(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2004/0068653 A1
`(43) Pub. Date: Apr. 8, 2004
`
`Fascenda
`
`US 20040068653A1
`
`(54) SHARED NETWORK ACCESS USING
`DIFFERENT ACCESS KEYS
`
`(52) us. Cl.
`
`.............................................................. 713/168
`
`(76)
`
`Inventor: Anthony C. Fascenda, North Bethesda,
`MD (US)
`
`(57)
`
`ABSTRACT
`
`Correspondence Address:
`HUNTON & WILLIAMS LLP
`INTELLECTUAL PROPERTY DEPARTMENT
`1900 K STREET, N.W.
`SUITE 1200
`WASHINGTON, DC 20006-1109 (US)
`
`(21) Appl. No.:
`
`10/679,268
`
`(22)
`
`Filed:
`
`Oct. 7, 2003
`
`Related US. Application Data
`
`(60) Provisional application No. 60/416,583, filed on Oct.
`8, 2002. Provisional application No. 60/477,921, filed
`on Jun. 13, 2003. Provisional application No. 60/422,
`474, filed on Oct. 31, 2002.
`
`Publication Classification
`
`(51)
`
`Int. Cl.7 ....................................................... H04L 9/00
`
`The invention provides a secure Wi-Fi communications
`method and system to enable automatic network roaming
`without requiring any back-end authentication servers and
`alleviating the need to handle large numbers of network
`parameters. In an embodiment of the invention, a client
`device listens for a “beacon frame” broadcast from a Wi-Fi
`access point. The beacon frame identifies the basic service
`set identifier (BSSID) of the access point. Atamper-resistant
`token, or client key, installed at the client device stores a set
`of authentication parameters, e.g., cryptographic keys, for
`each Wi-Fi network the client is permitted to access. Each
`set of authentication parameters is associated with a par-
`ticular BSSID. Using the RSSID received from the access
`point, the client device identifies and implements the appro-
`priate set of authentication parameters necessary to authen-
`ticate the client device according to an authentication pro-
`cess generally accepted by all the Wi—Fi networks potentially
`servicing the client. Accordingly, a consistent authentication
`and security mechanism is provided to enable a client device
`to easily roam from one network to another without requir—
`ing the client to manually change network configurations.
`
`£210A
`
`i230
`
`
`
`240A
`
`242A 3‘
`
`
`
`.
`
`fl
`
`Wireless AP
`
`240B
`
`
`
`242B 1
`250
`252 I
`
`
`
`
`
`
`
`
`\ficz E
`
`240N
`
`2
`
`4ZN 1
`
`Bose Exhibit 1037
`
`Bose V. Koss
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 1 of 13
`
`US 2004/0068653 A1
`
`1 00
`£—
`
`
`
`
`
`Wired
`$115B
`
`‘Ioo coon-0.0!,“
`““:"> Network
`(LAN)
`j :
`125
`
`
`
`FIG. 1
`
`(Prior Art)
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 2 0f 13
`
`US 2004/0068653 A1
`
`&
`
`240A
`
`242A 3'
`
`240B
`
`24213 3‘
`
`N
`
`Wireless AP
`
`$ <3 3;;
`
`
`FIG. 2
`
`240N
`
`242N 1
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 3 0f 13
`
`US 2004/0068653 A1
`
`300
`
`210A
`i
`
`
`
`
`
`K’ey’ Iatziiiaseéif?
`w a?
`72%
`air
`
`
`
`“KEYDBIO7563333923184MDB”
`
`mg. _
`
`
`%
`
`
`
`Master Ke Parameter
`Value gexamgle)
`Serial Number
`1075633339231884
`
`
`MKS
`BC017544-19491-119A3
`MKR
`EA910012-10445-193B3
`MK_IDS
`71ACEF1-19311-AE110
`PIN NUMBER
`“NEWC01234”
`
`
`
`
`
`
`FIG. 3
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 4 of 13
`
`US 2004/0068653 A1
`
`{10—0
`
`FIG' 4
`
`Insert master key
`
`Unlock master key
`with transport PIN
`
`Generate MK_IDS
`
`10
`
`Install admin.
`
`software
`
`15
`
`Execute admin.
