WO2007024434A1 - Wireless communication device and methods for protecting broadcasted management control messages in wireless networks - Google Patents
Wireless communication device and methods for protecting broadcasted management control messages in wireless networks Download PDFInfo
- Publication number
- WO2007024434A1 WO2007024434A1 PCT/US2006/030184 US2006030184W WO2007024434A1 WO 2007024434 A1 WO2007024434 A1 WO 2007024434A1 US 2006030184 W US2006030184 W US 2006030184W WO 2007024434 A1 WO2007024434 A1 WO 2007024434A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- message
- communication station
- access point
- broadcast
- communication
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/082—Access security using revocation of authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/106—Packet or message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/06—Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/20—Transfer of user or subscriber data
- H04W8/205—Transfer to or from user equipment or user record carrier
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
Definitions
- Some embodiments of the present invention pertain to wireless communications. Some embodiments pertain to wireless networks, such as wireless local area networks (WLANs).
- WLANs wireless local area networks
- a managing communication station such as an access point
- These broadcasted messages may request that the associated communication stations perform some type of network management and/or control function.
- One problem is that these network management and control messages may not have originated from the access point and may have been forged by one of the associated communication stations. These forged messages may cause many different network management problems, which may for example, reduce network performance and increase power consumption and can lead to denial of service situations.
- systems and methods that protect broadcasted management control messages in wireless networks.
- FIG. 1 illustrates a wireless communication network in accordance with some embodiments of the present invention
- FIG. 2 is a functional block diagram of a wireless communication device in accordance with some embodiments of the present invention
- FIG. 3 is a diagram of an example of a communications flow in accordance with some embodiments of the present invention.
- FIG. 4 is a flow chart of management control message broadcasting procedure in accordance with some embodiments of the present invention.
- Wireless communication network 100 includes a managing communication station, such as access point (AP) 102, and one or more associated communication stations (STAs) 104.
- AP access point
- STAs communication stations
- communicates are transmitted between access point 102 and communication stations 104 allowing communication stations 104 to communicate with each other through access point 102, as well as allowing communication stations 104 to communication with other networks, such as the Internet, through access point 102.
- network 100 may be a wireless local area network (WLAN) and may operate in accordance with one or more of the IEEE 802.11 or 802.16 standards referenced below, although the scope of the invention is not limited in this respect.
- FIG. 1 illustrates a wireless communication network in accordance with some embodiments of the present invention.
- WLAN wireless local area network
- Wireless communication device 200 may be suitable for use as access point 102 (FIG. 1) and/or one or more of communication stations 104 (FIG. 1).
- Wireless communication device 200 includes media-access control (MAC) layer circuitry 202, physical layer circuitry 204, and one or more antennas 206, the operations of which are described in more detail below.
- MAC media-access control
- wireless communication device 200 may use more than one antenna 206 allowing the device to take advantage of the spatial diversity of the antennas to allow the communication of more than one spatial data stream on the same frequency subcarriers. This is described in more detail below.
- wireless communication device 200 is illustrated as having several separate functional elements, one or more of the functional elements may be combined and may be implemented by combinations of software-configured elements, such as processing elements including digital signal processors (DSPs), and/or other hardware elements.
- processing elements including digital signal processors (DSPs), and/or other hardware elements.
- some elements may comprise one or more microprocessors, DSPs, application specific integrated circuits (ASICs), and combinations of various hardware and logic circuitry for performing at least the functions described herein.
- the functional elements of wireless communication device 200 may refer to one or more processes operating on one or more processing elements.
- FIG. 3 is a diagram of an example of a communications flow in accordance with some embodiments of the present invention. Communications flow 300 may be performed by access point 102 (FIG. 1) and one of communication stations 104 (FIG. 1) as illustrated.
- the 400 level reference number illustrated in FIG. 3 correspond to operations described below in FIG. 4.
- access point 102 may transmit broadcast message
- the broadcast message may be secured (e.g., encrypted) with a broadcast key.
- Associated communication stations that receive the broadcast message may authenticate the broadcast message with the broadcast key and may generate reply message 308 (M2).
