as) United States
`a2) Patent Application Publication 0) Pub. No.: US 2004/0068653 Al
`(43) Pub. Date: Apr.8, 2004
`
`Fascenda
`
`US 20040068653A1
`
`(54) SHARED NETWORK ACCESS USING
`DIFFERENT ACCESS KEYS
`
`(52) U.S. Ch.
`
`cecesessssssssstsnsiessetnstvassetstnsssense 713/168
`
`(76)
`
`Inventor: Anthony C. Fascenda, North Bethesda,
`MD(US)
`
`(57)
`
`ABSTRACT
`
`Correspondence Address:
`HUNTON & WILLIAMS LLP
`INTELLECTUAL PROPERTY DEPARTMENT
`1900 K STREET, N.W.
`SUITE 1200
`WASHINGTON,DC 20006-1109 (US)
`
`(21) Appl. No.:
`
`10/679,268
`
`(22)
`
`Filed:
`
`Oct. 7, 2003
`
`Related U.S. Application Data
`
`(60) Provisional application No. 60/416,583, filed on Oct.
`8, 2002. Provisional application No. 60/477,921, filed
`on Jun. 13, 2003. Provisional application No. 60/422,
`474, filed on Oct. 31, 2002.
`
`Publication Classification
`
`(SL) Ute C17 ciceccscsscssssssssssensssesnesneenessee HO4L 9/00
`
`The invention provides a secure Wi-Fi communications
`method and system to enable automatic network roaming
`without requiring any back-end authentication servers and
`alleviating the need to handle large numbers of network
`parameters. In an embodiment of the invention, a client
`device listens for a “beacon frame” broadcast from a Wi-Fi
`access point. The beacon frame identifies the basic service
`set identifier (BSSID) ofthe access point. A tamper-resistant
`token,or client key, installed at the client device stores a set
`of authentication parameters, e.g., cryptographic keys, for
`each Wi-Fi network the client is permitted to access. Each
`set of authentication parameters is associated with a par-
`ticular BSSID. Using the BSSID received from the access
`point, the client device identifies and implements the appro-
`priate set of authentication parameters necessary to authen-
`ticate the client device according to an authentication pro-
`cess generally accepted byall the Wi-Fi networkspotentially
`servicing the client. Accordingly, a consistent authentication
`and security mechanism is providedto enable a client device
`to easily roam from one network to another without requir-
`ing the client to manually change network configurations.
`
`210A
`
`b
`
`Ce
`
`200
`a
`
`8
`
`ao f
`
`.
`
`215A
`,
`Se
`
`aoa>24204 8.
`
`Te
`«
`215B
`seveeees Qevteseeceeseseepe
`
`
`
`oN
`wae
`240B
`
`'
`‘<a ae
`opt
`
`i
`i
`iN
`i
`
`Wireless AP
`
`
`
`af
`f
`” N
`BN S _
`ues
`250
`252 4
`
`a
`
`“
`
`“
`SN°
`
`
`
`
`
`
`242N 4
`
`240N
`
`APPLE 1037
`
`APPLE 1037
`
`1
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 1 of 13
`
`US 2004/0068653 Al
`
`100om
`
` Wired
`
`Rp os Network
`(LAN)
`
`125
`
`FIG. 1
`(Prior Art)
`
`2
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 2 of 13
`
`US 2004/0068653 Al
`
`200sx
`
`oN a
`‘nn
`
`~.
`
`te
`
`240A
`
`242A
`
`240B
`
`242B 4S
`
`Wireless AP
` 5at
`
`es . :
`XN
`
`240N
`
`242N 4
`
`3
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 3 of 13
`
`US 2004/0068653 Al
`
`300
`
`Ly
`
`210A
`
`
`
`Key Database’?
