This disclosure generally relates to systems and methods for wireless communications and, more particularly, to extensible authentication protocol over location area network (EAPOL)-Key Encryption Key (KEK) derivation and encryption in authentication frame.
As computing systems grow more interconnected and complex, the demand for efficient and secure data transfer has become increasingly critical. Ensuring reliable communication while managing high volumes of data across diverse environments presents ongoing challenges. There is a need for advancements that enable seamless, scalable, and secure data exchange within these sophisticated systems.
The following description and the drawings sufficiently illustrate specific embodiments to enable those skilled in the art to practice them. Other embodiments may incorporate structural, logical, electrical, process, algorithm, and other changes. Portions and features of some embodiments may be included in, or substituted for, those of other embodiments. Embodiments set forth in the claims encompass all available equivalents of those claims.
Wi-Fi 8 (IEEE 802.11bn or ultra high reliability (UHR)) is the next generation of Wi-Fi and a successor to the IEEE 802.11be (Wi-Fi 7) standard. In line with all previous Wi-Fi standards, Wi-Fi 8 will aim to improve wireless performance in general along with introducing new and innovative features to further advance Wi-Fi technology.
Encryption for certain contents in the pre-association security negotiation (PASN) frame exchange is useful. However, the mechanism provided in 802.11bh D2.0 (11bh D2.0) is not extensible. For example, other applications like Wi-Fi direct which utilizes PASN to achieve P2P pairing require exchange of certain critical information that also needs to be encrypted beyond device ID and IRM. The 11bh scheme that is defined in 11bh D2.0 cannot be used directly by Wi-Fi direct because to derive the KEK, support of either the device ID feature or IRM feature is required, which is not necessary to do Wi-Fi direct. Further, the encryption utilizing KEK requires support of AES-SIV, which is not a common algorithm like National Institute of Standards and Technology (NIST) AES Key Wrap defined in Table 12-11-Integrity and key wrap algorithms. A general framework is required for both sides to recognize each other, have the capabilities to derive KEK, and agree on which portions of the authentication frames are encrypted without the need to support either device ID or IRM. 802.11bh defines derivation of KEK and encryption of device ID or IRM in PASN frame when both sides support device ID or identifiable random MAC address (IRM). There is no previous solution for a general framework in PASN to support derivation of KEK and encryption of certain contents in PASN beyond device ID and IRM
The NIST AES Key Wrap procedure is a cryptographic method designed to securely protect cryptographic keys during transmission or storage. It ensures both the confidentiality and integrity of the keys, making it a critical component in key management systems. Developed and standardized by the National Institute of Standards and Technology (NIST) in Special Publication 800-38F, the AES Key Wrap procedure leverages the Advanced Encryption Standard (AES) block cipher in a specialized mode optimized for key wrapping, eliminating the need for padding and providing efficient and secure protection of keys.
The procedure involves two main steps: wrapping and unwrapping. During the wrapping process, the key to be protected is combined with an integrity check value (ICV) to ensure the key's authenticity. This combination is then processed through multiple rounds of AES encryption to produce a wrapped key. The wrapped key is both encrypted for confidentiality and embedded with the ICV for integrity verification. To unwrap the key, the recipient decrypts the wrapped key and verifies the ICV to ensure that the key has not been altered during transit or storage. If the verification is successful, the original key is recovered. The procedure supports varying key sizes, including AES-128, AES-192, and AES-256, allowing flexibility based on security requirements.
The NIST AES Key Wrap procedure is widely used in applications requiring robust key protection, such as secure communication protocols, hybrid encryption schemes, and secure key distribution systems. Its efficiency and lack of padding make it well-suited for environments where key integrity and confidentiality are paramount. By providing a standardized, interoperable method for key management, it has become a cornerstone in ensuring secure cryptographic operations.
Example embodiments of the present disclosure relate to systems, methods, and devices for KEK derivation and encryption in authentication frame.
In the specific context of wireless network security, for example with regard to WPA and WPA2 protocols, KEK refers to the extensible authentication protocol over location area network (EAPOL)-Key Encryption Key, a specialized key used within the EAPOL framework. This key plays a pivotal role in the encryption and decryption processes of other keys exchanged during network authentication in wireless networks. Its association with advanced encryption standard-synthetic initialization vector (AES-SIV), suggests a specific requirement for the encryption methodology employed. AES, being a widely recognized symmetric encryption algorithm, gains enhanced security in its SIV mode. This mode is particularly effective in ensuring both confidentiality and integrity, especially in situations where data or keys may be encrypted multiple times using the same key. Therefore, in a wireless network security setting, when it is stated that the encryption utilizing KEK requires the support of AES-SIV, it indicates a sophisticated and secure system.
In one or more embodiments, a KEK frame encryption system may provide an extensible mechanism to allow encryption of certain contents as well as encryption of any future information and vendor specific information in PASN messages. A general framework is proposed as described below:
In one or more embodiments, a KEK frame encryption system may a new capability bit in robust security network extension element (RSNXE) to indicate support of derivation of KEK during authentication frame exchange when PTK security association (PTKSA) is derived during authentication frame exchange.
In one or more embodiments, a KEK frame encryption system may facilitate that if a device supports the feature and sees the peer support the device, then if PTKSA is derived duration authentication frame exchange, then KEK will be derived as well.
In one or more embodiments, a KEK frame encryption system may define an element called encrypted data element, and the contents carried by the encrypted data element are encrypted by the derived KEK.
In one or more embodiments, a KEK frame encryption system may define subelement that can be carried in the encrypted data element such that information beyond device ID and IRM can be included.
Device ID subelement can be defined.
IRM subelement can be defined.
Vendor specific subelement can be defined.
A general framework to support derivation of KEK and encryption of certain contents during authentication frame exchange is defined to encrypt contents beyond device ID and IRM.
The above descriptions are for purposes of illustration and are not meant to be limiting. Numerous other examples, configurations, processes, algorithms, etc., may exist, some of which are described in greater detail below. Example embodiments will now be described with reference to the accompanying figures.
In some embodiments, the user devices 120 and the AP 102 may include one or more computer systems similar to that of the functional diagram of
One or more illustrative user device(s) 120 and/or AP(s) 102 may be operable by one or more user(s) 110. It should be noted that any addressable unit may be a station (STA). An STA may take on multiple distinct characteristics, each of which shape its function. For example, a single addressable unit might simultaneously be a portable STA, a quality-of-service (QOS) STA, a dependent STA, and a hidden STA. The one or more illustrative user device(s) 120 and the AP(s) 102 may be STAs. The one or more illustrative user device(s) 120 and/or AP(s) 102 may operate as a personal basic service set (PBSS) control point/access point (PCP/AP). The user device(s) 120 (e.g., 124, 126, or 128) and/or AP(s) 102 may include any suitable processor-driven device including, but not limited to, a mobile device or a non-mobile, e.g., a static device. For example, user device(s) 120 and/or AP(s) 102 may include, a user equipment (UE), a station (STA), an access point (AP), a software enabled AP (SoftAP), a personal computer (PC), a wearable wireless device (e.g., bracelet, watch, glasses, ring, etc.), a desktop computer, a mobile computer, a laptop computer, an Ultrabook™ computer, a notebook computer, a tablet computer, a server computer, a handheld computer, a handheld device, an internet of things (IoT) device, a sensor device, a PDA device, a handheld PDA device, an on-board device, an off-board device, a hybrid device (e.g., combining cellular phone functionalities with PDA device functionalities), a consumer device, a vehicular device, a non-vehicular device, a mobile or portable device, a non-mobile or non-portable device, a mobile phone, a cellular telephone, a PCS device, a PDA device which incorporates a wireless communication device, a mobile or portable GPS device, a DVB device, a relatively small computing device, a non-desktop computer, a “carry small live large” (CSLL) device, an ultra mobile device (UMD), an ultra mobile PC (UMPC), a mobile internet device (MID), an “origami” device or computing device, a device that supports dynamically composable computing (DCC), a context-aware device, a video device, an audio device, an A/V device, a set-top-box (STB), a blu-ray disc (BD) player, a BD recorder, a digital video disc (DVD) player, a high definition (HD) DVD player, a DVD recorder, a HD DVD recorder, a personal video recorder (PVR), a broadcast HD receiver, a video source, an audio source, a video sink, an audio sink, a stereo tuner, a broadcast radio receiver, a flat panel display, a personal media player (PMP), a digital video camera (DVC), a digital audio player, a speaker, an audio receiver, an audio amplifier, a gaming device, a data source, a data sink, a digital still camera (DSC), a media player, a smartphone, a television, a music player, or the like. Other devices, including smart devices such as lamps, climate control, car components, household components, appliances, etc. may also be included in this list.
