Telecommunications – Radiotelephone system – Zoned or cellular telephone system
Reexamination Certificate
2001-11-16
2004-08-24
Trost, William (Department: 2684)
Telecommunications
Radiotelephone system
Zoned or cellular telephone system
C455S435200, C455S411000, C455S410000, C380S247000, C380S249000, C713S171000, C713S168000
Reexamination Certificate
active
06782260
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a technique for registration and authentication between a wireless base station and a wireless terminal in a wireless communication system using a wireless LAN formed by wireless terminals and wireless base stations, such as a wireless LAN system called IEEE 802.11 and the like.
2. Description of the Related Art
In recent years, in conjunction with the development of the LAN (Local Area Network) technique, the networking of the office environment centered around connections among PCs is in progress. While such a wired LAN is spreading, the use of a wireless LAN in which a part of the wired LAN is replaced by wireless is also in progress. For example, there is a case where a wireless base station is connected to the wired LAN and a plurality of portable PCs are connected to this base station by wireless. By using this portable PC for editing a file on a desk-top PC that is connected to the wired LAN through Ethernet, it is possible to realize the wireless access to the wired LAN. Also, a section comprising the base station and the portable PCs can be viewed separately as a wireless LAN. The advantages of such a wireless LAN include that the cable laying is unnecessary as radio or infrared paths are utilized for transmission, and that a new construction or layout change of network is easy.
The introduction of such wireless LANs is now accelerated after the standardization of IEEE 802.11. In IEEE 802.11, the wireless LAN specification using 2.4 GHz band is completed in 1997, and the wireless LAN specification using 5 GHz band is completed in 1999. The transmission rates of the wireless LAN specification using 2.4 GHz band include 1 to 2 Mbps and 11 Mbps, and the additional specification with the transmission rate of over 20 Mbps is currently under the discussion. Recently, products based on this 2.4 GHz band specification are put on the market by various companies and prices of the base station and the wireless PC card are now going down to a range that enables the wider spread. Also, unlike the 2.4 GHz band, the 5 GHz band is a nearly unused frequency band that is currently utilized only for the meteorological radar and it is expected that the faster transmission rate is realizable easily, so that it is a promising candidate for the next generation wireless LAN specification.
Also, recently, there is a trend for implementing the Bluetooth in all kinds of devices, including those of the portable telephone industry, the home electronics industry and the PC industry. This Bluetooth is also a wireless system using 2.4 GHz band which is now expected to spread worldwide because of the low cost of about $5 per chip and the backing of approximately 2000 companies in various industrial fields.
Under such circumstances, the spread of the wireless LAN system is expected to take place not only in the office environment but also in the general home. Consequently, it is expected that the environment in which a plurality of wireless LAN systems are existing contiguously or coexisting in the same space will be built widely in near future.
Now, in IEEE 802.11, the authentication processing between the wireless terminals or between the wireless base station and the wireless terminal is specified (the chapter 8 of the IEEE 802.11 specification).
This specification describes a scheme in which two entities (two wireless terminals, or a wireless base station and a wireless terminal) that are targets of the authentication processing will carry out the authentication by using the same secret key (common key) while also carrying out the secret communications (but this authentication processing is optional). For this authentication processing, the algorithm called WEP (Wired Equivalent Privacy) will be used. It is only stated that the distribution of the secret key will be carried out by a secure method in advance. Also, the secret key is to be provided with respect to each two entities, so that a given wireless terminal must be provided with a secret key for every other wireless terminals within the system, and the secret keys in the order of a square of the total number of wireless terminals will be required in the system as a whole.
Here, the encryption and decryption in the WEP algorithm will be described briefly, and the authentication using this WEP algorithm will also be described.
FIG. 31
shows an outline of the encryption processing by the WEP algorithm of IEEE 802.11. In
FIG. 31
, the processing for encrypting data to be transmitted is shown, and this data to be transmitted is referred to as a plaintext PT here.
First, at the transmitting side, CRC is generated from this PT, that is, ICV is generated. On the other hand, a key sequence KS is generated from a secret key Sk and an initial vector IV through a WEP random number generator. An exclusive OR of this KS and a concatenated {PT, ICV} is calculated after adjusting their length to be equal. The result of this exclusive OR is an encrypted text ET. Then, by combining this ET and IV with a control code, a WEP frame as shown in
FIG. 32
is formed. The secret communications according to the WEP algorithm will be carried out by using this WEP frame.
FIG. 33
shows an outline of the decryption processing by the WEP algorithm of IEEE 802.11. In
FIG. 33
, the processing for decrypting received encrypted data is shown. In
FIG. 33
, when the receiving side receives the WEP frame, IV is extracted from that WEP frame, and entered into the WEP random number generator along with the secret key Sk, to generate the key sequence KS. This key sequence KS should be the same as the KS of
FIG. 31
if IV is not altered. By taking the exclusive OR of this KS with the encrypted text ET within the frame, the plaintext PT and ICV can be decrypted. By carrying out the CRC check for this PT and the resulting ICV′ is compared with the decrypted ICV to verify the correctness of PT. If ICV′ and ICV are equal, it can be regarded that PT is received successfully.
FIG. 34
shows a sequence chart for the authentication processing according to the WEP algorithm of IEEE 802.11.
FIG. 34
is for an exemplary case of carrying out wireless communications between a wireless base station (base station) and a wireless terminal (terminal) within a radio zone of this base station. In
FIG. 34
, the secret key Sk which is the common key is exchanged between the base station and the terminal in advance (step S
1001
). Then, first, the terminal transmits an authentication request frame to the base station by the wireless communication (step S
1002
). This authentication request frame describes that the authentication by the common key scheme is requested. Note that the secret key Sk is already distributed to both the base station and the terminal at the step S
1001
.
Next, if the base station accepts the authentication request, the base station generates a check text CT from this secret key Sk and an internally generated initial vector IV through the WEP random number generator (step S
1003
). Normally, this CT has the length of 128 bytes. The base station transmits the generated CT by the wireless communication (step S
1004
).
The terminal receives the CT as a plaintext, and encrypts the CT by the secret key Sk (Sk(CT)) according to the method of
FIG. 31
described above (step S
1005
). Then, the terminal transmits the encrypted text containing this Sk(CT) to the base station by the wireless communication (step S
1006
).
Finally, the encrypted text transmitted from the terminal is verified at the base station (step S
1007
). If it is correct, the authentication completion frame in a success status is sent. Otherwise the frame in a failure status is sent (step S
1008
). This verification is carried out by checking whether Sk(Sk(CT)(=CT′) obtained by decrypting Sk(CT) according to the method of
FIG. 33
described above coincides with CT originally generated by the base station or not.
As described above, in conjunction with the spread of the wireless LAN system
Nakakita Hideaki
Takabatake Yoshiaki
Le Danh C
Oblon & Spivak, McClelland, Maier & Neustadt P.C.
Trost William
LandOfFree
Scheme for registration and authentication in wireless... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Scheme for registration and authentication in wireless..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Scheme for registration and authentication in wireless... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3348973