`
`“KEYDB107563333923184.MDB”
`
`
`Master Key Parameter
`
`Serial Number
`
`
`MKS
`MKR
`MK_IDS
`
`
`PIN NUMBER
`
`Value (example)
`107563333923 1884
`BC017544-19491-119A3
`EA910012-10445-193B3
`71 ACEF1-19311-AE110
`“NEWCO1234”
`
`FIG. 3
`
`4
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004
`
`Sheet 4 of 13
`
`US 2004/0068653 Al
`
`FIG. 4
`
`42in
`
`Insert master key
`
`43 No
`
`Unlock master key
`with transport PIN
`
`43 a
`
`Zi
`
`2]
`
`oS
`
`Generate MKS and
`
`Generate MK_IDSit
`MKRHf
`MKS, etc.i
`master keyi
`
`Install MK_IDS,
`
`44
`
`mn
`
`450
`
`Correct PIN locks
`
`45 WG
`
`Create key
`database
`
`
`
`
`Master key
`inserted
`
`
`managementtiiWN©
`
`Correct PIN
`unlocks master key
`
`465
`
`Obtain master key
`serial number
`
`Open key database
`
`Perform key
`
`5
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 5 of 13
`
`US 2004/0068653 Al
`
`FIG. 5A
`
`ou
`
`550
`
`
`
`
`
`
`Copy BSSID, MKS,
`and MKRto client
`key
`
`555
`
`Generateclient
`CK_IDSfor key
`
`560
`
`Create client record
`for key database
`
`
`
`565
`
`Y,
`
`570
`
`D>
`
`Encrypt CK_IDS
`with MK_IDS
`
`Write record to
`key database
`
`Insert master key
`
`Proper PIN unlocks
`master key
`
`— 0
`
`15
`
`20
`
`Retrieve MK_IDS
`and serial number
`
`Open key databaseitnNa
`
`530
`
`
`
`Insert new client
`
`key
`
`
`
`Retrieve client key
`serial number
`
`
`
`
`
` Another
`Key
`
` client key
`Initialized
`
`?
`
`Decrypt key record
`with MK_IDS
`
`
`
`6
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 6 of 13
`
`US 2004/0068653 Al
`
`FIG. 5B
`
`point(s) on network A
`
`Network A
`
`NKS, = Network A send crypt. key
`NKR,= Network A receive crypt. key
`CK_IDS, = Secret crypt. key for Network A
`BSSIDs = MAC address(es) of access
`
`———— Network C
`
`Network B
`
`7
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 7 of 13
`
`US 2004/0068653 Al
`
`610
`
`Execute AP key
`
`mgmt. routine
`
`ge
`
`615
`
`650
`
`4
`
`Insert AP K
`se
`
`°y
`
`620
`
`Display appropriate
`AP key parameters
`
`Yes
`
`645
`
`No
`
`Blank AP
`key
`?
`
`
`
`NoO
`
`655
`
`FIG. 6
`
`
`
`Display appropriate
`AP key parameters
`
`660
`
`
`
`
`Add This
`Network
`?
`
`
`
`
`No
`
`Correct PIN unlocks
`AP key
`
`630
`
`Enter/store admin
`
`parameters, etc.
`
`635
`
`Install NKS and
`NKR
`
`640
`
`Create and install
`
`AP_IDS
`
`8
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 8 of 13
`
`US 2004/0068653 Al
`
`FIG.7
`
`700
`
`10
`
`i)
`
`
`
`Select desired AP
`from list
`
`715
`
`
`
`¥,
`
`Authenticate AP
`using AP key
`
`720
`
`
`
`
`
`
`
`
`
`
`
`Retrieve
`AP_IDS
`
`725
`
`Build client keyfile
`
`30
`
`Encryptclient key
`file
`
`35
`
`
`
`Transfer client key
`file to AP
`
`9
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 9 of 13
`
`US 2004/0068653 Al
`
`800
`
`
`
`
`Unauthorized
`clients MAC
`table
`
`“Do not allow”
`MACtable
`
`Access
`Point
`NIC
`
`Authorized
`
`
`
`users
`MACtable
`
`Connection attempt
`from device 210
`
`FIG. 8
`
`10
`
`10
`
`

`

`Patent Application Publication
`
`Apr.8, 2004 Sheet 10 of 13
`
`US 2004/0068653 Al
`
`006
`
`
`
`c06[ra]+sequinu[easqual[D
`[Z7y]¢2eqIAOWMpaidésous
`
`paydAsoua
`
`*SqIMDys
`
`(ajdurexs)onfeA
`ToyoureregAdyJUSTO
`
`
`
`
`
