Implementations of the claimed invention generally may relate to wireless communication, and in particular to security bits in media access control (MAC) headers.
Modern wireless data communication systems such as WiMAX, WiMAX-II, 3GPP LTE may be designed with security features included in their standard communication protocols. An example of this will be presented with regard to FIG. 1, which conceptually illustrates a wireless station (STA) 100, or communication module therein. STA 100 may be a base station (BS), a mobile station (MS), or some other type of node in a communication system or network. STA 100 may include a media access control (MAC) module 110, a physical layer (PHY) module 120, and an antenna 130. Although illustrated as separate module, MAC 110 and PHY 120 may in some implementations be implemented by the same processor and/or logic. Other typically present modules (e.g., higher communication layers) are purposely not illustrated for clarity of presentation, but may nonetheless be included in STA 100 if reasonably necessary for typical functionalities (e.g., features of a wireless protocol such as WiMAX, LTE, etc.) thereof.
MAC module 110 may generate data units, typically referred to as service data units when communicating with higher layers and protocol data units when communicating with lower layers (e.g., PHY module 120). One exemplary MAC data unit 140 is illustrated in FIG. 1, and it may include a MAC header 150, and optionally a payload and/or cyclic redundancy check (CRC). In some implementations, data unit 140 may be a MAC protocol data unit (MPDU), and header 150 may be a header thereof. Colloquially, header 150 may sometimes be referred to as a generic MAC header (GMH).
For security purposes, MAC header 150 typically may contain one encryption (EC) bit and two encryption key sequence (EKS) bits. The EC bit and the EKS bits need not be contiguous as long as they are in known positions in header 150. FIG. 2 illustrates possible state transitions of EC bit 210 and EKS bits 220. As is known, the state of EC bit 210 may indicate whether the payload of data unit 140 is encrypted or unencrypted (e.g., plaintext). In certain wireless protocols (e.g., WiMAX) there are overlapping encryption key updates, where while using one encryption key STA 100 may run a protocol to request the next encryption key in advance of receiving a data unit encrypted with such a key. EKS bits 220 may identify a current encryption key, and may also have directional state transitions (e.g., 00→01→10→11→00 as in FIG. 2) to enforce the forward application of new transient encryption keys (TEK) and to prevent old keys from being reused.
Because such thee bits of security information are transmitted for each data unit 140, however, it may contribute to the overhead of STA 100 and a corresponding reduction of bandwidth for any wireless system of which STA 100 is a part.