- Each reply message 308 may include a hash of broadcast message 304 (illustrated in FIG. 3 as h(Ml)) and may be secured (e.g., encrypted) with a session key of the communication station generating reply message 308.
- Access point 102 may verify the hash of each reply message 308 received and may transmit countermand message 314 (M3) when the hash received from one of communication stations 104 does not verify.
- the countermand message may indicate to a particular communication station that the broadcast message the station received did not originate from access point 102.
- Countermand message 314 may be secured with a session key (TK STA ) of the particular communication station.
- communication stations 104 receiving broadcast message 304 may authenticate the broadcast message by computing a message integrity code (MIC) with the broadcast key.
- computing the message integrity code may include computing a cryptographic checksum of the payload of the broadcast message using the broadcast key and comparing it to the cryptographic checksum within the broadcast message.
- the message integrity code may also be referred to as a message authentication code, although the scope of the invention is not limited in this respect.
- access point 104 associated with access point 102 may have a unique session key for use for securing individual communications with access point 102.
- the session keys may be symmetric keys.
- individual communications between access point 102 and a particular communication station may be secured by a session key that is unique to the particular communication station.
- the transmission of a message secured with a particular communication station's session key may be decrypted only with the station possessing the particular session key.
- access point 102 may use a particular communication station's assigned session key for unicasting messages to that particular communication station, although the scope of the invention is not limited in this respect.
- access point 102 may decrypt each reply message using the session key of the communication station 104 that had transmitted the reply message.
- access point 102 may verify the hash by comparing the hash received in the reply message with a hash of the broadcast message that was initially sent by the access point. A hash failing to validate indicates that the communication station that had transmitted the reply packet received a forged broadcast message. In other words, the hashes sent by communication stations 104 in response to broadcast message 304 should be the same; otherwise the broadcast message was not sent by access point 102 and may have been sent (i.e., forged) by one of the associated communication stations.
- access point 102 may determine which session key to use to decrypt the reply message by determining the particular communication station that sent the reply message.
- the sending station may be identified based on the message's source address for some WLAN and IEEE 802.11 embodiments or on a channel identifier for some WiMax and some IEEE 802.16 embodiments discussed below.
- access point 102 may identify the particular communication station that sent the reply message as having properly received the broadcast message. In other words, the particular communication station did not receive a forged broadcast message.
- countermand message 314 includes the hash (i.e., the hash that did not verify) that was received from the sending communication station.
- the hash may be secured with the session key of the communication station.
- at least one bit of the payload of countermand message 314 that is transmitted to the communication station is different than the payload of the reply message received from the particular communication station.
- the difference between the reply and countermand messages may indicate to the communication station that the communication station had received a forged broadcast message.
- the countermand message may include other indicators that indicate to the particular communication station that it had previously received a forged broadcast message.
- access point 102 may send countermand message
- access point 102 may wait a predetermined period of time to receive the reply messages from each of associated communication stations 104 after transmission of broadcast message 304. After the predetermined period of time, access point 102 may transmit retransmit message 318 (M4) that includes at least the payload of broadcast message 304. Retransmit message 318 may be sent in a unicast fashion to each communication station 104 from which a reply message was not received. In some embodiments, each retransmit message 318 may be secured with a session key for the associated communication station 104 from which a reply message was not received. In some embodiments, the predetermined period of time may range from 50 to 250 milliseconds, although the scope of the invention is not limited in this respect.
- the broadcast key is known to associated communication stations 104 and is provided by access point 102 to the associated communication stations 104 at session startup.
- a session key is also provided to each of associated communication stations 104 at session startup.
- the broadcast key and session keys may be rotated and replaced on a regular basis.
- the broadcast key may be a group temporal key (GTK) discussed in more detail below.
- the session keys may be pairwise temporal keys. Each session key may be used to secure communications between one associated communication station 104 and access point 102.
- broadcast key 304 may be referred to as a reliable group temporal key (RGTK), although the scope of the invention is not limited in this respect.
- broadcast message 304 comprises a management frame or packet and requests all the associated communication stations 104 to perform an action.
