MACsec testing: lessons learnt (G12c)
MACsec, also known as IEEE 802.1AE, is a network security standard that adds confidentiality and integrity to layer 2 traffic. The standard was initially published in 2006 as an extension for the IEEE 802.1X-2004 standard, which mainly provides authentication and authorization. The standard has been updated for several times and the latest version is 802.1AE-2018. MACsec has been gradually adopted by network device companies, and are now supported by major vendors. However, security certification for MACsec implementation is still relatively new and has not been widely achieved. This talk presents the standard’s core concepts and surveys its implementation by major vendors. The rest of the talk focuses on our experience in the security evaluation of this technology under the FIPS 140 and Common Criteria programs. It describes potential difficulties that both testers and vendors may encounter and discusses possible solutions.