Apparatus and method for protection of management frames
First Claim
Patent Images
1. An apparatus comprising:
- a receiver of a station configured to receive, from an access point when the station is in an unassociated and unauthenticated state with respect to the access point, a wireless communication including a beacon frame or a probe response frame having a first plurality of parameters related to network capability information, and to receive, from the access point during a four-way handshake key distribution process, a message 3 frame of the four-way handshake including a second plurality of parameters corresponding to at least a subset of the first plurality of parameters related to network capability information contained in the beacon frame or the probe response frame;
an authentication module coupled to the receiver to compare respective ones of the second plurality of parameters with corresponding ones of the first plurality of parameters to determine whether they are the same; and
a transmitter coupled to the authentication module and configured to transmit data in response to a determination that the respective ones of the second plurality of parameters and the corresponding ones of the first plurality of parameters are same.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, methods and apparatus to protect management frames are generally described herein. Other embodiments may be described and claimed.
53 Citations
31 Claims
-
1. An apparatus comprising:
-
a receiver of a station configured to receive, from an access point when the station is in an unassociated and unauthenticated state with respect to the access point, a wireless communication including a beacon frame or a probe response frame having a first plurality of parameters related to network capability information, and to receive, from the access point during a four-way handshake key distribution process, a message 3 frame of the four-way handshake including a second plurality of parameters corresponding to at least a subset of the first plurality of parameters related to network capability information contained in the beacon frame or the probe response frame; an authentication module coupled to the receiver to compare respective ones of the second plurality of parameters with corresponding ones of the first plurality of parameters to determine whether they are the same; and a transmitter coupled to the authentication module and configured to transmit data in response to a determination that the respective ones of the second plurality of parameters and the corresponding ones of the first plurality of parameters are same. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 27, 28, 29, 30, 31)
-
-
10. A method comprising:
-
receiving, by a receiver of a station, an unencrypted wireless communication from an access point including a management frame having a first plurality of parameters related to network capability information, wherein the management frame comprises a beacon frame or a probe response frame; receiving, by the receiver of the station, during a four-way handshake key distribution process, a message 3 frame of the four-way handshake including a second plurality of parameters corresponding to at least a subset of the first plurality of parameters related to network capability information contained in the beacon frame or the probe response frame; comparing respective ones of the second plurality of parameters with the corresponding ones of the first plurality of parameters to determine whether they are the same; and terminating an association with the access point in response to a determination that that at least one of the second plurality of parameters and the corresponding one of the first plurality of parameters are not the same, or establishing an association with the access point in response to a determination that the respective ones of the plurality of second parameters and the corresponding ones of the plurality of first parameters are the same. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. An article comprising a non-transitory storage medium;
- and a plurality of instructions stored in the non-transitory storage medium, the plurality of instructions designed to enable an apparatus to receive an unencrypted wireless communication including a management frame having a first plurality of parameters related to network capability information;
to receive, during a four-way handshake key distribution process, a message 3 frame of the four-way handshake including a second plurality of parameters corresponding to at least a subset of the first plurality of parameters related to network capability information contained in the management frame;
to compare respective ones of the second plurality of parameters with corresponding ones of the first plurality of parameters to determine whether they are the same; and
to generate an indication based on said determination;
wherein the management frame comprises a beacon frame or a probe response frame. - View Dependent Claims (19, 20)
- and a plurality of instructions stored in the non-transitory storage medium, the plurality of instructions designed to enable an apparatus to receive an unencrypted wireless communication including a management frame having a first plurality of parameters related to network capability information;
-
21. A system, comprising:
-
a plurality of omnidirectional antennas; an authenticator wireless transmitter coupled to the antennas and configured to transmit to a supplicant an unencrypted wireless communication including a management frame having a first plurality of parameters related to network capability information, wherein the management frame comprises a beacon frame or a probe response frame; a wireline based transceiver configured to transmit and receive data from an authentication server; and an authenticator module coupled to the authenticator transmitter and the transceiver to access one or more security parameters from the authenticator server to generate a second plurality of parameters corresponding to at least a subset of the first plurality of parameters related to network capability information contained in the management frame, and to transmit via the authenticator transmitter to the supplicant, during a four-way handshake key distribution process, a message 3 frame of the four-way handshake including the second plurality of parameters. - View Dependent Claims (22, 23, 24, 25, 26)
-
Specification