as United States
`a2) Patent Application Publication co) Pub. No.: US 2004/0068653 Al
`(43) Pub. Date: Apr. 8, 2004
`
`Fascenda
`
`US 20040068653A1
`
`(54) SHARED NETWORK ACCESS USING
`DIFFERENT ACCESS KEYS
`
`(52) US. Che
`
`cescssesssssssesnstntsntsenntnesssessnsstves 713/168
`
`(76)
`
`Inventor: Anthony C. Fascenda, North Bethesda,
`MD(US)
`
`(57)
`
`ABSTRACT
`
`Correspondence Address:
`HUNTON & WILLIAMS LLP
`INTELLECTUAL PROPERTY DEPARTMENT
`1900 K STREET, N.W.
`SUITE 1200
`WASHINGTON,DC 20006-1109 (US)
`
`(21) Appl. Na.:
`
`10/679,268
`
`(22)
`
`Filed:
`
`Oct. 7, 2003
`
`Related U.S. Application Data
`
`(60) Provisional application No. 60/416,583,filed on Oct.
`8, 2002. Provisional application No. 60/477,921, filed
`on Jun. 13, 2003. Provisional application No. 60/422,
`474, filed on Oct. 31, 2002.
`
`Publication Classification
`
`(51) Unt, Ci aceccccssssssssistsssnesssiesnssasues HO4L 9/00
`
`The invention provides a secure Wi-Fi communications
`method and system to enable automatic network roaming
`without requiring any back-end authentication servers and
`alleviating the need to handle large numbers of network
`parameters. In an embodiment of the invention, a client
`device listens for a “beacon frame” broadcast from a Wi-Fi
`access point. The beacon frame identifies the basic service
`set identifier (BSSID) of the access point. A tamper-resistant
`token,or client key, installed at the client device stores a set
`of authentication parameters, e.g., cryptographic keys, for
`cach Wi-Fi nctwork the clicnt is permitted to access. Each
`set of authentication parameters is associated with a par-
`ticular BSSID. Using the BSSID received from the access
`point, the client device identifies and implements the appro-
`priate set of authentication parameters necessary to authen-
`ticate the client device according to an authentication pro-
`cess generally accepted by all the Wi-Fi networkspotentially
`servicing the client. Accordingly, a consistent authentication
`and security mechanismis provided to enable a client device
`to easily roam from one network to another without requir-
`ing the client to manually change network configurations.
`
`230
`
`=
`
`210A
`
`b $
` QO a232 4
`
`
`*.,
`‘.
`4Re
`eg Ma
`
`240A
`
`242A
`
`200
`x
`
`
`
`Wireless AP
` 250
`
`240B
`
`252 4
`
`
`
`
`242N t
`
`240N
`
`APPLE 1037
`APPLE 1037
`
`1
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 1 of 13
`
`US 2004/0068653 Al
`
`1i1III
`
`U
`t
`'
`'
`
`100
`
`
`
`3I
`Wired
`!
`hh soe Network
`(LAN)
`
`-
`
`b
`
`125
`
`
`
`FIG. 1
`(Prior Art)
`
`LISA. §
`
`.
`
`‘.
`
`.
`
`OB
`
`11
`
`.
`
`*
`“
`
`' 15B
`WMH oe see teee ie
`
`om
`
`
`2
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 2 of 13
`
`US 2004/0068653 Al
`
`200Sm
`Wireless AP (3
`252 4 FIG. 2
`
`242B 4 240B
`
`“92
`
`250
`
`240A
`
`2a2a S
`
`Qoz
`240N
`242N 4S
`
`3
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 3 of 13
`
`US 2004/0068653 Al
`
`300 Ly
`
`230
`
`goa
`
`
`SS,
`
`
`Value (example)
`1075633339231884
`
`
`BCO17544-19491-119A3
`EA910012-10445-193B3
`71 ACEFI1-19311-AE110
`MK_IDS
`PIN NUMBER
`
`“NEWCO1234”
`
`
`Master Key Parameter
`
`Serial Number
`
`
`
` . Key Database!!
`
`“KEYDB 107563333923 184.MDB”
`
`
`
`FIG. 3
`
`4
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 4 of 13
`
`US 2004/0068653 Al
`
`410
`
`Install admin.
