PNNL

Unauthorized access to network traffic can expose user identities and lead to data tampering, even when the data itself is encrypted. The IEEE Standard for Local and Metropolitan Area Networks-Media Access Control (MAC) Security Standard specifications enhance security by protecting user and application identities and hiding the purpose and content of communications. 

Pacific Northwest National Laboratory’s MAC Privacy Linux Kernel Module project aims to interpret and integrate the IEEE standard (802.1AEdk-2023) within the Linux Kernel environment. 

Purpose

The IEEE 802.1AEdk-2023 standard for MAC Security protocol (MACsec) privacy builds upon the existing MACsec protocol (IEEE 802.1AE-2018) by introducing advanced privacy protection features:

• MAC Address Concealment: Hides both source and destination MAC addresses in transmitted frames.
• Frame Size Obfuscation: Employs padding and frame consolidation techniques to obscure actual frame sizes.
• Frame Consolidation: Aggregates multiple smaller frames into single transmissions.
• Enhanced Protection Against Traffic Analysis: Strengthens defenses against malicious traffic analysis attempts.

Implementation Approach

Development of a MAC Privacy Linux kernel module fully compliant with IEEE 802.1AEdk-2023 and suitable for integration into the Linux kernel source code.

• Creation of a MAC Privacy Wireshark dissector to enable analysis of network traffic containing MAC Privacy frames using the open-source Wireshark protocol analyzer.
• Production of a MAC Privacy synthetic traffic generator for generating test vectors to support the development and validation of both the kernel module and the Wireshark dissector. Currently, there is no open-source MAC Privacy data available for analysis.
• All components will be developed using Rust, which provides robust memory safety and concurrency features.