As used herein, the term “Internet of Things (IoT) device” is used to refer to any object (e.g., an appliance, a sensor, etc.) that has an addressable interface (e.g., an Internet protocol (IP) address, a Bluetooth identifier (ID), a near-field communication (NFC) ID, etc.) and can transmit information to one or more other devices over a wired or wireless connection. An IoT device may have a passive communication interface, such as a quick response (QR) code, a radio-frequency identification (RFID) tag, an NFC tag, or the like, or an active communication interface, such as a modem, a transceiver, a transmitter-receiver, or the like. An IoT device can have a particular set of attributes (e.g., a device state or status, such as whether the IoT device is on or off, open or closed, idle or active, available for task execution or busy, and so on, a cooling or heating function, an environmental monitoring or recording function, a light-emitting function, a sound-emitting function, etc.) that can be embedded in and/or controlled/monitored by a central processing unit (CPU), microprocessor, ASIC, or the like, and configured for connection to an IoT network such as a local ad-hoc network or the Internet. For example, IoT devices may include, but are not limited to, refrigerators, toasters, ovens, microwaves, freezers, dishwashers, dishes, hand tools, clothes washers, clothes dryers, furnaces, air conditioners, thermostats, televisions, light fixtures, vacuum cleaners, sprinklers, electricity meters, gas meters, etc., so long as the devices are equipped with an addressable communications interface for communicating with the IoT network. IoT devices may also include cell phones, desktop computers, laptop computers, tablet computers, personal digital assistants (PDAs), etc. Accordingly, the IoT network may be comprised of a combination of “legacy” Internet-accessible devices (e.g., laptop or desktop computers, cell phones, etc.) in addition to devices that do not typically have Internet-connectivity (e.g., dishwashers, etc.).
The user device(s) 120 and/or AP(s) 102 may also include mesh stations in, for example, a mesh network, in accordance with one or more IEEE 802.11 standards and/or 3GPP standards.
Any of the user device(s) 120 (e.g., user devices 124, 126, 128), and AP(s) 102 may be configured to communicate with each other via one or more communications networks 130 and/or 135 wirelessly or wired. The user device(s) 120 may also communicate peer-to-peer or directly with each other with or without the AP(s) 102. Any of the communications networks 130 and/or 135 may include, but not limited to, any one of a combination of different types of suitable communications networks such as, for example, broadcasting networks, cable networks, public networks (e.g., the Internet), private networks, wireless networks, cellular networks, or any other suitable private and/or public networks. Further, any of the communications networks 130 and/or 135 may have any suitable communication range associated therewith and may include, for example, global networks (e.g., the Internet), metropolitan area networks (MANs), wide area networks (WANs), local area networks (LANs), or personal area networks (PANs). In addition, any of the communications networks 130 and/or 135 may include any type of medium over which network traffic may be carried including, but not limited to, coaxial cable, twisted-pair wire, optical fiber, a hybrid fiber coaxial (HFC) medium, microwave terrestrial transceivers, radio frequency communication mediums, white space communication mediums, ultra-high frequency communication mediums, satellite communication mediums, or any combination thereof.
Any of the user device(s) 120 (e.g., user devices 124, 126, 128) and AP(s) 102 may include one or more communications antennas. The one or more communications antennas may be any suitable type of antennas corresponding to the communications protocols used by the user device(s) 120 (e.g., user devices 124, 126 and 128), and AP(s) 102. Some non-limiting examples of suitable communications antennas include Wi-Fi antennas, Institute of Electrical and Electronics Engineers (IEEE) 802.11 family of standards compatible antennas, directional antennas, non-directional antennas, dipole antennas, folded dipole antennas, patch antennas, multiple-input multiple-output (MIMO) antennas, omnidirectional antennas, quasi-omnidirectional antennas, or the like. The one or more communications antennas may be communicatively coupled to a radio component to transmit and/or receive signals, such as communications signals to and/or from the user devices 120 and/or AP(s) 102.
Any of the user device(s) 120 (e.g., user devices 124, 126, 128), and AP(s) 102 may be configured to perform directional transmission and/or directional reception in conjunction with wirelessly communicating in a wireless network. Any of the user device(s) 120 (e.g., user devices 124, 126, 128), and AP(s) 102 may be configured to perform such directional transmission and/or reception using a set of multiple antenna arrays (e.g., DMG antenna arrays or the like). Each of the multiple antenna arrays may be used for transmission and/or reception in a particular respective direction or range of directions. Any of the user device(s) 120 (e.g., user devices 124, 126, 128), and AP(s) 102 may be configured to perform any given directional transmission towards one or more defined transmit sectors. Any of the user device(s) 120 (e.g., user devices 124, 126, 128), and AP(s) 102 may be configured to perform any given directional reception from one or more defined receive sectors.
MIMO beamforming in a wireless network may be accomplished using RF beamforming and/or digital beamforming. In some embodiments, in performing a given MIMO transmission, user devices 120 and/or AP(s) 102 may be configured to use all or a subset of its one or more communications antennas to perform MIMO beamforming.
Any of the user devices 120 (e.g., user devices 124, 126, 128), and AP(s) 102 may include any suitable radio and/or transceiver for transmitting and/or receiving radio frequency (RF) signals in the bandwidth and/or channels corresponding to the communications protocols utilized by any of the user device(s) 120 and AP(s) 102 to communicate with each other. The radio components may include hardware and/or software to modulate and/or demodulate communications signals according to pre-established transmission protocols. The radio components may further have hardware and/or software instructions to communicate via one or more Wi-Fi and/or Wi-Fi direct protocols, as standardized by the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standards. In certain example embodiments, the radio component, in cooperation with the communications antennas, may be configured to communicate via 2.4 GHz channels (e.g. 802.11b, 802.11g, 802.11n, 802.11ax), 5 GHz channels (e.g. 802.11n, 802.11ac, 802.11ax, 802.11be, etc.), 6 GHz channels (e.g., 802.11ax, 802.11be, etc.), or 60 GHZ channels (e.g. 802.11ad, 802.11ay). 800 MHz channels (e.g. 802.11ah). The communications antennas may operate at 28 GHz and 40 GHz. It should be understood that this list of communication channels in accordance with certain 802.11 standards is only a partial list and that other 802.11 standards may be used (e.g., Next Generation Wi-Fi, or other standards). In some embodiments, non-Wi-Fi protocols may be used for communications between devices, such as Bluetooth, dedicated short-range communication (DSRC), Ultra-High Frequency (UHF) (e.g. IEEE 802.11af, IEEE 802.22), white band frequency (e.g., white spaces), or other packetized radio communications. The radio component may include any known receiver and baseband suitable for communicating via the communications protocols. The radio component may further include a low noise amplifier (LNA), additional signal amplifiers, an analog-to-digital (A/D) converter, one or more buffers, and digital baseband.
In one embodiment, and with reference to
Referring to
PASN is a security association exchange that is developed in 11az to protect pre-association frame like FTM for ranging purpose. The PASN exchange enhances security for pre-association processes by ensuring that sensitive frames, such as Fine Timing Measurement (FTM) frames, are protected against interception or tampering during ranging operations. For example, this is particularly critical in applications such as indoor navigation systems or automotive V2X communication where precise ranging is required. The key idea is to move the 4-way handshake that is traditionally done after association to be before association and combined with the authentication sequence like SAE authentication. This reordering minimizes vulnerabilities during initial frame exchanges by securing the communication channel earlier in the process. For instance, combining PASN with SAE authentication provides mutual authentication even before the devices establish full network connectivity, strengthening defenses against man-in-the-middle attacks. The basic flow is shown below. The outlined steps highlight the sequence of frame exchanges that form the backbone of the PASN procedure, ensuring both efficiency and security in the setup phase. This streamlined flow reduces overhead compared to traditional methods, improving usability in time-sensitive scenarios like emergency response systems.
Discovery of an Access Point (AP) with PASN capability ensures that the participating devices can securely negotiate keys for subsequent exchanges. An example of such discovery could include a smartphone scanning for Wi-Fi networks and identifying an AP that broadcasts PASN support in its beacon or probe response frames. The supplicant's first authentication frame acts as the starting point for the secure exchange, signaling its intent to establish a PASN session. For example, a laptop acting as a supplicant could send this frame to initiate secure communication with a corporate Wi-Fi network. The authenticator's response frame validates the PASN initiation, confirming its capability and willingness to proceed with the security exchange. In a practical scenario, this could be a home router sending a response frame to a smart home device, ensuring mutual compatibility and security. The supplicant's confirmation frame finalizes the PASN exchange, establishing the agreed-upon security parameters. For example, this could be a smartwatch completing the PASN process with a fitness tracker, ensuring secure data synchronization.
