Wi-Fi-Easy-Connect-Specification-v3.0_DPP协议资源-CSDN文库

需积分: 5 76 浏览量 2023-11-23 14:36:10 上传评论 1 收藏 1.99MB PDF 举报

Wi-Fi Easy Connect是一种由Wi-Fi Alliance推出的简便连接技术，旨在简化智能设备的Wi-Fi配对过程，特别是针对物联网（IoT）设备。该规范的主要目标是让用户能够快速、轻松地将新设备添加到家庭或办公室的Wi-Fi网络中，而无需输入复杂的密码或进行繁琐的配置步骤。 Wi-Fi Easy Connect Specification v3.0是该技术的第三个主要版本，可能包含了前两个版本的改进和扩展，以适应不断发展的Wi-Fi生态系统和用户需求。此规范可能包括了增强的安全特性、更高的兼容性以及优化的用户体验。在安全性方面，Wi-Fi Easy Connect可能会采用强大的加密方法来保护用户的网络凭证，确保只有授权的设备才能连接到网络。它可能通过二维码、近场通信（NFC）或者蓝牙低功耗（BLE）等方式，安全地传输网络信息，使得设备能够无痛地加入网络。在兼容性方面，新版本的规范可能扩大了支持的设备类型和Wi-Fi标准，如Wi-Fi 6（802.11ax）和Wi-Fi 6E等，以满足不同设备和网络环境的需求。同时，它可能提升了与其他Wi-Fi Alliance认证程序（如Wi-Fi Direct和WPA3）的集成，以提供更无缝的设备间连接。用户体验方面，Wi-Fi Easy Connect v3.0可能引入了更加直观的用户界面，简化了设置流程，使得非技术背景的用户也能轻松操作。此外，可能还加入了远程管理功能，使得用户能够在任何地方添加或管理他们的设备。值得注意的是，文档中提到这是一项未最终批准的草案规格，这意味着其中的内容可能会有变化，并且Wi-Fi Alliance不对其知识产权（IPR）进行任何保证。用户在使用该技术时应自行承担风险，并可能需要从第三方获取必要的专利、版权或商业秘密权利许可。 Wi-Fi Easy Connect Specification v3.0是Wi-Fi Alliance为改善物联网设备连接体验而制定的一项重要技术规范，旨在通过简化Wi-Fi设置流程，提升用户便利性和网络安全性，同时保持与现有Wi-Fi标准和认证的兼容性。尽管仍处于草案阶段，但其最终版本有望成为物联网设备连接领域的一个里程碑。

资源推荐

资源详情

资源评论

Used with the permission of Wi-Fi Alliance under the terms as stated in this document.

Wi-Fi Easy Connect™

Specification

Version 3.0

WI-FI ALLIANCE PROPRIETARY – SUBJECT TO CHANGE WITHOUT NOTICE

Use of this document is subject to all of the terms and conditions of the Specification Use Agreement. This

draft specification is based on the non-final version of the specification and is subject to revision and

change. Wi-Fi Alliance provides no assurances of any kind as to whether the information in this document

will represent or not represent the final specification. The information in this document is based upon an

unapproved draft specification and must not be utilized for any conformance or compliance purposes. WiFi

Alliance has not conducted an intellectual property rights ("IPR") review of this document and the

information contained herein, and makes no representations or warranties regarding any IPR, including

without limitation patents, copyrights or trade secret rights. This document may contain inventions for which

you must obtain licenses from third parties before making, using or selling the inventions. All liability and

responsibility for any use of this draft specification rests with the user, and not with any of the parties who

contribute to, or who own or hold any IPR in or underlying, this draft specification.

This document may be used with the permission of Wi-Fi Alliance under the terms set forth herein. By your

use of the document, you are agreeing to these terms. Unless this document is clearly designated as an

approved specification, this document is a work in process and is not an approved Wi-Fi Alliance

specification. This document is subject to revision or removal at any time without notice. Information

contained in this document may be used at your sole risk. Wi-Fi Alliance assumes no responsibility for

errors or omissions in this document. This copyright permission does not constitute an endorsement of the

products or services. Wi-Fi Alliance trademarks and certification marks may not be used unless specifically

allowed by Wi-Fi Alliance.

