This invention relates to communications between computers on a network, and more particularly to the security and privacy of those communications.
With the rapid growth of the Internet, as well as the proliferation of portable notebook computers and other portable computing devices, such as personal digital assistants (PDAs), there is a great demand for Internet connectivity any time, at any place. One way in which users can connect to the Internet is over wireless access points, such as IEEE 802.11 hotspot networks. Although wireless access points can be installed anywhere there is a wired connection to the Internet, including in homes and offices, there are a growing number of wireless access points installed in public facilities, such as hotels, libraries, and coffeehouses. Notebook computers and other portable computing devices that contain the necessary hardware can connect to the Internet through one of these wireless access points.
One concern with the use of public wireless access points is the security and the privacy of the communications between the user and the wireless access point. These communications occur over radio waves, which means that anyone with appropriate equipment can receive these communications. A common solution is to encrypt the communications between the user and the wireless access point, so that even if a third party managed to receive the communications, the third party is unable to determine the content of the communications.
Traditional encryption schemes either require that both parties know a common encryption key, or the use of a certificate-based public/private key system. Although a shared encryption key is acceptable in a home or office environment, where the users of a wireless access point are known in advance, such a system is not secure when used in conjunction with publicly accessible wireless access points. Even if it is possible to supply the same encryption key to every potential user, the security of the encrypted communications is compromised, since multiple users have access to the encryption key and can decrypt the communications. On the other hand, a public/private key system requires every user be given a certificate, and it is computationally intensive to encrypt and decrypt large volumes of data.
Besides the concern of wireless communication between the user and the access point, another concern with the use of a public access point is the credibility of the access point's provider, i.e., whether the provider is trustworthy or not. For example, a malicious provider may install a “rogue” public access point and sniff user's packets at the access point. In this case, user's data privacy is compromised even if the wireless communication itself is secure.
To solve the above-mentioned problem, a user may connect to a virtual private network (VPN) server at a trusted organization, such as the user's corporate headquarter. All data communication to the VPN server is encrypted from the user to the VPN server, and therefore a malicious access point provider cannot overhear the content of the communication. In a traditional corporate VPN scenario, the user and the VPN server must know each other and have established a shared username and password in advance.