`
`software
`
`A15
`
`gm
`
`FIG.4
`
`42.Nn
`
`Insert master key
`
`43 NO
`
`Unlock master key
`with transport PIN
`
`43 wm
`
`a2)
`
`
`
`
`Master key
`inserted
`
`Correct PIN
`unlocks master key
`
`4 65
`
`Obtain master key
`serial number
`
`470
`
`Open key database
`
` o
`
`Generate MK_IDSt
`H
`
`Generate MKSand
`MKR
`
`Install MK_IDS,
`MKS, etc.
`
`Ad 5
`
`450
`
`Correct PIN locks
`master key
`
`A7T5
`
`455
`
`Perform key
`management
`
`Create key
`database
`
`5
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 5 of 13
`
`US 2004/0068653 Al
`
`510
`
`FIG. 5A
`
`oe
`
`Insert master key
`
`Proper PIN unlocks
`
`Retrieve MK_IDS
`and serial number
`
`— 5
`
`525
`
`
`
`Copy BSSID, MKS,
`and MKRtoclient
`key
`
`550
`
`
`
`555
`
`Generate client
`CK_IDSfor key
`
`560
`
`D>
`
`UE20
`master key
`
`Open key databaseif30
`
`
`Insert new client
`
`key
`
`
`
`
`
`
`
`Another
`Key
`Initialized
`client key
`
`?
`
`
`
`Create client record
`for key database
`
`56
`
`5
`
`57
`
`0
`
`Encrypt CK_IDS
`with MK_IDS
`
`Write record to
`key database
`
`Retrieve client key
`serial number
`
`Decrypt key record
`with MK_IDS
`
`6
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 6 of 13
`
`US 2004/0068653 Al
`
`FIG. 5B
`
`point(s) on network A
`
`Network A
`
`NKS, = Network A send crypt. key
`NKR,= NetworkA receive crypt. key
`CK_IDS,= Secret crypt. key for Network A
`BSSIDs = MAC address(es) of access
`
`———— Network C
`
`Network B
`
`7
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 7 of 13
`
`US 2004/0068653 Al
`
`610
`
`Execute AP key
`
`mgmt. routine
`
`gon
`
`615
`
`650
`
`Insert AP Key
`
`Display appropriate
`AP key parameters
`
`620
`
`Yes
`
`645
`
`No
`
`Blank AP
`key
`?
`
`NoO
`
`655
`
`FIG.6
`
`Correct PIN unlocks
`AP key
`
`Display appropriate
`AP key parameters
`
`
`
`
`
`630
`
`63
`
`5
`
`parameters, ctc.
`
`Install NKS and
`NKR
`
`640
`
`Create and install
`
`AP_IDS
`
`660
`
`‘Add This
`Network
`?
`
`
`
`No
`
`8
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 8 of 13
`
`US 2004/0068653 Al
`
`FIG. 7
`
`700
`
`10
`
`)
`
`Select desired AP
`from list
`
` 715
`
`
`
`
`
`
`
`
`
`
`
`
`¥,
`
`Authenticate AP
`using AP key
`720b
`
`Retrieve
`AP_IDS
`
`725
`
`Build client keyfile
`
`30
`
`Encrypt client key
`file
`
`35
`
`Transfer client key
`file to AP
`
`9
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 9 of 13
`
`US 2004/0068653 Al
`
`800
`
`
`
`
`Unauthorized
`clients MAC
`table
`
`“Do not allow”
`MACtable
`
`Access
`Point
`NIC
`
`
`
`Authorized
`users
`MACtable
`
`Connection attempt
`from device 210
`
`FIG. 8
`
`10
`
`10
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 10 of 13
`
`US 2004/0068653 Al
`
`006
`
`
`
`SdIA0qJUSTO
`
`(Za9q)
`
`
`
`(aydurexs)oneA,
`
` Tooweeg
` 3Mwel]
`
`LA98I-SPPOT-ZLOOTLVO
`
`€V6II-l6P6l-PrSLIOOd
`
`L81Vd-99¢6€-1OACHLI
`
`L8SC9S9TIOAV
`
`LH981-Spr0I-CcIO01Laa
`
`CV6II-16h61-PPSLIONE
`
`L8TVH-99¢6¢-LOACALI
`
`O79eS6L6LVIDF
`
`Cal6l-SProl-TIOOl6VA
`
`EV6II-16P6I-PPSLI0O"d
`
`
`
`1689-916PE-LHOVATI
`
`68PPC7LOIS608
`
`E8BO0TIZLESESISS8C
`
`S66rS
`
`*sqr40
`
`OTSSa
`
`deyyNASIN
`
`~sdr39
`
`'qIssd
`
`O?RDIN
`
`VESIN
`
`weeaeeeore
`
`
`
`oC6(Pa)+sequinujeuesquarp
`(Ta)[wopuey
`p76*saryoum
`
`Joquinyy[elas
`[Zy]¢'SarMOwspaiddsoua
`paiddroua
`
`CVOII-l6Pr6l-PrSLIODE
`cacol-SrrOl-clOOl6VA
`L8TV4-99¢6¢-1TDOACHLI
`CHOTCELOLPSB8IS6E
`V6‘OIA
`ToyouesregAdydV
`(Tx)cwopuey
`
`JOqUINNjeHas
`
` (ydurexsyanpeq68PrEzlOTS60d="'ISSa
`
`(a1~Aa9q)
`
`sofadV
`
`olsardVolWIN
`
`SISMIN
`
`11
`
`11
`
`
`
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 11 of 13.