Wi-Fi Alliance owns the copyright in this document and reserves all rights therein. A user of this document

may duplicate and distribute copies of the document in connection with the authorized uses described

herein, provided any duplication in whole or in part includes the copyright notice and the disclaimer text set

forth herein. Unless prior written permission has been received from Wi-Fi Alliance, any other use of this

document and all other duplication and distribution of this document are prohibited. Unauthorized use,

duplication, or distribution is an infringement of Wi-Fi Alliance’s copyright.

NO REPRESENTATIONS OR WARRANTIES (WHETHER EXPRESS OR IMPLIED) ARE MADE BY WIFI

ALLIANCE AND WI-FI ALLIANCE IS NOT LIABLE FOR AND HEREBY DISCLAIMS ANY DIRECT,

INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES

ARISING OUT OF OR IN CONNECTION WITH THE USE OF THIS DOCUMENT AND ANY

INFORMATION CONTAINED IN THIS DOCUMENT.

Wi-Fi Easy Connect™ Specification v3.0

Used with the permission of Wi-Fi Alliance under the terms as stated in this document.

Page 3 of 188

Table of Contents

1 INTRODUCTION ........................................................................................................................................................ 10

1.1 Scope .......................................................................................................................................................... 10

1.2 References .................................................................................................................................................. 10

1.3 Definitions and Acronyms ........................................................................................................................... 13

1.3.1 Shall/should/may/might Usage ...................................................................................................... 13

1.3.2 Conventions ................................................................................................................................... 13

1.3.3 Abbreviations and Acronyms ......................................................................................................... 13

1.3.4 Definitions ...................................................................................................................................... 15

1.3.5 Symbols ......................................................................................................................................... 17

1.4 Item Scope .................................................................................................................................................. 17

1.5 Architecture ................................................................................................................................................. 17

1.5.1 Device Roles .................................................................................................................................. 17

1.5.2 Authentication Roles ...................................................................................................................... 18

1.5.3 Configurator Delegation ................................................................................................................. 18

1.6 Security Considerations .............................................................................................................................. 19

1.6.1 Overview ........................................................................................................................................ 19

1.6.2 Threat Profile .................................................................................................................................. 19

1.6.3 Trust Model .................................................................................................................................... 23

2 DPP PROTOCOL USAGE .......................................................................................................................................... 26

2.1 Overview ..................................................................................................................................................... 26

2.2 Infrastructure Set-up and Connectivity ....................................................................................................... 26

2.2.1 AP Configuration ............................................................................................................................ 26

2.2.2 STA Configuration .......................................................................................................................... 26

2.2.3 Infrastructure Connectivity ............................................................................................................. 26

2.2.4 Message Flows for Infrastructure Connectivity .............................................................................. 26

2.3 DPP over TCP Connections ....................................................................................................................... 31

2.3.1 Overview ........................................................................................................................................ 31

2.3.2 DPP Initiator/Responder Roles and TCP Client/Server Roles ...................................................... 31

2.3.3 Encapsulating DPP in a Streaming Protocol ................................................................................. 32

2.3.4 Encapsulating DPP in TCP ............................................................................................................ 32

2.3.5 TCP/IP -Only DPP .......................................................................................................................... 35

2.3.6 Bootstrapping with DPP over TCP ................................................................................................. 35

2.4 DPP Service Discovery ............................................................................................................................... 35

2.4.1 Controller Services ......................................................................................................................... 36

2.4.2 Relay Services ............................................................................................................................... 36

2.4.3 Bootstrapping Services .................................................................................................................. 36

2.5 Status Query ............................................................................................................................................... 38

2.6 Reconfiguration ........................................................................................................................................... 38

2.6.1 Overview ........................................................................................................................................ 38

2.6.2 Triggers for Reconfiguration .......................................................................................................... 39

2.7 DPP Protocol Version ................................................................................................................................. 40

2.7.1 Supported Version ......................................................................................................................... 41

2.7.2 Negotiated Version......................................................................................................................... 41

3 SECURITY .................................................................................................................................................................. 42

3.1 Properties .................................................................................................................................................... 42

3.2 Public Key Cryptography............................................................................................................................. 42

3.2.1 Supported Public Key Cryptosystem ............................................................................................. 42

3.2.2 Notation .......................................................................................................................................... 42

3.3 Cryptographic Suites ................................................................................................................................... 43

3.3.1 Point Representation...................................................................................................................... 43

4 DATA STRUCTURES ................................................................................................................................................. 45

4.1 Public Keys ................................................................................................................................................. 45

4.2 Connectors .................................................................................................................................................. 45

4.2.1 Connector Signing.......................................................................................................................... 46

Wi-Fi Easy Connect™ Specification v3.0

Used with the permission of Wi-Fi Alliance under the terms as stated in this document.