`software
`
`Master key
`
`inserted
`
`
`Correct PIN
`
`unlocks master key
`
`Obtain master key
`serial number
`
`Open key database
`
`Ln0U]
`
`AvL‘L‘ktLLLu.u.--L»mNu.ou:ou:NLII
`
`Generate MKS and
`
`MKR
`
`Install MK_IDS,
`MKS, etc.
`
`Correct PIN locks
`master key
`
`Perform key
`management
`
`Create key
`database
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 5 of 13
`
`US 2004/0068653 A1
`
`510
`
`FIG. 5A
`
`Insert master keyI'
`
`515
`
`{00
`
`550
`
`Proper PIN unlocks
`
`Retrieve MK_IDS
`and serial number
`
`525
`
`IUII20
`master key
`
`
`
`Copy BSSID, MKS,
`and MKR to client
`
`key
`
`
`
`555
`
`Generate client
`CK_IDS for key
`
`560
`
`v
`
`56
`
`5
`
`57
`
`0
`
`Open key database
`
`530
`
`Insert new client
`
`key
`
`
`
`
`
`
`Create client record
`
`for key database
`
`Encrypt CK_IDS
`with MK_IDS
`
`
`
`
`
`Retrieve client key
`serial number
`
`Write record to
`
`key database
`
`
`
`Another
`
`
`Key
`Initialized
`client key
`
`
`
`
`?
`?
`
`
`
`
`Decrypt key record
`with MK_IDS
`
`
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 6 of 13
`
`US 2004/0068653 A1
`
`FIG. 5B
`
`point(s) on network ‘
`
`*— Network C
`
`Network B
`
`Network A
`
`NKSA = Network A send crypt. key
`NKRA = Network A receive crypt. key
`CK_IDSA= Secret crypt. key for Network A
`BSSIDs = MAC address(es) of access
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 7 of 13
`
`US 2004/0068653 A1
`
`010
`
`Execute AP key
`
`mgmt. routine
`
`{6%
`
`.15
`
`50
`
`In rt AP K
`
`Display appropriate
`
`I 20
`
`Blank AP
`
`No
`
`Yes
`
`a A 5
`
`
`
`N0
`
`I 55
`
`FIG. 6
`
`Display appropriate
`AP key parameters
`
`key
`?
`
`Correct PIN unlocks
`
`AP key
`
`0 30
`
`Enter/store admin
`
`parameters, ctc.
`
`. 3
`
`5
`
`Install NKS and
`
`NKR
`
`40
`
`Create and mstall
`
`AP_IDS
`
`
`
`
`60
`
`Add This
`Network
`?
`
`
`
`No
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 8 0f 13
`
`US 2004/0068653 A1
`
`FIG. 7
`
`1012
`i
`
`7 10
`
`Select desired AP
`
`from list
`
`7 15
`
`Authenticate AP
`
`using AP key
`
`Build client key file
`
`30
`
`Encrypt client key
`file
`
`35
`
`Transfer client key
`file to AP
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 9 0f 13
`
`US 2004/0068653 A1
`
`@
`i
`
`table
`
`Authorized
`users
`MAC table
`
`»--
`
`Unauthorized
`clients MAC
`
`“Do not allow”
`MAC table
`
`Connection attempt
`from device 210
`
`FIG. 8
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 10 0f 13
`
`US 2004/0068653 A1
`
`
`
`hmowfifingNHoofiaxo
`
`
`
`m<9Tavmfiévmbavm
`
`hwfi<n~6cmmm4nvmh~mt
`
`
`
`hmfimTmS$TN535mm
`
`
`
`m<eTgvaévmtomm
`
`nwgdéommméommm:
`
`mflmmevvoTNHooa<m
`
`
`
`m<m_Tavmflévpfiovm
`
`awom-c$v.m-hmu<mmo
`
`mwfiumfiofimoom
`
`Omommmmmfilum
`
`bwmmomomsm/w
`
`$3Hmbmwmmommwm
`
`
`
`~295me025/
`
`3an
`
`uoHoEmSm0ME26
`
`:6Wigwam
`
`Hone:ZEtum
`
`<~mMZ
`
`coo
`
`00.5025:0
`
`31.59
`
`3.9005R5
`
`£93655
`
`
`
`SN:+545::32%25:0
`
`“ma—Iva5Eunfiboco
`
`838n2
`
`6759
`
`
`
`omgmmsfi30mnEnnmmm
`
`
`
`#2953““53>Huuofifimm0Mm<
`
`
`
`
`
`mmofimmbotummfimom538:2atom
`
`
`
`9&3HémwofiévpsumU6E2
`
`
`
`mm~m©Tm¢¢OTNSGS<mEMU—Z
`
`
`
`hwfi<méomaméumflmtEmelniw
`
`
`
`
`
`VmR:ANMVNIEowcmm
`
`4a.0:—
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 11 of 13
`
`US 2004/0068653 A1
`
`£922
`
`Authentication Re-uest Frame sent to AP
`Authentication
`Authentication
`Challenge Text
`Algorithm;Number
`Transaction Seq.