The key derivation procedure for the pairwise key hierarchy is shown below. The key derivation procedure is essential for generating secure cryptographic keys that ensure the confidentiality and integrity of subsequent communications. This hierarchical approach allows flexibility in deriving specific keys for tasks like message integrity and frame encryption. KCK∥TK∥KDK=KDF-HASH-NNN (PMK, “PASN PTK Derivation”, SPA∥BSSID∥DHss). This formula illustrates the key derivation function, where KCK (Key Confirmation Key), TK (Traffic Key), and KDK (Key Derivation Key) are derived using a hash function with inputs like the Pairwise Master Key (PMK), station MAC address (SPA), and BSSID. For instance, the inclusion of SPA and BSSID ensures that the derived keys are unique to the specific session and access point, mitigating replay attacks. Unlike the traditional 4-way handshake, where KCK is used do integrity check/protection of EAPOL-key frame, the KCK here is to do integrity check/protection of the second and third PASN frame exchange. By applying the KCK earlier in the process, PASN ensures that the integrity of the second and third authentication frames is preserved, reducing the risk of tampering before the association phase. This is particularly beneficial in environments where pre-association communication, such as FTM, is critical for accurate and secure positioning. TK is used to protect frame like FTM, and KDK is used to derive additional key for secure LTF. The Traffic Key (TK) ensures encryption of sensitive frames like FTM, while the Key Derivation Key (KDK) allows flexibility in creating additional keys for specialized functions like Long Training Fields (LTF). For example, secure LTF derivation is crucial in advanced Wi-Fi features such as beamforming, which relies on accurate channel state information.
Referring to
In this scenario, after PASN, the state is in 1a, where authentication is done, but association is not done. To do association, additional authentication is needed to move to state 2, then association can be done to move to state 3.
In 80.211bh, two features are defined to allow the AP to recognize the non-AP STA coming back from the previous connection.
The first feature is called device ID. The idea is to put the device ID in the first message of the PASN authentication frame for AP to recognize the client. Then the AP will put a new device ID in the second message of the PASN authentication frame for the non-AP STA to use later. To make sure that the new device ID is not known by the third party, the new device ID in the second message of the PASN authentication frame is encrypted by a KEK that is derived from the PTKSA.
The second feature is called identifiable random MAC address (IRM). The idea is to put the IRM as the TA of the first message of the PASN authentication frame for AP to identify the client. Then the client will provide another new IRM in the third PASN authentication frame for the AP to identify the client in the later connection. To make sure that the new IRM is not known by the third party, the new IRM in the third message of the PASN authentication frame is encrypted by a KEK that is derived from the PTKSA.
In one or more embodiments, a KEK frame encryption system may facilitate deriving KEK during authentication frame exchange:
In one or more embodiments, a KEK frame encryption system may facilitate determining key size and algorithm during authentication frame exchange:
If the AKM is 00-OF-AC: 16 or 00-OF-AC: 17, then: Mandate to be same as EAPOL-key algorithm Or Mandate to be same as FT authentication algorithm. For example, if Base AKM is 00-OF-AC: 8 or 00-OF-AC: 24 for SAE, then use NIST AES Key Wrap as the algorithm and corresponding KEK size defined in KEK_bits.
For PASN, if Base AKMP is PASN AKMP.
Option 1: Use NIST AES Key Wrap. If pairwise cipher 128 bit, then key size 128 bits. If pairwise cipher 256 bit, then key size 256 bits.
Option 2: Use AES-SIV. If pairwise cipher 128 bit, then key size 256 bits. If pairwise cipher 256 bit, then key size 512 bits.
For any general authentication frame exchange, if the PTKSA is derived, it is also based on a specific AKMP, so use Table 12-11 and the AKMP used to derive PTKSA to determine the KEK size and algorithm.
If the AKM is 00-OF-AC: 16 or 00-OF-AC: 17, then: mandate to be same as EAPOL-key algorithm or Mandate to be same as FT authentication algorithm.
If AES-SIV is used, then define the additional associated data to be: zero length (since important thing to be verified is MIC already in MIC element for example in PASN); specific defined associated data like elements or fields before the contents to be encrypted; or Specific defined associated data to be just MAC header.
Consider the following two options to encrypt contents in authentication frame exchange using derived KEK.
Option 1: Define an element to carry the encrypted data in authentication frame. Introducing a dedicated element for encrypted data provides a structured method for securely transferring sensitive information within authentication frames. For example, this ensures that data such as device credentials or unique identifiers are protected during the authentication process, reducing the risk of exposure to unauthorized parties.
The element can be called the encrypted data element. Naming the element explicitly helps standardize its use across implementations and provides clarity in its functionality. For instance, calling it the “encrypted data element” ensures that developers and systems easily identify its purpose during integration.
The element can be a vendor specific element. Allowing the element to be vendor specific provides flexibility for manufacturers to tailor encryption schemes to their proprietary systems while maintaining interoperability. For example, a smartphone manufacturer could define a custom format for the encrypted data element to optimize performance within its ecosystem.
Define subelement that can be included in the new element. Including subelements adds modularity, enabling the encrypted data element to encapsulate multiple types of sensitive information within a single structure. For instance, subelements can represent device IDs, IRM statuses, or vendor-specific data, making the element adaptable for various use cases.
Define device ID subelement with format the same as the device ID element to include both device ID status and device ID. Reusing the existing device ID element format ensures compatibility and reduces implementation complexity. For example, this allows seamless integration of device ID subelements in systems already using similar formats.
Define IRM subelement with format the same as the IRM element to include both IRM status and IRM. Similarly, maintaining consistency with the IRM element format allows efficient inclusion of IRM-related data while reducing the need for additional parsing logic. For instance, this ensures that IRM statuses can be quickly retrieved and used during authentication.
Define vendor specific subelement with subelement ID 221 and format the same as vendor specific element. Assigning a unique subelement ID like 221 distinguishes vendor-specific data, ensuring it does not conflict with other subelements. For example, this allows a device to easily identify and process vendor-specific information during authentication.
Wi-Fi direct defines P2P Information Element, which can then utilize the vendor specific subelement. Leveraging existing standards like the P2P Information Element ensures that the encrypted data element integrates seamlessly into Wi-Fi Direct applications. For example, this could enable peer-to-peer file sharing apps to securely exchange device credentials.
If element fragmentation is required for the new element due to many subelements exceeding size 254, then first encrypted the content, which are all the subelements to be included in the new element, then applies element fragmentation and element defragmentation defined in 10.28.11 Element fragmentation. Encrypting the content before fragmentation ensures that data integrity and confidentiality are maintained even when the element is divided into smaller parts. For instance, this ensures secure transmission of large datasets across authentication frames.
If a device derives KEK during authentication frame exchange and sees the new element in the received authentication frame, checks if the element is fragmented and applies defragmentation as defined in 10.28.12 Element defragmentation. Then reconstruct the element and do decryption using KEK. Ensuring proper defragmentation and decryption guarantees that the received data is complete and secure before being used. For example, this prevents data corruption or tampering during authentication exchanges.
For PASN, include the element in the second authentication frame if there are contents to be encrypted and KEK is derived. Including the element in the second frame ensures that critical data is secured early in the PASN process. For instance, this could include device credentials exchanged during mutual authentication.
For PASN, include the element in the third authentication frame if there are contents to be encrypted and KEK is derived. Including the element in the third frame provides an additional layer of security, ensuring that final authentication data is protected. For example, this could secure session keys or other cryptographic materials exchanged during the final phase.
For any authentication exchange, include the element in any authentication frame if there are contents to be encrypted and KEK is derived. This flexibility allows the encrypted data element to be used dynamically, depending on the specific requirements of the authentication exchange. For instance, this could apply to both PASN and non-PASN processes where encrypted data needs to be securely transmitted.
Option 2: Define an element to indicate the starting point of encrypted elements. Introducing a dedicated starting point element provides a clear boundary, ensuring that systems can consistently identify where encryption begins within an authentication frame. For example, this simplifies parsing and processing for devices handling encrypted authentication exchanges.
Everything after the element before the FCS of the authentication frame is encrypted with the KEK. Encrypting all content after the starting point element ensures comprehensive security for the frame's sensitive data. For instance, this could include encryption of device credentials, cryptographic material, or other confidential information shared during authentication.
Can reuse FILS session element with FILS session field set to 0 length. Reusing the FILS session element simplifies implementation by leveraging existing standards and minimizing the need for new protocols. For example, using the FILS session element allows devices already supporting FILS authentication to extend functionality with minimal changes.