`Sd1AeqJUSTIA
`
`(Za9)
`
`68PrEZIOIS60=9'dISSA
`
`ao1aaddV
`
`(D1-A9q)
`
`
`
`
`
`EROLIZTLEIESISSBTTaquiny[P1ag
`
`68PPETIOTS604
`
`
`
`LA9QBI-SPrOI-ZIOOILVOVeSyIN
`
`
`
`EV6II-16b61-VPSLIOOdVODIN
`
`L81VA-99€6€-1DACALTvésqIMO
`
`LA9BI-SprOT-ZIOOILa_8SIN
`
`ny(esegcozidavSS
`
`
`
`EV6LI-L6r6I-PrSLIOAEIADIN
`
`L81V5-99€6€-IDAGALIeoqrAD
`
`
`CALEI-SPPOI-TLOOL6VA_%S3IN
`aOc9ES6ESLFIDASS
`
`
`
`
`
`EV6II-16P61-PPSLIOO"EIRDIN
`
`
`
`1680-916PE-LHOVACI%SqrMD
`
`
`
`$6606(Ty)[wopuey
`
`CV6IT-L6r6T-PPSLIOOE
`
`CACol-SPrOl-ClOOl6VA
`
`L8TVA-99£6¢-TOACHLT
`
`IISardV
`
`IISSIN
`
`OWDIN
`
`COOITELOLPSB8ISEE
`
`Joquinyy[ewes
`
`(durexs)onjeA,
`
`TajouelegAdydV
`
`PSLOl
`
`(ca)Cwopuey
`
`Vo‘Old
`
`11
`
`11
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Apr. 8, 2004 Sheet 11 of 13
`
`US 2004/0068653 Al
`
`Authentication Request Framesent to AP
`Authentication
`Authentication
`Challenge Text
`Algorithm.Number
`TransactionSea.
`“pe
`“y?
`
`encrypted with CK_IDSj-
`
`so
`
`—— key serial number, [R1] random number
`
`FIG. 9B
`
`_Authentication Res ponse Frame returned to Client thie encrypted with CK_IDSic
`
`c=
`
`FIG. 9C
`
`12
`
`12
`
`

`

`Patent Application Publication
`
`Apr.8, 2004 Sheet 12 of 13
`
`US 2004/0068653 Al
`
`1002
`
`Client receives either “Beacon
`Frame”or “Probe Response
`
`Frame” from AP
`
`1030
`
`Client device authenticated;
`place MAC in “Authorized
`Users”table.
`
`1035
`
`Access point obtains second
`random number(R2) generated
`
`1040
`
`Access point encrypts R2 with
`CK_IDS, and sends second
`challenge to client device
`
`1045
`
`Client device decrypts second
`challenge with CK_IDS, to
`
`
`in AP key.
`
`extract R2.
`
`
`Yes
`
`R2 Decrypted
`Properly?
`
`
`network communications
`
`No
`
`1050
`
`Access point
`NOTauthorized and abort
`
`1004
`
`1000
`b
`
`Client selects appropriate
`network parameters based on
`
`1010
`
`Client sends challenge to access point comprising client key
`serial numberand first random number (R1) encrypted with
`CK_IDS).
`
`1015
`
`Access point retrieves CK_IDS, from
`its client key database using client
`
`1020
`
`Access point decrypts challenge
`
`RI Decrypted
`Properly?
`
`Yes
`
`BSSID
`
`key serial number
`with CK_IDS,andretrieves R1
`
`
`
`in “Do Not Allow”table.
`communications.
`
`No
`
`1025
`
`Client device not
`
`authenticated; place MAC
`
`1055
`
`Access point
`authorized and begin normal
`
`FIG.10
`
`13
`
`13
`
`

`

`BSSID
`
`key serial number and R1
`Users’table.
`
`
`CK_IDSandretrieves R2. Access point decrypts R2e with
`CK_IDS.
`encrypted with CK_IDS (R2e).
`
`1170
`
`é
`Client device authenticated;
`place MACin “Authorized
`
`1165
`
`Yes
`
`1160
`
`1155
`
`1150
`
`Client device sendsthird
`challenge comprising R2
`
`Patent Application Publication
`
`Apr. 8, 2004 Sheet 13 of 13
`
`US 2004/0068653 Al
`
`1105
`
`Client selects appropriate
`network parameters based on
`
`1110
`
`Client sends challenge to access point
`comprising client key serial number
`and first random number(R1).
`
`Access pointretrieves client
`
`Access point retrieves CK_IDS
`using client key serial number
`
`1115
`
`1120
`
`1125
`
`1130
`
`Access point obtains second
`random number(R2) generated
`in AP key.
