Cipher key setting system, access point, wireless LAN terminal, and cipher key setting method

US 7,742,602 B2
Filed: 09/30/2004
Issued: 06/22/2010
Est. Priority Date: 12/05/2003
Status: Active Grant

First Claim

Patent Images

1. A cipher key setting system, comprising:

a wireless LAN access point that includes;

a register mode setting mechanism set by a user that sets an operation mode of the wireless LAN access point to a register mode of operation, modifies a station Identification (ID) of the wireless LAN access point into a specified station ID, and enables the wireless LAN access point to wirelessly transmit the specified station ID;

a communication area delimiter that modifies an actual physical wireless communication area of the wireless LAN access point in the register mode of operation from a wireless LAN communication area AR1 to a smaller physical wireless LAN security communication area MR1, physically limiting a physical range of the transmitted specified station ID to the smaller, physical wireless LAN security communication area MR1;

a security policy selection mechanism that allows the user to select a security policy from a plurality of security policies included in the wireless LAN access point, and enables the user to change a previously set security policy;

a plurality of terminals that include;

a wireless LAN interface device;

a terminal registration mode mechanism that is set by the user to set a terminal operation mode of a terminal to a terminal register mode of operation, which enables the terminal to search for and directly, wirelessly connect with the wireless LAN access point that has the specified station ID;

wherein;

the plurality of terminals transmit to the wireless LAN access point a set of cipher systems used by the plurality of terminals;

the wireless LAN access point detects the set of cipher systems transmitted from the plurality of terminals, determines corresponding cipher keys based on the user modified security policy of the wireless LAN access point, and transmits selected cipher systems and cipher keys to the plurality of terminals based on the user modifiable security policy of the wireless LAN access point;

the wireless LAN access point in the register mode of operation associates different station IDs with different usable cipher systems, and transmits one or more selected station IDs from the different station IDs and one or more usable selected cipher systems from different usable cipher systems with corresponding cipher keys to the plurality of terminals;

the plurality of terminals acquire the one or more selected station IDs from the wireless LAN access point, and when there is a coincident station ID between the one or more selected station IDs acquired from the wireless LAN access point and previously stored station IDs stored in each terminal of the plurality of terminals, each terminal selects the coincident station ID and an associated cipher system with corresponding cipher keys;

when communication is not maintained with the wireless LAN access point based on already acquired station ID, the terminal of the plurality of terminals acquires anew the one or more selected station IDs from the wireless LAN access point and when there is coincident station ID between the one or more selected station IDs acquired anew and previously stored station IDs stored within the terminal, the terminal selects the coincident station ID and the associated cipher systems with corresponding cipher keys;

with the plurality of terminals and any newly added terminal being informed about which cipher system is used by the wireless LAN access point, and induced to select the associated cipher system and to set corresponding cipher keys for each selected associated cipher systems without the wireless LAN access point transmitting a new cipher key and a new cipher system each time the wireless LAN access point changes the cipher system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention intends to achieve new additions of terminals that use a wireless LAN with a simple process, while preventing leakage of data indicating cipher keys. The access point is notified of the cipher systems adaptable to the terminals. The access point narrows the cipher systems adaptable to itself, sets the cipher keys and notifies them, and also determines the station IDs for the cipher keys each. Thereafter, when the access point modifies the cipher systems based on the security policy, the access point adopts the station IDs corresponding to the cipher systems each. Therefore, the terminals specify the cipher systems based on the station IDs, and perform wireless communications by using the cipher keys notified in advance.

12 Citations

View as Search Results

5 Claims

1. A cipher key setting system, comprising:
- a wireless LAN access point that includes;
  
  a register mode setting mechanism set by a user that sets an operation mode of the wireless LAN access point to a register mode of operation, modifies a station Identification (ID) of the wireless LAN access point into a specified station ID, and enables the wireless LAN access point to wirelessly transmit the specified station ID;
  
  a communication area delimiter that modifies an actual physical wireless communication area of the wireless LAN access point in the register mode of operation from a wireless LAN communication area AR1 to a smaller physical wireless LAN security communication area MR1, physically limiting a physical range of the transmitted specified station ID to the smaller, physical wireless LAN security communication area MR1;
  
  a security policy selection mechanism that allows the user to select a security policy from a plurality of security policies included in the wireless LAN access point, and enables the user to change a previously set security policy;
  
  a plurality of terminals that include;
  
  a wireless LAN interface device;
  
  a terminal registration mode mechanism that is set by the user to set a terminal operation mode of a terminal to a terminal register mode of operation, which enables the terminal to search for and directly, wirelessly connect with the wireless LAN access point that has the specified station ID;
  
  wherein;
  
  the plurality of terminals transmit to the wireless LAN access point a set of cipher systems used by the plurality of terminals;
  
  the wireless LAN access point detects the set of cipher systems transmitted from the plurality of terminals, determines corresponding cipher keys based on the user modified security policy of the wireless LAN access point, and transmits selected cipher systems and cipher keys to the plurality of terminals based on the user modifiable security policy of the wireless LAN access point;
  
