WLAN The Wireless Local Area Network Consortium

Similar documents
WLAN The Wireless Local Area Network Consortium

WLAN The Wireless Local Area Network Consortium

Wireless LAN Consortium Wireless WPA AP MAC Test Suite v2.4 Report

Wireless LAN Consortium

Wireless LAN Consortium

SERIAL ATTACHED SCSI (SAS) CONSORTIUM

UNH-IOL. FC-1 Conformance Test Suite Version 4.3. Technical Document. Last Updated: February 23, 2008

40 AND 100 GIGABIT ETHERNET TESTING SERVICE

UNH IOL SERIAL ATTACHED SCSI (SAS) CONSORTIUM

UNH IOL iscsi CONSORTIUM

UNH IOL iscsi CONSORTIUM

Fast Ethernet Consortium

UNH IOL iscsi CONSORTIUM

SERIAL ATTACHED SCSI (SAS) CONSORTIUM

University of New Hampshire InterOperability Laboratory Ethernet in the First Mile Consortium

UNH-IOL PCIe CONSORTIUM

Ethernet. Clause 22, 28, and 40 Management Registers Test Suite V4.0. Technical Document. Last Updated: Monday, March 9, :15 PM

Ethernet. MDIO Auto-Negotiation Registers Test Suite For Twisted-Pair PHYs V1.0. Technical Document. Last Updated: Thursday March 19, :21 AM

AUTOMOTIVE ETHERNET CONSORTIUM

Chapter 17. Wireless Network Security

Data Center Bridging Consortium

University of New Hampshire InterOperability Laboratory Ethernet Consortium

Chapter 24 Wireless Network Security

ETHERNET. Clause 28 Auto-Negotiation Next Page Exchange Test Suite v2.3. Technical Document. Last Updated: Friday, February 03, :22 AM

IN THE FIRST MILE CONSORTIUM. Clause 65 Test Suite v1.1 Technical Document. Last Updated: March 23, :43pm

ETHERNET TESTING SERVICES

University of New Hampshire InterOperability Laboratory Ethernet Consortium

Fast Ethernet Consortium

Ethernet. Clause 40 Auto-Crossover Test Suite v1.6. Technical Document. Last Updated: December 22, 2005, 11:07 a.m.

10 GIGABIT ETHERNET. 10GBASE-T Physical Layer Interoperability Test Suite Version 1.0. Technical Document. Last Updated: October 3, :30 PM

Ethernet. Clause 40 Auto-Crossover Test Suite V2.2. Technical Document. Last Updated: March 24, 2009, 3:15 p.m.

THE ETHERNET IN THE FIRST MILE CONSORTIUM. Annex 4A MAC Conformance Test Suite Version 1.0 Technical Document

Data Center Bridging Consortium

Wireless LAN Consortium abgn Infrastructure Interoperability Test Suite v4.4 Report

The University of New Hampshire InterOperability Laboratory 10 GIGABIT ETHERNET. Clause 46 10Gb/s RS Test Suite Version 1.1 Technical Document

Fibre Channel Consortium

University of New Hampshire InterOperability Laboratory Gigabit Ethernet Consortium

10 GIGABIT ETHERNET CONSORTIUM. RS Test Suite V1.2a Technical Document. Last Updated: June 7, :30 pm

GIGABIT ETHERNET CONSORTIUM

Bridge Functions Consortium

University of New Hampshire InterOperability Laboratory Ethernet Consortia

University of New Hampshire InterOperability Laboratory Ethernet Consortium

Table of Contents 1 WLAN Security Configuration Commands 1-1

ETHERNET. Clause 28 Auto-Negotiation State Machine Base Page Exchange Test Suite v5.9. Technical Document. Last Updated: January 4, :00AM

UNH-IOL iscsi CONSORTIUM

University of New Hampshire InterOperability Laboratory Ethernet Consortium

ROUTING CONSORTIUM. Routing Information Protocol Version 2 (RIP) Multi-System Interoperability Test Suite. Technical Document. Revision 2.