Page 4 of 188

4.2.2 Encoding ........................................................................................................................................ 46

4.3 DPP Configuration Request ........................................................................................................................ 48

4.3.1 General .......................................................................................................................................... 48

4.3.2 Wi-Fi Technology ........................................................................................................................... 48

4.3.3 Network Role .................................................................................................................................. 49

4.3.4 DPP Discovery ............................................................................................................................... 49

4.3.5 Credential ....................................................................................................................................... 49

4.4 DPP Configuration Request Object ............................................................................................................ 52

4.4.1 Optional 3rd party attributes in Configuration Request Object ...................................................... 53

4.5 DPP Configuration Object ........................................................................................................................... 54

4.5.1 Overview ........................................................................................................................................ 54

4.5.2 Optional 3rd party attributes in Configuration Object ..................................................................... 56

4.5.3 Encoding ........................................................................................................................................ 56

4.5.4 DPP Reconfig Authentication Objects ........................................................................................... 57

5 BOOTSTRAPPING OF TRUST .................................................................................................................................. 58

5.1 Overview ..................................................................................................................................................... 58

5.2 Bootstrapping Information ........................................................................................................................... 58

5.2.1 Bootstrapping Information Format ................................................................................................. 58

5.3 Scanning a QR Code .................................................................................................................................. 59

5.4 NFC ............................................................................................................................................................. 61

5.4.1 Overview ........................................................................................................................................ 61

5.4.2 NFC Connection Handover ............................................................................................................ 61

5.4.3 DPP Bootstrapping via NFC URI Record ...................................................................................... 64

5.5 Bluetooth ..................................................................................................................................................... 65

5.5.1 Overview ........................................................................................................................................ 65

5.5.2 Responder Procedures .................................................................................................................. 66

5.5.3 Initiator Procedures ........................................................................................................................ 67

5.5.4 BLE GATT Based DPP Bootstrapping ........................................................................................... 68

5.6 PKEX: Proof of Knowledge of a Shared Code, Key, Phrase, or Word ....................................................... 70

5.6.1 PKEX Preliminaries ........................................................................................................................ 71

5.6.2 PKEX Exchange Phase ................................................................................................................. 72

5.6.3 PKEX Commit-Reveal Phase ........................................................................................................ 74

5.7 Bootstrapping Using a Trusted Third Party ................................................................................................. 75

5.8 Push Button PKEX-based ........................................................................................................................... 76

5.8.1 Overview ........................................................................................................................................ 76

5.8.2 Discovery phase ............................................................................................................................. 77

5.8.3 PKEX push button-based ............................................................................................................... 80

5.8.4 DPP Authentication and Configuration protocol ............................................................................ 80

5.8.5 Push Button PKEX-based security mitigations .............................................................................. 80

6 DPP PROTOCOLS ..................................................................................................................................................... 82

6.1 Overview ..................................................................................................................................................... 82

6.2 DPP Presence Announcement ................................................................................................................... 82

6.2.1 Computing the Hash for Presence Announcement ....................................................................... 82

6.2.2 Generation of Channel List for Presence Announcement ............................................................. 82

6.2.3 Enrollee Presence Announcement Procedure ............................................................................... 83

6.2.4 Configurator Procedure and Configurator Connectivity Element ................................................... 83

6.3 DPP Authentication protocol ....................................................................................................................... 84

6.3.1 Overview ........................................................................................................................................ 84

6.3.2 DPP Authentication Request ......................................................................................................... 86

6.3.3 DPP Authentication Response ....................................................................................................... 87

6.3.4 DPP Authentication Confirm .......................................................................................................... 88

6.4 DPP Configuration Protocol ........................................................................................................................ 90

6.4.1 Overview ........................................................................................................................................ 90

6.4.2 DPP Configuration Request ........................................................................................................... 90

6.4.3 DPP Configuration Response ........................................................................................................ 90

6.4.4 DPP Configuration Result .............................................................................................................. 93

6.4.5 DPP Connection Status Result ...................................................................................................... 93

Wi-Fi Easy Connect™ Specification v3.0

Used with the permission of Wi-Fi Alliance under the terms as stated in this document.