`
`US 2004/0068653 Al
`
`922
`£
`Authentication Request Framesent to AP
`
`Authentication Status|Challenge TextAuthentication
`
`AlgorithmNumber
`TransactionSeq.
`Code!
`.
`Number:
`ay
`“y”
`Sar key serial number, [R1] random number
`
`encrypted with CK_IDSj-
`
`FIG. 9B
`
`Authentication Response Framereturned to Client aa Aae [R2] encrypted with CK_IDS2c
`
`i
`
`FIG. 9C
`
`12
`
`12
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 12 of 13
`
`US 2004/0068653 Al
`
`1000b
`
`
`
`Client receives either “Beacon
`Client selects appropriate
`BSSID
`network parameters based on
`Frame”or “Probe Response
`
`
`Frame” from AP
`
`
`
`Client sends challenge to access point comprisingclient key
`serial number and first random number (R1) encrypted with
`CK_IDS».
`
`
`
`
`
`1030
`
`Access point retrieves CK_IDS, from
`its client key database using client
`key serial number
`
`1020
`
`Access point decrypts challenge
`with CK_IDS,andretrieves R1
`
`RI Decrypted
`
`Yes
`
`No
`
`1025
`
`Client device authenticated;
`place MACin “Authorized
`Users”table.
`
`1035
`
`Accesspoint obtains second
`random number(R2) generated
`
`1040
`
`Accesspoint encrypts R2 with
`CK_IDS, and sends second
`challenge to client device
`
`1045
`
`Client device decrypts second
`challenge with CK_IDS, to
`extract R2.
`
`
`in AP key.
`
`Properly?
`
`Client device not authenticated; place MAC
`in “Do Not Allow”table.
`1085
`communications.
`
`Access point
`authorized and begin normal
`
`Yes
`
`R2 Decrypted
`Properly?
`
`NOTauthorized and abort FIG. 10
`
`No
`
`1050
`
`Access point
`network communications
`
`13
`
`13
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 13 of 13
`
`US 2004/0068653 Al
`
`1105
`
`D
`
`BSSID
`
`key serial number and R1 1170
`using client key serial number
`
`
`CK_IDSand retrieves R2. Access point decrypts R2e with
`CK_IDS.
`encrypted with CK_IDS (R2e).
`
`1100é
`
`é
`Client device authenticated;
`place MACin “Authorized
`Users”table.
`
`1165
`
`Yes
`
`1160
`
`1155
`
`1150
`
`Client device sends third
`challenge comprising R2
`
`Client selects appropriate
`network parameters based on
`
`1110
`
`Client sends challenge to access point
`comprising client key serial number
`and first random number(R1).
`
`Access pointretrievesclient
`
`Access pointretrieves CK_IDS
`‘
`"
`.
`
`1115
`
`1120
`
`1125
`
`1130
`
`Access point obtains second
`random number(R2) generated
`in AP key.
`
`Client device not
`authenticated; place MAC
`in “Do Not Allow”table.
`
`No
`
`Access point sends challenge to
`client comprising R1 encrypted with
`CK_IDS (Rle) and R2.