`
`Client device not
`authenticated; place MAC
`in “Do Not Allow”table.
`
`No
`
`Access point sends challenge to
`client comprising R1 encrypted with
`CK_IDS (Rie) and R2.
`
`1135
`
`Client device decrypts Rle with
`
`1140
`
`Yes
`
`No
`
`1145
`
`Access point not authorized,
`
`abort network authentication.
`
`FIG. 1 1
`
`14
`
`14
`
`

`

`US 2004/0068653 Al
`
`Apr. 8, 2004
`
`SHARED NETWORK ACCESS USING DIFFERENT
`ACCESS KEYS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`[0001] This present application claims priority to U.S.
`Provisional Patent Application No. 60/416,583 filed on Oct.
`8, 2002; U.S. Provisional Patent Application No. 60/422,474
`filed Oct. 31, 2002; and U.S. Provisional Patent Application
`No. 60/447,921 filed Jun. 13, 2003. The contents of these
`three provisionals are incorporated herein by reference in
`their entirety. The present application is related to US.
`Patent Application No. 10/xxx,xxx,entitled “Self-Managed
`Network Access Using Localized Access Management,” and
`USS. Patent Application No. 10/xxx,xxx,entitled “Localized
`Network Authentication and Security Using Tamper-Resis-
`tant Keys,” both of which are filed concurrently herewith.
`
`BACKGROUND OF THE INVENTION
`
`[0002]
`
`1. Field of Invention
`
`[0003] The present invention relates to wireless network-
`ing, and more particularly, to an authentication and secure
`communication system for Wi-Fi IEEE 802.11) networks.
`
`[0004]
`
`2. Description of Related Art
`
`[0005] A Wireless Local Area Network (WLAN)is gen-
`erally implemented to provide local connectivity between a
`wired network and a mobile computing device. In a typical
`wireless network, all of the computing devices within the
`network broadcast their information to one another using
`radio frequency (RF) communications. WLANsare based
`on the Institute of Electrical and Electronic Engineers
`(IEEE) 802.11 standard, which designates a wireless-Ether-
`net specification using a variety of modulation techniquesat
`frequencies generally in the 2.4 gigahertz (GHz) and 5 GHz
`license-free frequency bands.
`
`[0006] The IEEE 802.11 standard (“Wi-Fi”), the disclo-
`sure of which is incorporated herein in its entirety by
`reference, enables wireless communications with through-
`put rates up to 54 Mbps. Wi-Fi (for “wireless fidelity”) is
`essentially a seal of approval certifying that a manufactur-
`er’s product is compliant with IEEE 802.11. For example,
`equipment carrying the “Wi-Fi” logo is certified to be
`interoperable with other Wi-Fi certified equipment. There
`are Wi-Fi compatible PC cards that operate in peer-to-peer
`mode, but Wi-Fi usually incorporates at least one access
`point, or edge device. Most access points have an integrated
`Ethernet controller to connect to an existing wired-Ethernet
`network. A Wi-Fi wireless transceiver connects users via the
`
`access point to the rest of the LAN. The majority of Wi-Fi
`wireless transceivers available are in Personal Computer
`Memory Card International Association (PCMCIA) card
`form, particularly for laptop, palmtop, and other portable
`computers, however Wi-Fi transceivers can be implemented
`through an Industry Standard Architecture (ISA) slot or
`Peripheral Component Interconnect (PCD) slot in a desktop
`computer, a Universal Serial Bus (USB), or can be fully
`integrated within a handheld device.
`
`[0007] FIG. 1 illustrates a typical conventional Wi-Fi
`network 100. Particularly, Wi-Fi network 100 comprises a
`number (N) of computing devices 110A-N and an access
`point 120. Each computing device 110 comprises a Wi-Fi
`
`transceiver (not shown) such as a Wi-Fi enabled network
`interface card (NIC) to communicate with the access point
`via an RF communications link 115. The access point 120
`comprises a Wi-Fi transceiver (not shown) to communicate
`with a wired network via an RF communications link 125.
`
`[0008] Authentication and security features offered by
`conventional Wi-Fi products have been implemented via
`Wired Equivalency Protocol (WEP). With WEP enabled, an
`access point will not admit anyone onto the LAN without the
`proper WEPsettings. The WEPsettings are used primarily
`for wireless security, but
`they also form the basis for
`authentication in that without these settings known to and
`used by the user, the user cannot connect through the access
`point.