`Number
`“3”
`“l”
`
`ted with CK_IDSZC
`
`éClient key serial number, [R1] random number
`enc
`
`FIG. 9B
`
`Authentication Res-onsc Frame returned to Client
`
`FIG. 9C
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 12 of 13
`
`US 2004/0068653 A1
`
`1000
`
`1004
`1002
`
`Client receives either “Beacon
`Client selects appropriate
`
`
`network parameters based on
`Frame” or “Probe Response
`Frame” from AP
`
`
`BSSID
`
`1030
`
`Client sends challenge to access point comprising client key
`
`serial number and first random number (R1) encrypted with
`
`CK_IDSZ.
`
`
`1015
`i
`Access point retrieves CK__IDSz from
`its client key database using client
`key serial number
`
`1020
`
`Access point decrypts challenge
`
`with CK_IDS; and retrieves R1
`
`
`
`R1 Decrypted
`Properly?
`
`
`
`Yes
`
`No
`
`1025
`
`Client device not
`authenticated; place MAC
`
`in “Do Not Allow” table.
`
`Client device authenticated;
`place MAC in “Authorized
`Users” table.
`
`
`
`1035
`
`Access point obtains second
`random number (R2) generated
`
`in AP key.
`
`1040
`
`
`
`Access point encrypts R2 with
`CK_IDS; and sends second
`challenge to client device
`
`1045
`
`Client device decrypts second
`challenge with CKJDSZ to
`
`extract R2.
`
`1055
`
`Access point
`authorized and begin normal
`
`communications
`
`Yes
`
`
`
`R2 Decrypted
`Properly?
`
`
`
`FIG. 10
`
`No
`
`1050
`
`Access point
`
`NOT authorized and abort network communications
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 13 of 13
`
`US 2004/0068653 A1
`
`1105
`
`Client selects appropriate
`network parameters based on
`
`BSSID
`
`1110
`
`.
`
`Client sends challenge to access point
`comprising client key serial number
`and first random number (R1).
`
`
`
`1115
`
`1100
`
`5
`
`Access point retrieves client
`
`1120
`
`key serial number and R1 1170
`usmg client key serial number
`
`Access point retrieves CK_IDS
`.
`.
`.
`
`'
`Client device authenticated;
`place MAC in “Authorized
`Users" table.
`
`1 125
`
`1 165
`
`Access point obtains second
`random number (R2) generated
`in AP key.
`
`
`
`Client device not
`authenticated; place MAC
`in “Do Not Allow" table.
`
`1 130
`
`Access point sends challenge to
`client comprising R1 encrypted with
`CK_IDS (Rle) and R2.
`
`
`
`1 135
`
`NO
`
`Yes
`
`1 160
`
`Client device decrypts Rle with
`
`CK_IDS and retrieves R2. Access point decrypts R2e with
`CKJDS‘
`
`l 1 55
`
`1140
`
`Yes
`
`N0
`
`1145
`
`Access point not authorized,
`
`abort network authentication.
`
`1150
`
`Client device sends third
`challenge comprising R2
`
`encrypted with CK_IDS (R2e).
`
`FIG. 1 1
`
`

`

`US 2004/0068653 A1
`
`Apr. 8, 2004
`
`SHARED NETWORK ACCESS USING DIFFERENT
`ACCESS KEYS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`[0001] This present application claims priority to US.
