Title: CAPWAP%20Overview
1CAPWAP Overview
- SAAG Presentation
- 65th IETF
- 23 March 2006
T. Charles Clancy clancy_at_cs.umd.edu
Scott G. Kelly scott_at_hyperthought.com
2Agenda
- Introduction
- Some background and current scope
- Security-related protocols, relationships,
considerations, requirements - Current state of things
- Conclusion
3Introduction
- CAPWAP working group is defining a protocol to
control and provision wireless access points - Things carried over the protocol include
- Access Point configuration/control
- Network access control decisions
- Cryptographic session keys
- User data
- Security is obviously a significant concern
- Working group wants to invite security area
participation - Requesting appointment of a security advisor
- Provide designated point of contact with security
directorate - Help to avoid delays, surprises in document
advancement process due to unforeseen security
concerns
4Background
Mgmt
AS/AAA
WLAN ELEMENTS AS Authentication Server,
typically RADIUS AP wireless access point STA
wireless station (typically a laptop)
AP
AP
STA
STA
STA
STA
5Background
- Early WLAN deployments rely on fat access
points - Standalone, individually managed network elements
- mgmt scaling issues
- Limited RF range implies many APs required for
significant coverage area - User roaming implies other infrastructure issues
- Relatively simple trust chain
- STA-AP
- EAPoL
- WEP
- AP-AS
- EAP over RADIUS
6Current Architecture(Security Protocol Hierarchy
and Interactions)
Mgmt
AAA
SNMP HTTP TLS SSH
RADIUS Optional IPsec
AC
AC
CAPWAP
CAPWAP
WTP
WTP
WTP
WTP
802.1X, 802.11i, WPA
802.1X, 802.11i, WPA
STA
STA
STA
STA
STA
STA
STA
STA
Each layer in hierarchy depends on layers above
for security
7Background, cont.
- Current generation moving to centralized control
model, thin access points - AC access controller, centralized point of
control - WTP wireless termination point (new name for
access points) - Complex interactions
- AC-AAA
- EAP over RADIUS (optional IPsec)
- WTP-STA
- WEP, WPA, WPA2, 802.11i
- AC-WTP
- Intermediate communications impacting all aspects
of operations - This presents a number of challenges that merit
IETF attention
8Complex Trust Relationships
Color Coding
Mgmt
AAA
RADIUS PSK
Admin Credential
MK
AC
AC
Long-Term EAP Credential
MSK/PMK
PSK/Cert
WTP
WTP
WTP
WTP
PTK
STA
STA
STA
STA
STA
STA
STA
STA
9CAPWAP InterdependenciesProtocols, trust
relationships, etc
- Many interdependent security protocols between
STA and network - CAPWAP is used to bootstrap trust between the STA
and WTP using a series of pre-established trust
relationships - AAA credential between AC and AS
- CAPWAP credential between AC and WTP
- EAP credentials between STA and AS
- 802.11i security context (PTK) between WTP and
STA - CAPWAP must not degrade security of surrounding
components
10CAPWAP Threats
- Multiple deployment models
- Direct L2 connection
- Routed L3 connection, one administrative domain
- Routed L3 connection, over potentially hostile
hops - Direct L2 connection
- Largely a physical security problem
- Post a guard, lock the doors, etc.
- Routed L3 connection, same administrative domain
- Seems similar to L2 at first glance, but
- Mobile systems invalidate many assumptions
regarding security of local LAN (soft and chewy
inside is now exposed) - Can mitigate with network admission control,
VLANs, etc, but CAPWAP cannot assume or mandate
these things
11CAPWAP Threats, cont.
- Routed L3 connection, over potentially hostile
hops - Examples
- Remote WTP scenarios
- Employees take WTPs home, connect back to central
AC - Branch office WTP, central office AC
- Hotspots
- some hops may be over wireless
- Mesh (e.g. metro wifi)
- Threat mitigation requires strong crypto
- Mutual authentication
- Data integrity verification
- Confidentiality in many cases
12Additional CAPWAP Security Considerations
- Splitting the MAC introduces security
complexity, subtleties - Functionality previously handled by AP is now
divided between WTP and AC - Examples
- If 802.11 crypto is terminated at the WTP,
security context must arrive there securely (via
AC), and WTP must implement 802.11 data security
functions - Otherwise, AC implements 802.11 data security
functions - Since user/station authentication is mediated by
the AC, it must securely interact with AS - WTP forwards 802.1X frames to AC
- AC-WTP communications must not be weak link in
chain
13CAPWAP Protocol Security Requirements
IN SCOPE
- AC ? WTP
- Authentication is unique, strong, mutual, and
explicit - Communications protected by strong ciphersuite
- AC ? AAA
- STA ? AAA
- STA ? WTP
- Management ? AC
NOT CURRENTLY IN SCOPE (but important to be aware
of)
14Current State of CAPWAP
- 4 competing protocol proposals were evaluated
- WG created independent eval team
- Protocols LWAPP,SLAPP,WiCoP,CTP
- WG chose LWAPP as basis for new CAPWAP protocol
- LWAPP provides its own proprietary security
mechanisms - Eval team (and others) recommended replacing this
with DTLS
15LWAPP Security Protocol, cont.
- T. Charles Clancy (UMD) conducted security
review, proposed improvements - Protocol subsequently modified to meet wg
objectives draft requirements and Clancy
suggestions - LWAPP/DTLS draft submitted by Kelly Rescorla
- DTLS added to capwap-00 draft as proposed
security mechanism - Numerous operational details yet to be specified,
but no show-stoppers uncovered or anticipated - WG still discussing, hopefully to reach closure
soon
16Compare/Contrast DTLS vs LWAPP
DTLS
LWAPP
- Standards-based protocol
- TLS is well reviewed (DTLS is equivalent from
security perspective) - Widely deployed on the Internet (TLS)
- Negotiation capability provides for algorithm
agility - Several freely available implementations
- Built-in DoS protection
- Employs security best practices
- Unidirectional crypto keys
- Each side contributes to IVs
- Security parameter verification via message hash
- Continued benefit from broad deployment and
scrutiny
- Home-grown protocol
- Latest incarnation has only one public review
- Little deployment experience
- No algorithm negotiation crypto change requires
protocol forklift - No known open source implementations
- No DoS protection
- A few questionable security practices
- Same key used for transmit/receive
- One side controls IV generation
- No verification of negotiable parameters (psk vs
cert) - One-off (capwap-only) deployment severely limits
exposure to scrutiny
17SUMMARY
- Security is clearly an integral concern for
CAPWAP - IEEE efforts primarily focused on STAWTPAS
- AC??WTP interactions introduce various subtleties
- Its easy to get security wrong, even when
clueful people are involved more skilled
reviewers mitigates the risk - CAPWAP would clearly benefit from additional
security community participation - Group is requesting a security advisor
- Designated point of contact with security
directorate - Avoid delays in document advancement due to
security concerns - Questions?