- broadcast message 304 comprises a network management control message.
- the broadcast message may include any message that is sent to more than one communication station including multicast messages and messages that include data packets as well as control packets.
- a broadcast message may comprise a multicast message, although the scope of the invention is not limited in this respect.
- broadcast message 304 requests associated communication stations 104 to perform one or more actions.
- the actions may include measuring the communication station's individual signal environment, directing the communication stations to switch to another channel, and/or directing the communication stations to perform a network management operation, as well as other requested actions.
- each of the associated communication stations 104 that receive broadcast message 304 may begin performing the requested action (i.e., at least begin to process the payload of the broadcast message) unless or until the communication station receives countermand message 318 indicating that the broadcast message was not sent by access point 102.
- a communication station may terminate the performance of the requested action in response to receipt of the countermand message.
- a communication station may perform the action requested by the broadcast message whether or not the station knows if the message has been forged.
- a communication station receiving a forged broadcast message may actually end up performing the requested action until it receives the countermand message.
- broadcast message 304 sent by access point 102 and the reply messages sent by the communication stations 104 may be transmitted on orthogonal frequency division multiplexed (OFDM) communication signals 108 (FIG. 1) comprising a plurality of substantially orthogonal subcarriers, although the scope of the invention is not limited in this respect.
- OFDM communication signals may be transmitted in accordance with the IEEE 802.11 (a) or (g) standards discussed below, although the scope of the invention is not limited in this respect.
- broadcast message 304 sent by access point 102 and the reply messages sent by communication stations 104 may be transmitted on spread-spectrum modulated communication signals, although the scope of the invention is not limited in this respect.
- bits may be modulated with a Barker code chipping sequence to generate the spread-spectrum signals.
- the spread-spectrum modulated communication signals may be transmitted in accordance with the IEEE 802.11 (b) standard discussed below, although the scope of the invention is not limited in this respect.
- broadcast message 304 may be transmitted using more than one antenna 206, and/or the reply messages received from the communication stations may be received by access point 102 with more than one antenna 206.
- broadcast message 304 may be sent by access point 102 and the reply messages sent by communication stations 104 may be transmitted on either spread-spectrum modulated communication signals or OFDM communication signals 108.
- the access point may have separate receive and transmit antennas, while in other embodiments, the access point may use a single set of antennas for both receiving and transmitting.
- the communication signals transmitted and received by access point 102 and/or communication stations 104 may be in accordance with the IEEE 802.1 l(n) standards for multiple-input multiple-output communications referenced below, although the scope of the invention is not limited in this respect.
- physically layer circuitry 204 may be configured to transmit broadcast message 304 to one or more associated communication stations 104, and media access control layer circuitry 202 may be configured to perform operations including verifying the hash of each reply message 308 received by access point 102.
- Physically layer circuitry 204 may also be configured to transmit the countermand message 314 when the hash received from one of the communication stations 104 does not verify.
- Media access control layer circuitry 202 may secure countermand message 314 with the session key of the communication station.
- the combination of physically layer circuitry 204 and media access control layer circuitry 202 may together perform any of the operations described herein.
- wireless communication device 200 may communicate OFDM communication signals over a multicarrier communication channel that may be within a predetermined frequency spectrum and may comprise a plurality of orthogonal subcarriers.
- the orthogonal subcarriers may be closely spaced OFDM subcarriers.
- each subcarrier may have a null at substantially a center frequency of the other subcarriers.
- each subcarrier may have an integer number of cycles within a symbol period, although the scope of the invention is not limited in this respect.
- wireless communication device 200 may be part of a wireless access point, such as a Wireless Fidelity (WiFi), Worldwide Interoperability for Microwave Access (WiMax), or broadband communication station, although the scope of the invention is not limited in this respect.
- wireless communication device 200 may a portable wireless communication device, such as personal digital assistant (PDA), a laptop or portable computer with wireless communication capability, a web tablet, a wireless telephone, a wireless headset, a pager, an instant messaging device, a digital camera, an access point, a television or other device that may receive and/or transmit information wirelessly.