`Provisional Patent Application No. 60/416,583 filed on Oct.
`8, 2002; US. Provisional Patent Application No. 60/422,474
`filed Oct. 31, 2002; and US. Provisional Patent Application
`No. 60/447,921 filed Jun. 13, 2003. The contents of these
`three provisionals are incorporated herein by reference in
`their entirety. The present application is related to US.
`Patent Application No. 10/xxx,xxx, entitled “Self-Managed
`Network Access Using Localized Access Management," and
`US. Patent Application No. lO/xxx,xxx, entitled “Localized
`Network Authentication and Security Using Tamper-Resis-
`tant Keys,” both of which are filed concurrently herewith.
`
`BACKGROUND OF THE INVENTION
`
`[0002]
`
`1. Field of Invention
`
`[0003] The present invention relates to wireless network—
`ing, and more particularly, to an authentication and secure
`communication system for Wi-Fi (IEEE 802.11) networks.
`
`[0004]
`
`2. Description of Related Art
`
`[0005] A Wireless Local Area Network (WLAN) is gen-
`erally implemented to provide local connectivity between a
`wired network and a mobile computing device. In a typical
`wireless network, all of the computing devices within the
`network broadcast their information to one another using
`radio frequency (RF) communications. WLANs are based
`on the Institute of Electrical and Electronic Engineers
`(IEEE) 802.11 standard, which designates a wireless-Ether-
`net specification using a variety of modulation techniques at
`frequencies generally in the 2.4 gigahertz (GHZ) and 5 GHZ
`license-free frequency bands.
`
`[0006] The IEEE 802.11 standard (“Wi-Fi”), the disclo-
`sure of which is incorporated herein in its entirety by
`reference, enables wireless communications with through-
`put rates up to 54 Mbps. Wi-Fi (for “wireless fidelity”) is
`essentially a seal of approval certifying that a manufactur-
`er’s product is compliant with IEEE 802.11. For example,
`equipment carrying the “Wi-Fi” logo is certified to be
`interoperable with other Wi-Fi certified equipment. There
`are Wi—Fi compatible PC cards that operate in peer—to—peer
`mode, but Wi-Fi usually incorporates at least one access
`point, or edge device. Most access points have an integrated
`Ethernet controller to connect to an existing wired-Ethernet
`network. AWi-Fi wireless transceiver connects users via the
`access point to the rest of the LAN. The majority of Wi-Fi
`wireless transceivers available are in Personal Computer
`Memory Card International Association (PCMCIA) card
`form, particularly for laptop, palmtop, and other portable
`computers, however Wi-Fi transceivers can be implemented
`through an Industry Standard Architecture (ISA) slot or
`Peripheral Component Interconnect (PCI) slot in a desktop
`computer, a Universal Serial Bus (USB), or can be frilly
`integrated within a handheld device.
`
`[0007] FIG. 1 illustrates a typical conventional Wi-Fi
`network 100. Particularly, Wi-Fi network 100 comprises a
`number (N) of computing devices 110A-N and an access
`point 120. Each computing device 110 comprises a Wi-Fi
`
`transceiver (not shown) such as a Wi-Fi enabled network
`interface card (NIC) to communicate with the access point
`via an RF communications link 115. The access point 120
`comprises a Wi-Fi transceiver (not shown) to communicate
`with a wired network via an RF communications link 125.
`
`[0008] Authentication and security features offered by
`conventional Wi-Fi products have been implemented via
`Wired Equivalency Protocol (WEP). With WEP enabled, an
`access point will not admit anyone onto the LAN without the
`proper WEP settings. The W'EP settings are used primarily
`for wireless security, but
`they also form the basis for
`authentication in that without these settings known to and
`used by the user, the user cannot connect through the access
`point.
