Fast ciphering key search for WLAN receivers

US 20050169480A1
Filed: 07/26/2004
Published: 08/04/2005
Est. Priority Date: 01/30/2004
Status: Active Grant

First Claim

Patent Images

1. A WLAN (Wireless Local Area Network) receiver comprising:

a ciphering key management unit (100) for controlling use of cipher keys for decrypting received data, wherein said ciphering key management unit comprises a memory unit (130) for storing a hash table (110) having a first (200) and a second (205-220, 600) table portion, said first table portion storing transmitter address data, said second table portion storing at least one cipher key, wherein said ciphering key management unit is arranged for determining whether a transmitter address matches transmitter address data in said first table portion, and if so, determining a corresponding cipher key stored in said second table portion for use in decrypting said received data.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A ciphering key management technique for use in a WLAN receiver is provided where a hash table is stored that has a first and a second table portion. The first table portion stores transmitter address data and the second table portion stores at least one cipher key. It is determined whether a transmitter address matches transmitter address data in the first table portion, and if so, a corresponding cipher key stored in the second table portion is determined for use in decrypting the received data. The hash table technique allows for a fast search for the correct cipher key. Embodiments are described that allow for dynamically adding and removing keys without blocking the search.

30 Citations

View as Search Results

64 Claims

1. A WLAN (Wireless Local Area Network) receiver comprising:
- a ciphering key management unit (100) for controlling use of cipher keys for decrypting received data, wherein said ciphering key management unit comprises a memory unit (130) for storing a hash table (110) having a first (200) and a second (205-220, 600) table portion, said first table portion storing transmitter address data, said second table portion storing at least one cipher key, wherein said ciphering key management unit is arranged for determining whether a transmitter address matches transmitter address data in said first table portion, and if so, determining a corresponding cipher key stored in said second table portion for use in decrypting said received data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 2. The WLAN receiver of claim 1, further comprising:
    - a data decapsulation unit (150) for decapsulating incoming data using said determined cipher key.
  - 3. The WLAN receiver of claim 2, wherein said decapsulation unit is configured to apply CCMP-AES (Counter-mode Cipher block chaining Message authentication code Protocol-Advanced Encryption Standard) procedures.
  - 4. The WLAN receiver of claim 2, wherein said decapsulation unit is configured to apply TKIP (Temporal Key Integrity Protocol) procedures.
  - 5. The WLAN receiver of claim 2, wherein said decapsulation unit is configured to apply WEP-40 (Wired Equivalent Privacy) procedures.
  - 6. The WLAN receiver of claim 2, wherein said decapsulation unit is configured to apply WEP-104 (Wired Equivalent Privacy) procedures.
  - 7. The WLAN receiver of claim 2, wherein said data encapsulation unit is configured to perform data frame decapsulation.
  - 8. The WLAN receiver of claim 1, wherein said memory unit is an OCM (On-Chip Memory) unit configured to be controlled by software.
  - 9. The WLAN receiver of claim 1, wherein said transmitter address data stored in said first table portion is comprised of a predetermined number of lower bits of a respective transmitter address.
  - 10. The WLAN receiver of claim 1, wherein said first table portion is a hash line of said hash table.
  - 11. The WLAN receiver of claim 1, wherein said first table portion comprises a number of sub-fields (240-255) each configured to store transmitter address data of a different transmitter.
  - 12. The WLAN receiver of claim 11, wherein said ciphering key management unit is arranged for selectively marking individual sub-fields in said first table portion active or inactive.
  - 13. The WLAN receiver of claim 11, wherein said number of sub-fields in said first table portion is a power-two number.
  - 14. The WLAN receiver of claim 11, wherein said second table portion comprises a number of table entries (205-220, 600) each configured to store at least one cipher key pertaining to a different transmitter.
  - 15. The WLAN receiver of claim 14, wherein said ciphering key management unit further comprises a capacity register (120) for storing an integer number, wherein said number of sub-fields in said first table portion and the maximum number of table entries in said second table portion are given by two to the power of said integer number.
  - 16. The WLAN receiver of claim 14, wherein each sub-field in said first table portion relates to an individual table entry in said second table portion.
  - 17. The WLAN receiver of claim 14, wherein each table entry has a fixed length independent from the length of the hash table.
  - 18. The WLAN receiver of claim 17, wherein the length of the hash table is given by the length of said first table portion and the length of said second table portion, said length of said second table portion being dependent on said fixed length of said table entries and the number of table entries in said second table portion, wherein the number of active sub-fields in said first table portion is equal to the number of table entries in said second table portion.
  - 19. The WLAN receiver of claim 1, wherein said second table portion comprises a number of table entries (205-220, 600), each configured to store at least one cipher key pertaining to a different transmitter.
  - 20. The WLAN receiver of claim 19, wherein each table entry in said second table portion is arranged for storing a receiver/transmitter address pair (230, 320, 325).
  - 21. The WLAN receiver of claim 19, wherein each table entry in said second table portion is arranged for storing data (225, 315) indicating one of at least two different cipher modes.
  - 22. The WLAN receiver of claim 21, wherein one of said at least two cipher modes is a CCMP-AES (Counter-mode Cipher block chaining Message authentication code Protocol-Advanced Encryption Standard) cipher mode.
  - 23. The WLAN receiver of claim 21, wherein one of said at least two cipher modes is a TKIP (Temporal Key Integrity Protocol) cipher mode.
  - 24. The WLAN receiver of claim 21, wherein one of said at least two cipher modes is a WEP (Wired Equivalent Privacy) cipher mode.
  - 25. The WLAN receiver of claim 1, wherein said transmitter address data stored in said first table portion is comprised of a number of lower bits of a respective transmitter address, said first table portion comprises a number of sub-fields (240-255), each configured to store transmitter address data of a different transmitter, and said ciphering key management unit is arranged for reducing said number of lower bits if said number of sub-fields is increased.
  - 26. The WLAN receiver of claim 1, wherein said ciphering key management unit is further arranged for comparing (420) said transmitter address with a transmitter address stored in said second table portion, to determine said cipher key.
  - 27. The WLAN receiver of claim 26, wherein said ciphering key management unit is further arranged for comparing (420) said transmitter address with two or more transmitter addresses stored in said second table portion, to determine said cipher key.
  - 28. The WLAN receiver of claim 1, wherein said transmitter address is taken from a received data frame.
  - 29. The WLAN receiver of claim 1, wherein said hash table further has a third table portion (500) for storing activation information, said activation information indicating whether transmitter address data in said first table portion is active or not.
  - 30. The WLAN receiver of claim 1, wherein said ciphering key management unit is arranged for adding a cipher key to said second table portion by writing (700) said cipher key to said second table portion, writing (710) corresponding transmitter address data to said first table portion, and then activating (720) said written transmitter address data.
  - 31. The WLAN receiver of claim 1, wherein said ciphering key management unit is arranged for removing a cipher key from said second table portion by deactivating (800) corresponding transmitter address data, and then deleting (810, 820) the cipher key from said second table portion and the transmitter address data from said first table portion.