Can define a new element with zero length content for the purpose. Defining a new element provides flexibility to tailor the starting point for encryption, particularly in cases where existing elements are insufficient. For instance, a zero-length content element could serve as a lightweight marker in constrained environments, such as IoT devices.
The element can be a vendor specific element. Allowing the element to be vendor specific ensures adaptability for proprietary implementations while maintaining interoperability. For example, a router manufacturer could customize the element to optimize performance for its specific encryption schemes.
It is understood that the above descriptions are for the purposes of illustration and are not meant to be limiting.
At block 402, a device (e.g., the user device(s) 120 and/or the AP 102 of
At block 404, the device may derive the KEK during the authentication frame exchange based on mutual support for KEK derivation and derivation of a Pairwise Transient Key Security Association (PTKSA) during the exchange.
At block 406, the device may use a cryptographic key protection process for deriving the KEK.
At block 408, the device may encrypt a portion of the authentication frame using the derived KEK.
It is understood that the above descriptions are for the purposes of illustration and are not meant to be limiting.
The communication station 500 may include communications circuitry 502 and a transceiver 510 for transmitting and receiving signals to and from other communication stations using one or more antennas 501. The communications circuitry 502 may include circuitry that can operate the physical layer (PHY) communications and/or medium access control (MAC) communications for controlling access to the wireless medium, and/or any other communications layers for transmitting and receiving signals. The communication station 500 may also include processing circuitry 506 and memory 508 arranged to perform the operations described herein. In some embodiments, the communications circuitry 502 and the processing circuitry 506 may be configured to perform operations detailed in the above figures, diagrams, and flows.
In accordance with some embodiments, the communications circuitry 502 may be arranged to contend for a wireless medium and configure frames or packets for communicating over the wireless medium. The communications circuitry 502 may be arranged to transmit and receive signals. The communications circuitry 502 may also include circuitry for modulation/demodulation, upconversion/downconversion, filtering, amplification, etc. In some embodiments, the processing circuitry 506 of the communication station 500 may include one or more processors. In other embodiments, two or more antennas 501 may be coupled to the communications circuitry 502 arranged for sending and receiving signals. The memory 508 may store information for configuring the processing circuitry 506 to perform operations for configuring and transmitting message frames and performing the various operations described herein. The memory 508 may include any type of memory, including non-transitory memory, for storing information in a form readable by a machine (e.g., a computer). For example, the memory 508 may include a computer-readable storage device, read-only memory (ROM), random-access memory (RAM), magnetic disk storage media, optical storage media, flash-memory devices and other storage devices and media.
In some embodiments, the communication station 500 may be part of a portable wireless communication device, such as a personal digital assistant (PDA), a laptop or portable computer with wireless communication capability, a web tablet, a wireless telephone, a smartphone, a wireless headset, a pager, an instant messaging device, a digital camera, an access point, a television, a medical device (e.g., a heart rate monitor, a blood pressure monitor, etc.), a wearable computer device, or another device that may receive and/or transmit information wirelessly.
In some embodiments, the communication station 500 may include one or more antennas 501. The antennas 501 may include one or more directional or omnidirectional antennas, including, for example, dipole antennas, monopole antennas, patch antennas, loop antennas, microstrip antennas, or other types of antennas suitable for transmission of RF signals. In some embodiments, instead of two or more antennas, a single antenna with multiple apertures may be used. In these embodiments, each aperture may be considered a separate antenna. In some multiple-input multiple-output (MIMO) embodiments, the antennas may be effectively separated for spatial diversity and the different channel characteristics that may result between each of the antennas and the antennas of a transmitting station.
In some embodiments, the communication station 500 may include one or more of a keyboard, a display, a non-volatile memory port, multiple antennas, a graphics processor, an application processor, speakers, and other mobile device elements. The display may be an LCD screen including a touch screen.
Although the communication station 500 is illustrated as having several separate functional elements, two or more of the functional elements may be combined and may be implemented by combinations of software-configured elements, such as processing elements including digital signal processors (DSPs), and/or other hardware elements. For example, some elements may include one or more microprocessors, DSPs, field-programmable gate arrays (FPGAs), application specific integrated circuits (ASICs), radio-frequency integrated circuits (RFICs) and combinations of various hardware and logic circuitry for performing at least the functions described herein. In some embodiments, the functional elements of the communication station 500 may refer to one or more processes operating on one or more processing elements.
Certain embodiments may be implemented in one or a combination of hardware, firmware, and software. Other embodiments may also be implemented as instructions stored on a computer-readable storage device, which may be read and executed by at least one processor to perform the operations described herein. A computer-readable storage device may include any non-transitory memory mechanism for storing information in a form readable by a machine (e.g., a computer). For example, a computer-readable storage device may include read-only memory (ROM), random-access memory (RAM), magnetic disk storage media, optical storage media, flash-memory devices, and other storage devices and media. In some embodiments, the communication station 500 may include one or more processors and may be configured with instructions stored on a computer-readable storage device.
Examples, as described herein, may include or may operate on logic or a number of components, modules, or mechanisms. Modules are tangible entities (e.g., hardware) capable of performing specified operations when operating. A module includes hardware. In an example, the hardware may be specifically configured to carry out a specific operation (e.g., hardwired). In another example, the hardware may include configurable execution units (e.g., transistors, circuits, etc.) and a computer readable medium containing instructions where the instructions configure the execution units to carry out a specific operation when in operation. The configuring may occur under the direction of the executions units or a loading mechanism. Accordingly, the execution units are communicatively coupled to the computer-readable medium when the device is operating. In this example, the execution units may be a member of more than one module. For example, under operation, the execution units may be configured by a first set of instructions to implement a first module at one point in time and reconfigured by a second set of instructions to implement a second module at a second point in time.
The machine (e.g., computer system) 600 may include a hardware processor 602 (e.g., a central processing unit (CPU), a graphics processing unit (GPU), a hardware processor core, or any combination thereof), a main memory 604 and a static memory 606, some or all of which may communicate with each other via an interlink (e.g., bus) 608. The machine 600 may further include a power management device 632, a graphics display device 610, an alphanumeric input device 612 (e.g., a keyboard), and a user interface (UI) navigation device 614 (e.g., a mouse). In an example, the graphics display device 610, alphanumeric input device 612, and UI navigation device 614 may be a touch screen display. The machine 600 may additionally include a storage device (i.e., drive unit) 616, a signal generation device 618 (e.g., a speaker), a KEK frame encryption device 619, a network interface device/transceiver 620 coupled to antenna(s) 630, and one or more sensors 628, such as a global positioning system (GPS) sensor, a compass, an accelerometer, or other sensor. The machine 600 may include an output controller 634, such as a serial (e.g., universal serial bus (USB), parallel, or other wired or wireless (e.g., infrared (IR), near field communication (NFC), etc.) connection to communicate with or control one or more peripheral devices (e.g., a printer, a card reader, etc.)). The operations in accordance with one or more example embodiments of the present disclosure may be carried out by a baseband processor. The baseband processor may be configured to generate corresponding baseband signals. The baseband processor may further include physical layer (PHY) and medium access control layer (MAC) circuitry, and may further interface with the hardware processor 602 for generation and processing of the baseband signals and for controlling operations of the main memory 604, the storage device 616, and/or the KEK frame encryption device 619. The baseband processor may be provided on a single radio card, a single chip, or an integrated circuit (IC).
The storage device 616 may include a machine readable medium 622 on which is stored one or more sets of data structures or instructions 624 (e.g., software) embodying or utilized by any one or more of the techniques or functions described herein. The instructions 624 may also reside, completely or at least partially, within the main memory 604, within the static memory 606, or within the hardware processor 602 during execution thereof by the machine 600. In an example, one or any combination of the hardware processor 602, the main memory 604, the static memory 606, or the storage device 616 may constitute machine-readable media.
The KEK frame encryption device 619 may carry out or perform any of the operations and processes (e.g., process 400) described and shown above.
It is understood that the above are only a subset of what the KEK frame encryption device 619 may be configured to perform and that other functions included throughout this disclosure may also be performed by the KEK frame encryption device 619.
While the machine-readable medium 622 is illustrated as a single medium, the term “machine-readable medium” may include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) configured to store the one or more instructions 624.
Various embodiments may be implemented fully or partially in software and/or firmware. This software and/or firmware may take the form of instructions contained in or on a non-transitory computer-readable storage medium. Those instructions may then be read and executed by one or more processors to enable performance of the operations described herein. The instructions may be in any suitable form, such as but not limited to source code, compiled code, interpreted code, executable code, static code, dynamic code, and the like. Such a computer-readable medium may include any tangible non-transitory medium for storing information in a form readable by one or more computers, such as but not limited to read only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; a flash memory, etc.
