Security

MAC Security

https://1.ieee802.org/security/802-1ae/

https://www.netdevconf.org/1.1/proceedings/slides/dubroca-macsec-encryption-wire-lan.pdf [Linux implementation]

https://developers.redhat.com/blog/2016/10/14/macsec-a-different-solution-to-encrypt-network-traffic/ (by Sabrina Dubroca)

http://www.ieee802.org/1/files/public/docs2013/ae-seaman-macsec-hops-0626-v03.pdf (MACsec hops by Mick Seaman, Editor, IEEE)

https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2016/pdf/BRKCRS-2892.pdf (MACsec Solution Design and Deployment)

https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2018/pdf/BRKRST-2309.pdf [Introduction to WAN MACsec]

https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/identity-based-networking-services/deploy_guide_c17-663760.html

https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/identity-based-networking-services/white-paper-c11-737544.html

https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2016/WP-WAN-MACsecDep-Aug2016.pdf

https://www.cisco.com/c/dam/en/us/td/docs/solutions/Enterprise/Security/MACsec/WP-High-Speed-WAN-Encrypt-MACsec.pdf

https://en.wikipedia.org/wiki/IEEE_802.1AE (IEEE MACsec specification) [Data path]

https://en.wikipedia.org/wiki/IEEE_802.1X (IEEE PNAC specification) [Control path]

MACsec GCM-AES Test Vectors

http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf

https://github.com/openssl/openssl/blob/master/demos/evp/aesgcm.c (Sample AES-GCM-256 test program using test vector from NIST)

MACsec Extended Packet Numbering (XPN)

https://1.ieee802.org/security/802-1aebw/

http://www.ieee802.org/1/files/public/docs2011/new-seaman-macsec-xpn-0711-v1.pdf (by Mick Seaman, Editor, IEEE)

http://www.ieee802.org/1/files/public/docs2012/aebw-seaman-xpn-recovery-0212-v01.pdf (by Mick Seaman, Editor, IEEE)

https://github.com/secdev/scapy/blob/master/scapy/contrib/macsec.py (scapy supports XPN)

https://github.com/secdev/scapy/blob/master/scapy/contrib/macsec.uts (XPN unit test)

MACsec Ethernet Data Encryption (EDE) devices (Also specifies transmission using multiple secure channels (SCs) for strict replay protection when frames of different priorities can be disordered)

https://1.ieee802.org/security/802-1aecg/

http://www.ieee802.org/1/files/public/docs2013/ae-seaman-ede-ppt-0913-v01.pdf (by Mick Seaman, Editor, IEEE)

Preemption and MACsec replay protection (using multiple SCs)

http://www.ieee802.org/1/files/public/docs2014/ae-seaman-preemption-1114-v04.pdf (by Mick Seaman, Editor, IEEE)

MACsec Key Agreement(MKA) on Linux (by Sabrina Dubroca)

https://developers.redhat.com/blog/2017/06/28/whats-new-in-macsec-setting-up-macsec-using-wpa_supplicant-and-optionally-networkmanager/

OpenSSL authenticated encryption and decryption APIs (includes GCM)

https://wiki.openssl.org/index.php/EVP_Authenticated_Encryption_and_Decryption

Non-repudiation

https://en.wikipedia.org/wiki/Non-repudiation

Page updated

Google Sites

Report abuse