ETHERNET. Clause 28 Auto-Negotiation State Machine Base Page Exchange Test Suite v5.5. Technical Document. Last Updated: July 22, :11PM

UNH IOL iscsi CONSORTIUM

ROUTING CONSORTIUM. Virtual Router Redundancy Protocol Operations Test Suite. Technical Document. Revision 2.5

Bridge Functions Consortium

10 GIGABIT ETHERNET CONSORTIUM. 10GBASE-R PCS Test Suite V1.0 Technical Document. Last Updated: September 30, :30pm

Bridge Functions Consortium. Bridge Functions Consortium

Ethernet Switching Protocols

Wireless Network Security

ETHERNET. Clause 28 Auto-Negotiation State Machine Base Page Exchange Test Suite v6.4. Technical Document. Last Updated: October 15, :00pm

UNH-IOL FIBRE CHANNEL CONSORTIUM

40 and 100 Gigabit Ethernet Consortium Clause 86 40GBASE-SR4 and 100GBASE-SR10 PMD Test Suite v0.1 Technical Document

Configuring Layer2 Security

Viewing Status and Statistics

Wireless Network Security

University of New Hampshire InterOperability Laboratory Gigabit Ethernet Consortium

ETHERNET. Physical Layer Interoperability Test Suite Version 2.4. Technical Document. Last Updated: June 14, :00PM

IWARP Consortium. Network Impairments Test Suite. Technical Document. Revision 0.3

Wireless Network Security

IPv6 CONSORTIUM TEST SUITE Address Architecture Conformance Test Specification

Bridge Functions Consortium

UNH IOL iscsi CONSORTIUM

UNH IOL iscsi CONSORTIUM

10-Gigabit Ethernet Consortium

IP CONSORTIUM TEST SUITE Internet Protocol, Version 6

ROUTING CONSORTIUM. Intermediate System to Intermediate System (IS-IS) Operations Test Suite. Technical Document. Revision 4.6

ROUTING CONSORTIUM. Open Shortest Path First (OSPF) Multi-System Interoperability Test Suite. Technical Document. Revision 1.6

iscsi Consortium Multi-Connection Test Suite For iscsi Targets

Troubleshooting WLANs (Part 2)

Voice over IP Consortium

ETHERNETS. Annex 31B Flow Control Test Suite Version 1.7. Technical Document. Last Updated: Thursday, March 31, 2017

WLAN Roaming and Fast-Secure Roaming on CUWN

WPA-GPG: Wireless authentication using GPG Key

Status of P Sub-Specification

ROUTING CONSORTIUM TEST SUITE

iscsi Consortium Full Feature Phase Test Suite For iscsi Initiators

UNH-IOL FIBRE CHANNEL CONSORTIUM

Bridge Functions Consortium

Hooray, w Is Ratified... So, What Does it Mean for Your WLAN?

UNH IOL NVMe Test Consortium

UNH-IOL NVMe Test Consortium

UNH-IOL SAS CONSORTIUM

UNH-IOL NVMe Test Consortium

UNH-IOL NVMe Test Consortium

HP A-MSR Router Series WLAN. Command Reference. Abstract

Wireless KRACK attack client side workaround and detection

Configuring Management Frame Protection

Gigabit Ethernet Consortium Clause 36 PCS Conformance Test Suite v2.1 Report

Configuring the Client Adapter through the Windows XP Operating System

iscsi Consortium Login Phase Test Suite For iscsi Initiators

Bridge Functions Consortium Spanning Tree Protocol Operations Test Suite Version 2.0

ROUTING CONSORTIUM. Virtual Router Redundancy Protocol Version 3 Interoperability Test Suite. Technical Document. Draft Version

Wireless Network Security Spring 2015

Security in IEEE Networks

Transcription:

WLAN The Wireless Local Area Network Consortium WPA Station MAC Layer Test Suite Version 2.5 Technical Document Last Updated: February 18, 2013 Wireless LAN Consortium 121 Technology Drive, Suite 2 Durham, NH 03824 University of New Hampshire Phone: +1-603- 862-2263 Fax: +1-603- 862-4181 http://www.iol.unh.edu/consortiums/wireless/ 2008 University of New Hampshire