The term “machine-readable medium” may include any medium that is capable of storing, encoding, or carrying instructions for execution by the machine 600 and that cause the machine 600 to perform any one or more of the techniques of the present disclosure, or that is capable of storing, encoding, or carrying data structures used by or associated with such instructions. Non-limiting machine-readable medium examples may include solid-state memories and optical and magnetic media. In an example, a massed machine-readable medium includes a machine-readable medium with a plurality of particles having resting mass. Specific examples of massed machine-readable media may include non-volatile memory, such as semiconductor memory devices (e.g., electrically programmable read-only memory (EPROM), or electrically erasable programmable read-only memory (EEPROM)) and flash memory devices; magnetic disks, such as internal hard disks and removable disks; magneto-optical disks; and CD-ROM and DVD-ROM disks.
The instructions 624 may further be transmitted or received over a communications network 626 using a transmission medium via the network interface device/transceiver 620 utilizing any one of a number of transfer protocols (e.g., frame relay, internet protocol (IP), transmission control protocol (TCP), user datagram protocol (UDP), hypertext transfer protocol (HTTP), etc.). Example communications networks may include a local area network (LAN), a wide area network (WAN), a packet data network (e.g., the Internet), mobile telephone networks (e.g., cellular networks), plain old telephone (POTS) networks, wireless data networks (e.g., Institute of Electrical and Electronics Engineers (IEEE) 802.11 family of standards known as Wi-Fi®, IEEE 802.16 family of standards known as WiMax®), IEEE 802.15.4 family of standards, and peer-to-peer (P2P) networks, among others. In an example, the network interface device/transceiver 620 may include one or more physical jacks (e.g., Ethernet, coaxial, or phone jacks) or one or more antennas to connect to the communications network 626. In an example, the network interface device/transceiver 620 may include a plurality of antennas to wirelessly communicate using at least one of single-input multiple-output (SIMO), multiple-input multiple-output (MIMO), or multiple-input single-output (MISO) techniques. The term “transmission medium” shall be taken to include any intangible medium that is capable of storing, encoding, or carrying instructions for execution by the machine 600 and includes digital or analog communications signals or other intangible media to facilitate communication of such software.
The operations and processes described and shown above may be carried out or performed in any suitable order as desired in various implementations. Additionally, in certain implementations, at least a portion of the operations may be carried out in parallel. Furthermore, in certain implementations, less than or more than the operations described may be performed.
FEM circuitry 704a-b may include a WLAN or Wi-Fi FEM circuitry 704a and a Bluetooth (BT) FEM circuitry 704b. The WLAN FEM circuitry 704a may include a receive signal path comprising circuitry configured to operate on WLAN RF signals received from one or more antennas 701, to amplify the received signals and to provide the amplified versions of the received signals to the WLAN radio IC circuitry 706a for further processing. The BT FEM circuitry 704b may include a receive signal path which may include circuitry configured to operate on BT RF signals received from one or more antennas 701, to amplify the received signals and to provide the amplified versions of the received signals to the BT radio IC circuitry 706b for further processing. FEM circuitry 704a may also include a transmit signal path which may include circuitry configured to amplify WLAN signals provided by the radio IC circuitry 706a for wireless transmission by one or more of the antennas 701. In addition, FEM circuitry 704b may also include a transmit signal path which may include circuitry configured to amplify BT signals provided by the radio IC circuitry 706b for wireless transmission by the one or more antennas. In the embodiment of
Radio IC circuitry 706a-b as shown may include WLAN radio IC circuitry 706a and BT radio IC circuitry 706b. The WLAN radio IC circuitry 706a may include a receive signal path which may include circuitry to down-convert WLAN RF signals received from the FEM circuitry 704a and provide baseband signals to WLAN baseband processing circuitry 708a. BT radio IC circuitry 706b may in turn include a receive signal path which may include circuitry to down-convert BT RF signals received from the FEM circuitry 704b and provide baseband signals to BT baseband processing circuitry 708b. WLAN radio IC circuitry 706a may also include a transmit signal path which may include circuitry to up-convert WLAN baseband signals provided by the WLAN baseband processing circuitry 708a and provide WLAN RF output signals to the FEM circuitry 704a for subsequent wireless transmission by the one or more antennas 701. BT radio IC circuitry 706b may also include a transmit signal path which may include circuitry to up-convert BT baseband signals provided by the BT baseband processing circuitry 708b and provide BT RF output signals to the FEM circuitry 704b for subsequent wireless transmission by the one or more antennas 701. In the embodiment of
Baseband processing circuitry 708a-b may include a WLAN baseband processing circuitry 708a and a BT baseband processing circuitry 708b. The WLAN baseband processing circuitry 708a may include a memory, such as, for example, a set of RAM arrays in a Fast Fourier Transform or Inverse Fast Fourier Transform block (not shown) of the WLAN baseband processing circuitry 708a. Each of the WLAN baseband circuitry 708a and the BT baseband circuitry 708b may further include one or more processors and control logic to process the signals received from the corresponding WLAN or BT receive signal path of the radio IC circuitry 706a-b, and to also generate corresponding WLAN or BT baseband signals for the transmit signal path of the radio IC circuitry 706a-b. Each of the baseband processing circuitries 708a and 708b may further include physical layer (PHY) and medium access control layer (MAC) circuitry, and may further interface with a device for generation and processing of the baseband signals and for controlling operations of the radio IC circuitry 706a-b.
Referring still to
In some embodiments, the front-end module circuitry 704a-b, the radio IC circuitry 706a-b, and baseband processing circuitry 708a-b may be provided on a single radio card, such as wireless radio card 702. In some other embodiments, the one or more antennas 701, the FEM circuitry 704a-b and the radio IC circuitry 706a-b may be provided on a single radio card. In some other embodiments, the radio IC circuitry 706a-b and the baseband processing circuitry 708a-b may be provided on a single chip or integrated circuit (IC), such as IC 712.
In some embodiments, the wireless radio card 702 may include a WLAN radio card and may be configured for Wi-Fi communications, although the scope of the embodiments is not limited in this respect. In some of these embodiments, the radio architecture 105A, 105B may be configured to receive and transmit orthogonal frequency division multiplexed (OFDM) or orthogonal frequency division multiple access (OFDMA) communication signals over a multicarrier communication channel. The OFDM or OFDMA signals may comprise a plurality of orthogonal subcarriers.
In some of these multicarrier embodiments, radio architecture 105A, 105B may be part of a Wi-Fi communication station (STA) such as a wireless access point (AP), a base station or a mobile device including a Wi-Fi device. In some of these embodiments, radio architecture 105A, 105B may be configured to transmit and receive signals in accordance with specific communication standards and/or protocols, such as any of the Institute of Electrical and Electronics Engineers (IEEE) standards including, 802.11n-2009, IEEE 802.11-2012, IEEE 802.11-2016, 802.11n-2009, 802.11ac, 802.11ah, 802.11ad, 802.11ay and/or 802.11ax standards and/or proposed specifications for WLANs, although the scope of embodiments is not limited in this respect. Radio architecture 105A, 105B may also be suitable to transmit and/or receive communications in accordance with other techniques and standards.
In some embodiments, the radio architecture 105A, 105B may be configured for high-efficiency Wi-Fi (HEW) communications in accordance with the IEEE 802.11ax standard. In these embodiments, the radio architecture 105A, 105B may be configured to communicate in accordance with an OFDMA technique, although the scope of the embodiments is not limited in this respect.
In some other embodiments, the radio architecture 105A, 105B may be configured to transmit and receive signals transmitted using one or more other modulation techniques such as spread spectrum modulation (e.g., direct sequence code division multiple access (DS-CDMA) and/or frequency hopping code division multiple access (FH-CDMA)), time-division multiplexing (TDM) modulation, and/or frequency-division multiplexing (FDM) modulation, although the scope of the embodiments is not limited in this respect.
In some embodiments, as further shown in
In some embodiments, the radio architecture 105A, 105B may include other radio cards, such as a cellular radio card configured for cellular (e.g., 5GPP such as LTE, LTE-Advanced or 7G communications).
In some IEEE 802.11 embodiments, the radio architecture 105A, 105B may be configured for communication over various channel bandwidths including bandwidths having center frequencies of about 900 MHZ, 2.4 GHz, 5 GHZ, and bandwidths of about 2 MHz, 4 MHz, 5 MHz, 5.5 MHz, 6 MHz, 8 MHz, 10 MHz, 20 MHz, 40 MHz, 80 MHZ (with contiguous bandwidths) or 80+80 MHz (160 MHz) (with non-contiguous bandwidths). In some embodiments, a 920 MHz channel bandwidth may be used. The scope of the embodiments is not limited with respect to the above center frequencies however.
