On line 30 change "and security manager" to "and security manager of the piconet ".

Will it offer usable security?

e) Supported algorithms Discussion Security Policy Key Updates 1 Security model The implementation of the security policy depends on the trust relationships between entities in the piconet. 1.1 Role Model One can distinguish the following roles of entities within the piconet setting: · Security Manager .

Privacy and Security 1.

Worked on the Security Goals document that given as the work goals for the Security subgroup.

Security Constraints Imposed by the 802.15.3 WPAN The 802.15.3 WPAN imposes the following security constraints: · Untrusted devices.

Note: Representation of the group element can have important security implications.

Security Suite Specifications This clause specifies the security suites that may be used when security is turned on in the piconet.

Purpose This document defines the security elements necessary to implement the mandatory and optional elliptic curve cryptography (ECC) security suite.

Purpose This document defines the security elements necessary to implement the mandatory elliptic curve cryptography (ECC) security suite.

Security Security It shall not compromise security of a network for a terminal handover from a network of lower security level Security schemes in individual access technology should be reused (decided by the PAR) Security solutions in individual technology shall be reused.

Using the same nonce for two different messages encrypted with the same key destroys the security properties of this mode. — The message m, consisting of a string of l(m) octets where 0 ≤ l(m) < 28L.

Using the same nonce for two different messages encrypted with the same key destroys the security properties of this mode. — The message m, consisting of a string of l(m) octets where 0 ≤ l(m) < 28L.

Best Regards, Yoshihiro Ohba Follow-Ups : Re: [802.21] Security SG: Scope issues (MIH-level Security) From: Lily Chen Re: [802.21] Security SG: Scope issues (MIH-level Security) From: Clint Chaplin Prev by Date: Re: [802.21] Security SG: Scope issues (MIH-level Security) Next by Date: RE: [802.21] Security SG: Scope issues Previous by thread: Updated Draft D8.0 Next by thread: Re: [802.21] Security SG: Scope issues (MIH-level Security) Index(es): Date Thread

For security it defines the User Security Model (USM), based around a username ID.

Security SG: MIH-level security volunteers Thread Links Date Links Thread Prev Thread Next Thread Index Date Prev Date Next Date Index Security SG: MIH-level security volunteers To : stds-802-21@LISTSERV.IEEE.ORG Subject : Security SG: MIH-level security volunteers From : Yoshihiro Ohba < yohba@tari.toshiba.com > Date : Mon, 24 Mar 2008 11:13:20 -0400 List-Help : < http://listserv.ieee.org/cgi-bin/wa?

If the TxOptions parameter specifies that security is required for this frame, the MAC sublayer shall set the security

security comparison IEEE802.3ah Ethernet in the First Mile1 Encryption layer comparison.ppt/ 10.07.2002 / OPH Encryption layer comparison Yannick Le Goff, France Telecom Yukihiro Fujimoto, NTT Ken Murakami, Mitsubishi Electric Onn Haran, Passave Olli-Pekka Hiironen, Nokia IEEE802.3ah Ethernet in the First Mile2 Encryption layer comparison.ppt/ 10.07.2002 / OPH Encryption options • RS • Encryption functions on Emulation sub-layer • 3 indications is preamble • Full frame (DA - FCS) encrypted • MAC control with MIC field • Encryption functions on lower part of MAC control • ENC tag [2 bytes] inserted to frame, includes 2 indications • Payload encrypted • Message Integrity Code (MIC) [4 bytes] inserted before FCS field • MAC control without MIC field • Encryption functions on lower part of MAC control • ENC tag [2 bytes] inserted to frame, includes 2 indications • Payload encrypted • IPsec • IPsec tunnel between OLT and ONU • Encryption and message authentication IEEE802.3ah Ethernet in the First Mile3 Encryption layer comparison.ppt/ 10.07.2002 / OPH Security objectives • Authentication • the network wants to be sure about ONU’s identity • the network wants to have means to verify that the message received and presumably created by ONU A did indeed originate from ONU A • Access control • the network wants to restrict access to resources to privileged ONUs • requires authentication • Confidentiality • keeping information secret from all but those who are authorized to see it • Privacy • it is not possible to infer confidential data by passive attacks, e.g. analysis of traffic volume or destination • Data Integrity • the receiver wants to be sure that the received message has not been modified IEEE802.3ah Ethernet in the First Mile4 Encryption layer comparison.ppt/ 10.07.2002 / OPH Encryption layer comparison Requirement and importance in EPON RS MAC ctr w/ MIC MAC ctr w/o MIC IPsec Authentication High Yes Yes No Yes Access control High Yes Yes No Yes Payload confidentiality High Yes Yes Yes Yes OAM confidentiality Moderate Yes Yes Yes No Decryption error checking High Yes Yes No Yes Privacy Moderate Yes No No No Data Integrity Low No Yes No Yes Protocols High Ethernet Ethernet Ethernet IP OLT and ONU High Switch Switch Switch Router Complexity High Low Moderate Low High IEEE802.3ah Ethernet in the First Mile5 Encryption layer comparison.ppt/ 10.07.2002 / OPH Security baseline proposal (RS) • Definition of Encryption functions to Emulation sub-layer • Functions are optional • Functions are per LLID • Functions have unchanging delay • Functions maintain frame length • Actions to frame: Encrypt/decrypt full frame, add/remove 3 indications [4 bits] to/from preamble • Static parameters from/to registers: 2 indications, encryption keys • Out of scope of security baseline • Authentication • Key exchange • Re-keying • Cipher IEEE802.3ah Ethernet in the First Mile6 Encryption layer comparison.ppt/ 10.07.2002 / OPH Security baseline proposal (MAC control) • Definition of Encryption functions to MAC control sub-layer • Functions are optional • Functions are per port • Functions have unchanging delay • Functions change 6 bytes frame length • Actions to frame: Encrypt/decrypt payload, add/remove ENC tag [2 bytes] before payload, add/remove MIC [4 bytes] after payload • Static parameters from/to registers: 3 indications, encryption keys • Out of scope of security baseline • Authentication • Key exchange • Re-keying • Cipher