Page 5 of 188

6.5 DPP Reconfiguration Authentication Protocol ............................................................................................ 95

6.5.1 Overview ........................................................................................................................................ 95

6.5.2 DPP Reconfiguration Announcement ............................................................................................ 96

6.5.3 DPP Reconfiguration Authentication Request ............................................................................... 97

6.5.4 DPP Reconfiguration Authentication Response ............................................................................ 97

6.5.5 DPP Reconfiguration Authentication Confirm ................................................................................ 98

6.5.6 Connector Matching for Reconfiguration ....................................................................................... 98

6.6 Network Introduction ................................................................................................................................... 99

6.6.1 Introduction .................................................................................................................................... 99

6.6.2 Network Introduction Protocol ........................................................................................................ 99

6.6.3 Private Introduction Protocol ........................................................................................................ 100

6.6.4 Key Establishment in Network Introduction ................................................................................. 101

6.6.5 Connector Group Comparison ..................................................................................................... 101

6.6.6 Network Access Protocols ........................................................................................................... 102

7 STATE MACHINES .................................................................................................................................................. 103

7.1 Initiator State Machine .............................................................................................................................. 103

7.1.1 States ........................................................................................................................................... 103

7.1.2 Events and Output ....................................................................................................................... 103

7.1.3 Variables ...................................................................................................................................... 103

7.1.4 Parent Process Behavior ............................................................................................................. 103

7.1.5 State Machine Behavior ............................................................................................................... 103

7.2 Responder State Machine ........................................................................................................................ 105

7.2.1 States ........................................................................................................................................... 105

7.2.2 Events and Output ....................................................................................................................... 105

7.2.3 Variables ...................................................................................................................................... 106

7.2.4 State Machine Behavior ............................................................................................................... 106

7.3 Configurator State Machine ...................................................................................................................... 108

7.3.1 States ........................................................................................................................................... 108

7.3.2 Events and Output ....................................................................................................................... 108

7.3.3 Variables ...................................................................................................................................... 108

7.3.4 Parent Process Behavior ............................................................................................................. 108

7.3.5 State Machine Behavior ............................................................................................................... 108

7.4 Enrollee State Machine ............................................................................................................................. 110

7.4.1 States ........................................................................................................................................... 110

7.4.2 Events and Output ....................................................................................................................... 110

7.4.3 Variables ...................................................................................................................................... 110

7.4.4 State Machine Behavior ............................................................................................................... 110

7.5 Detailed Protocol Description .................................................................................................................... 112

7.5.1 DPP Bootstrapping....................................................................................................................... 112

7.5.2 DPP Authentication Exchange ..................................................................................................... 112

7.5.3 DPP Configuration Exchange ...................................................................................................... 114

7.5.4 DPP Network Introduction Exchange........................................................................................... 115

7.5.5 Network Access ........................................................................................................................... 116

8 DPP ATTRIBUTE, FRAME, AND ELEMENT FORMATS ........................................................................................ 117

8.1 DPP Attributes ........................................................................................................................................... 117

8.1.1 DPP Attribute Body Field Definitions ........................................................................................... 118

8.2 DPP frames ............................................................................................................................................... 121

8.2.1 DPP Public Action frames ............................................................................................................ 121

8.2.2 Authentication Request frame ...................................................................................................... 122

8.2.3 Authentication Response frame ................................................................................................... 123

8.2.4 Authentication Confirm frame ...................................................................................................... 123

8.2.5 Peer Discovery Request frame .................................................................................................... 124

8.2.6 Peer Discovery Response frame ................................................................................................. 124

8.2.7 PKEX Exchange Request frame .................................................................................................. 125

8.2.8 PKEX Version 1 Exchange Request frame ................................................................................. 125

8.2.9 PKEX Exchange Response frame ............................................................................................... 125

8.2.10 PKEX Commit-Reveal Request frame ........................................................................................ 126