`
`1135
`
`Client device decrypts Rle with
`
`1140
`
`Yes
`
`No
`
`1145
`
`Access point not authorized,
`
`abort network authentication.
`
`FIG. 1 1
`
`14
`
`14
`
`

`

`US 2004/0068653 Al
`
`Apr. 8, 2004
`
`SHARED NETWORK ACCESS USING DIFFERENT
`ACCESS KEYS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`[0001] This present application claims priority to U.S.
`Provisional Patent Application No. 60/416,583 filed on Oct.
`8, 2002; U.S. Provisional Patent Application No. 60/422,474
`filed Oct. 31, 2002; and U.S. Provisional Patent Application
`No. 60/447,921 filed Jun. 13, 2003. The contents of these
`three provisionals are incorporated herein by reference in
`their entirety. The present application is related to U.S.
`Patent Application No. 10/xxx,xxx,entitled “Self-Managed
`Network Access Using Localized Access Management,” and
`US. Patent Application No. 10/xxx,xxx,entitled “Localized
`Network Authentication and Security Using Tamper-Resis-
`tant Keys,” both of which are filed concurrently herewith.
`
`BACKGROUND OF THE INVENTION
`
`[0002]
`
`1. Field of Invention
`
`[0003] The present invention relates to wireless network-
`ing, and more particularly, to an authentication and secure
`communication system for Wi-Fi (IEEE 802.11) networks.
`
`[0004]
`
`2. Description of Related Art
`
`[0005] A Wireless Local Area Network (WLAN)is gen-
`erally implemented to provide local connectivity between a
`wired network and a mobile computing device. In a typical
`wireless network, all of the computing devices within the
`network broadcast their information to one another using
`radio frequency (RF) communications. WLANsare based
`on the Institute of Electrical and Electronic Engineers
`(IEEE) 802.11 standard, which designates a wireless-Ether-
`net specification using a variety of modulation techniquesat
`frequencies generally in the 2.4 gigahertz (GHz) and 5 GHz
`license-free frequency bands.
`
`[0006] The IEEE 802.11 standard (“Wi-Fi”), the disclo-
`sure of which is incorporated herein in its entirety by
`reference, enables wireless communications with through-
`put rates up to 54 Mbps. Wi-Fi (for “wireless fidelity”) is
`essentially a seal of approval certifying that a manufactur-
`er’s product is compliant with IEEE 802.11. Por example,
`equipment carrying the “Wi-Fi” logo is certified to be
`interoperable with other Wi-Fi certified equipment. There
`are Wi-Fi compatible PC cards that operate in peer-to-peer
`mode, but Wi-Fi usually incorporates at least one access
`point, or edge device. Most access points have an integrated
`Ethemet controller to connect to an existing wired-Ethernet
`network. A Wi-Fi wireless transceiver connects users via the
`access point to the rest of the LAN. The majority of Wi-Fi
`wireless transceivers available are in Personal Computer
`Memory Card International Association (PCMCIA) card
`form, particularly for laptop, palmtop, and other portable
`computers, however Wi-Fi transceivers can be implemented
`through an Industry Standard Architecture (ISA) slot or
`Peripheral Component Interconnect (PCI) slot in a desktop
`computer, a Universal Serial Bus (USB), or can be fully
`integrated within a handheld device.
`
`[0007] FIG. 1 illustrates a typical conventional Wi-Fi
`network 100. Particularly, Wi-Fi network 100 comprises a
`number (N) of computing devices 110A-N and an access
`point 120. Each computing device 110 comprises a Wi-Fi
`
`transceiver (not shown) such as a Wi-Fi enabled network
`interface card (NIC) to communicate with the access point
`via an RF communications link 115. The access point 120
`comprises a Wi-Fi transceiver (not shown) to communicate
`with a wired network via an RF communications link 125.
`
`[0008] Authentication and security features offered by
`conventional Wi-Fi products have been implemented via
`Wired Equivalency Protocol (WEP). With WEPenabled, an
`access point will not admit anyone onto the LAN without the
`proper WEPsettings. The WEPsettings are used primarily
`for wireless security, but
`they also form the basis for
`authentication in that without these settings known to and
`used by the user, the user cannot connect through the access
`point.