> > > > Best Regards, > > Yoshihiro Ohba > > > > > -- > Clint (JOATMON) Chaplin > Principal Engineer > Corporate Standardization (US) > SISA Follow-Ups : Re: [802.21] Security SG: Scope issues (MIH-level Security) From: Yoshihiro Ohba References : Security SG: Scope issues (MIH-level Security) From: Yoshihiro Ohba Re: [802.21] Security SG: Scope issues (MIH-level Security) From: Clint Chaplin Prev by Date: Re: [802.21] Security SG: Scope issues (MIH-level Security) Next by Date: 802.21 SB Recirculation Previous by thread: Re: [802.21] Security SG: Scope issues (MIH-level Security) Next by thread: Re: [802.21] Security SG: Scope issues (MIH-level Security) Index(es): Date Thread

Including this would address system level security and interoperability. > I agree that we need more work to regard transport-level security equivalent to MIH-level security.

> > Best Regards, > Yoshihiro Ohba > -- Clint (JOATMON) Chaplin Principal Engineer Corporate Standardization (US) SISA Follow-Ups : RE: [802.21] Security SG: Scope issues (MIH-level Security) From: Ron Pon References : Security SG: Scope issues (MIH-level Security) From: Yoshihiro Ohba Prev by Date: Security SG: Harmonization effort Next by Date: Security SG: Scope issues (MIH-level Security) Previous by thread: Security SG: Scope issues (MIH-level Security) Next by thread: RE: [802.21] Security SG: Scope issues (MIH-level Security) Index(es): Date Thread

Best Regards, Yoshihiro Ohba Follow-Ups : Re: [802.21] Security SG: Scope issues (MIH-level Security) From: Yoshihiro Ohba References : Security SG: Scope issues (MIH-level Security) From: Yoshihiro Ohba Prev by Date: Re: [802.21] Security SG: Scope issues (MIH-level Security) Next by Date: RE: [802.21] Security SG: Scope issues (MIH-level Security) Previous by thread: Re: [802.21] Security SG: Scope issues (MIH-level Security) Next by thread: Re: [802.21] Security SG: Scope issues (MIH-level Security) Index(es): Date Thread

> > > >Best Regards, > >Yoshihiro Ohba References : Security SG: Scope issues (MIH-level Security) From: Yoshihiro Ohba Re: [802.21] Security SG: Scope issues (MIH-level Security) From: Lily Chen Prev by Date: Re: [802.21] Security SG: Scope issues (MIH-level Security) Next by Date: Re: [802.21] Security SG: Scope issues (MIH-level Security) Previous by thread: Re: [802.21] Security SG: Scope issues (MIH-level Security) Next by thread: Security SG: Harmonization effort Index(es): Date Thread

I agree with people who believe that security requires security experts.

I believe the security contributions have done much to balance continuity of 16d security concepts and mechanics with 16e harsh security requirements.