Wireless routers, wireless hubs, and other wireless access points allow computing devices to transmit data over a network without the use of any guided transmission medium such as a cable. Typically, these wireless access points operate in a manner that conforms to the well-known IEEE 802.11 “Wi-Fi” standards set. Wireless access points have become popular with home (as opposed to business) customers because, more and more often, home customers have more than one computer in their homes. Home customers like for each of their computers to be able to communicate with each other over a home network. Home customers use a home network to play multiplayer computer games, to transfer data from computer to computer, and to share an Internet connection, among other activities.
Often, home customers' homes do not come equipped with network jacks in each room. Prior to the emergence of wireless networking, if home customers wanted their computers to be connected to each other via a network, those customers often had to string long, unsightly, entangling network cables between the rooms in which the computers sat. Fortunately, wireless access points now allow home customers' computers to communicate with each other over short distances using unguided media such as electromagnetic waves as a transmission medium. Wireless access points receive wireless signals from one computer and forward those wireless signals to another computer, thereby enabling the computers to communicate with each other.
Network configuration has long been one of the more advanced, complicated, and difficult computer-related tasks that a home customer might take upon himself to perform. If any of the many parameters involved in a network configuration are not set correctly, then the home network will not work properly. The computers with which a wireless access point interacts often need to be configured with certain parameters (e.g., System Set Identifier (SSID), encryption (WEP) keys, etc.) before those computers can interact with that wireless access point in a home network. Because of the lack of simplicity and the technical nature of the configuration process, home customers often become frustrated when configuring computers to interact with wireless access points. Indeed, all too often, home customers simply give up and return wireless access points to the store from which those devices were purchased. This is not good for the business of the wireless access point provider.
In order to simplify the configuration process of home networks that employ wireless access points (among other reasons), the Wi-Fi Alliance launched the Wi-Fi Protected Setup (“WPS”) standard in 2007. WPS is a standard that defines a protocol for easy and secure establishment of a wireless home network. The goal of WPS is to simplify the process of connecting any home device to a wireless network; originally, the standard was named “Wi-Fi Simple Config.” Additionally, WPS is meant to assist home users in making those users' home networks secure from unauthorized access by others—some neighborhoods suffer from a problem in which the occupants of one home access the wireless network of another nearby home without authorization in order to use the Internet connection of the latter home without paying for such use. WPS is described in the WPS Specification Version 1.0h (December 2006), which is incorporated herein by reference. A wireless access point that conforms to the WPS standard is usually able to detect and configure, in a fairly automatic manner that requires minimal user interaction, devices that can be configured to interact that wireless access point. After such configuration, those devices are able to access a home network through the wireless access point.
The developers of WPS did not want wireless home networks to become vulnerable to “man-in-the-middle” attacks. A “man-in-the-middle” attack hypothetically occurs when an unauthorized device sits in between a wireless access point and a legitimate device that the wireless access point is configuring—the unauthorized device mounts the attack by (a) posing as the legitimate device to the wireless access point and (b) posing as the wireless access point to the legitimate device. Hypothetically, by intercepting, modifying, and forwarding communications between the wireless access point and the legitimate device, an unauthorized device might be able to obtain enough information to gain access to the home network.
In order to prevent such a security breach from occurring, WPS (in at least some implementations) requires that a user enter, into the device that is going to be configured by the wireless access point, a personal identification number (PIN) that the wireless access point recognizes. Normally, such a PIN is printed on a sticker that is attached to the wireless access point (e.g., on the underside thereof) by those who have manufactured the wireless access point. Under such circumstances, those who do not have physical access to the wireless access point cannot discover the PIN and cannot enter the PIN into their devices.
The PIN is used to authenticate the device in the following manner. During a pre-configuration device authentication process, the wireless access point encrypts a challenge using the PIN as an encryption key and sends the encrypted challenge to the device. If the correct PIN has been entered into the device, then the device can use the PIN to decrypt the challenge and reply to the wireless access point with an appropriate response. Upon receiving the appropriate response from the device, the wireless access point realizes that the device is authentic and proceeds to configure the device to enable the device to access the home network through the wireless access point.
Alternatively, if a device is unable to decrypt the challenge and provide an appropriate response to the wireless access point, then the wireless access point refrains from configuring that device to enable that device to access the home network through the wireless access point. A man-in-the-middle attacker, not having the wireless access point's PIN, cannot decrypt the wireless access point's PIN-encrypted challenge, and therefore cannot provide an appropriate response to that challenge. Because the PIN is never transmitted between the wireless access point and the device to be configured, a man-in-the-middle attacker has no opportunity to intercept the PIN.
Thus, WPS-enabled wireless access points aid users in setting up wireless home networks more easily and with greater security. However, there still exist many “legacy” wireless access points that are not WPS-enabled. Theoretically, existing “legacy” wireless access points that are not WPS-enabled could be discarded in favor of the newer WPS-enabled wireless access points, but this would be wasteful, since many such “legacy” wireless access points, though not WPS-enabled, are still otherwise technologically up-to-date and usable. Such “legacy” wireless access points might have been obtained at considerable expense to the owner. Yet, configuring devices to interact with “legacy” wireless access points that are not WPS-enabled remains a very daunting task for most home users.
Based on the foregoing, home users have a need to be able to configure their devices to interact with “legacy” wireless access points, which are not WPS-enabled, in a simpler manner that requires less technical knowledge from those home users.