MODIFICATION RECORD February 2013 Version 2.5 Updated references to the 2012 802.11 standard November 2008 - Version 2.4 Released Daniel Reynolds: Removed RCC reference. Removed Invalid TSC test case from test 1.1.1. Moved INFORMATIVE case from 1.1.1 to 1.1.2. Changed observable results in 1.1.2 parts a. and c. to include that 1 or 0 can be used. June 2007 - Version 2.3 Released Jon Zink: IEEE Std. 802.11i-2004 references changed to IEEE Std. 802.11-2007. June 2006 - Version 2.2 Released Anthony Murabito: corrected procedures and observable results. 802.11i reference now for 2004 instead of draft August 2005 - Version 2.1 Released Jon Zink: Added Test # 1.1.2 TKIP Replay Protection. July 2005 - Version 2.0 Released Jon Zink: Reformatted test to the updated UNH-IOL test suite format. February 2004 - Version 1.1 Released Wireless LAN Consortium 2 WPA Station MAC Layer Test Suite v2.5

ACKNOWLEDGMENTS would like to acknowledge the efforts of the following individuals in the development of this test suite. Chris Kane Kevin Karcz Matt Newcomb Chris Polanec Anthony Murabito Jonathan Zink Daniel Reynolds University of New Hampshire University of New Hampshire University of New Hampshire University of New Hampshire University of New Hampshire University of New Hampshire University of New Hampshire Wireless LAN Consortium 3 WPA Station MAC Layer Test Suite v2.5

INTRODUCTION Overview s (UNH-IOL) is an institution designed to improve the interoperability of standards based products by providing an environment where a product can be tested against other implementations of a standard. This particular suite of tests has been developed to help implementers evaluate the functionality of WPA TKIP-PSK encryption in their STAs. These tests are designed to determine if a product conforms to specifications defined in IEEE Std. 802.11-2012 and WPA for 802.11 version 2.0. Successful completion of all tests contained in this suite does not guarantee that the tested device will operate with other devices. However, combined with satisfactory operation in the IOL s interoperability test bed, these tests provide a reasonable level of confidence that the device under test (DUT) will function properly with the MAC layer of other devices when WPA TKIP-PSK is used. Organization of Tests The tests contained in this document are organized to simplify the identification of information related to a test and to facilitate in the actual testing process. Each test contains an identification section that describes the test and provides cross-reference information. The discussion section covers background information and specifies why the test is to be performed. Tests are grouped in order to reduce setup time in the lab environment. Each test contains the following information: Test Number The Test Number associated with each test follows a simple grouping structure. Listed first is the Test Group Number followed by the test s number within the group. This allows for the addition of future tests to the appropriate groups of the test suite without requiring the renumbering of the subsequent tests. Purpose The purpose is a brief statement outlining what the test attempts to achieve. The test is written at the functional level. References The references section lists cross-references to the IEEE 802.11 standards and other documentation that might be helpful in understanding and evaluating the test results. Resource Requirements The requirements section specifies the test hardware and/or software needed to perform the test. This is generally expressed in terms of minimum requirements, however in some cases specific equipment manufacturer/model information may be provided. Last Modification Wireless LAN Consortium 4 WPA Station MAC Layer Test Suite v2.5

This specifies the date of the last modification to this test. Discussion The discussion covers the assumptions made in the design or implementation of the test, as well as known limitations. Other items specific to the test are covered here. Test Setup The setup section describes the initial configuration of the test environment. Small changes in the configuration should be included in the test procedure. Procedure The procedure section of the test description contains the systematic instructions for carrying out the test. It provides a cookbook approach to testing, and may be interspersed with observable results. Observable Results This section lists the specific observables that can be examined by the tester in order to verify that the DUT is operating properly. When multiple values for an observable are possible, this section provides a short discussion on how to interpret them. The determination of a pass or fail outcome for a particular test is often based on the successful (or unsuccessful) detection of a certain observable. Possible Problems This section contains a description of known issues with the test procedure, which may affect test results in certain situations. It may also refer the reader to test suite appendices and/or whitepapers that may provide more detail regarding these issues. Wireless LAN Consortium 5 WPA Station MAC Layer Test Suite v2.5

