WIRELESS COMMUNICATION SYSTEM AND WIRELESS COMMUNICATION METHOD

US 20090074187A1
Filed: 09/15/2006
Published: 03/19/2009
Est. Priority Date: 09/16/2005
Status: Active Grant

First Claim

Patent Images

1. A wireless communication system constituted of a singular or plural wireless communication terminals and at least a corresponding access point, whereinthe access point comprises at leastan identification number storage portion which stores a current and next identification number inherent of the wireless communication terminal;

a key storage portion for storing a hash key shared between the wireless communication terminals;

a random number generation processing portion for generating a random number;

a hash function arithmetic operation processing portion for carrying out arithmetic operation processing with a key provided hash function; and

a control communication processing portion which carries out communication with the wireless communication terminal and executes a control processing for each processing portion,the access point generates a second identification number using a current identification number, a hash key and a first random number for any wireless communication terminal under a control of the control communication processing portion by means of the hash function arithmetic operation processing portion, and further generates a third identification number using the second identification number, hash key and second random number,the control communication processing portion sends an initialization instruction signal containing the first and second random numbers to the wireless communication terminal, updates a current identification number stored in the identification number storage portion to a second identification number and sets up a next identification number on a third identification number,the wireless communication terminal comprises at leasta communicating portion which communicates with the access point;

a self number storage portion which stores a current and next identification numbers inherent of self;

a key storage portion which stores a hash key shared between the access points; and

the hash function arithmetic operation processing portion which executes arithmetic operation processing with a key provided hash function,when the communicating portion receives the initialization instruction signal from the access point, the hash function arithmetic operation processing portion generates a second identification number using the current identification number stored in the self number storage portion, hash key and the first random number further, generates a third identification number using the second identification number, hash key and the second random number, updates the current identification number stored in the self number storage portion to a second identification number and sets up a next identification number on a third identification number.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a technology of effectively avoiding tracing on a terminal performed with an identification number being a target and DoS attack without making any significant changes to a communication system.

In the wireless communication system of the present invention, under a control of a control communication processing portion 113 of an access point, a hash function arithmetic operation processing portion 112 generates a third identification number to be updated using a current identification number, hash key and random number for any wireless communication terminal, a control communication processing portion 113 sends an update instruction signal containing the random number to the wireless communication terminal and updates the current identification number stored in the identification number storage portion 121 to a second identification number. When the wireless communication terminal receives an update instruction signal, the current identification number is updated to the second identification number and the hash function arithmetic operation processing portion generates a third identification number using the current identification number, hash key and random number stored in the self number storage portion.

Citations

16 Claims

1. A wireless communication system constituted of a singular or plural wireless communication terminals and at least a corresponding access point, whereinthe access point comprises at leastan identification number storage portion which stores a current and next identification number inherent of the wireless communication terminal;
- a key storage portion for storing a hash key shared between the wireless communication terminals;
  
  a random number generation processing portion for generating a random number;
  
  a hash function arithmetic operation processing portion for carrying out arithmetic operation processing with a key provided hash function; and
  
  a control communication processing portion which carries out communication with the wireless communication terminal and executes a control processing for each processing portion,the access point generates a second identification number using a current identification number, a hash key and a first random number for any wireless communication terminal under a control of the control communication processing portion by means of the hash function arithmetic operation processing portion, and further generates a third identification number using the second identification number, hash key and second random number,the control communication processing portion sends an initialization instruction signal containing the first and second random numbers to the wireless communication terminal, updates a current identification number stored in the identification number storage portion to a second identification number and sets up a next identification number on a third identification number,the wireless communication terminal comprises at leasta communicating portion which communicates with the access point;
  
  a self number storage portion which stores a current and next identification numbers inherent of self;
  
  a key storage portion which stores a hash key shared between the access points; and
  
  the hash function arithmetic operation processing portion which executes arithmetic operation processing with a key provided hash function,when the communicating portion receives the initialization instruction signal from the access point, the hash function arithmetic operation processing portion generates a second identification number using the current identification number stored in the self number storage portion, hash key and the first random number further, generates a third identification number using the second identification number, hash key and the second random number, updates the current identification number stored in the self number storage portion to a second identification number and sets up a next identification number on a third identification number.
- View Dependent Claims (2, 3, 4, 5, 6, 8)
- - 2. The wireless communication system according to claim 1, wherein the control communication processing portion of the access point, after receiving the initialization instruction signal at least once or more, sends the update instruction signal to the wireless communication terminal by a predetermined cycle,the hash function arithmetic operation processing portion generates a fourth identification number using a next identification number, hash key and third random number for any wireless communication terminal under a control of the control communication processing portion,the control communication processing portion sends an update instruction signal containing the third random number to the wireless communication terminal, updates a current identification number stored in the identification number storage portion to a next identification number and further updates the next identification number to the fourth identification number,when the communicating portion of the wireless communication terminal receives the update instruction signal from the access point, the hash function arithmetic operation processing portion generates the fourth identification number using the next identification number stored in the self number storage portion, the hash key and the third random number, updates the current identification number stored in the self number storage portion to the next identification number and further updates the next identification number to the fourth identification number.
  - 3. The wireless communication system according to claim 1 or 2 wherein the wireless communication terminal comprises an attack detection processing portion for detecting Denial of Service (DoS) attack by measuring the amount of communication per unit time, updates a current identification number stored in the self number storage portion to a next identification number when the attack is detected, and the communicating portion sends an attack detection signal to an access point and when the control communication processing portion of the access point receives the attack detection signal, the control communication processing portion updates the current identification number stored in the identification number storage portion to a next identification number and the hash function arithmetic operation processing portion generates the fourth identification number using the current identification number after updated, hash key and third random number, and the control communication processing portion sends a random number notification signal containing the third random number to the wireless communication terminal and updates the next identification number to the fourth identification number, andnext when the communicating portion of the wireless communication terminal receives the random number notification signal, the hash function arithmetic operation processing portion generates the fourth identification number using the current identification number after updated, stored in the self number storage portion, the hash key and the third random number, and updates the next identification number stored in the self number storage portion to the fourth identification number.
  - 4. The wireless communication system according to claim 1 to 3, wherein the communicating portion of the wireless communication terminal, when receiving an initialization instruction signal or an update instruction signal from the access point, sends an acknowledge signal to the access point, andthe control communication processing portion of the access point, when receiving the acknowledge signal, updates the current identification number and next identification number stored in the identification number storage portion.
  - 5. The wireless communication system according to claim 4, wherein the access point is so constructed that the identification number storage portion is capable of storing a current identification number before updated, a current identification number after updated and a next identification number after updated, andthe control communication processing portion comprises:
    - a detecting portion which when receiving a communication from any identification number from the wireless communication terminal before the acknowledge signal is received, detects the communication; and
      
      an identification number synchronization control portion which if the result of the detection is a current identification number before updated, sends the update instruction signal again and if the result of the detection is a next identification number after updated, updates the current identification number before updated, stored in the identification number storage portion to the next identification number after updated.
  - 6. The wireless communication system according to claim 5, wherein the access point comprises a timer portion which starts counting of time since a signal is sent by the control communication processing portion, while the control communication processing portion includes an existence acknowledge signal sending portion andthe communicating portion of the wireless communication terminal includes an existence acknowledge responding portion for sending an existence acknowledge response when the existence acknowledge signal is received, andif the acknowledge signal is incapable of being received when the timer portion detects that a predetermined time is elapsed since the update instruction signal is sent, the existence acknowledge signal sending portion sends the existence acknowledge signal to a next identification number of the wireless communication terminal, andthe control communication processing portion, if the existence acknowledge response is incapable of being received although the timer portion detects that the predetermined time is elapsed, sends the update instruction signal again and if the existence acknowledge response is received, updates the current identification number stored in the identification number storage portion to a next identification number.
  - 8. The wireless communication system according to claim 1 to 7, wherein the identification number of the wireless communication terminal is MAC (Media Access Control) address.

7. A wireless communication system constituted of a singular or plural wireless communication terminals and at least a corresponding access point, whereinthe access point comprises at leastan identification number storage portion which stores an identification number inherent of the wireless communication terminal;
- a key storage portion which stores a hash key shared between the wireless communication terminals;
  
  a random number generation processing portion which generates a random number;
  
  a hash function arithmetic operation processing portion which carries out arithmetic operation processing with a key provided hash function; and
  
  a control communication processing portion which controls communication with the wireless communication terminal, and executes a control processing for each processing portion,the hash function arithmetic operation processing portion generates a second identification number using a current identification number, a hash key and a random number for any wireless communication terminal under a control of the control communication processing portion, and the control communication processing portion sends the update instruction signal containing the random number to the wireless communication terminal at least by a predetermined cycle and updates a current identification number stored in the identification number storage portion to a second identification number,the wireless communication terminal comprises at least a communicating portion which communicates with the access point;
  
  a self number storage portion which stores an identification number inherent of self;
  
  a key storage portion which stores a hash key shared between the access points; and
  
  the hash function arithmetic operation processing portion which executes arithmetic operation processing with a key provided hash function,when the communicating portion receives the update instruction signal from the access point, the hash function arithmetic operation processing portion generates a second identification number using the current identification number stored in the self number storage portion, hash key and the random number further, updates the current identification number stored in the self number storage portion to a second identification number.

9. A communication method for wireless communication system constituted of a singular or plural wireless communication terminals and at least a corresponding access point, the access point and the wireless communication terminal previously sharing a hash key and storing in each key storage portion,the communication method comprising:
- access point side identification number generating step in which the hash function arithmetic operation processing portion of an access point generates a second identification number using a current identification number, a hash key and a first random number for any wireless communication terminal under a control of the control communication processing portion of the access point and further generates a third identification number using the second identification number, the hash key and the second random number;
  
  an initialization instruction step in which the control communication processing portion sends an initialization instruction signal containing the first and second random numbers to the wireless communication terminal;
  
  an access point side identification number initialization step of updating a current identification number stored in the identification number storage portion to a second identification number at any time after the access point side identification number generation step and further setting a next identification number on a third identification number;
  
  a terminal side identification number generation step in which when the communicating portion of the wireless communication terminal receives the initialization instruction signal from the access point, the hash function arithmetic operation processing portion generates a second identification number using a current identification number stored in the self number storage portion, hash key and the first random number and further generates a third identification number using the second identification number, the hash key and the second random number; and
  
  a terminal side identification number initialization step of updating a current identification number stored in the self number storage portion to a second identification number and further setting a next identification number on a third identification number.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The wireless communication method according to claim 9, wherein the control communication processing portion of the access point, after receiving the initialization instruction signal at least once or more, sends the update instruction signal to the wireless communication terminal by a predetermined cycle, the wireless communication method comprising:
    - an access point side identification number periodic generation step of generating a fourth identification number using a next identification number, hash key and third random number for any wireless communication terminal under a control of the control communication processing portion;
      
      an update instruction step in which the control communication processing portion sends an update instruction signal containing the third random number to the wireless communication terminal;
      
      an access point side identification number periodic update step of updating the current identification number stored in the identification number storage portion to a next identification number at any time after the access point side identification number periodic generation step and further updating the next identification number to the fourth identification number;
      
      a terminal side identification number periodic generation step in which when the communicating portion of the wireless communication terminal receives the update instruction signal from the access point, the hash function arithmetic operation processing portion generates a fourth identification number using the next identification number stored in the self number storage portion, the hash key and the third random number; and
      
      a terminal side identification number periodic updating step of updating the current identification number stored in the self number storage portion to a next identification number and further updating the next identification number to the fourth identification number.
  - 11. The wireless communication method according to claim 9 or 10, further comprising:
    - a DoS attack detecting step in which the attack detection processing portion of the wireless communication terminal detects a DoS attack by measuring the amount of communication per unit time at any timing after the terminal side identification number initialization step of the wireless communication method;
      
      a terminal side identification number urgent update step in which when an attack is detected, the current identification number stored in the self number storage portion is updated to a next identification number while the communicating portion sends an attack detection signal to the access point;
      
