Recently, the third generation (3G) mobile device communication, wireless LAN based on IEEE802.11 and wireless MAN based on IEEE802.16 have attracted much attention. Such services enable sound and video representation and electronic business transactions under mobile environment.
At the same time, security problems in wireless communication network have been becoming serious. To protect a network from such threats, encryption technology and authentication technology have been demanded and developed.
For example, a security system in standardization project of the third generation mobile device communication system disclosed in a non-patent document 1, a security system based on the IEEE802.1X standard disclosed in a non-patent document 2 and a security system based on 802.11i standard directed to the wireless LAN as disclosed in a non-patent document 3 have been known.
However, although improvements on the encryption technology and the authentication technology as described above have been progressed under the conventional technologies, the protection method against tracing of the wireless communication terminal and Denial of Service attack (Denial of Service attack, hereinafter referred to as DoS) have been left as problems.
The patent document 3 concerns technology which enables registration information of a mobile device to be disclosed to only a reliable client although it is different from the method in the wireless communication system. According to this technology, in order to provide information control system of the registered clients whose privacy is protected, the registration information of the registered clients which are an information controlling object are registered as secrete identifier which changes with a time passage.
The secrete identifier is computed as an identifier as its generation information and as a hash value with respect to a reference time and update time interval and only a reliable client is informed of generation information. A configuration which can disclose registration information of a registered client such as a mobile device to only a specified retrieval client (reliable client) is disclosed.
According to the configuration, generation information of the secrete identifier is data containing at least an identifier corresponding to each device or user, a reference time, a value indicating update time and random number and the secrete identifier is a value calculated by applying a one-way hash function to the generation information.
This technology concerns a geographical position information control system, which makes it difficult to trace a registered client even if retrieval from the identifier of a registered client and inverted retrieval by specifying position information are applied at the same time, even in a configuration which enables the retrieval from the identifier of the registered client and the inverted retrieval by specifying the position information, thereby preventing leakage of the registered client information.
In this way, the conventional technology has provided a technology which makes it difficult to trace by changing the secrete identifier with a time passage.
However, according to this technology, no ordinary wireless communication system can be applied because the secrete identifier needs to be used as well as the identifier. Further, because this is a technology invented against an attack to a terminal, it cannot cope with the DoS attack.
To provide a protection method in the wireless communication system which avoids a trace of the terminal and corresponds to the DoS attack, that method needs to possess a positive countermeasure against the DoS attack while the secrete identifier cannot be used as the identification number of the wireless communication terminal.
As one of such methods, there has been known a technology of updating just MAC address when a DoS attack occurs or periodically as disclosed in the non-patent document 4 by the inventor of the present invention. According to this technology, an access point computes a hash function using a hash key and random number shared by a current MAC address for any wireless communication terminal so as to issue a next MAC address. Then, when an attack occurs, the wireless communication terminal requests the access point for updating and the access point notifies of a random number so that the MAC address is synchronized on the wireless communication terminal side and the access point side.
This technology has an effect never seen conventionally as a technology which can avoid the trace of a terminal and DoS attack to be carried out targeting at an identification number without changing the communication system largely.
However this method allows such an attack until the MAC address is updated by receiving a new random number and thus, if a strong attack occurs, communication might be stacked considerably. Therefore, a technology which can update the MAC address faster is required.    Patent document 3: Japanese Patent Application Laid-Open (JP-A) No. 2002-268950    Non-Patent Document 1: 3rd Generation Partnership Project, “3G Security; Security architecture (Release 6)” 3GPP TS 33.102, V6.3.0, 2004    Non-patent document 2: LAN MAN Standards Committee of the IEEE Computer Society, “IEEE Standard for Local and Metropolitan Area Networks—Port-Based Network Access Control”, IEEE Standard 802.1x, 2001    Non-patent document 3: LAN MAN Standards Committee of the IEEE Computer Society, “IEEE802.11 Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications—Amendment 6: Medium Access Control (MAC) Security Enhancements,” IEEE Standard 802.11i, 2004    Non-patent document 4: D. Inoue, R. Nomura, M. Kuroda “Transient MAC Address Scheme for Untraceability and DoS Attack Resiliency on Wireless Network” Proc. 4th annual Wireless Telecommunications Symposium, 2005.    Non-patent document 5: William A. Arbaugh, Narendar Shankar, Y. C. Justin Wan and Kan Zhang, “Your 802.11 Wireless Network has No Clothes,” IEEE Wireless Communications, Volume 9, Issue 6, pp. 44-51, 2002