- PDA personal digital assistant
- the frequency spectrums for the multicarrier communication signals communicated by wireless communication device 200 may comprise either a 5 GHz frequency spectrum or a 2.4 GHz frequency spectrum.
- the 5 GHz frequency spectrum may include frequencies ranging from approximately 4.9 to 5.9 GHz
- the 2.4 GHz spectrum may include frequencies ranging from approximately 2.3 to 2.5 GHz, although the scope of the invention is not limited in this respect, as other frequency spectrums are also equally suitable.
- wireless communication device 200 may communicate radio-frequency (RF) communications in accordance with specific communication standards, such as the Institute of Electrical and Electronics Engineers (IEEE) standards including IEEE 802.11 (a), 802.11(b), 802.11(g) and/or 802.11(n) standards for wireless local area networks (WLANs), although wireless communication device 200 may also be suitable to transmit and/or receive communications in accordance with other techniques including the Digital Video Broadcasting Terrestrial (DVB-T) broadcasting standard, and the High performance radio Local Area Network (HiperLAN) standard.
- IEEE Institute of Electrical and Electronics Engineers
- wireless communication device 200 may communicate broadband wireless communications in accordance with the IEEE 802.16(e) standards for wireless metropolitan area networks (WMANs).
- WMANs wireless metropolitan area networks
- IEEE 802.11 standards please refer to "IEEE Standards for Information Technology ⁇ Telecommunications and Information Exchange between Systems — Local and Metropolitan Area Network — Specific Requirements ⁇ Part 11 : Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY), ISO/IEC 8802- 11: 1999” and related amendments/versions.
- Antennas 206 may comprise one or more directional or omnidirectional antennas, including, for example, dipole antennas, monopole antennas, patch antennas, loop antennas, microstrip antennas or other types of antennas suitable for transmission of RF signals. In some embodiments, instead of two or more antennas, a single antenna with multiple apertures may be used.
- FIG. 4 is a flow chart of management control message broadcasting procedure in accordance with some embodiments of the present invention.
- Procedure 400 may be performed by a managing communication station, such as access point 102 (FIG. 1), as part of its operations within a wireless network.
- a managing communication station such as access point 102 (FIG. 1)
- the access point sets the reply timer and in operation 404, the access point transmits broadcast message 304 (FIG. 3). In operation 406, the access point determines whether or not the reply timer has expired. When the reply timer has not expired, operation 408 is performed.
- the access point receives reply messages, such as reply message 308 (FIG. 3), from one or more of the associated communication stations.
- the reply messages may include a hash of the broadcast message transmitted in operation 402 and may be secured with the session key of the communication station that transmitted the reply message.
- the access point may decrypt the reply messages with the proper session key and may verify that hash within the reply message matches the hash of the originally sent broadcast message. When the hash verifies (i.e., matches), the broadcast message received by the particular communication station was authentic and operation 412 is performed. In operation 412, the access point may identify the station as properly received the broadcast message.
- Operation 414 is performed when the hash does not verify indicating that the broadcast message received by the particular communication station was forged.
- the access point transmits countermand message 314 (FIG. 3) to indicate that the broadcast message was not authentic.
- Operation 416 is performed when the reply timer has expired, as determined in operation 406. Operation 416 comprises identifying stations that did not reply with a reply message within the time period of the timer. In some embodiments, the stations identified in operation 412 may be compared with a list of all the associated communication stations.
- the access point transmits a retransmission message 318
- operation 418 may further include the access point transmitting retransmission message 318 (FIG. 3) to a station that received a forged broadcast message after the transmission of the countermand message in operation 414. This may be done before the expiration of the reply timer.
- the individual operations of procedure 400 are illustrated and described as separate operations, one or more of the individual operations may be performed concurrently, and nothing requires that the operations be performed in the order illustrated.
- network 100 may relate to the IEEE 802.1 l(w), IEEE 802.1 l(i), IEEE 802.1 l(k), IEEE 802.1 l(r), IEEE 802.1 l(s), and IEEE 802.1 l(v) proposed standards for wireless security and management frame protection, although the scope of the invention is not limited in this respect.
