1. Field of the Invention
The present invention relates to a communication apparatus which is connected to a wireless network and directly communicates with another terminal.
2. Description of the Related Art
Communication data is encrypted to prevent eavesdropping and alteration. Especially, since wireless communications readily suffer eavesdropping, it is important to ensure a secure communication path.
In an infrastructure mode of a wireless network, a communication terminal (STA) and access point (AP) implement standards such as wired equivalent privacy (WEP) or Wi-Fi protected access (WPA) WEP guarantees security by setting an encryption key in the STA and AP in advance and using that key in a communication. However, in this scheme, the encryption key is always fixed, and the encryption level (the strength of an encryption algorithm) adopted by WEP is not so high. Hence, various situations that cannot guarantee security exist. WPA, which is laid down to solve such problems, enhances the encryption level and improves security by generating an encryption key every time the STA joins the network, based on information set in advance in the STA and AP.
In the infrastructure mode, the STA sends data to another STA via the AP. In other words, since the STA directly communicates with only the AP, security can be assured only for a communication with the AP.
On the other hand, in an ad-hoc mode of the wireless network, there is no AP, and the STA directly communicates with a communication partner. Therefore, upon communicating with a plurality of STAs, the security of communications with these STAs must be considered. In order to ensure security in the ad-hoc mode as in the infrastructure mode, it is desirable to change an encryption key for each communication session. Upon making communications using commercially available wireless network devices in the ad-hoc mode, the same encryption key is set in advance in all STAs which join the network, and that encryption key is used. For this reason, the problem of security in the infrastructure mode remains unsolved.
To solve these problems, IEEE802.11i, which was standardized after WPA, proposes dynamic generation of an encryption key for each communication session even in the ad-hoc mode. FIG. 1 is a sequence chart showing the method of generating an encryption key in IEEE802.11i.
Communication terminals STA1 and STA2 perform a message exchange called a four-way handshake, and generate and share a unicast key PTK (pairwise transient key) and group key GTK (group temporal key). In steps S401 to S404, the STA1 and STA2 exchange random numbers (A Nonce and S Nonce) as an EAPOL-key to generate and share PTK12 and GTK1 that the STA1 uses in transmission. In step S405 to S409, the STA1 and STA2 exchange random numbers to generate and share PTK21 and GTK2 that the STA2 uses in transmission. Note that EAPOL is a short for an extensible authentication protocol.
Upon further communicating with STA3, the STA1 similarly performs the four-way handshake (S410, S411), and generates and shares a PTK and GTK with the STA3.
A feature of this scheme lies in that a communication is made by switching an encryption key for each communication partner, and different keys are set for transmission and reception. One group key for transmission is determined so that all the STAs can receive, and each STA has a group key for reception.
In consideration of existing wireless network devices, not all devices can set an encryption key for each communication partner. In other words, some devices can only set an identical encryption key for all communication partners. If the number of encryption keys is limited to one, the device arrangement can be simplified to reduce cost. However, such limitation on the encryption key makes it hard to implement the specification of IEEE802.11i. For example, a wireless network device used as the AP meets the specification of IEEE802.11i, but its cost is approximately 1.5 times that of a wireless network device used as the STA.
In this way, the conventional ad-hoc mode communication cannot implement switching of an encryption key for each communication session. IEEE802.11i is an ideal scheme in terms of security. However, the encryption key generation method of IEEE802.11i is complicated, and some wireless network devices do not meet the specification of IEEE802.11i. Therefore, to enhance the security strength of wireless communications in an ad-hoc mode, the present invention provides an algorithm in which if a wireless network device comprises a function of changing an encryption key for each STA, the algorithm works accordingly; if a device cannot change an encryption key for each STA, that algorithm changes an encryption key every time a key communication session is established.