`
`[0009] The 802.11 standard defines different frame types
`that the Wi—Fi enabled NICs and access points employ for
`communications, as well as managing and controlling the
`wireless link. Every frame includes a control field that
`describes the 802.11 protocol version, frame type, and other
`network indicators, such as whether WEP is active, power
`management
`is enabled, etc. All
`frames contain MAC
`addresses of the source and destination station, and access
`point, in addition to a frame sequence number, a frame body,
`and a frame check sequence for error detection. Data frames
`carry protocols and data from higher layers within the frame
`body. For example, a data frame can comprise hypertext
`markup language (HTML) code from a Web page that a user
`is viewing. Other frames implemented for management and
`control carry specific information regarding the wireless link
`in the frame body. For example, an access point periodically
`sends a beacon frame to announce its presence and relay
`information,
`such as
`timestamp,
`service set
`identifier
`(SSID), and other parameters regarding the access point to
`the NICs that are within range.
`
`[0010] The SSID is a 32-character unique identifier that
`acts as a password when a mobile device tries to connect to
`the network. The SSID differentiates one WLAN from
`
`another, so all access points and all devices attempting to
`connect to a specific WLAN must use the same SSID. A
`device will not be permitted to join the network unless it can
`provide the unique SSID. Because an SSID can be sniffed in
`plain text from a packet it does not supply any security to the
`network. An SSID is also referred to as a network name, or
`network ID, because essentially it is a name that identifies a
`wireless network.
`
`[0011] The number of publicly available wireless 802.11
`networks is rapidly increasing. Each network is “Wi-Fi
`compatible” and, following the specification, identifies itself
`using the beacon frame, which broadcasts the SSID to all
`potential users of the network. Typically, an access point
`broadcasts a beacon frame every 10 ms. When a user is in
`the broadcast range of one or more Wi-Fi networks, the
`user’s wireless NIC listens for the beacon frame(s) associ-
`ated each network. A list of all SSIDs currently available is
`displayed to the user, from which the user makes a choice.
`Typically, there is only one network with which the user can
`connect. Once a particular available Wi-Fi network is
`selected, the user must ensure that all of his Wi-Fi commu-
`nication scttings, c.g., SSID, WEP on or off, WEP kcys, ctc.,
`are properly configured to connect to the selected Wi-Fi
`network. Use of beacon frames to identify a network is
`known as “passive mode.” An alternative method of seeking
`
`

`

`US 2004/0068653 A1
`
`Apr. 8, 2004
`
`wireless networks is known as “active mode,” whereby the
`NIC issues a “probe request” to cause all the listening access
`points within range to respond with an identifying frame
`containing their SSID. Both modes are explicitly defined in
`the 802.11 specification.
`[0012] As the user moves from network to network, for
`instance from his office network to a public network at a
`coifee shop,
`the user must switch his Wi-Fi setting as
`appropriate for the local network. Generally, this requires
`advanced knowledge of the settings for the new network.
`Microsoft Windows® operating systems facilitate the stor-
`age of these settings as a “location,” thereby enabling the
`user to simply point-and-click to select the new network.
`However, the user still must manually install these param-
`eters for the new network during initial setup.
`[0013] As the number of networks proliferates, the num-
`ber of network configurations will become daunting. More-
`over, each network authenticates the user in some fashion.
`Some networks are left in “wide-open” mode where only a
`proper SSID selected is necessary to connect, but most
`others require passwords, WEP keys, etc.
`[0014] Of further difficulty for a host facility of a Wi-Fi
`network such as an airport, generally there can only be one
`Wi-Fi network hosted per location. For example, Wi-Fi
`networks are shared-used networks. That is, Wi-Fi networks
`are unlicensed and hence there is no protection against
`interference from an additional network being installed at
`the same location. Once the first network is installed, say a
`Wayport® network, which provides travelers with wireless
`Internet access, no other network can be installed without
`interference resulting from the second network. The host
`facility generally prefers that all potential customers have
`access to the wireless network, not just Wayport customers.
`However, a Wayport network only admits Wayport custom-
`ers. Therefore, the issue becomes how do you allow a private
`network to admit customers from other networks to utilize
`
`the private network.