`
`[0009] The 802.11 standard defines different frame types
`that the Wi-Fi enabled NICs and access points employ for
`communications, as well as managing and controlling the
`wireless link. Every frame includes a control field that
`describes the 802.11 protocol version, frame type, and other
`network indicators, such as whether WEPis aclive, power
`management
`is enabled, etc. All
`frames contain MAC
`addresses of the source and destination station, and access
`point, in addition to a frame sequence oumber, a frame body,
`and a frame check sequencefor error detection. Data frames
`carry protocols and data from higher layers within the frame
`body. For example, a data frame can comprise hypertext
`markup language (H'I'ML) code from a Web pagethat a user
`is viewing. Other frames implemented for management and
`control carry specific information regarding the wireless link
`in the frame body. For example, an access point periodically
`sends a beacon frame to announce its presence and relay
`information,
`such as
`timestamp,
`service set
`identifier
`(SSID), and other parameters regarding the access point to
`the NICs that are within range.
`
`[0010] The SSID is a 32-character unique identifier that
`acts as a password when a mobile device tries to connect to
`the network. The SSID differentiates one WLAN from
`
`another, so all access points and all devices attempting to
`connect to a specific WLAN must use the same SSID. A
`device will not be permitted to join the network unlessit can
`provide the unique SSID. Because an SSID can be sniffed in
`plain text from a packet it does not supply any security to the
`network. An SSID is also referred to as a network name, or
`networkID, becauseessentially it is a namethat identifies a
`wireless network.
`
`(0011] The number of publicly available wireless 802.11
`networks is rapidly increasing. Each network is “Wi-Fi
`compatible” and, following the specification, identifies itself
`using the beacon frame, which broadcasts the SSID to all
`potential users of the network. Typically, an access point
`broadcasts a beacon frame every 10 ms. When a useris in
`the broadcast range of one or more Wi-Fi networks, the
`user’s wireless NIC listens for the beacon frame(s) associ-
`ated each network.A list of all SSIDs currently available is
`displayed to the user, from which the user makes a choice.
`Typically, there is only one network with which the user can
`connect. Once a particular available Wi-Fi network is
`selected, the user must ensure that all of his Wi-Fi commu-
`nication scttings, c.g., SSID, WEPon or off, WEP keys,ctc.,
`are properly configured to connect to the selected Wi-Fi
`network. Use of beacon frames to identify a network is
`knownas “passive mode.” An alternative method of seeking
`
`15
`
`15
`
`

`

`US 2004/0068653 Al
`
`Apr. 8, 2004
`
`wireless networks is known as “active mode,” whereby the
`NIC issues a “probe request” to cause all the listening access
`points within range to respond with an identifying frame
`containing their SSID. Both modesare explicitly defined in
`the 802.11 specification.
`[0012] As the user moves from network to network, for
`instance from his office network to a public network at a
`coffee shop,
`the user must switch his Wi-I'i setting as
`appropriate for the local network. Generally, this requires
`advanced knowledge of the settings for the new network.
`Microsoft Windows® operating systems facilitate the stor-
`age of these settings as a “location,” thereby enabling the
`user to simply point-and-click to select the new network.
`However, the uscr still must manually install these param-
`eters for the new network during initial setup.
`[0013] As the number of networksproliferates, the num-
`ber of network configurations will become daunting. More-
`over, each network authenticates the user in some fashion.
`Some networks are left in “wide-open” mode where only a
`proper SSID selected is necessary to connect, but most
`others require passwords, WEPkeys,etc.
`(0014] Of further difficulty for a host facility of a Wi-Fi
`network such as an airport, generally there can only be one
`WiT'i network hosted per location. Vor example, Wi-['i
`networks are shared-used networks. That is, Wi-Fi networks
`are unlicensed and hence there is no protection against
`interference from an additional network being installed at
`the same location. Once the first network is installed, say a
`Wayport® network, which provides travelers with wireless
`Internet access, no other network can be installed without
`interference resulting from the second network. The host
`facility generally prefers that all potential customers have
`access to the wireless network, not just Wayport customers.
`However, a Wayport network only admits Wayport custom-
`ers. Therefore, the issue becomes how do youallow a private
`network to admit customers from other networksto utilize
`
`the private network.