`
`[0009] The 802.11 standard defines different frame types
`that the Wi-Fi enabled NICs and access points employ for
`communications, as well as managing and controlling the
`wireless link. Every frame includes a control field that
`describes the 802.11 protocol version, frame type, and other
`network indicators, such as whether WEPis active, power
`management
`is enabled, etc. All frames contain MAC
`addresses of the source and destination station, and access
`point, in addition to a frame sequence number, a frame body,
`and a frame check sequence for error detection. Data frames
`carry protocols and data from higher layers within the frame
`body. For example, a data frame can comprise hypertext
`markup language (HTML) code from a Web pagethat a user
`is Viewing. Other frames implemented for management and
`control carry specific information regarding the wireless link
`in the frame body. For example, an access point periodically
`sends a beacon frame to announce its presence and relay
`information,
`such as
`timestamp,
`service set
`identifier
`(SSID), and other parameters regarding the access point to
`the NICs that are within range.
`
`[0010] The SSID is a 32-character unique identifier that
`acts as a password when a mobile devicetries to connect to
`the network. The SSID differentiates one WLAN from
`
`another, so all access points and all devices attempting to
`connect to a specific WLAN must use the same SSID. A
`device will not be permitted to join the network unless it can
`provide the unique SSID. Because an SSID can be sniffed in
`plain text from a packet it does not supply any security to the
`network. An SSIDis also referred to as a network name, or
`network ID, because essentially it is a namethat identifies a
`wireless network.
`
`{0011] The numberof publicly available wireless 802.11
`networks is rapidly increasing. Each network is “Wi-Fi
`compatible” and, following the specification, identifies itself
`using the beacon frame, which broadcasts the SSID to all
`potential users of the network. Typically, an access point
`broadcasts a beacon frame every 10 ms. When a useris in
`the broadcast range of one or more Wi-Fi networks, the
`user’s wireless NIC listens for the beacon frame(s) associ-
`ated each network.A list of all SSIDs currently available is
`displayed to the user, from which the user makes a choice.
`Typically, there is only one network with which the user can
`connect. Once a particular available Wi-Fi network is
`selected, the user must ensure that all of his Wi-Fi commu-
`nication settings, e.g., SSID, WEP onor off, WEP Keys,etc.,
`are properly configured to connect to the selected Wi-Fi
`network. Use of beacon frames to identify a network is
`knownas “passive mode.” An alternative method of seeking
`
`15
`
`15
`
`

`

`US 2004/0068653 Al
`
`Apr. 8, 2004
`
`wireless networks is known as “active mode,” whereby the
`NIC issues a “probe request” to causeall the listening access
`points within range to respond with an identifying frame
`containing their SSID. Both modesare explicitly defined in
`the 802.11 specification.
`[0012] As the user moves from network to network, for
`instance from his office network to a public network at a
`coffee shop,
`the user must switch his Wi-Fi setting as
`appropriate for the local network. Generally, this requires
`advanced knowledge of the settings for the new network.
`Microsoft Windows® operating systemsfacilitate the stor-
`age of these settings as a “location,” thereby enabling the
`user to simply point-and-click to select the new network.
`However, the user still must manually install these param-
`eters for the new network during initial setup.
`[0013] As the number of networks proliferates, the num-
`ber of network configurations will become daunting. More-
`over, each network authenticates the user in some fashion.
`Somenetworks are left in “wide-open” mode where only a
`proper SSID selected is necessary to connect, but most
`others require passwords, WEPkeys, etc.
`[0014] Of further difficulty for a host facility of a Wi-Fi
`network such as an airport, generally there can only be one
`Wi-Fi network hosted per location. For example, Wi-Fi
`networks are shared-used networks. That is, Wi-Fi networks
`are unlicensed and hence there is no protection against
`interference from an additional network being installed at
`the same location. Oncethe first network is installed, say a
`Wayport® network, which provides travelers with wireless
`Internet access, no other network can be installed without
`interference resulting from the second network. The host
`facility generally prefers that all potential customers have
`access to the wireless network, not just Wayport customers.
`However, a Wayport network only admits Wayport custom-
`ers. Therefore, the issue becomes how do youallow a private
`network to admit customers from other networksto utilize
`
`the private network.