`[0015] Companies like BoingoTM offer a service whereby
`users can roam across multiple networks without necessarily
`being a customer of any particular network. Boingo employs
`a ‘sniffer’ program which listens to the beacon frames and
`looks for a match in it’s database of known network eon-
`
`figurations. When a match is found, the Boingo software will
`automatically make the appropriate configuration changes
`for that network and allow the user to connect. Once
`
`connection is attempted, the user appears to the network as
`a Boingo customer and the user’s credentials are passed onto
`an authentication server for the network. On recognition of
`the user’s name at the authentication server, for example,
`access is then granted or denied. If the Boingo customer is
`not really a customer of the present network, the authenti-
`cation server forwards the user’s credentials to a Boingo
`authentication server, which performs the authentication
`service and if valid, passes the ‘grant’ command back to the
`original network authentication server. One problem with
`this approach is that as the number of ‘network affiliates’
`grows for Boingo, each network’s configuration must be
`stored in a database. Accordingly, information in this data—
`base must be downloaded to each user. This becomes
`
`difficult to manage as the number of users and networks
`increase.
`
`“Hot-Spots” as Wi-Fi networks are known in the
`[0016]
`public space, allow users portable, high-speed access to
`
`networks. Current Hot-Spot networks are designed such that
`only their authorized users can access their network. The
`configuration of each network includes numerous param-
`eters, particularly if security such as WEP is enabled. As
`Hot-Spot networks are typically unlicensed and must share
`the spectrum with other users, the existence of a network
`generally precludes the construction of a second network for
`other users at the same location. The authentication mecha-
`nism for one network can be entirely different from that of
`another network. Each network may further have different
`settings for security.
`
`SUMMARY OF THE INVENTION
`
`[0017] The present invention overcomes these and other
`deficiencies of the related art by providing a method to make
`network roaming simple and automatic without requiring
`any back-end authentication servers and alleviating the need
`to handle large numbers of network parameters.
`
`It is the object of this invention to provide a secure,
`[0018]
`local, edge—method of authenticating users using pre—stored
`credentials in the user’s device rather than an authentication
`server. It is a second object of this invention to allow the
`user’s device to automatically detect which among many
`possible network configurations to select when connecting
`to a network.
`
`[0019] The present invention features three principal ele-
`ments: one or more Wi-Fi access points each with a pre-
`configured tamper-resistant token, or AP key, comprising a
`serial number and secret cryptographic keys; one or more
`client tokens, or client keys, each of which is pre-configured
`to authenticate the client for multiple Wi-Fi networks, i.e.,
`access points; and an administration facility comprising a
`software program capable of registering and configuring
`both the AP and the client keys.
`
`[0020] When a client device enters the transmission range
`of an access point, the client device listens for a “beacon
`frame” broadcast from the access point. The beacon frame
`identifies the basic service set identifier (BSSID) of the
`access point. The client key installed at the client device
`stores a set of authentication parameters, e. g., cryptographic
`keys, for each Wi-Fi network the client is given permission
`to use. Each set of authentication parameters is associated
`with a particular BSSID. Using the BSSID received from the
`access point, the client device identifies and implements the
`appropriate set of authentication parameters necessary to
`authenticate the client device. If the access point does not
`broadcast beacon frames, the client device can send a “Probe
`Request,” which causes the access point to respond with a
`beacon frame identifying the access point. In order for a
`client device to have access to more than one Wi-Fi network,
`that client device must possess a client key initialized by
`each Wi-Fi network administrator with the appropriate
`authentication parameters, or credentials, stored in the client
`key,
`
`In an embodiment of the invention, a method of
`[0021]
`authenticating a computing device on a Wi-Fi communica-
`tions network comprises the steps of: obtaining an access
`point identifier at a computing device, wherein the access
`point identifier identifies an access point of a Wi-Fi com-
`munications network; selecting, at the computing device, a
`set of authentication parameters associated with said access
`point identifier; and implementing an authentication process
`
`

`

`US 2004/0068653 A1
`
`Apr. 8, 2004
`
`employing the set of authentication parameters. The access
`point identifier can be a basic service set identifier received
`from the access point. The set of authentication parameters
`are pre-stored in a tamper-resistant physical token installed
`at the computing device. The tamper-resistant physical token
`comprises multiple sets of authentication parameters, each
`of which is associated with a unique access point identifier.
`The computing device is permitted to access the Wi-Fi
`communications network via the access point if the authen—
`tication process results in a successful authentication of the
`computing device.