`[0015] Companies like Boingo™offer a service whereby
`users can roam across multiple networks without necessarily
`being a customerof any particular network. Boingo employs
`a ‘sniffer’ program which listens to the beacon frames and
`looks for a match in it’s database of known network con-
`
`figurations. When a matchis found, the Boingo software will
`automatically make the appropriate configuration changes
`for that network and allow the user to connect. Once
`
`connection is attempted, the user appears to the network as
`a Boingo customerandthe user’s credentials are passed onto
`an authentication server for the network. On recognition of
`the user’s name at the authentication server, for example,
`access is then granted or denied. If the Boingo customeris
`not really a customer of the present network, the authenti-
`cation server forwards the uscr’s credentials to a Boingo
`authentication server, which performs the authentication
`service and if valid, passes the ‘grant’? command back to the
`original network authentication server. One problem with
`this approach is that as the number of ‘network affiliates’
`grows for Boingo, each network’s configuration must be
`stored in a database. Accordingly, information in this data-
`base must be downloaded to each user. This becomes
`
`difficult to manage as the number of users and networks
`increase.
`
`“Hot-Spots” as Wi-Fi networks are known in the
`[0016]
`public space, allow users portable, high-speed access to
`
`networks. Current Hot-Spot networks are designed such that
`only their authorized users can access their network. The
`configuration of each network includes numerous param-
`eters, particularly if security such as WEPis enabled. As
`Hot-Spot networks are typically unlicensed and must share
`the spectrum with other users, the existence of a network
`generally precludes the construction of a second network for
`other users at the same location. The authentication mecha-
`nism for one network can be entirely different from that of
`another network. Each network may further have different
`settings for security.
`
`SUMMARYOF THE INVENTION
`
`[0017] The present invention overcomes these and other
`deficienciesof the related art by providing a method to make
`network roaming simple and automatic without requiring
`any back-end authentication servers and alleviating the need
`to handle large numbers of network parameters.
`
`It is the object of this inventionto provide a secure,
`[0018]
`local, edge-method of authenticating users using pre-stored
`credentials in the user’s device rather than an authentication
`server. It is a second object of this invention to allow the
`user’s device to automatically detect which among many
`possible network configurations to select when connecting
`to a network.
`
`{0019] The present invention features three principal ele-
`ments: one or more Wi-Fi access points each with a pre-
`configured tamper-resistant token, or AP key, comprising a
`serial number andsecret cryptographic keys; one or more
`client tokens,or client keys, each of whichis pre-configured
`to authenticate the client for multiple Wi-Fi networks, Le.,
`access points; and an administration facility comprising a
`software program capable of registering and configuring
`both the AP and the client keys.
`
`[0020] Whena client device enters the transmission range
`of an access point, the client device listens for a “beacon
`frame” broadcast from the access point. The beacon frame
`identifies the basic service set identifier (BSSID) of the
`access point. The client key installed at the client device
`stores a set of authentication parameters, e.g., cryptographic
`keys, for each Wi-Fi network the client is given permission
`to use. Each set of authentication parameters is associated
`with a particular BSSID. Using the BSSID received from the
`access point, the client device identifies and implements the
`appropriate set of authentication parameters necessary to
`authenticate the client device. If the access point does not
`broadcast beacon frames,the client device can send a “Probe
`Request,” which causes the access point to respond with a
`beacon frame identifying the access point. Io order for a
`client device to have access to more than one Wi-Fi network,
`that client device must possess a client key initialized by
`each Wi-I'i network administrator with the appropriate
`authentication parameters, or credentials, stored in the client
`key.
`
`In an embodiment of the invention, a method of
`[0021]
`authenticating a computing device on a Wi-Fi communica-
`tions network comprises the steps of: obtaining an access
`point identifier at a computing device, wherein the access
`point identificr identifics an access point of a Wi-Fi com-
`munications network; selecting, at the computing device, a
`set of authentication parameters associated with said access
`point identifier; and implementing an authentication process
`
`16
`
`16
`
`

`

`US 2004/0068653 Al
`
`Apr. 8, 2004
`
`employing the set of authentication parameters. The access
`point identifier can be a basic service set identifier received
`from the access point. The set of authentication parameters
`are pre-stored in a tamper-resistant physical token installed
`at the computing device. The tamper-resistant physical token
`comprises multiple sets of authentication parameters, each
`of which is associated with a unique access pointidentifier.
`The computing device is permitted to access the Wi-Fi
`communications network via the access pointif the authen-
`tication process results in a successful authentication of the
`computing device.