`[0015] Companies like Boingo™offer a service whereby
`users can roam across multiple networks without necessarily
`being a customerof any particular network. Boingo employs
`a ‘sniffer’ program whichlistens to the beacon frames and
`looks for a match in it’s database of known network con-
`
`figurations. When a matchis found, the Boingo software will
`automatically make the appropriate configuration changes
`for
`that network and allow the user to connect. Once
`
`connection is attempted, the user appears to the network as
`a Boingo customerandthe user’s credentials are passed onto
`an authentication server for the network. On recognition of
`the user’s name at the authentication server, for example,
`access is then granted or denied. If the Boingo customeris
`not really a customer of the present network, the authenti-
`cation server forwards the user’s credentials to a Boingo
`authentication server, which performs the authentication
`service and if valid, passes the ‘grant’ command backto the
`original network authentication server. One problem with
`this approach is that as the number of ‘network affiliates’
`grows for Boingo, each network’s configuration must be
`stored in a database. Accordingly, information in this data-
`base must be downloaded to each user. This becomes
`
`difficult to manage as the number of users and networks
`increase.
`
`“Hot-Spots” as Wi-Fi networks are known in the
`[0016]
`public space, allow users portable, high-speed access to
`
`networks. Current Hot-Spot networks are designed such that
`only their authorized users can access their network. The
`configuration of each network includes numerous param-
`eters, particularly if security such as WEP is enabled. As
`Hot-Spot networks are typically unlicensed and must share
`the spectrum with other users, the existence of a network
`generally precludes the construction of a second network for
`other users at the same location. The authentication mecha-
`nism for one network can be entirely different from that of
`another network. Each network may further have different
`settings for security.
`
`SUMMARYOF THE INVENTION
`
`[0017] The present invention overcomes these and other
`deficiencies of the related art by providing a method to make
`network roaming simple and automatic without requiring
`any back-end authentication servers and alleviating the need
`to handle large numbers of network parameters.
`
`It is the objectof this invention to provide a secure,
`[0018]
`local, edge-method of authenticating users using pre-stored
`credentials in the user’s device rather than an authentication
`server. It is a second object of this invention to allow the
`user’s device to automatically detect which among many
`possible network configurations to select when connecting
`to a network.
`
`[0019] The present invention features three principal ele-
`ments: one or more Wi-Fi access points each with a pre-
`configured tamper-resistant token, or AP key, comprising a
`serial number and secret cryptographic keys; one or more
`client tokens,or client keys, each of which is pre-configured
`to authenticate the client for multiple Wi-Fi networks,1e.,
`access points; and an administration facility comprising a
`software program capable of registering and configuring
`both the AP and the client keys.
`
`[0020] Whena client device enters the transmission range
`of an access point, the client device listens for a “beacon
`frame” broadcast from the access point. The beacon frame
`identifies the basic service set identifier (BSSID) of the
`access point. The client key installed at the client device
`stores a set of authentication parameters, e.g., cryptographic
`keys, for each Wi-Fi network the client is given permission
`to use. Each set of authentication parameters is associated
`with a particular BSSID. Using the BSSID received from the
`access point, the client device identifies and implements the
`appropriate set of authentication parameters necessary to
`authenticate the client device. If the access point does not
`broadcast beacon frames,the client device can send a “Probe
`Request,” which causes the access point to respond with a
`beacon frame identifying the access point. In order for a
`client device to have access to more than one Wi-Fi network,
`that client device must possess a client key initialized by
`each Wi-Fi network administrator with the appropriate
`authentication parameters, or credentials, stored in the client
`key.
`
`In an embodiment of the invention, a method of
`[0021]
`authenticating a computing device on a Wi-Fi communica-
`tions network comprises the steps of: obtaining an access
`point identifier at a computing device, wherein the access
`point identifier identifies an access point of a Wi-Fi com-
`munications network; selecting, at the computing device, a
`set of authentication parameters associated with said access
`point identifier; and implementing an authentication process
`
`16
`
`16
`
`

`

`US 2004/0068653 Al
`
`Apr. 8, 2004
`
`employing the set of authentication parameters. The access
`point identifier can be a basic service set identifier received
`from the access point. The set of authentication parameters
`are pre-stored in a tamper-resistant physical token installed
`at the computing device. The tamper-resistant physical token
`comprises multiple sets of authentication parameters, each
`of which is associated with a unique access point identifier.