`
`In another embodiment of the invention, a com-
`[0022]
`munications system comprises: one or more authentication
`devices and one or more client devices, wherein each client
`device includes a unique tamper-resistant physical
`token
`comprising: one or more unique sets of authentication
`parameters, wherein each set of authentication parameters is
`associated with at least one authentication device; a random
`number generator; and a unique serial number. Each client
`device further includes a wireless communications trans-
`ceiver
`to communicate with one of
`the authentication
`devices via a IEEE 802.11 wireless channel. The authenti—
`
`cation devices can be Wi-Fi access points, wherein at least
`two of which are associated with different Wi-Fi networks.
`Each of the unique sets of authentication parameters is
`associated with an access point identifier, which can be a
`basic service set identifier. Each tamper-resistant physical
`token is adapted to be installed via a USB interface at the
`computing device.
`
`[0023] The present invention provides at each computing
`client device a tamper-resistant physical token that holds the
`credentials, i.e., authentication parameters, for multiple net-
`works. Accordingly, a consistent authentication and security
`mechanism is provided to enable a client device to easily
`roam from one network to another without having to manu-
`ally change network configurations.
`
`[0024] The foregoing, and other features and advantages
`of the invention, will be apparent from the following, more
`particular description of the preferred embodiments of the
`invention, the accompanying drawings, and the claims.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0025] For a more complete understanding of the present
`invention, the objects and advantages thereof, reference is
`now made to the following descriptions taken in connection
`with the accompanying drawings in which:
`
`[0026] FIG. 1 illustrates a conventional Wi-Fi network;
`
`[0027] FIG. 2 illustrates a secure Wi-Fi communication
`system according to an embodiment of the invention;
`
`a key management system
`[0028] FIG. 3 illustrates
`according to an embodiment of the invention;
`
`[0029] FIG. 4 illustrates a master key management pro-
`cess according to an embodiment of the invention;
`
`[0030] FIG. 5A illustrates a process for generating a key
`database according to an embodiment of the invention;
`
`[0031] FIG. 5B illustrates a client key initialized for
`multiple Wi-Fi networks according to an embodiment of the
`invention;
`
`[0032] FIG. 6 illustrates a process for managing an access
`point key according to an embodiment of the invention;
`
`[0033] FIG. 7 illustrates a process for uploading a client
`key database file to an access point according to an embodi—
`ment of the invention;
`
`[0034] FIG. 8 illustrates a MAC address filtering system
`implemented at an access point according to an embodiment
`of the invention
`
`[0035] FIG. 9A illustrates exchange of authentication
`frames in a secure Wi-Fi network according to an embodi-
`ment of the invention;
`
`FIGS. 9B-C illustrate an exemplary format of the
`[0036]
`authentication frames exchanged in the embodiment of FIG.
`9A;
`
`[0037] FIG. 10 illustrates a client device authentication
`process according to an embodiment of the invention; and
`
`[0038] FIG. 11 illustrates a client device authentication
`process according to an alternative embodiment of the
`invention.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`[0039] Preferred embodiments of the present invention
`and their advantages may be understood by referring to
`FIGS. 2-11, wherein like reference numerals refer to like
`elements, and are described in the context of a Wi-Fi
`network. Nevertheless, the present invention is applicable to
`both wired or wireless communication networks in general.
`For example, the present invention enables secure end-to-
`end access between a client and any computer residing on a
`network backbone. Often there may not be a wireless
`component anywhere in such a situation.
`
`[0040] The present invention implements a secure, local,
`edge method and system (the implementation of which is
`herein referred to as communicating in a “secure” mode)
`employing a combination of software routines and physical
`keys in the form of easy-to-use adapters that attach to
`existing computing devices and wireless access points via an
`available USB port. These physical keys are secure, tamper-
`resistant physical tokens. “Edge” refers to authentication of
`client devices taking place at the edge or outer boundary of
`the network, i.e., at the access point, rather than centralized
`within the network using a server. Client computing devices
`are authenticated and data security is provided across wire-
`less links using secret cryptographic keys, which are pre-
`stored in the physical keys installed at both the client’s
`computing device and the access point. According to an
`embodiment of the invention, special access point software
`(“AP software”) is provided in the wireless access points and
`NIC drivers are provided in the client devices to realize the
`functions described herein and to ensure delivery of standard
`Wi-Fi filnctionality as well as compatibility with all Wi-Fi
`certified products currently installed on a Wi-Fi network.