TABLE OF CONTENTS MODIFICATION RECORD 2 ACKNOWLEDGMENTS 3 INTRODUCTION 4 TABLE OF CONTENTS 6 GROUP 1: FIELD CHECKING 7 TEST #1.1.1: TKIP COUNTERMEASURES 8 TEST #1.1.2: TKIP REPLAY PROTECTION 11 APPENDIX A: ABBREVIATIONS 14 Wireless LAN Consortium 6 WPA Station MAC Layer Test Suite v2.5

GROUP 1: Field Checking Scope: The following tests cover MAC operations specific to the reception and processing of TKIP-PSK encrypted frames. Overview: These tests are designed to verify that the device under test properly handles WPA TKIP-PSK encrypted frames, and that station is not retransmitting a frame previously transmitted from another station. The MAC functions explored are defined in IEEE Std. 802.11-2012 and WPA for 802.11 version 2.0. Wireless LAN Consortium 7 WPA Station MAC Layer Test Suite v2.5

Test #1.1.1: TKIP Countermeasures Purpose: To verify that: the DUT can properly create and transmit TKIP-PSK encrypted frames. the DUT disassociates only if two frames with invalid MIC values are received within 60 seconds of each other. the DUT does not transmit or receive frames during the 60-second blackout period. the DUT checks the FCS, ICV, and IV fields before checking the MIC. the DUT keeps track of MIC failures independent of which key was used. References: [1] IEEE Std. 802.11-2012, Clause 11.4.2.4, 11.4.2.3 [2] WPA for 802.11 version 2.0, Clause 3.1, Appendix H, Figures 5 and 6 Resource Requirements: A testing station (TS) that is capable of transmitting user defined MAC frames and does not participate in the MAC protocol A monitor configured for capturing and analyzing MAC frames Last Updated: November 20, 2008 Discussion: When a BSS is using WPA TKIP-PSK encryption, any station receiving an encrypted frame should check the FCS, ICV, and IV fields before checking the MIC. If all of these fields are valid, then the frame is to be decrypted and processed; otherwise if any of these checks fail before checking the MIC, the frame should be discarded. If two MIC failures occur within a minute of each other, the STA should be disassociated with a reason code of MIC Failure or unspecified failure, and enter into a 1-minute blackout period in which it is not allowed to receive or transmit frames. Test Setup: Place the DUT, TS, and sniffer in a RF isolated environment and in range of each other. Enable WPA TKIP encryption and PSK on the DUT. Set the PSK to wireless (without quotes). Frame Label MSDU1 MSDU2 MSDU3 MSDU4 MSDU5 MSDU6 Table 1 - Test Frame(s) Description ICMP Echo Request containing a length of 32 bytes ICMP Echo Request containing a length of 32 bytes, with a MIC of all zeros ICMP Echo Request containing a length of 32 bytes, with a MIC one less than the computed MIC ICMP Echo Request containing a length of 32 bytes, with an invalid FCS and an invalid MIC ICMP Echo Request containing a length of 32 bytes, with an invalid ICV and an invalid MIC Broadcast ARP Request containing an invalid MIC Wireless LAN Consortium 8 WPA Station MAC Layer Test Suite v2.5

Procedure: Part a: Proper Encryption 1. Instruct the TS to authenticate, associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU1 and wait for a response 3. Repeat steps 1 and 2, two more times within a minute. 4. Observe transmissions from the DUT. Part b: All Zero MIC 1. Instruct the TS to authenticate, associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU2 twice. 3. Instruct the TS to send MSDU1. 4. Wait 1 minute. 5. Instruct the TS to deauthenticate the DUT. 6. Observe transmissions from the DUT. Part c: MIC One Less Than the Proper Value 1. Instruct the TS to authenticate, associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU3 twice. 3. Instruct the TS to send MSDU1. 4. Wait 1 minute. 5. Instruct the TS to deauthenticate the DUT. 6. Observe transmissions from the DUT. Part d: Invalid FCS and MIC 1. Instruct the TS to authenticate, associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU4 twice. 3. Instruct the TS to send MSDU1. 4. Wait 1 minute. 5. Instruct the TS to deauthenticate the DUT. 6. Observe transmissions from the DUT. Part e: Invalid ICV and MIC 1. Instruct the TS to authenticate, associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU5 twice. 3. Instruct the TS to send MSDU1. 4. Wait 1 minute. 5. Instruct the TS to deauthenticate the DUT. 6. Observe transmissions from the DUT. Wireless LAN Consortium 9 WPA Station MAC Layer Test Suite v2.5