- network 100 may implement a mechanism that protects broadcast and multicast message from insider forgery attacks against the IEEE 802.1 l(i) Group Temporal Key (GTK).
- GTK Group Temporal Key
- Embodiments may also be applied to 802.11 data messages (including, for example, all traffic classes and traffic types) as well as management frames that are widely used in IEEE 802.11 compliant networks.
- a broadcast and multicast action frame (e.g., one of the IEEE 802.11 management frames) may be used to request for radio resource measurement, network information, and network optimization control in the IEEE 802.11 amendments 1 l(k), 1 l(h), and ll(v) mentioned above.
- These management frames generally contain valuable radio resource requirement and network information and are subject to forgery. The consequences of a forged request vary depending on the implementation of the receiving communication station. For instance, a receiving communication station may reject additional requests which allow forgeries to presents a denial of service opportunity.
- any physical realization will have a finite queue length, and an attacker might be able to create a denial-of-service by filling the queue with forged requests.
- a forged network management control message can lead to poorer performance than by ignoring valid messages.
- forged message requests with incorrect parameters can lead to power consuming activities by the receiving communication station.
- the broadcast and multicast data protection scheme defined in IEEE 802.1 l(i) may be extended to protect broadcast and multicast management frames.
- Some embodiments of the present invention define a protection scheme to protect broadcast and multicast data and management frame from outsider forgery as well as insider forgery.
- each communication station receives a reliable broadcast message (e.g., Ml) and responds with reply message (e.g., M2), which indicates the broadcast message received by the communication station by including the hash of the broadcast message (e.g., h(Ml)).
- M2 the hash of the broadcast message
- the access point may determine whether it recently sent message Ml . If not, the access point may advise the station with a countermand message (e.g., M3) that message Ml was a forgery. By assumption, the forged Ml could only be produced by an insider (e.g., one of the associated communication stations).
- the access point may resend the payload of the original broadcast message in a retransmit message (e.g., M4).
- a retransmit message e.g., M4
- messages M2, M3, and M4 may be protected using the 802.1 l(i) protection scheme, although the scope of the invention is not limited in this respect.
- processing, computing, calculating, determining, displaying, or the like may refer to an action and/or process of one or more processing or computing systems or similar devices that may manipulate and transform data represented as physical (e.g., electronic) quantities within a processing system's registers and memory into other data similarly represented as physical quantities within the processing system's registers or memories, or other such information storage, transmission or display devices.
- Embodiments of the invention may be implemented in one or a combination of hardware, firmware and software.
- Embodiments of the invention may also be implemented as instructions stored on a machine-readable medium, which may be read and executed by at least one processor to perform the operations described herein.
- a machine-readable medium may include any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer).
- a machine-readable medium may include read-only memory (ROM), random-access memory (RAM), magnetic disk storage media, optical storage media, flash-memory devices, electrical, optical, acoustical or other form of propagated signals (e.g., carrier waves, infrared signals, digital signals, etc.), and others.