`
`In another embodiment of the invention, a com-
`[0022]
`munications system comprises: one or more authentication
`devices and one or more client devices, wherein each client
`device includes a unique tamper-resistant physical
`token
`comprising: one or more unique sets of authentication
`parameters, wherein each set of authentication parameters is
`associated with at least one authentication device; a random
`numbergenerator; and a unique serial number. Each client
`device further includes a wireless communications trans-
`ceiver
`to communicate with one of
`the authentication
`devices via a JEEE 802.11 wireless channel. The authenti-
`
`cation devices can be Wi-Fi access points, wherein at least
`two of which are associated with different Wi-Fi networks.
`Each of the unique sets of authentication parameters is
`associated with an access point identifier, which can be a
`basic service set identifier. Each tamper-resistant physical
`token is adapted to be installed via a USB interface at the
`computing, device.
`
`[0023] The present invention provides at each computing
`client device a tamper-resistant physical token that holds the
`credentials, 1.e., authentication parameters, for multiple net-
`works. Accordingly, a consistent authentication and security
`mechanism is provided to enable a client device to easily
`roam from one network to another without having to manu-
`ally change network configurations.
`
`[0024] The foregoing, and other features and advantages
`of the invention, will be apparent from the following, more
`particular description of the preferred embodiments of the
`invention, the accompanying drawings, and the claims.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0025] For a more complete understanding of the present
`invention, the objects and advantages thereof, reference is
`now made to the following descriptions taken in connection
`with the accompanying drawings in which:
`
`[0026] FIG. 1 illustrates a conventional Wi-Fi network;
`
`[0027] FIG. 2 illustrates a secure Wi-Fi communication
`system according to an embodiment of the invention;
`
`a key management system
`[0028] FIG. 3 illustrates
`according to an embodiment of the invention;
`
`[0029] FIG. 4 illustrates a master key management pro-
`cess according to an embodimentof the invention;
`
`[0030] FIG. SA illustrates a process for generating a key
`database according, to an embodiment of the invention;
`
`[0031] FIG. 5B illustrates a client key initialized for
`multiple Wi-Fi networks according to an embodiment of the
`invention;
`
`FIG.6 illustrates a process for managing an access
`[0032]
`point key according to an embodimentof the invention;
`
`FIG.7 illustrates a process for uploading a client
`[0033]
`key database file to an access point according to an embodi-
`ment of the invention;
`
`FIG.8 illustrates a MAC addressfiltering system
`[0034]
`implementedat an access point according to an embodiment
`of the invention
`
`[0035] FIG. 9A illustrates exchange of authentication
`frames in a secure Wi-Fi network according to an embodi-
`ment of the invention;
`
`FIGS. 9B-C illustrate an exemplary format of the
`[0036]
`authentication frames exchanged in the embodimentof FIG.
`9A;
`
`[0037] FIG. 10 illustrates a client device authentication
`process according to an embodimentof the invention; and
`
`[0038] FIG. 11 illustrates a client device authentication
`process according to an alternative embodiment of the
`invention.
`
`DETAILED DESCRIPTION OF THE
`PRETFERRED EMBODIMENTS
`
`[0039] Preferred embodiments of the present invention
`and their advantages may be understood by referring to
`FIGS. 2-11, wherein like reference numerals refer to like
`elements, and are described in the context of a Wi-Fi
`network. Nevertheless, the present invention is applicable to
`both wired or wireless communication networks in general.
`For example, the present invention enables secure end-to-
`end access between a client and any computerresiding on a
`network backbone. Often there may not be a wireless
`component anywhere in such a situation.
`
`[0040] The present invention implements a secure, local,
`edge method and system (the implementation of which is
`herein referred to as communicating in a “secure” mode)
`employing a combination of software routines and physical
`keys in the form of easy-to-use adapters that attach to
`existing computing devices and wireless access points via an
`available USB port. These physical keys are secure, tamper-
`resistant physical tokens. “Lidge” refers to authentication of
`client devices taking place at the edge or outer boundary of
`the network, i.e., at the access point, rather than centralized
`within the network using a server. Client computing devices
`are authenticated and data security is provided across wire-
`less links using secret cryptographic keys, which are pre-
`stored in the physical keys installed at both the client’s
`computing device and the access point. According to an
`embodimentof the invention, special access point software
`(“AP software”) is provided in the wireless access points and
`NIC drivers are provided in the client devices to realize the
`functions described herein and to ensure delivery of standard
`W1-Fi functionality as well as compatibility with all Wi-Fi
`certified products currently installed on a Wi-I'i network.