Part f: Invalid Unicast and Broadcast MIC 1. Instruct the TS to authenticate, associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU6. 3. Instruct the TS to send MSDU3. 4. Instruct the TS to send MSDU1. 5. Wait 1 minute. 6. Instruct the TS to deauthenticate the DUT. 7. Observe transmissions from the DUT. Observable Results: The DUT should: a. respond to each transmission of MSDU1 with an ACK followed by an ICMP Echo Response. b. discard both transmissions of MSDU2 after sending MIC failure frames, and transmit a disassociation or deauthentication frame with reason code indicating MIC failure in response to the second transmission of MSDU2. The DUT should also transmit a disassociation or deauthentication frame in response to MSDU1. c. discard both transmissions of MSDU3 after sending MIC failure frames, and transmit a disassociation or deauthentication frame with reason code indicating MIC failure in response to the second transmission of MSDU3. The DUT should also transmit a disassociation or deauthentication frame in response to MSDU1. d. not send a disassociation or deauthentication in response to any transmission of MSDU4, but should discard the frame. The DUT should also respond to MSDU1 with an ACK followed by an ICMP Echo Response. e. not send a disassociation or deauthentication in response to any transmission of MSDU5, but should discard the frame. The DUT should also respond to MSDU1 with an ACK followed by an ICMP Echo Response. f. discard MSDU6 and MSDU3 after sending a Michael MIC failure report frame to the TS upon reception. The DUT should also send a disassociation or deauthentication with a reason code indicating MIC failure, in response to MSDU3. Possible Problems: None. Wireless LAN Consortium 10 WPA Station MAC Layer Test Suite v2.5

Test #1.1.2: TKIP Replay Protection Purpose: To verify that: the DUT initializes its TSC values properly. the DUT keeps separate TSC values for pairwise and group keys. the DUT increments its TSC by 1. the DUT detects replayed frames. References: [1] IEEE Std. 802.11-2012, Clause 11.4.2.4, 11.4.2.3, 11.4.2.1 [2] WPA for 802.11 version 2.0, Appendix H, Figures 5 and 6 Resource Requirements: A testing station (TS) that is capable of transmitting user defined MAC frames and does not participate in the MAC protocol A monitor configured for capturing and analyzing MAC frames Last Updated: November 20, 2008 Discussion: TKIP encryption uses a TSC to keep track of frame order. There is one TSC per encryption key, and it should be monotonically incrementing. As such, any frame that is received with a TSC value less than the last received TSC is to be dropped. This counter should be initialized to 1 ([1] mandates 0, also acceptable), and is to be initialized whenever the associated key is initialized or refreshed. The TSC is a multibyte quantity, and the rollover of the bytes needs to be properly handled since the TSC value changes from a maximum value to a minimum value, which is not monotonically incrementing. Test Setup: Place the DUT, TS, and sniffer in a RF isolated environment and in range of each other. Enable WPA TKIP encryption and PSK on the DUT. Set the PSK to wireless (without quotes). Wireless LAN Consortium 11 WPA Station MAC Layer Test Suite v2.5