  the wireless LAN access point in the register mode of operation associates different station IDs with different usable cipher systems, and transmits one or more selected station IDs from the different station IDs and one or more usable selected cipher systems from different usable cipher systems with corresponding cipher keys to the plurality of terminals;
  
  the plurality of terminals acquire the one or more selected station IDs from the wireless LAN access point, and when there is a coincident station ID between the one or more selected station IDs acquired from the wireless LAN access point and previously stored station IDs stored in each terminal of the plurality of terminals, each terminal selects the coincident station ID and an associated cipher system with corresponding cipher keys;
  
  when communication is not maintained with the wireless LAN access point based on already acquired station ID, the terminal of the plurality of terminals acquires anew the one or more selected station IDs from the wireless LAN access point and when there is coincident station ID between the one or more selected station IDs acquired anew and previously stored station IDs stored within the terminal, the terminal selects the coincident station ID and the associated cipher systems with corresponding cipher keys;
  
  with the plurality of terminals and any newly added terminal being informed about which cipher system is used by the wireless LAN access point, and induced to select the associated cipher system and to set corresponding cipher keys for each selected associated cipher systems without the wireless LAN access point transmitting a new cipher key and a new cipher system each time the wireless LAN access point changes the cipher system.
- View Dependent Claims (2)
- - 2. A cipher key setting system according to claim 1, wherein:
    - the plurality of terminals store the cipher keys corresponding with the cipher systems transmitted from the wireless LAN access point.

3. A wireless Local Area Network (LAN) access point that adapts itself to a plurality of cipher systems in the wireless LAN communication, comprising:
- a register mode setting mechanism set by a user that sets an operation mode of the wireless LAN access point to a register mode of operation, modifies a station Identification (ID) of the wireless LAN access point into a specified station ID, and enables the wireless LAN access point to wirelessly transmit the specified station ID;
  
  a communication area delimiter that modifies an actual physical wireless communication area of the wireless LAN access point in the register mode of operation from a wireless LAN communication area AR1 to a smaller physical wireless LAN security communication area MR1, physically limiting a physical range of the transmitted specified station ID to the smaller, physical wireless LAN security communication area MR1;
  
  cipher systems and cipher keys used in enciphering communication data prior to performing wireless communications with a terminal that is provided with a wireless LAN interfacing device,a cipher key transmitter that narrows the plurality of cipher systems in the wireless LAN access point, which were transmitted from the terminal, and determines usable cipher keys in the cipher systems narrowed, and wirelessly transmits the determined cipher keys to the terminal, anda cipher system selector that selects cipher systems on the basis of a user modifiable security policy from among the narrowed cipher systems, and sets the selected cipher systems and the determined cipher keys with the wireless LAN access point communicating with a plurality of terminals using the set cipher systems and the cipher keys;
  
  wherein;
  
  the wireless LAN access point in the register mode of operation associates different station IDs with different usable cipher systems, and transmits one or more selected station IDs from the different station IDs and one or more usable selected cipher systems from different usable cipher systems with corresponding cipher keys to the plurality of terminals;
  
  the plurality of terminals acquire the one or more selected station IDs from the wireless LAN access point, and when there is a coincident station ID between the one or more selected station IDs acquired from the wireless LAN access point and previously stored station IDs stored in each terminal of the plurality of terminals, each terminal selects the coincident station ID and an associated cipher system with corresponding cipher keys;
  
  when communication is not maintained with the wireless LAN access point based on already acquired station ID, the terminal of the plurality of terminals acquires anew the one or more selected station IDs from the wireless LAN access point and when there is coincident station ID between the one or more selected station IDs acquired anew and previously stored station IDs stored within the terminal, the terminal selects the coincident station ID and the associated cipher systems with corresponding cipher keys;
  
  with the plurality of terminals and any newly added terminal being informed about which cipher system is used by the wireless LAN access point, and induced to select the associated cipher system and to set corresponding cipher keys for each selected associated cipher systems without the wireless LAN access point transmitting a new cipher key and a new cipher system each time the wireless LAN access point changes the cipher system.

4. A wireless Local Area Network (LAN) terminal to which is connected a wireless LAN interfacing device that adapts itself to a plurality of cipher systems in the wireless LAN communication, comprising:
- a terminal registration mode mechanism that is set by the user to set a terminal operation mode of the terminal to a terminal register mode of operation, which enables the terminal to search for and directly, wirelessly connect with a wireless LAN access point with a specified station ID;
  
  the wireless LAN access point includes;
  
  a register mode setting mechanism set by a user that sets an operation mode of the wireless LAN access point to a register mode of operation, modifies a station Identification (ID) of the wireless LAN access point into a specified station ID, and enables the wireless LAN access point to wirelessly transmit the specified station ID;
  
  a communication area delimiter that modifies an actual physical wireless communication area of the wireless LAN access point in the register mode of operation from a wireless LAN communication area AR1 to a smaller physical wireless LAN security communication area MR1, physically limiting a physical range of the transmitted specified station ID to the smaller, physical wireless LAN security communication area MR1;
  
  the terminal, further includes;
  
