The present invention relates generally to wireless networking and more particularly to systems and methods for establishing a connection between a wireless station and an access point as the wireless station roams to a new access point.
The Institute for Electrical and Electronic Engineer's (IEEE) 802.11i draft standard defines a protocol (802.11i protocol) for establishing mutual authentication and unicast group keys between a wireless client (802.11i station) and its parent access point (AP). The 802.11i protocol uses a 4-way handshake to verify session liveliness, to establish a unicast key and to establish a group key. The 802.11i protocol adds four additional messages to the existing four IEEE 802.11 protocol reassociation and authentication messages, each time a 802.11i station roams. Therefore, an 802.11i station must exchange a minimum of eight messages with its new parent AP whenever it roams, before it can resume normal data communications. These eight messages are sent without using Quality of Service (QoS) protocols such as the IEEE 802.11e (QoS) protocol and can be delayed due to channel contention and processing overhead. The resulting delay can be unacceptable for time sensitive applications such as interactive voice.
The Cisco Central Key Management (CCKM) security protocol, available from Cisco Systems, Inc., 170 West Tasman Dr., San Jose, Calif. 95134 enables an 802.11 station to quickly re-authenticate and establish a new session between a client and a new parent access point (AP). When a CCKM compliant station reassociates with a new parent access point, it uses a 2-way handshake to establish a new secure session with corresponding unicast and multicast message protection keys, and mutual authentication with the new access point. The CCKM 2-way handshake is “piggybacked” on existing 802.11 Reassociation Request and Reassociation Response messages; therefore, CCKM “fast reauthentication” does not add any extra messaging overhead to roaming. A CCKM station can generate a new data encryption key, and other credentials, for a new parent AP, before it breaks its connection with an old parent AP.
A CCKM Rekey Number (RN) is stored in an 802.11 station and in a central entity referred to as a Wireless Domain Server (WDS) that functions as an authentication server. Cisco WDSes cache security context and other operational context information (e.g. IP mobility bindings) for 802.11 stations. Whenever a station roams, a Wireless Domain Server securely forwards the station's operational context to the new parent AP. An “Anchor Wireless Domain Server” stores the master copy of a station's operation context information. The context information is cached in other “foreign WDSes” so that roaming is “localized”. Each AP mutually authenticates and establishes a “Context Transfer Key” with a Wireless Domain Server. The Rekey Number is incremented by the 802.11 station each time that it establishes a new secure session with a parent AP. The Rekey Number is then forwarded to the Wireless Domain Server in a “Rekey Request”, which is authenticated with a Key Request Key (KRK) shared by the 802.11 station and the Wireless Domain Server. A Rekey Request is invalid and is rejected if the Rekey Number in the Rekey Request is not greater than the Wireless Domain Server's current Rekey Number value for the 802.11 station; therefore any Rekey Request that is “replayed” by an attacker will be rejected.
While the CCKM protocol reduces the messaging when an 802.11 station roams, it requires a new parent AP to access a Wireless Domain Server each time that a station reassociates. This results in additional traffic between the parent AP and the Wireless Domain Server each time a station reassociates. Furthermore, the communication between the new parent AP and the Wireless Domain Server adds to the latency in establishing the connection between the wireless station and the new parent AP.
There are several fast re-authentication proposals for 802.11i stations, where a station's security credentials are “predictively” forwarded to other “neighbor” APs so that, when a station roams to a neighbor AP, the new AP does not need to obtain the station's security credentials. However, it may not be practical to “predictively” forward a station's security credentials, which can include a Rekey Number, to a neighbor AP because the station's Rekey Number will likely be “out-of-sync” if the station eventually roams to the neighbor AP. It would be necessary to predictively forward the station's credentials to every neighbor AP each time the station roamed or “rekeyed”, which would be very “chatty”, resulting in increased network traffic.
In addition, when authenticating a wireless station, the new AP must guard against replay. Replay occurs when an attacker “snoops” packets, and then resends (replays) the packets to gain access to the network.
Therefore, there exists a need for a technique for quickly authenticating a roaming wireless station. Furthermore, it would be desirable if the technique can reduce traffic between access points and central servers, such as Wireless Domain Servers. Also, it would be desirable that the technique offer safeguards to protect against an intruder from accessing the network by replaying a packet.