Key synchronization mechanism for wireless LAN (WLAN)
First Claim
Patent Images
1. A key synchronization method for a wireless network comprising:
- setting a current encryption key and an old encryption key at an access point in the wireless network;
generating a new encryption key at the access point;
resetting at the access point the current encryption key to equal the newly generated encryption key;
resetting at the access point the old encryption key to equal an encryption key being used by a station in communication with the access point;
communicating the newly generated encryption key from the access point directly to the station in an encrypted form using the old encryption key;
indicating at the access point a decryption failure for a data frame received from the station when the current encryption key fails to decrypt the data frame, and decrypting the data frame at the access point using the old encryption key; and
resetting at the access point the old encryption key to equal the current encryption key when decryption using the new encryption key is successful.
4 Assignments
0 Petitions
Accused Products
Abstract
A key synchronization mechanism for wireless LANs is provided where the access point (AP) does not start using a new encryption key until the first data frame correctly encrypted with the new key is received from the station (STA). The new key is used from this point on, until the expiration of a key refresh interval.
-
Citations
18 Claims
-
1. A key synchronization method for a wireless network comprising:
-
setting a current encryption key and an old encryption key at an access point in the wireless network; generating a new encryption key at the access point; resetting at the access point the current encryption key to equal the newly generated encryption key; resetting at the access point the old encryption key to equal an encryption key being used by a station in communication with the access point; communicating the newly generated encryption key from the access point directly to the station in an encrypted form using the old encryption key; indicating at the access point a decryption failure for a data frame received from the station when the current encryption key fails to decrypt the data frame, and decrypting the data frame at the access point using the old encryption key; and resetting at the access point the old encryption key to equal the current encryption key when decryption using the new encryption key is successful. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A key synchronization system for a wireless network comprising:
-
at least one station in the wireless network; and at least one access point in the wireless network configured for;
maintaining an old encryption key and a new encryption key through a key rotation interval for each of said at least one station, using said new encryption key for decryption when a first data frame correctly encrypted with said new encryption key is received from said at least one station and using said old encryption key for decryption when said new encryption key fails to decrypt a data frame received from said at least one station, and resetting the old encryption key to equal the new encryption key when decryption with the new encryption key is successful. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A key synchronization system for a wireless network comprising:
-
at least one station in the wireless network; and at least one access point in the wireless network configured for;
maintaining an old encryption key and a new encryption key through a key rotation interval for each of said at least one station, setting said old encryption key equal to an encryption key used by said at least one station, and setting said new encryption key as a current encryption key;
said at least one access point further configured for;
using said new encryption key for decryption when a first data frame correctly encrypted with said new encryption key is received from said at least one station and using said old encryption key for decryption when said new encryption key fails to decrypt a data frame received from said at least one station, and resetting the old encryption key to equal the current encryption key when decryption with the new encryption key is successful. - View Dependent Claims (15, 16, 17, 18)
-
Specification