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0802074A GB2443579B (en) | 2005-08-19 | 2006-08-03 | Wireless communication device and methods for protecting broadcasted management control messages in wireless networks |
JP2008526966A JP4724751B2 (en) | 2005-08-19 | 2006-08-03 | Wireless communication apparatus and method for protecting administrative control messages broadcast within a wireless network |
DE112006002200T DE112006002200B4 (en) | 2005-08-19 | 2006-08-03 | A wireless communication device and method for protecting broadcast administrative control messages in wireless networks |
CN2006800299587A CN101243673B (en) | 2005-08-19 | 2006-08-03 | Wireless communication device and methods for protecting broadcasted management control messages in wireless networks |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/208,426 US7392037B2 (en) | 2005-08-19 | 2005-08-19 | Wireless communication device and methods for protecting broadcasted management control messages in wireless networks |
US11/208,426 | 2005-08-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2007024434A1 true WO2007024434A1 (en) | 2007-03-01 |
Family
ID=37421069
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2006/030184 WO2007024434A1 (en) | 2005-08-19 | 2006-08-03 | Wireless communication device and methods for protecting broadcasted management control messages in wireless networks |
Country Status (6)
Country | Link |
---|---|
US (1) | US7392037B2 (en) |
JP (1) | JP4724751B2 (en) |
CN (1) | CN101243673B (en) |
DE (1) | DE112006002200B4 (en) |
GB (1) | GB2443579B (en) |
WO (1) | WO2007024434A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105992162A (en) * | 2016-04-21 | 2016-10-05 | 深圳市蜂联科技有限公司 | Method for communication through multicast frame embedded data under unrelated WIFI environment |
CN106131843A (en) * | 2016-06-30 | 2016-11-16 | 珠海市魅族科技有限公司 | A kind of WIFI method of attachment based on AUX interface |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1798654A1 (en) * | 2005-11-25 | 2007-06-20 | Nagravision S.A. | Access method to conditional access audio/video content |
US8255963B2 (en) * | 2006-04-25 | 2012-08-28 | XOrbit Inc. | System and method for monitoring video data |
KR20080060925A (en) * | 2006-12-27 | 2008-07-02 | 삼성전자주식회사 | Method for protecting broadcast frame, terminal for authenticating the broadcast frame and access point for broadcasting the broadcast frame |
US8412942B2 (en) * | 2007-01-22 | 2013-04-02 | Arris Group, Inc. | Method and system for seamless SSID creation, authentication and encryption |
US8165154B2 (en) * | 2007-03-12 | 2012-04-24 | Conexant Systems, Inc. | Systems and methods for reliable broadcast and multicast transmission over wireless local area network |
US8089908B2 (en) | 2007-03-13 | 2012-01-03 | Conexant Systems, Inc. | Systems and methods for indicating buffered data at an access point using a traffic indication map broadcast |
US8170002B2 (en) * | 2007-05-31 | 2012-05-01 | Conexant Systems, Inc. | Systems and methods for indicating buffered data at an access point with efficient beacon handling |
US8010778B2 (en) * | 2007-06-13 | 2011-08-30 | Intel Corporation | Apparatus and methods for negotiating a capability in establishing a peer-to-peer communication link |
US8233414B2 (en) * | 2007-07-05 | 2012-07-31 | Conexant Systems, Inc. | Systems and methods for indicating buffered data at an access point using an embedded traffic indication map |
CN101610452B (en) | 2009-07-15 | 2011-06-01 | 西安西电捷通无线网络通信股份有限公司 | Method for integrating network authentication and key management mechanism of sensor |
US8959607B2 (en) | 2011-08-03 | 2015-02-17 | Cisco Technology, Inc. | Group key management and authentication schemes for mesh networks |
KR101807523B1 (en) * | 2011-12-13 | 2017-12-12 | 삼성전자주식회사 | Apparatus and method for identifying wireless network provider in wireless communication system |
US9680650B2 (en) * | 2013-08-23 | 2017-06-13 | Qualcomm Incorporated | Secure content delivery using hashing of pre-coded packets |
US9985838B2 (en) * | 2016-03-29 | 2018-05-29 | Juniper Networks, Inc. | Mass MAC withdrawal for EVPN-DCI using virtual ESI |
US11696129B2 (en) * | 2019-09-13 | 2023-07-04 | Samsung Electronics Co., Ltd. | Systems, methods, and devices for association and authentication for multi access point coordination |