32. A ciphering key management apparatus for controlling use of cipher keys for decrypting data received by a WLAN (Wireless Local Area Network) receiver, said ciphering key management apparatus comprising:
- a memory unit (130) for storing a hash table (110) having a first (200) and a second (205-220, 600) table portion, said first table portion storing transmitter address data, said second table portion storing at least one cipher key; and
  
  a control unit (140) for determining whether a transmitter address matches transmitter address data in said first table portion, and if so, determining a corresponding cipher key stored in said second table portion for use in decrypting said received data.

33. An integrated circuit chip for use in a WLAN (Wireless Local Area Network) receiver to perform ciphering key management to control use of cipher keys for decrypting data received by said WLAN receiver, said integrated circuit chip comprising:
- a memory circuit (130) for storing a hash table (110) having a first (200) and a second (205-220, 600) table portion, said first table portion storing transmitter address data, said second table portion storing at least one cipher key; and
  
  a control unit (140) for determining whether a transmitter address matches transmitter address data in said first table portion, and if so, determining a corresponding cipher key stored in said second table portion for use in decrypting said received data.

34. A method of controlling use of cipher keys for decrypting received data in a WLAN (Wireless Local Area Network) receiver, said method comprising:
- accessing (415) a hash table (110) having a first (200) and a second (205-220, 600) table portion, said first table portion storing transmitter address data, said second table portion storing at least one cipher key;
  
  determining (420, 425, 430, 440) whether a transmitter address matches transmitter address data in said first table portion; and
  