`
`[0041] FIG. 2 illustrates a secure Wi-Fi network 200
`according to an embodiment of the invention. Wi-Fi network
`200 comprises a number N of computing devices 210A-N
`communicating with one another via a wireless access point
`220. The access point 220 comprises a Wi-Fi transceiver
`(not shown) to communicate with a wired network (not
`shown). Although each computing device 210 is shown as a
`
`

`

`US 2004/0068653 A1
`
`Apr. 8, 2004
`
`laptop, other Wi-Fi enabled computing devices such as, but
`not limited to personal digital assistants (PDAs), desktops,
`and workstations can be employed within network 200.
`Moreover, one of ordinary skill in the art recognizes that
`more than one wireless access point 220 may be imple-
`mented within network 200. All computing devices 210A—N
`can act as clients of network 200. However, at least one
`computing device such as computing device 210A is
`reserved as a host computer for administering the inventive
`features
`through residing administrative software (not
`shown) when necessary. In an alternative embodiment, the
`host computer can be another machine on the wired—side of
`the network. A master key 230 is installed into an available
`USB port (not shown) at host computing device 210A during
`administration and management of the network 200. To
`facilitate authentication and secure communications,
`a
`unique client key 240A-N is installed into an available USB
`port (not shown) at each computing device 210A-N. Like-
`wise, an access point key (“AP key”) 250 is installed into an
`available USB port (not shown) at access point 220.
`
`the physical keys
`to note that
`is important
`It
`[0042]
`described herein are implemented via USB ports. One of
`ordinary skill in the art recognizes that the master key 230,
`client keys 240A-N, and AP key 250 can be alternatively
`implemented by other conventional or foreseeable connec-
`tion configurations such as, but not
`limited to PC cards
`installed via a PCI or ISA slot; a physical token connected
`via a serial, parallel, or other preferred type of port; an
`Ethernet card; or a wireless smart card. In yet another
`implementation, the AP key 250 can be incorporated directly
`into the internal hardware of the access point 220, thereby
`alleviating the need for an external physical AP key.
`
`[0043] The master key 230, client keys 240A-N, and AP
`key 250 overlap in functionality. Particularly, each physical
`key comprises an embedded tamper-resistant subscriber
`identity module (SIM) token 232, 242A—N, or 252, respec—
`tively, unique to each key. In an embodiment of the inven-
`tion, a Cryptoflex USB-enabled SIM chip is employed as the
`SIM token. Nevertheless, other conventional or foreseeable
`SIMs may be substituted. The AP key 250 differs slightly
`from both the master key 230 and the client keys 240A-N in
`that it preferably employs a device USB connector rather
`than a standard USB connector. Generally, a device USB
`connector is different from a standard USB connector only
`in physical layout. Yet, they each carry the same signal wires
`to provide a USB interface to the USB—enabled SIM chip,
`which typically communicates over a simplex data line at
`approximately 9600 bits-per-second.
`Importantly, each
`physical key has a unique serial number stored permanently
`and electronically inside the SIM by the manufacturer to
`provide positive identification. Each SIM comprises a ran-
`dom number generator.
`
`[0044] Each client key 240 is used to authenticate and
`provide secure connections at a corresponding computing
`device 210. Once the special NIC driver software is installed
`for a NIC, the computing device 210 examines whether a
`Wi-Fi network exists and if found, attempts to authenticate
`itself with that network. If the network is enabled to operate
`in secure mode, all of the currently configured wireless
`settings of the computing device 210 are switched to secure
`mode and the login process is completely automated as
`further described. If the network is not secure mode enabled,
`the computing device 210 attempts to connect to it using
`
`standard Wi-Fi parameters. The smart NIC driver replaces a
`standard driver associated via a standard wireless NIC card,
`thereby providing the software necessary to manage com-
`munications with the client key 240. This driver authenti-
`cates data packets and performs encryption/decryption func-
`tions during secure mode communications.
`
`[0045] Like the master key 230, the AP key 250 is first
`initialized so that it can be recognized by the administrative
`software and by the AP software as an AP key. The AP key
`250 is used to activate functionality i