  a cipher system and a corresponding cipher key used in enciphering communication data prior to performing wireless communications with the wireless LAN access point,a cipher system transmitter that wirelessly transmits cipher systems from the terminal to the wireless LAN access point, andwherein;
  
  the wireless LAN access point in the register mode of operation associates different station IDs with different usable cipher systems, and transmits one or more selected station IDs from the different station IDs and one or more usable selected cipher systems from different usable cipher systems with corresponding cipher keys to a plurality of terminals;
  
  the plurality of terminals acquire the one or more selected station IDs from the wireless LAN access point, and when there is a coincident station ID between the one or more selected station IDs acquired from the wireless LAN access point and previously stored station IDs stored in each terminal of the plurality of terminals, each terminal selects the coincident station ID and an associated cipher system with corresponding cipher keys;
  
  when communication is not maintained with the wireless LAN access point based on already acquired station ID, the terminal of the plurality of terminals acquires anew the one or more selected station IDs from the wireless LAN access point and when there is coincident station ID between the one or more selected station IDs acquired anew and previously stored station IDs stored within the terminal, the terminal selects the coincident station ID and the associated cipher systems with corresponding cipher keys;
  
  with the plurality of terminals and any newly added terminal being informed about which cipher system is used by the wireless LAN access point, and induced to select the associated cipher system and to set corresponding cipher keys for each selected associated cipher systems without the wireless LAN access point transmitting a new cipher key and a new cipher system each time the wireless LAN access point changes the cipher system.

5. A cipher key setting method that sets a cipher system and a cipher key used in enciphering communication data prior to wireless communications performed between a wireless Local Area Network (LAN) access point and a terminal with a wireless LAN interfacing device, comprising:
- setting an operation mode of the wireless LAN access point to a register mode of operation, modifying a station Identification (ID) of the wireless LAN access point into a specified station ID, and wirelessly transmitting the specified station ID;
  
  modifying an actual physical wireless communication area of the wireless LAN access point in the register mode of operation from a wireless LAN communication area AR1 to a smaller physical wireless LAN security communication area MR1, physically limiting a physical range of the transmitted specified station ID to the smaller, physical wireless LAN security communication area MR1;
  
  selecting a security policy from a plurality of security policies included in the wireless LAN access point, and changing a previously set security policy;
  
  setting a terminal operation mode of the terminal to a terminal register mode of operation, searching for and directly, wirelessly connecting with the wireless LAN access point that has the specified station ID;
  
  wirelessly transmitting to the wireless LAN access point a set of cipher systems used by a plurality of terminals;
  
  communicating with the plurality of terminals using the set of cipher systems and cipher keys;
  
  selecting one or more cipher systems from the set of cipher systems transmitted from the terminal, determining a usable cipher key in the one or more cipher systems selected, and transmitting the determined cipher key to the terminal on a basis of a user modifiable security policy determined in advance, and setting the selected cipher system and the determined cipher key; and
  
  the terminal setting the cipher key of the cipher system transmitted from the wireless LAN access point;
  
  associating different station IDs with different usable cipher systems when the wireless LAN access point is in the register mode of operation;
  
  transmitting one or more selected station IDs from the different station IDs and one or more usable selected cipher systems from different usable cipher systems with corresponding cipher keys to the plurality of terminals;
  
  the plurality of terminals acquiring the one or more selected station IDs from the wireless LAN access point, and when there is a coincident station ID between the one or more selected station IDs acquired from the wireless LAN access point and previously stored station IDs stored in each terminal of the plurality of terminals, each terminal selecting the coincident station ID and an associated cipher system with corresponding cipher keys;
  
  when communication is not maintained with the wireless LAN access point based on already acquired station ID, the terminal of the plurality of terminals acquiring anew the one or more selected station IDs from the wireless LAN access point and when there is coincident station ID between the one or more selected station IDs acquired anew and previously stored station IDs stored within the terminal, the terminal selecting the coincident station ID and the associated cipher systems with corresponding cipher keys;
  
  with the plurality of terminals and any newly added terminal being informed about which cipher system is used by the wireless LAN access point, and induced to select the associated cipher system and to set corresponding cipher keys for each selected associated cipher systems without the wireless LAN access point transmitting a new cipher key and a new cipher system each time the wireless LAN access point changes the cipher system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Buffalo Incorporated (Melco Holdings Incorporated)
Original Assignee
Buffalo Incorporated (Melco Holdings Incorporated)
Inventors
Ishidoshiro, Takashi, Tamura, Yoshiteru
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
Zee; Edward

Application Number

US10/956,266
Publication Number

US 20050132193A1
Time in Patent Office

2,091 Days
Field of Search

380/270, 380/273, 380/274, 380/258, 380/277, 380/278
US Class Current

380/270
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/04   for providing a confidentia...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0827   involving distinctive inter...

H04W 12/03   Protecting confidentiality,...

H04W 12/04   Key management, e.g. using ...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 92/10   between terminal device and...

Cipher key setting system, access point, wireless LAN terminal, and cipher key setting method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

5 Claims

Specification

Solutions

Use Cases

Quick Links

Cipher key setting system, access point, wireless LAN terminal, and cipher key setting method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

5 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links