  if so, determining (445, 450, 455) a corresponding cipher key stored in said second table portion for use in decrypting said received data.
- View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
- - 35. The method of claim 34, further comprising:
    - decapsulating incoming data using said determined cipher key.
  - 36. The method of claim 35, wherein said decapsulation applies CCMP-AES (Counter-mode Cipher block chaining Message authentication code Protocol-Advanced Encryption Standard) procedures.
  - 37. The method of claim 35, wherein said decapsulation applies TKIP (Temporal Key Integrity Protocol) procedures.
  - 38. The method of claim 35, wherein said decapsulation applies WEP-40 (Wired Equivalent Privacy) procedures.
  - 39. The method of claim 35, wherein said decapsulation applies WEP-104 (Wired Equivalent Privacy) procedures.
  - 40. The method of claim 35, wherein said decapsulation is a data frame decapsulation.
  - 41. The method of claim 34, wherein said step of accessing said hash table comprises accessing an OCM (On-Chip Memory) unit by performing software instructions.
  - 42. The method of claim 34, wherein said transmitter address data stored in said first table portion is comprised of a predetermined number of lower bits of a respective transmitter address.
  - 43. The method of claim 34, wherein said first table portion is a hash line of said hash table.
  - 44. The method of claim 34, wherein said first table portion comprises a number of sub-fields (240-255), each configured to store transmitter address data of a different transmitter.
  - 45. The method of claim 44, further comprising:
    - selectively marking individual sub-fields in said first table portion active or inactive.
  - 46. The method of claim 44, wherein said number of sub-fields in said first table portion is a power-two number.
  - 47. The method of claim 44, wherein said second table portion comprises a number of table entries (205-220, 600) each configured to store at least one cipher key pertaining to a different transmitter.
  - 48. The method of claim 47, further comprising:
    - accessing a capacity register (120) storing an integer number; and
      
      setting the number of sub-fields in said first table portion and the maximum number of table entries in said second table portion to be two to the power of said integer number.
  - 49. The method of claim 47, wherein each sub-field in said first table portion relates to an individual table entry in said second table portion.
  - 50. The method of claim 47, wherein each table entry has a fixed length independent from the length of the hash table.
  - 51. The method of claim 50, wherein the length of the hash table is given by the length of said first table portion and the length of said second table portion, said length of said second table portion being dependent on said fixed length of said table entries and the number of table entries in said second table portion, wherein the number of active sub-fields in said first table portion is equal to the number of table entries in said second table portion.
  - 52. The method of claim 34, wherein said second table portion comprises a number of table entries (205-220, 600) each configured to store at least one cipher key pertaining to a different transmitter.
  - 53. The method of claim 52, wherein each table entry in said second table portion is arranged for storing a receiver/transmitter address pair (230, 320, 325).
  - 54. The method of claim 52, wherein each table entry in said second table portion is arranged for storing data (225, 315) indicating one of at least two different cipher modes.
  - 55. The method of claim 54, wherein one of said at least two cipher modes is a CCMP-AES (Counter-mode Cipher block chaining Message authentication code Protocol-Advanced Encryption Standard) cipher mode.
  - 56. The method of claim 54, wherein one of said at least two cipher modes is a TKIP (Temporal Key Integrity Protocol) cipher mode.
  - 57. The method of claim 54, wherein one of said at least two cipher modes is a WEP (Wired Equivalent Privacy) cipher mode.
  - 58. The method of claim 34, wherein said transmitter address data stored in said first table portion is comprised of a number of lower bits of a respective transmitter address, said first table portion comprises a number of sub-fields (240-255) each configured to store transmitter address data of a different transmitter, and the method comprises the step of:
    - reducing said number of lower bits if said number of sub-fields is increased.
  - 59. The method of claim 34, further comprising:
    - comparing (420) said transmitter address with a transmitter address stored in said second table portion, to determine said cipher key.
  - 60. The method of claim 59, wherein said transmitter address is compared with two or more transmitter addresses stored in said second table portion.
  - 61. The method of claim 34, wherein said transmitter address is taken from a received data frame.
  - 62. The method of claim 34, wherein said hash table further has a third table portion (500) for storing activation information, said activation information indicating whether transmitter address data in said first table portion is active or not.
  - 63. The method of claim 34 wherein a cipher key is added to said second table portion by performing the steps of:
    - writing (700) said cipher key to said second table portion;
      
      writing (710) corresponding transmitter address data to said first table portion; and
      
      activating (729) said written transmitter address data in said third table portion.
  - 64. The method of claim 34 wherein a cipher key is removed from said second table portion by performing the steps of:
    - deactivating (800) corresponding transmitter address data; and
      
      deleting (810, 820) the cipher key from said second table portion, and the transmitter address data from said first table portion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Globalfoundries US Incorporated (GlobalFoundries, Inc.)
Original Assignee
Advanced Micro Devices, Inc.
Inventors
Eckhardt, Uwe, Wachtler, Axel, Tischer, Falk, Kuehn, Ingo

Granted Patent

US 8,811,618 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/06   for supporting key manageme...

H04W 12/033   of the user plane, e.g. use...

H04W 12/04   Key management, e.g. using ...

H04W 84/12   WLAN [Wireless Local Area N...

Fast ciphering key search for WLAN receivers

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

64 Claims

Specification

Solutions

Use Cases

Quick Links

Fast ciphering key search for WLAN receivers

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

64 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links