Procedure: Table 2 - Test Frame(s) Frame Label Description MSDU1 ARP Request from the TS MSDU2 ICMP Echo Request from the TS MSDU3 Deauthentication frame from the TS to the DUT containing a status code of 1 MSDU4 ICMP Echo Request from the TS containing a previously used TSC MSDU5 ICMP Echo Request from the TS containing a TSC of 0xff MSDU6 ICMP Echo Request from the TS containing a TSC of 0x100 MSDU7 ICMP Echo Request from the TS containing a TSC of 0xffff MSDU8 ICMP Echo Request from the TS containing a TSC of 0x10000 MSDU9 ICMP Echo Request from the TS containing a TSC of 0xffffff MSDU10 ICMP Echo Request from the TS containing a TSC of 0x1000000 MSDU11 ICMP Echo Request from the TS containing a TSC with all bits set MSDU12 ICMP Echo Request from the TS containing a TSC with no bits set Part a: TSC Initialization 1. Instruct the TS to associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU1 and wait for a response. 3. Instruct the TS to send MSDU2 and wait for a response. 4. Observe transmissions from the DUT. Part b: TSC Increasing 1. Instruct the TS to associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU2. 3. Repeat step 1 two more times. 4. Observe transmissions from the DUT. Part c: Key Initialization/Refresh 1. Instruct the TS to associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU3. 3. Instruct the TS to associate and successfully complete the 4-way handshake with the DUT. 4. Instruct the TS to send MSDU1 and wait for a response. 5. Instruct the TS to send MSDU2 and wait for a response. 6. Observe transmissions from the DUT. Part d: Replay Detection Wireless LAN Consortium 12 WPA Station MAC Layer Test Suite v2.5

1. Instruct the TS to associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU2. 3. Instruct the TS to send MSDU2. 4. Instruct the TS to send MSDU4 with the TSC from the first transmission of MSDU2 in this part. 5. Repeat step 3. 6. Instruct the TS to send MSDU1. 7. Observe transmissions from the DUT. Part e: TSC Rollover 1. Instruct the TS to associate and successfully complete the 4-way handshake with the DUT. 2. Instruct the TS to send MSDU5 and wait for a response. 3. Instruct the TS to send MSDU6 and wait for a response. 4. Instruct the TS to send MSDU7 and wait for a response. 5. Instruct the TS to send MSDU8 and wait for a response. 6. Instruct the TS to send MSDU9 and wait for a response. 7. Instruct the TS to send MSDU10 and wait for a response. 8. Instruct the TS to send MSDU11 and wait for a response. 9. Instruct the TS to send MSDU12 and wait for a response. 10. Observe transmissions from the DUT. Observable Results: The DUT should: a. transmit the second group key with a TSC of 1 or 0, and respond to MSDU1-MSDU2 with monotonically incrementing TSCs. b. respond to each transmission of MSDU2 with TSCs that are monotonically incrementing. c. transmit the second group key with a TSC of 1 or 0, and respond to MSDU1-MSDU2 with monotonically incrementing TSCs. d. discard both transmissions of MSDU4 after transmitting an ACK for each one. The DUT should also reply to MSDU1 with an ARP Response. e. respond to MSDUs5-11 with an ACK followed by an ICMP Echo Response. The DUT should also discard MSDU12. INFORMATIVE: f. The DUT may send a deauthentication or disassociation in response to the second transmission of MSDU2. [2] does not specify if an invalid TSC qualifies as a MIC failure event, but the current version of 802.11i specifies that it does not constitute a MIC failure event. (part d). Possible Problems: None. Wireless LAN Consortium 13 WPA Station MAC Layer Test Suite v2.5

Appendix A: Abbreviations Abbreviation AP ARP BSS DS DUT FCS GTK ICMP ICV IV MAC MIC MPDU MSDU PSK PTK STA TK TKIP TS TSC WPA Description Access Point Address Resolution Protocol Basic Service Set Distribution System Device Under Test Frame Check Sequence Group Transient Key Internet Control Message Protocol Integrity Check Value Initialization Vector Media Access Control Message Integrity Code MAC Protocol Data Unit MAC Service Data Unit Pre-Shared Key Pairwise Transient Key Station Transient Key Temporal Key Integrity Protocol Testing Station TKIP Sequence Counter Wi-Fi Protected Access Wireless LAN Consortium 14 WPA Station MAC Layer Test Suite v2.5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback