METHOD AND SYSTEM OF SECURED DIRECT LINK SET-UP (DLS) FOR WIRELESS NETWORKS
First Claim
Patent Images
1. A method, comprising:
- setting up a robust security network association (RSNA) by an access point (AP) in a network with a first STA and a second STA, wherein the RSNA provides a key hierarchy comprising a master key and a session-specific pairwise transient key generated from the master key;
receiving a direct link setup (DLS) request from the first STA, wherein the DLS request comprises a media access control (MAC) address of the second STA, a MAC address of the first STA, and capability information of the first STA;
receiving a DLS response from the second STA, wherein the DLS response comprises the media access control (MAC) address of the second STA, the MAC address of the first STA, and capability information of the second STA;
receiving a message from the first STA to deploy security measures between the first STA and the second STA, wherein a session key is established by the AP, first STA, and the second STA, and a 4-Way Handshake is established between the first STA and the second STA using the session key, wherein a transient key is established using the session key.
0 Assignments
0 Petitions
Accused Products
Abstract
Method and system of secured direct link set-up (DLS) for wireless networks. In accordance with aspects of the method, techniques are disclosed for setting up computationally secure direct links between stations in a wireless network in a manner that is computationally secure.
16 Citations
20 Claims
-
1. A method, comprising:
-
setting up a robust security network association (RSNA) by an access point (AP) in a network with a first STA and a second STA, wherein the RSNA provides a key hierarchy comprising a master key and a session-specific pairwise transient key generated from the master key; receiving a direct link setup (DLS) request from the first STA, wherein the DLS request comprises a media access control (MAC) address of the second STA, a MAC address of the first STA, and capability information of the first STA; receiving a DLS response from the second STA, wherein the DLS response comprises the media access control (MAC) address of the second STA, the MAC address of the first STA, and capability information of the second STA; receiving a message from the first STA to deploy security measures between the first STA and the second STA, wherein a session key is established by the AP, first STA, and the second STA, and a 4-Way Handshake is established between the first STA and the second STA using the session key, wherein a transient key is established using the session key. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method, comprising:
-
receiving, by a first STA, a request from an access point (AP) to setup up a robust security network association (RSNA) with a second STA in a network, wherein the RSNA provides a key hierarchy comprising a master key and a session-specific pairwise transient key generated from the master key; sending a direct link setup (DLS) request to the AP, wherein the DLS request comprises a media access control (MAC) address of the second STA, a MAC address of the first STA, and capability information of the first STA; receiving a DLS response from the AP, wherein the DLS response comprises the media access control (MAC) address of the second STA, the MAC address of the first STA, and capability information of the second STA; initiating, by the first STA, security measures between the first STA and the second STA and receiving a session key from the AP to deploy the security measures; and initiating a 4-Way Handshake between the first STA and the second STA using the session key, wherein a transient key is established using the session key. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A wireless access point (AP), comprising:
-
a radio frequency (RF) interface to transmit and receive RF signals corresponding to a wireless communications protocol; a processor coupled to the RF interface; and logic executed by the processor to perform operations including; setting up a robust security network association (RSNA) by an access point (AP) in a network with a first STA and a second STA, wherein the RSNA provides a key hierarchy having a master key and a session-specific pairwise transient key generated from the master key; receiving a direct link setup (DLS) request from the first STA, wherein the DLS request comprises a media access control (MAC) address of the second STA, a MAC address of the first STA, and capability information of the first STA; receiving a DLS response from the second STA wherein the DLS response comprises the media access control (MAC) address of the second STA, the MAC address of the first STA, and capability information of the second STA; receiving a message from the first STA to deploy security measures between the first STA and the second STA, wherein a session key is established by the AP, first STA, and the second STA, and a 4-Way Handshake is established between the first STA and the second STA using the session key, wherein a transient key is established using the session key. - View Dependent Claims (14, 15, 16, 17)
-
- 18. A first station (STA) configured to receive a request from an access point (AP) to setup up a robust security network association (RSNA) with a second STA in a network, wherein the RSNA provides a key hierarchy comprising a master key and a session-specific pairwise transient key generated from the master key, to send a direct link setup (DLS) request to the AP, wherein the DLS request comprises a media access control (MAC) address of the second STA, a MAC address of the first STA, and capability information of the first STA, to receive a DLS response from the AP, wherein the DLS response comprises the media access control (MAC) address of the second STA, the MAC address of the first STA, and capability information of the second STA, and to deploy security measures between the first STA and the second STA including receiving a session key from the AP by the first STA and initiating a 4-Way Handshake between the first STA and the second STA using the session key, wherein a transient key is established using the session key.
Specification