JP7459475B2 (en) | 2019-10-08 | 2024-04-02 | ヤマハ株式会社 | Wireless transmission device and wireless transmission method |
US11452035B2 (en) * | 2021-06-14 | 2022-09-20 | Ultralogic 6G, Llc | Hailing procedure for V2R, V2V, and V2X initial contact in 5G and 6G |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0898216A2 (en) * | 1997-08-22 | 1999-02-24 | Compaq Computer Corporation | Method for securely communicating remote control commands in a computer network |
Family Cites Families (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5237612A (en) * | 1991-03-29 | 1993-08-17 | Ericsson Ge Mobile Communications Inc. | Cellular verification and validation system |
JPH0991133A (en) * | 1995-09-20 | 1997-04-04 | Fujitsu Ltd | False declaration detection system |
US6108424A (en) * | 1997-01-09 | 2000-08-22 | U.S. Philips Corporation | Mobile radio telephone station comprising a protection system for at least one authentication number and method of protecting an authentication number |
US6198823B1 (en) * | 1998-03-24 | 2001-03-06 | Dsc Telecom, L.P. | Method for improved authentication for cellular phone transmissions |
JPH11340965A (en) * | 1998-05-28 | 1999-12-10 | Hitachi Ltd | Electronic mail key register device, equipment for transmitting and receiving electronic mail and electronic mail system |
JP2001044982A (en) * | 1999-07-26 | 2001-02-16 | Toshiba Corp | Cipher communication system and storage medium |
GB0004178D0 (en) * | 2000-02-22 | 2000-04-12 | Nokia Networks Oy | Integrity check in a communication system |
JP2002247023A (en) * | 2000-12-14 | 2002-08-30 | Furukawa Electric Co Ltd:The | Method for sharing session sharing key, method for certifying network terminal, network, terminal, and repeater |
US6856800B1 (en) * | 2001-05-14 | 2005-02-15 | At&T Corp. | Fast authentication and access control system for mobile networking |
JP2002366860A (en) * | 2001-06-07 | 2002-12-20 | Ntt Data Corp | Settlement system for electronic application |
JP3870081B2 (en) * | 2001-12-19 | 2007-01-17 | キヤノン株式会社 | COMMUNICATION SYSTEM AND SERVER DEVICE, CONTROL METHOD, COMPUTER PROGRAM FOR IMPLEMENTING THE SAME, AND STORAGE MEDIUM CONTAINING THE COMPUTER PROGRAM |
CA2414789A1 (en) * | 2002-01-09 | 2003-07-09 | Peel Wireless Inc. | Wireless networks security system |
US7702910B2 (en) * | 2002-10-24 | 2010-04-20 | Telefonaktiebolaget L M Ericsson (Publ) | Message authentication |
JP2004194196A (en) * | 2002-12-13 | 2004-07-08 | Ntt Docomo Inc | Packet communication authentication system, communication controller and communication terminal |
JP2004266516A (en) * | 2003-02-28 | 2004-09-24 | Matsushita Electric Ind Co Ltd | Network management server, communication terminal, edge switch device, program for communication, and network system |
US20050026596A1 (en) * | 2003-07-28 | 2005-02-03 | Oren Markovitz | Location-based AAA system and method in a wireless network |
US7558960B2 (en) * | 2003-10-16 | 2009-07-07 | Cisco Technology, Inc. | Network infrastructure validation of network management frames |
US20050108527A1 (en) * | 2003-11-13 | 2005-05-19 | Boris Ginzburg | Method and apparatus to provide secured link |
US7805603B2 (en) * | 2004-03-17 | 2010-09-28 | Intel Corporation | Apparatus and method of protecting management frames in wireless LAN communications |
US7457409B2 (en) * | 2004-06-09 | 2008-11-25 | Mediatek Inc. | System and method for performing secure communications in a wireless local area network |
US7881475B2 (en) * | 2005-05-17 | 2011-02-01 | Intel Corporation | Systems and methods for negotiating security parameters for protecting management frames in wireless networks |
US7647508B2 (en) * | 2005-06-16 | 2010-01-12 | Intel Corporation | Methods and apparatus for providing integrity protection for management and control traffic of wireless communication networks |
US20070118649A1 (en) * | 2005-11-18 | 2007-05-24 | General Instrument Corporation | Methods, apparatuses and computer programs for protecting networks against attacks that use forged messages |
-
2005
- 2005-08-19 US US11/208,426 patent/US7392037B2/en active Active
-
2006
- 2006-08-03 WO PCT/US2006/030184 patent/WO2007024434A1/en active Application Filing
- 2006-08-03 GB GB0802074A patent/GB2443579B/en not_active Expired - Fee Related
- 2006-08-03 DE DE112006002200T patent/DE112006002200B4/en not_active Expired - Fee Related
- 2006-08-03 JP JP2008526966A patent/JP4724751B2/en not_active Expired - Fee Related