`The computing device is permitted to access the Wi-Fi
`communications network via the access point if the authen-
`tication process results in a successful authentication of the
`computing device.
`
`In another embodiment of the invention, a com-
`[0022]
`munications system comprises: one or more authentication
`devices and one or more client devices, wherein each client
`device includes a unique tamper-resistant physical token
`comprising: one or more unique sets of authentication
`parameters, wherein eachset of authentication parameters is
`associated with at least one authentication device; a random
`number generator; and a unique serial number. Each client
`device further includes a wireless communications trans-
`ceiver
`to communicate with one of the authentication
`devices via a JEEE 802.11 wireless channel. The authenti-
`cation devices can be Wi-Fi access points, wherein at least
`two of which are associated with different Wi-Fi networks.
`Each of the unique sets of authentication parameters is
`associated with an access point identifier, which can be a
`basic service set identifier. Each tamper-resistant physical
`token is adapted to be installed via a USB interface at the
`computing device.
`
`FIG.6 illustrates a process for managing an access
`[0032]
`point key according to an embodiment of the invention;
`
`[0033] FIG. 7 illustrates a process for uploading a client
`key database file to an access point according to an embodi-
`ment of the invention;
`
`[0034] FIG. 8 illustrates a MAC address filtering system
`implemented at an access point according to an embodiment
`of the invention
`
`[0035] FIG. 9A illustrates exchange of authentication
`frames in a secure Wi-Fi network according to an embodi-
`ment of the invention;
`
`[0036] FIGS. 9B-C illustrate an exemplary format of the
`authentication frames exchanged in the embodimentof FIG.
`9A;
`
`[0037] FIG. 10 illustrates a client device authentication
`process according to an embodimentof the invention; and
`
`[0038] FIG. 11 illustrates a client device authentication
`process according to an alternative embodiment of the
`invention.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`[0039] Preferred embodiments of the present invention
`and their advantages may be understood by referring to
`FIGS. 2-11, wherein like reference numerals refer to like
`elements, and are described in the context of a Wi-Fi
`network. Nevertheless, the present invention is applicable to
`[0023] The present invention provides at each computing
`both wired or wireless communication networks in general.
`client device a tamper-resistant physical token that holds the
`For example, the present invention enables secure end-to-
`credentials, 1.e., authentication parameters, for multiple net-
`end access between a client and any computer residing on a
`works. Accordingly, a consistent authentication and security
`network backbone. Often there may not be a wireless
`mechanism is provided to enable a client device to easily
`component anywhere in suchasituation.
`roam from one network to another without having to manu-
`ally change network configurations.
`
`[0024] The foregoing, and other features and advantages
`of the invention, will be apparent from the following, more
`particular description of the preferred embodiments of the
`invention, the accompanying drawings, and the claims.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0025] For a more complete understanding of the present
`invention, the objects and advantages thereof, reference is
`now madeto the following descriptions taken in connection
`with the accompanying drawings in which:
`
`[0026] FIG. 1 illustrates a conventional Wi-Fi network;
`
`[0027] FIG. 2 illustrates a secure Wi-Fi communication
`system according to an embodimentof the invention;
`
`[0028] FIG. 3 illustrates a key management system
`according to an embodimentof the invention;
`
`[0029] FIG. 4 illustrates a master key management pro-
`cess according to an embodiment of the invention;
`
`[0030] FIG. 5A illustrates a process for generating a key
`database according to an embodimentof the invention;
`
`[0031] FIG. 5B illustrates a client key initialized for
`multiple Wi-Fi networks according to an embodimentof the
`invention;
`
`17
`
`[0040] The present invention implements a secure,local,
`edge method and system (the implementation of which is
`herein referred to as communicating in a “secure” mode)
`employing a combination of software routines and physical
`keys in the form of easy-to-use adapters that attach to
`existing computing devices and wireless access points via an
`available USB port. These physical keys are secure, tamper-
`resistant physical tokens. “Edge” refers to authentication of
`client devices taking place at the edge or outer boundary of
`the network,1.e., at the access point, rather than centralized
`within the network using a server. Client computing devices
`are authenticated and data security is provided across wire-
`less links using secret cryptographic keys, which are pre-
`stored in the physical keys installed at both the client’s
`computing device and the access point. According to an
`embodimentof the invention, special access point software
`(“AP software”) is provided in the wireless access points and
`NIC drivers are provided in the client devices to realize the
`functions described herein and to ensure delivery of standard
`Wi-Fi functionality as well as compatibility with all Wi-Fi
`certified products currently installed on a Wi-Fi network.
