrs and 10 mins

 

Les Owens, Tim Grance, All

4:40-5:00PM

Summary / Action Item Review

 

20 mins

Les Owens (BAH) Tim Grance(NIST)

5:00-5:10PM

Closing Remarks / Wrap-up / Depart

 

[Comparison of Cellular Industry (’92) to WiFi Industry (’02)]

10 mins

Tim Grance (NIST)