- 2006-08-03 CN CN2006800299587A patent/CN101243673B/en not_active Expired - Fee Related
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0898216A2 (en) * | 1997-08-22 | 1999-02-24 | Compaq Computer Corporation | Method for securely communicating remote control commands in a computer network |
Non-Patent Citations (1)
Title |
---|
"Satellite Earth Stations and Systems (SES)", ETSI STANDARDS, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE, SOPHIA-ANTIPO, FR, vol. SES-BSM, no. V111, May 2004 (2004-05-01), XP014015615, ISSN: 0000-0001 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105992162A (en) * | 2016-04-21 | 2016-10-05 | 深圳市蜂联科技有限公司 | Method for communication through multicast frame embedded data under unrelated WIFI environment |
CN106131843A (en) * | 2016-06-30 | 2016-11-16 | 珠海市魅族科技有限公司 | A kind of WIFI method of attachment based on AUX interface |
Also Published As
Publication number | Publication date |
---|---|
DE112006002200B4 (en) | 2013-09-05 |
JP4724751B2 (en) | 2011-07-13 |
US7392037B2 (en) | 2008-06-24 |
JP2009505569A (en) | 2009-02-05 |
DE112006002200T5 (en) | 2008-06-05 |
GB2443579B (en) | 2010-05-05 |
GB0802074D0 (en) | 2008-03-12 |
CN101243673B (en) | 2011-06-15 |
GB2443579A (en) | 2008-05-07 |
US20070060043A1 (en) | 2007-03-15 |
CN101243673A (en) | 2008-08-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7392037B2 (en) | Wireless communication device and methods for protecting broadcasted management control messages in wireless networks | |
US10708048B2 (en) | Wireless device and method for rekeying with reduced packet loss for high-throughput wireless communications | |
US7881475B2 (en) | Systems and methods for negotiating security parameters for protecting management frames in wireless networks | |
US7647508B2 (en) | Methods and apparatus for providing integrity protection for management and control traffic of wireless communication networks | |
US20180278625A1 (en) | Exchanging message authentication codes for additional security in a communication system | |
Holt et al. | 802.11 wireless networks: security and analysis | |
US9130754B2 (en) | Systems and methods for securely transmitting and receiving discovery and paging messages | |
US10608999B2 (en) | Establishing a secure uplink channel by transmitting a secret word over a secure downlink channel | |
US8923516B2 (en) | Systems and methods for securely transmitting and receiving discovery and paging messages | |
US9609571B2 (en) | Systems and methods for securely transmitting and receiving discovery and paging messages | |
CN110741690A (en) | Communication device and method for ensuring low power transmission | |
US11039306B2 (en) | Authentication of ranging device | |
US20050108527A1 (en) | Method and apparatus to provide secured link | |
WO2014035604A1 (en) | Encrypting a paging request packet in a service discovery procedure | |
US11019037B2 (en) | Security improvements in a wireless data exchange protocol | |
US20170171745A1 (en) | Privacy protection in wireless networks | |
Dadhich et al. | Analysis and Literature Review of IEEE 802.16 e (Mobile WiMAX) Security | |
EP1710968A1 (en) | Method, network element and telecommunications system for generating security keys for radio channels using channel side information estimation | |
Kulkarni et al. | Safeguarding cooperation in Synergy MAC | |
Martinovic et al. | Bringing law and order to IEEE 802.11 networks—A case for DiscoSec |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200680029958.7 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
ENP | Entry into the national phase |
Ref document number: 0802074 Country of ref document: GB Kind code of ref document: A Free format text: PCT FILING DATE = 20060803 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 0802074.5 Country of ref document: GB |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2008526966 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1120060022008 Country of ref document: DE |
|
RET | De translation (de og part 6b) |
Ref document number: 112006002200 Country of ref document: DE Date of ref document: 20080605 Kind code of ref document: P |
|
WWE | Wipo information: entry into national phase |
Ref document number: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 06800688 Country of ref document: EP Kind code of ref document: A1 |