In some embodiments, the FEM circuitry 704a may include a TX/RX switch 802 to switch between transmit mode and receive mode operation. The FEM circuitry 704a may include a receive signal path and a transmit signal path. The receive signal path of the FEM circuitry 704a may include a low-noise amplifier (LNA) 806 to amplify received RF signals 803 and provide the amplified received RF signals 807 as an output (e.g., to the radio IC circuitry 706a-b (
In some dual-mode embodiments for Wi-Fi communication, the FEM circuitry 704a may be configured to operate in either the 2.4 GHz frequency spectrum or the 5 GHz frequency spectrum. In these embodiments, the receive signal path of the FEM circuitry 704a may include a receive signal path duplexer 804 to separate the signals from each spectrum as well as provide a separate LNA 806 for each spectrum as shown. In these embodiments, the transmit signal path of the FEM circuitry 704a may also include a power amplifier 810 and a filter 812, such as a BPF, an LPF or another type of filter for each frequency spectrum and a transmit signal path duplexer 804 to provide the signals of one of the different spectrums onto a single transmit path for subsequent transmission by the one or more of the antennas 701 (
In some embodiments, the radio IC circuitry 706a may include a receive signal path and a transmit signal path. The receive signal path of the radio IC circuitry 706a may include at least mixer circuitry 902, such as, for example, down-conversion mixer circuitry, amplifier circuitry 906 and filter circuitry 908. The transmit signal path of the radio IC circuitry 706a may include at least filter circuitry 912 and mixer circuitry 914, such as, for example, up-conversion mixer circuitry. Radio IC circuitry 706a may also include synthesizer circuitry 904 for synthesizing a frequency 905 for use by the mixer circuitry 902 and the mixer circuitry 914. The mixer circuitry 902 and/or 914 may each, according to some embodiments, be configured to provide direct conversion functionality. The latter type of circuitry presents a much simpler architecture as compared with standard super-heterodyne mixer circuitries, and any flicker noise brought about by the same may be alleviated for example through the use of OFDM modulation.
In some embodiments, mixer circuitry 902 may be configured to down-convert RF signals 807 received from the FEM circuitry 704a-b (
In some embodiments, the mixer circuitry 914 may be configured to up-convert input baseband signals 911 based on the synthesized frequency 905 provided by the synthesizer circuitry 904 to generate RF output signals 809 for the FEM circuitry 704a-b. The baseband signals 911 may be provided by the baseband processing circuitry 708a-b and may be filtered by filter circuitry 912. The filter circuitry 912 may include an LPF or a BPF, although the scope of the embodiments is not limited in this respect.
In some embodiments, the mixer circuitry 902 and the mixer circuitry 914 may each include two or more mixers and may be arranged for quadrature down-conversion and/or up-conversion respectively with the help of synthesizer 904. In some embodiments, the mixer circuitry 902 and the mixer circuitry 914 may each include two or more mixers each configured for image rejection (e.g., Hartley image rejection). In some embodiments, the mixer circuitry 902 and the mixer circuitry 914 may be arranged for direct down-conversion and/or direct up-conversion, respectively. In some embodiments, the mixer circuitry 902 and the mixer circuitry 914 may be configured for super-heterodyne operation, although this is not a requirement.
Mixer circuitry 902 may comprise, according to one embodiment: quadrature passive mixers (e.g., for the in-phase (I) and quadrature phase (Q) paths). In such an embodiment, RF input signal 807 from
Quadrature passive mixers may be driven by zero and ninety-degree time-varying LO switching signals provided by a quadrature circuitry which may be configured to receive a LO frequency (fLO) from a local oscillator or a synthesizer, such as LO frequency 905 of synthesizer 904 (
In some embodiments, the LO signals may differ in duty cycle (the percentage of one period in which the LO signal is high) and/or offset (the difference between start points of the period). In some embodiments, the LO signals may have an 85% duty cycle and an 80% offset. In some embodiments, each branch of the mixer circuitry (e.g., the in-phase (I) and quadrature phase (Q) path) may operate at an 80% duty cycle, which may result in a significant reduction is power consumption.
The RF input signal 807 (
In some embodiments, the output baseband signals 907 and the input baseband signals 911 may be analog baseband signals, although the scope of the embodiments is not limited in this respect. In some alternate embodiments, the output baseband signals 907 and the input baseband signals 911 may be digital baseband signals. In these alternate embodiments, the radio IC circuitry may include analog-to-digital converter (ADC) and digital-to-analog converter (DAC) circuitry.
In some dual-mode embodiments, a separate radio IC circuitry may be provided for processing signals for each spectrum, or for other spectrums not mentioned here, although the scope of the embodiments is not limited in this respect.
In some embodiments, the synthesizer circuitry 904 may be a fractional-N synthesizer or a fractional N/N+1 synthesizer, although the scope of the embodiments is not limited in this respect as other types of frequency synthesizers may be suitable. For example, synthesizer circuitry 904 may be a delta-sigma synthesizer, a frequency multiplier, or a synthesizer comprising a phase-locked loop with a frequency divider. According to some embodiments, the synthesizer circuitry 904 may include digital synthesizer circuitry. An advantage of using a digital synthesizer circuitry is that, although it may still include some analog components, its footprint may be scaled down much more than the footprint of an analog synthesizer circuitry. In some embodiments, frequency input into synthesizer circuitry 904 may be provided by a voltage controlled oscillator (VCO), although that is not a requirement. A divider control input may further be provided by either the baseband processing circuitry 708a-b (
In some embodiments, synthesizer circuitry 904 may be configured to generate a carrier frequency as the output frequency 905, while in other embodiments, the output frequency 905 may be a fraction of the carrier frequency (e.g., one-half the carrier frequency, one-third the carrier frequency). In some embodiments, the output frequency 905 may be a LO frequency (fLO).
The baseband processing circuitry 708a may include a receive baseband processor (RX BBP) 1002 for processing receive baseband signals 909 provided by the radio IC circuitry 706a-b (
In some embodiments (e.g., when analog baseband signals are exchanged between the baseband processing circuitry 708a-b and the radio IC circuitry 706a-b), the baseband processing circuitry 708a may include ADC 1010 to convert analog baseband signals 1009 received from the radio IC circuitry 706a-b to digital baseband signals for processing by the RX BBP 1002. In these embodiments, the baseband processing circuitry 708a may also include DAC 1012 to convert digital baseband signals from the TX BBP 1004 to analog baseband signals 1011.
In some embodiments that communicate OFDM signals or OFDMA signals, such as through baseband processor 708a, the transmit baseband processor 1004 may be configured to generate OFDM or OFDMA signals as appropriate for transmission by performing an inverse fast Fourier transform (IFFT). The receive baseband processor 1002 may be configured to process received OFDM signals or OFDMA signals by performing an FFT. In some embodiments, the receive baseband processor 1002 may be configured to detect the presence of an OFDM signal or OFDMA signal by performing an autocorrelation, to detect a preamble, such as a short preamble, and by performing a cross-correlation, to detect a long preamble. The preambles may be part of a predetermined frame structure for Wi-Fi communication.
Referring back to
Although the radio architecture 105A, 105B is illustrated as having several separate functional elements, one or more of the functional elements may be combined and may be implemented by combinations of software-configured elements, such as processing elements including digital signal processors (DSPs), and/or other hardware elements. For example, some elements may comprise one or more microprocessors, DSPs, field-programmable gate arrays (FPGAs), application specific integrated circuits (ASICs), radio-frequency integrated circuits (RFICs) and combinations of various hardware and logic circuitry for performing at least the functions described herein. In some embodiments, the functional elements may refer to one or more processes operating on one or more processing elements.
The word “exemplary” is used herein to mean “serving as an example, instance, or illustration.” Any embodiment described herein as “exemplary” is not necessarily to be construed as preferred or advantageous over other embodiments. The terms “computing device,” “user device,” “communication station,” “station,” “handheld device,” “mobile device,” “wireless device” and “user equipment” (UE) as used herein refers to a wireless communication device such as a cellular telephone, a smartphone, a tablet, a netbook, a wireless terminal, a laptop computer, a femtocell, a high data rate (HDR) subscriber station, an access point, a printer, a point of sale device, an access terminal, or other personal communication system (PCS) device. The device may be either mobile or stationary.