      an access point side identification number urgent update step in which when the control communication processing portion of the access point receives the attack detection signal, the current identification number stored in the identification number storage portion is updated to a next identification number while the hash function arithmetic operation processing portion generates a fourth identification number using the current identification number after updated, the hash key and the third random number and the control communication processing portion sends a random number notification signal containing the third random number to the wireless communication terminal and updates the next identification number to the fourth identification number; and
      
      a terminal side identification number urgent update step in which when the communicating portion of the wireless communication terminal receives the random number notification signal, the hash function arithmetic operation processing portion generates the fourth identification number using the current identification number after updated, stored in the self number storage portion, the hash key and the third random number and updates the next identification number stored in the self number storage portion to the fourth identification number.
  - 12. The wireless communication method according to claim 9 to 11, further comprising:
    - subsequent to the initialization instruction step and the update instruction step,an acknowledge signal sending step in which the communicating portion of the wireless communication terminal sends an acknowledge signal to the access point,wherein the control communication processing portion of the access point executes the access point side identification number initialization step or the access point side identification number periodic update step after the acknowledge signal receiving step of receiving the acknowledge signal.
  - 13. The wireless communication method according to claim 12, further comprising a detection step in which the current identification number before updated, the current identification number after updated and the next identification number after updated, of the wireless communication terminal are stored in the identification number storage portion of the access point at the same time while the detecting portion provided on the control communication processing portion detects whether or not any communication occurs from an identification number in the wireless communication terminal,wherein if the result of the detection is the current identification number before updated, the procedure is returned to the update instruction step and if the result of the detection is a next identification number after updated, steps after the access point side identification number urgent update step are executed.
  - 14. The wireless communication method according to claim 13, further comprising an existence acknowledge step in which unless the acknowledge signal receiving step is reached even if the timer portion of the access point detects that a predetermined time is elapsed since the update instruction step, the existence acknowledge signal sending portion provided on the control communication processing portion of the access point sends the existence acknowledge signal to the next identification number of the wireless communication terminal, whereinif the existence acknowledge response to the existence acknowledge signal from the wireless communication terminal is incapable of being received within a predetermined time, the procedure is returned to the update instruction step and if the existence acknowledge response is received, the access point side identification number periodic update step is executed.

15. A communication method for wireless communication system constituted of a singular or plural wireless communication terminals and at least a corresponding access point, the access point and the wireless communication terminal sharing a hash key and storing in each key storage portion,the communication method comprising:
- access point side identification number generating step in which the hash function arithmetic operation processing portion of an access point generates a second identification number using a current identification number, a hash key and a first number for any wireless communication terminal under a control of the control communication processing portion of the access point;
  
  update instruction step in which the control communication processing portion sends the update instruction signal containing the random number to the wireless communication terminal at least by a predetermined cycle;
  
  a terminal side identification number generation step in which when the communicating portion of the wireless communicating terminal receives the update instruction signal from the access point, the hash function arithmetic operation processing portion generates the current identification number stored in the self number storage portion, the hash key and the random number;
  
  a terminal side identification number update step of updating the second identification number stored in the self number storage portion of the wireless communication terminal to the second identification number; and
  
  an access point side identification number updating step of updating the current identification number stored in the identification number storage portion of the access point to the second identification number at any time after the update instruction step.

16. The wireless communication method according to claim to 15, wherein the identification number of the wireless communication terminal is MAC (Media Access Control) address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
National Institute of Information and Communications Technology
Original Assignee
National Institute of Information and Communications Technology
Inventors
Kuroda, Masahiro, Inoue, Daisuke, Ishizu, Kentaro

Granted Patent

US 8,166,528 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/270
CPC Class Codes

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 2209/80   Wireless

H04L 61/5046   Resolving address allocatio...

H04L 63/1458   Denial of Service

H04L 9/0891   Revocation or update of sec...

H04L 9/3242   involving keyed hash functi...

H04W 12/04   Key management, e.g. using ...

H04W 12/12   Detection or prevention of ...

H04W 12/61   Time-dependent

H04W 12/71   Hardware identity

H04W 8/26   Network addressing or numbe...

WIRELESS COMMUNICATION SYSTEM AND WIRELESS COMMUNICATION METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

WIRELESS COMMUNICATION SYSTEM AND WIRELESS COMMUNICATION METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links