`
`(0041] FIG. 2 illustrates a secure Wi-Fi network 200
`according to an embodimentof the invention. Wi-Fi network
`200 comprises a number N of computing devices 210A-N
`communicating with onc another via a wircless access point
`220. The access point 220 comprises a Wi-Fi transceiver
`(not shown) to communicate with a wired network (not
`shown). Although each computing device 210 is shown as a
`
`17
`
`17
`
`

`

`US 2004/0068653 Al
`
`Apr. 8, 2004
`
`laptop, other Wi-Fi enabled computing devices suchas, but
`not limited to personal digital assistants (PDAs), desktops,
`and workstations can be employed within network 200.
`Moreover, one of ordinary skill in the art recognizes that
`more than one wireless access point 220 may be imple-
`mented within network 200. All computing devices 210A-N
`can act as clients of network 200. However, at least one
`computing device such as computing device 210A is
`reserved as a host computer for administering the inventive
`features
`through residing administrative software (not
`shown) when necessary. In an alternative embodiment, the
`host computer can be another machine on the wired-side of
`the network. A master key 230is installed into an available
`USBport (not shown)at host computing device 210A during
`administration and management of the network 200. To
`facilitate authentication and secure communicalions,
`a
`unique client key 240A-Nisinstalled into an available USB
`port (not shown) at each computing device 210A-N.Like-
`wise, an access point key (“AP key”) 250is installed into an
`available USB port (not shown) at access point 220.
`
`the physical keys
`to note that
`is important
`It
`[0042]
`described herein are implemented via USB ports. One of
`ordinary skill in the art recognizes that the master key 230,
`client keys 240A-N, and AP key 250 can be alternatively
`implemented by other conventional or foreseeable connec-
`tion configurations such as, but not
`limited to PC cards
`installed via a PCI or ISA slot; a physical token connected
`via a serial, parallel, or other preferred type of port; an
`Ethermet card; or a wireless smart card. In yet another
`implementation, the AP key 250 can be incorporated directly
`into the internal hardware of the access point 220, thereby
`alleviating the need for an external physical AP key.
`
`[0043] The master key 230, client keys 240A-N, and AP
`key 250 overlap in functionality. Particularly, each physical
`key comprises an embedded tamper-resistant subscriber
`identity module (SIM) token 232, 242A-N,or 252, respec-
`tively, unique to each key. In an embodimentof the inven-
`tion, a Cryptoflex USB-enabled SIM chip is employedas the
`SIM token. Nevertheless, other conventional or foreseeable
`SIMs may be substituted. The AP key 250 differs slightly
`from both the master key 230 and the client keys 240A-Nin
`that it preferably employs a device USB connector rather
`than a standard USB connector. Generally, a device USB
`connectoris different from a standard USB connector only
`in physical layout. Yet, they each carry the same signal wires
`to provide a USB interface to the USB-enabled SIM chip,
`which typically communicates over a simplex data line at
`approximately 9600 bits-per-second.
`Importantly, each
`physical key has a unique serial number stored permanently
`and electronically inside the SIM by the manufacturer to
`provide positive identification. Each SIM comprises a ran-
`dom number generator.
`
`[0044] Each client key 240 is used to authenticate and
`provide secure connections at a corresponding computing
`device 210. Once the special NIC driver softwareis installed
`for a NIC, the computing device 210 examines whether a
`Wi-Fi network exists and if found, attempts to authenticate
`itself with that network. If the network is enabled to operate
`in secure mode, all of the currently configured wireless
`scttings of the computing device 210 are switched to secure
`mode and the login process is completely automated as
`further described.If the network is not secure mode enabled,
`the computing device 210 attempts to connect to it using
`
`standard Wi-Fi parameters. The smart NIC driver replaces a
`standard driver associated via a standard wireless NIC card,
`thereby providing the software necessary to manage com-
`munications with the client key 240. This driver authenti-
`cates data packets and performs encryption/decryption func-
`tions during secure mode communications.
`
`[0045] Like the master key 230, the AP key 25