As used within this document, the term “communicate” is intended to include transmitting, or receiving, or both transmitting and receiving. This may be particularly useful in claims when describing the organization of data that is being transmitted by one device and received by another, but only the functionality of one of those devices is required to infringe the claim. Similarly, the bidirectional exchange of data between two devices (both devices transmit and receive during the exchange) may be described as “communicating,” when only the functionality of one of those devices is being claimed. The term “communicating” as used herein with respect to a wireless communication signal includes transmitting the wireless communication signal and/or receiving the wireless communication signal. For example, a wireless communication unit, which is capable of communicating a wireless communication signal, may include a wireless transmitter to transmit the wireless communication signal to at least one other wireless communication unit, and/or a wireless communication receiver to receive the wireless communication signal from at least one other wireless communication unit.
As used herein, unless otherwise specified, the use of the ordinal adjectives “first,” “second,” “third,” etc., to describe a common object, merely indicates that different instances of like objects are being referred to and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
The term “access point” (AP) as used herein may be a fixed station. An access point may also be referred to as an access node, a base station, an evolved node B (eNodeB), or some other similar terminology known in the art. An access terminal may also be called a mobile station, user equipment (UE), a wireless communication device, or some other similar terminology known in the art. Embodiments disclosed herein generally pertain to wireless networks. Some embodiments may relate to wireless networks that operate in accordance with one of the IEEE 802.11 standards.
Some embodiments may be used in conjunction with various devices and systems, for example, a personal computer (PC), a desktop computer, a mobile computer, a laptop computer, a notebook computer, a tablet computer, a server computer, a handheld computer, a handheld device, a personal digital assistant (PDA) device, a handheld PDA device, an on-board device, an off-board device, a hybrid device, a vehicular device, a non-vehicular device, a mobile or portable device, a consumer device, a non-mobile or non-portable device, a wireless communication station, a wireless communication device, a wireless access point (AP), a wired or wireless router, a wired or wireless modem, a video device, an audio device, an audio-video (A/V) device, a wired or wireless network, a wireless area network, a wireless video area network (WVAN), a local area network (LAN), a wireless LAN (WLAN), a personal area network (PAN), a wireless PAN (WPAN), and the like.
Some embodiments may be used in conjunction with one way and/or two-way radio communication systems, cellular radio-telephone communication systems, a mobile phone, a cellular telephone, a wireless telephone, a personal communication system (PCS) device, a PDA device which incorporates a wireless communication device, a mobile or portable global positioning system (GPS) device, a device which incorporates a GPS receiver or transceiver or chip, a device which incorporates an RFID element or chip, a multiple input multiple output (MIMO) transceiver or device, a single input multiple output (SIMO) transceiver or device, a multiple input single output (MISO) transceiver or device, a device having one or more internal antennas and/or external antennas, digital video broadcast (DVB) devices or systems, multi-standard radio devices or systems, a wired or wireless handheld device, e.g., a smartphone, a wireless application protocol (WAP) device, or the like.
Some embodiments may be used in conjunction with one or more types of wireless communication signals and/or systems following one or more wireless communication protocols, for example, radio frequency (RF), infrared (IR), frequency-division multiplexing (FDM), orthogonal FDM (OFDM), time-division multiplexing (TDM), time-division multiple access (TDMA), extended TDMA (E-TDMA), general packet radio service (GPRS), extended GPRS, code-division multiple access (CDMA), wideband CDMA (WCDMA), CDMA 2000, single-carrier CDMA, multi-carrier CDMA, multi-carrier modulation (MDM), discrete multi-tone (DMT), Bluetooth®, global positioning system (GPS), Wi-Fi, Wi-Max, ZigBee, ultra-wideband (UWB), global system for mobile communications (GSM), 2G, 2.5G, 3G, 3.5G, 4G, fifth generation (5G) mobile networks, 3GPP, long term evolution (LTE), LTE advanced, enhanced data rates for GSM Evolution (EDGE), or the like. Other embodiments may be used in various other devices, systems, and/or networks.
The following examples pertain to further embodiments.
Example 1 may include a device comprising processing circuitry coupled to storage, the processing circuitry configured to: identify, within a received authentication frame, a capability bit in a Robust Security Network Extension Element (RSNXE) indicating peer device support for Key Encryption Key (KEK) derivation during an authentication frame exchange; derive the KEK during the authentication frame exchange based on mutual support for KEK derivation and derivation of a Pairwise Transient Key Security Association (PTKSA) during the exchange; use a cryptographic key protection process for deriving the KEK; and encrypt a portion of the authentication frame using the derived KEK.
Example 2 may include the device of example 1 and/or some other example herein, wherein the cryptographic key protection process may include applying a National Institute of Standards and Technology (NIST) advanced encryption standard (AES) Key Wrap with a 128-bit key size when a base Authentication and Key Management Protocol (AKMP) may be a Protected Association State Negotiation (PASN) AKMP and the pairwise cipher may be 128 bits.
Example 3 may include the device of example 1 and/or some other example herein, wherein the cryptographic key protection process may include applying AES-SIV with zero-length additional associated data (AAD) when a base Authentication and Key Management Protocol (AKMP) may be a Protected Association State Negotiation (PASN) AKMP.
Example 4 may include the device of example 1 and/or some other example herein, wherein the cryptographic key protection process determines the KEK size based on the pairwise cipher used during the authentication frame exchange.
Example 5 may include the device of example 1 and/or some other example herein, wherein the processing circuitry may be further configured to verify a Message Integrity Code (MIC) included in the authentication frame during the derivation of the KEK.
Example 6 may include the device of example 1 and/or some other example herein, wherein the processing circuitry may be further configured to transmit the capability bit indicating support for deriving the KEK during the authentication frame exchange.
Example 7 may include the device of example 1 and/or some other example herein, wherein the processing circuitry may be further configured to derive the KEK based on mutual capabilities of the device and the peer device.
Example 8 may include the device of example 1 and/or some other example herein, wherein the cryptographic key protection process may include encrypting critical information beyond device identity or Integrity Recovery Management (IRM) in the authentication frame.
Example 9 may include the device of example 1 and/or some other example herein, wherein the processing circuitry may be further configured to derive the KEK through operations performed by the processing circuitry, ensuring secure key handling.
Example 10 may include the device of example 1 and/or some other example herein, wherein the processing circuitry may be further configured to select the cryptographic key protection process based on compatibility with the peer device during the authentication frame exchange.
Example 11 may include a non-transitory computer-readable medium storing computer-executable instructions which when executed by one or more processors result in performing operations comprising: identifying, within a received authentication frame, a capability bit in a Robust Security Network Extension Element (RSNXE) indicating peer device support for Key Encryption Key (KEK) derivation during an authentication frame exchange; deriving the KEK during the authentication frame exchange based on mutual support for KEK derivation and derivation of a Pairwise Transient Key Security Association (PTKSA) during the exchange; using a cryptographic key protection process for deriving the KEK; and encrypting a portion of the authentication frame using the derived KEK.
Example 12 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the cryptographic key protection process may include applying a National Institute of Standards and Technology (NIST) advanced encryption standard (AES) Key Wrap with a 128-bit key size when a base Authentication and Key Management Protocol (AKMP) may be a Protected Association State Negotiation (PASN) AKMP and the pairwise cipher may be 128 bits.
Example 13 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the cryptographic key protection process may include applying AES-SIV with zero-length additional associated data (AAD) when a base Authentication and Key Management Protocol (AKMP) may be a Protected Association State Negotiation (PASN) AKMP.
Example 14 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the cryptographic key protection process determines the KEK size based on the pairwise cipher used during the authentication frame exchange.
Example 15 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the operations further comprise verify a Message Integrity Code (MIC) included in the authentication frame during the derivation of the KEK.
Example 16 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the operations further comprise transmitting the capability bit indicating support for deriving the KEK during the authentication frame exchange.
Example 17 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the operations further comprise deriving the KEK based on mutual capabilities of the device and the peer device.
Example 18 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the cryptographic key protection process may include encrypting critical information beyond device identity or Integrity Recovery Management (IRM) in the authentication frame.
Example 19 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the operations further comprise deriving the KEK through operations performed by the processing circuitry, ensuring secure key handling.
Example 20 may include the non-transitory computer-readable medium of example 11 and/or some other example herein, wherein the operations further comprise selecting the cryptographic key protection process based on compatibility with the peer device during the authentication frame exchange.
Example 21 may include a method comprising: identifying, within a received authentication frame, a capability bit in a Robust Security Network Extension Element (RSNXE) indicating peer device support for Key Encryption Key (KEK) derivation during an authentication frame exchange; deriving the KEK during the authentication frame exchange based on mutual support for KEK derivation and derivation of a Pairwise Transient Key Security Association (PTKSA) during the exchange; using a cryptographic key protection process for deriving the KEK; and encrypting a portion of the authentication frame using the derived KEK.