`
`[0041] FIG. 2 illustrates a secure Wi-Fi network 200
`according to an embodimentofthe invention. Wi-Fi network
`200 comprises a number N of computing devices 210A-N
`communicating with one another via a wireless access point
`220. The access point 220 comprises a Wi-Fi transceiver
`(not shown) to communicate with a wired network (not
`shown). Although each computing device 210 is shown as a
`
`17
`
`

`

`US 2004/0068653 Al
`
`Apr. 8, 2004
`
`laptop, other Wi-Fi enabled computing devices such as, but
`not limited to personal digital assistants (PDAs), desktops,
`and workstations can be employed within network 200.
`Moreover, one of ordinary skill in the art recognizes that
`more than one wireless access point 220 may be imple-
`mented within network 200. All computing devices 210A-N
`can act as clients of network 200. However, at least one
`computing device such as computing device 210A is
`reserved as a host computer for administering the inventive
`features
`through residing administrative software (not
`shown) when necessary. In an alternative embodiment, the
`host computer can be another machine on the wired-side of
`the network. A master key 230is installed into an available
`USBport (not shown)at host computing device 210A during
`administration and management of the network 200. To
`facilitate authentication and secure communications,
`a
`unique client key 240A-Nis installed into an available USB
`port (not shown) at each computing device 210A-N.Like-
`wise, an access point key (“AP key”) 250 is installed into an
`available USB port (not shown) at access point 220.
`
`the physical keys
`to note that
`is important
`It
`[0042]
`described herein are implemented via USB ports. One of
`ordinary skill in the art recognizes that the master key 230,
`client keys 240A-N, and AP key 250 can be alternatively
`implemented by other conventional or foreseeable connec-
`tion configurations such as, but not limited to PC cards
`installed via a PCI or ISA slot; a physical token connected
`via a serial, parallel, or other preferred type of port; an
`Ethernet card; or a wireless smart card. In yet another
`implementation, the AP key 250 can be incorporated directly
`into the internal hardware of the access point 220, thereby
`alleviating the need for an external physical AP key.
`
`[0043] The master key 230, client keys 240A-N, and AP
`key 250 overlap in functionality. Particularly, each physical
`key comprises an embedded tamper-resistant subscriber
`identity module (SIM) token 232, 242A-N, or 252, respec-
`tively, unique to each key. In an embodimentof the inven-
`tion, a Cryptoflex USB-enabled SIM chip is employed as the
`SIM token. Nevertheless, other conventional or foreseeable
`SIMs may be substituted. The AP key 250 differs slightly
`from both the master key 230 and the client keys 240A-Nin
`that it preferably employs a device USB connector rather
`than a standard USB connector. Generally, a device USB
`connectoris different from a standard USB connector only
`in physical layout. Yet, they each carry the same signal wires
`to provide a USB interface to the USB-enabled SIM chip,
`which typically communicates over a simplex data line at
`approximately 9600 bits-per-second.
`Importantly, each
`physical key has a unique serial number stored permanently
`and electronically inside the SIM by the manufacturer to
`provide positive identification. Each SIM comprises a ran-
`dom number generator.
`
`[0044] Each client key 240 is used to authenticate and
`provide secure connections at a corresponding computing
`device 210. Once the special NIC driver softwareis installed
`for a NIC, the computing device 210 examines whether a
`Wi-Fi network exists and if found, attempts to authenticate
`itself with that network. If the network is enabled to operate
`in secure mode, all of the currently configured wireless
`settings of the computing device 210 are switched to secure
`mode and the login process is completely automated as
`further described.If the network is not secure mode enabled,
`the computing device 210 attempts to connect to it using
`
`standard Wi-Fi parameters. The smart NIC driver replaces a
`standard driver associated via a standard wireless NIC card,
`thereby providing the software necessary to manage com-
`munications with the client key 240. This driver authenti-
`cates data packets and performs encryption/decryption func-
`tions during secure mode communications.
`
`[0045] Like the master key 230, the AP key 250 is first
`initialized