Example 22 may include the method of example 21 and/or some other example herein, wherein the cryptographic key protection process may include applying a National Institute of Standards and Technology (NIST) advanced encryption standard (AES) Key Wrap with a 128-bit key size when a base Authentication and Key Management Protocol (AKMP) may be a Protected Association State Negotiation (PASN) AKMP and the pairwise cipher may be 128 bits.
Example 23 may include the method of example 21 and/or some other example herein, wherein the cryptographic key protection process may include applying AES-SIV with zero-length additional associated data (AAD) when a base Authentication and Key Management Protocol (AKMP) may be a Protected Association State Negotiation (PASN) AKMP.
Example 24 may include the method of example 21 and/or some other example herein, wherein the cryptographic key protection process determines the KEK size based on the pairwise cipher used during the authentication frame exchange.
Example 25 may include the method of example 21 and/or some other example herein, further comprising verify a Message Integrity Code (MIC) included in the authentication frame during the derivation of the KEK.
Example 26 may include the method of example 21 and/or some other example herein, further comprising transmitting the capability bit indicating support for deriving the KEK during the authentication frame exchange.
Example 27 may include the method of example 21 and/or some other example herein, further comprising deriving the KEK based on mutual capabilities of the device and the peer device.
Example 28 may include the method of example 21 and/or some other example herein, wherein the cryptographic key protection process may include encrypting critical information beyond device identity or Integrity Recovery Management (IRM) in the authentication frame.
Example 29 may include the method of example 21 and/or some other example herein, further comprising deriving the KEK through operations performed by the processing circuitry, ensuring secure key handling.
Example 30 may include the method of example 21 and/or some other example herein, further comprising selecting the cryptographic key protection process based on compatibility with the peer device during the authentication frame exchange.
Example 31 may include an apparatus comprising means for: identifying, within a received authentication frame, a capability bit in a Robust Security Network Extension Element (RSNXE) indicating peer device support for Key Encryption Key (KEK) derivation during an authentication frame exchange; deriving the KEK during the authentication frame exchange based on mutual support for KEK derivation and derivation of a Pairwise Transient Key Security Association (PTKSA) during the exchange; using a cryptographic key protection process for deriving the KEK; and encrypting a portion of the authentication frame using the derived KEK.
Example 32 may include the apparatus of example 31 and/or some other example herein, wherein the cryptographic key protection process may include applying a National Institute of Standards and Technology (NIST) advanced encryption standard (AES) Key Wrap with a 128-bit key size when a base Authentication and Key Management Protocol (AKMP) may be a Protected Association State Negotiation (PASN) AKMP and the pairwise cipher may be 128 bits.
Example 33 may include the apparatus of example 31 and/or some other example herein, wherein the cryptographic key protection process may include applying AES-SIV with zero-length additional associated data (AAD) when a base Authentication and Key Management Protocol (AKMP) may be a Protected Association State Negotiation (PASN) AKMP.
Example 34 may include the apparatus of example 31 and/or some other example herein, wherein the cryptographic key protection process determines the KEK size based on the pairwise cipher used during the authentication frame exchange.
Example 35 may include the apparatus of example 31 and/or some other example herein, further comprising verify a Message Integrity Code (MIC) included in the authentication frame during the derivation of the KEK.
Example 36 may include the apparatus of example 31 and/or some other example herein, further comprising transmitting the capability bit indicating support for deriving the KEK during the authentication frame exchange.
Example 37 may include the apparatus of example 31 and/or some other example herein, further comprising deriving the KEK based on mutual capabilities of the device and the peer device.
Example 38 may include the apparatus of example 31 and/or some other example herein, wherein the cryptographic key protection process may include encrypting critical information beyond device identity or Integrity Recovery Management (IRM) in the authentication frame.
Example 39 may include the apparatus of example 31 and/or some other example herein, further comprising deriving the KEK through operations performed by the processing circuitry, ensuring secure key handling.
Example 40 may include the apparatus of example 31 and/or some other example herein, further comprising selecting the cryptographic key protection process based on compatibility with the peer device during the authentication frame exchange.
Example 41 may include one or more non-transitory computer-readable media comprising instructions to cause an electronic device, upon execution of the instructions by one or more processors of the electronic device, to perform one or more elements of a method described in or related to any of examples 1-40, or any other method or process described herein.
Example 42 may include an apparatus comprising logic, modules, and/or circuitry to perform one or more elements of a method described in or related to any of examples 1-40, or any other method or process described herein.
Example 43 may include a method, technique, or process as described in or related to any of examples 1-40, or portions or parts thereof.
Example 44 may include an apparatus comprising: one or more processors and one or more computer readable media comprising instructions that, when executed by the one or more processors, cause the one or more processors to perform the method, techniques, or process as described in or related to any of examples 1-40, or portions thereof.
Example 45 may include a method of communicating in a wireless network as shown and described herein.
Example 46 may include a system for providing wireless communication as shown and described herein.
Example 47 may include a device for providing wireless communication as shown and described herein.
Embodiments according to the disclosure are in particular disclosed in the attached claims directed to a method, a storage medium, a device and a computer program product, wherein any feature mentioned in one claim category, e.g., method, can be claimed in another claim category, e.g., system, as well. The dependencies or references back in the attached claims are chosen for formal reasons only. However, any subject matter resulting from a deliberate reference back to any previous claims (in particular multiple dependencies) can be claimed as well, so that any combination of claims and the features thereof are disclosed and can be claimed regardless of the dependencies chosen in the attached claims. The subject-matter which can be claimed comprises not only the combinations of features as set out in the attached claims but also any other combination of features in the claims, wherein each feature mentioned in the claims can be combined with any other feature or combination of other features in the claims. Furthermore, any of the embodiments and features described or depicted herein can be claimed in a separate claim and/or in any combination with any embodiment or feature described or depicted herein or with any of the features of the attached claims.
The foregoing description of one or more implementations provides illustration and description, but is not intended to be exhaustive or to limit the scope of embodiments to the precise form disclosed. Modifications and variations are possible in light of the above teachings or may be acquired from practice of various embodiments.
Certain aspects of the disclosure are described above with reference to block and flow diagrams of systems, methods, apparatuses, and/or computer program products according to various implementations. It will be understood that one or more blocks of the block diagrams and flow diagrams, and combinations of blocks in the block diagrams and the flow diagrams, respectively, may be implemented by computer-executable program instructions. Likewise, some blocks of the block diagrams and flow diagrams may not necessarily need to be performed in the order presented, or may not necessarily need to be performed at all, according to some implementations.
These computer-executable program instructions may be loaded onto a special-purpose computer or other particular machine, a processor, or other programmable data processing apparatus to produce a particular machine, such that the instructions that execute on the computer, processor, or other programmable data processing apparatus create means for implementing one or more functions specified in the flow diagram block or blocks. These computer program instructions may also be stored in a computer-readable storage media or memory that may direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable storage media produce an article of manufacture including instruction means that implement one or more functions specified in the flow diagram block or blocks. As an example, certain implementations may provide for a computer program product, comprising a computer-readable storage medium having a computer-readable program code or program instructions implemented therein, said computer-readable program code adapted to be executed to implement one or more functions specified in the flow diagram block or blocks. The computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational elements or steps to be performed on the computer or other programmable apparatus to produce a computer-implemented process such that the instructions that execute on the computer or other programmable apparatus provide elements or steps for implementing the functions specified in the flow diagram block or blocks.
Accordingly, blocks of the block diagrams and flow diagrams support combinations of means for performing the specified functions, combinations of elements or steps for performing the specified functions and program instruction means for performing the specified functions. It will also be understood that each block of the block diagrams and flow diagrams, and combinations of blocks in the block diagrams and flow diagrams, may be implemented by special-purpose, hardware-based computer systems that perform the specified functions, elements or steps, or combinations of special-purpose hardware and computer instructions.
Conditional language, such as, among others, “can,” “could,” “might,” or “may,” unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain implementations could include, while other implementations do not include, certain features, elements, and/or operations. Thus, such conditional language is not generally intended to imply that features, elements, and/or operations are in any way required for one or more implementations or that one or more implementations necessarily include logic for deciding, with or without user input or prompting, whether these features, elements, and/or operations are included or are to be performed in any particular implementation.
Many modifications and other implementations of the disclosure set forth herein will be apparent having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is to be understood that the disclosure is not to be limited to the specific implementations disclosed and that modifications and other implementations are intended to be included within the scope of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.
This application claims the benefit of U.S. Provisional Application No. 63/615,626, filed Dec. 28, 2023, the disclosure of which is incorporated herein by reference as if set forth in full
Number | Date | Country | |
---|---|---|---|
63615626 | Dec 2023 | US |