1. Field of the Invention
The present invention relates to a technique for registration and authentication between a wireless base station and a wireless terminal in a wireless communication system using a wireless LAN formed by wireless terminals and wireless base stations, such as a wireless LAN system called IEEE 802.11 and the like.
2. Description of the Related Art
In recent years, in conjunction with the development of the LAN (Local Area Network) technique, the networking of the office environment centered around connections among PCs is in progress. While such a wired LAN is spreading, the use of a wireless LAN in which a part of the wired LAN is replaced by wireless is also in progress. For example, there is a case where a wireless base station is connected to the wired LAN and a plurality of portable PCs are connected to this base station by wireless. By using this portable PC for editing a file on a desk-top PC that is connected to the wired LAN through Ethernet, it is possible to realize the wireless access to the wired LAN. Also, a section comprising the base station and the portable PCs can be viewed separately as a wireless LAN. The advantages of such a wireless LAN include that the cable laying is unnecessary as radio or infrared paths are utilized for transmission, and that a new construction or layout change of network is easy.
The introduction of such wireless LANs is now accelerated after the standardization of IEEE 802.11. In IEEE 802.11, the wireless LAN specification using 2.4 GHz band is completed in 1997, and the wireless LAN specification using 5 GHz band is completed in 1999. The transmission rates of the wireless LAN specification using 2.4 GHz band include 1 to 2 Mbps and 11 Mbps, and the additional specification with the transmission rate of over 20 Mbps is currently under the discussion. Recently, products based on this 2.4 GHz band specification are put on the market by various companies and prices of the base station and the wireless PC card are now going down to a range that enables the wider spread. Also, unlike the 2.4 GHz band, the 5 GHz band is a nearly unused frequency band that is currently utilized only for the meteorological radar and it is expected that the faster transmission rate is realizable easily, so that it is a promising candidate for the next generation wireless LAN specification.
Also, recently, there is a trend for implementing the Bluetooth in all kinds of devices, including those of the portable telephone industry, the home electronics industry and the PC industry. This Bluetooth is also a wireless system using 2.4 GHz band which is now expected to spread worldwide because of the low cost of about $5 per chip and the backing of approximately 2000 companies in various industrial fields.
Under such circumstances, the spread of the wireless LAN system is expected to take place not only in the office environment but also in the general home. Consequently, it is expected that the environment in which a plurality of wireless LAN systems are existing contiguously or coexisting in the same space will be built widely in near future.
Now, in IEEE 802.11, the authentication processing between the wireless terminals or between the wireless base station and the wireless terminal is specified (the chapter 8 of the IEEE 802.11 specification).
This specification describes a scheme in which two entities (two wireless terminals, or a wireless base station and a wireless terminal) that are targets of the authentication processing will carry out the authentication by using the same secret key (common key) while also carrying out the secret communications (but this authentication processing is optional). For this authentication processing, the algorithm called WEP (Wired Equivalent Privacy) will be used. It is only stated that the distribution of the secret key will be carried out by a secure method in advance. Also, the secret key is to be provided with respect to each two entities, so that a given wireless terminal must be provided with a secret key for every other wireless terminals within the system, and the secret keys in the order of a square of the total number of wireless terminals will be required in the system as a whole.
Here, the encryption and decryption in the WEP algorithm will be described briefly, and the authentication using this WEP algorithm will also be described. FIG. 31 shows an outline of the encryption processing by the WEP algorithm of IEEE 802.11. In FIG. 31, the processing for encrypting data to be transmitted is shown, and this data to be transmitted is referred to as a plaintext PT here.
First, at the transmitting side, CRC is generated from this PT, that is, ICV is generated. On the other hand, a key sequence KS is generated from a secret key Sk and an initial vector IV through a WEP random number generator. An exclusive OR of this KS and a concatenated {PT, ICV} is calculated after adjusting their length to be equal. The result of this exclusive OR is an encrypted text ET. Then, by combining this ET and IV with a control code, a WEP frame as shown in FIG. 32 is formed. The secret communications according to the WEP algorithm will be carried out by using this WEP frame.
FIG. 33 shows an outline of the decryption processing by the WEP algorithm of IEEE 802.11. In FIG. 33, the processing for decrypting received encrypted data is shown. In FIG. 33, when the receiving side receives the WEP frame, IV is extracted from that WEP frame, and entered into the WEP random number generator along with the secret key Sk, to generate the key sequence KS. This key sequence KS should be the same as the KS of FIG. 31 if IV is not altered. By taking the exclusive OR of this KS with the encrypted text ET within the frame, the plaintext PT and ICV can be decrypted. By carrying out the CRC check for this PT and the resulting ICVxe2x80x2 is compared with the decrypted ICV to verify the correctness of PT. If ICVxe2x80x2 and ICV are equal, it can be regarded that PT is received successfully.
FIG. 34 shows a sequence chart for the authentication processing according to the WEP algorithm of IEEE 802.11. FIG. 34 is for an exemplary case of carrying out wireless communications between a wireless base station (base station) and a wireless terminal (terminal) within a radio zone of this base station. In FIG. 34, the secret key Sk which is the common key is exchanged between the base station and the terminal in advance (step S1001). Then, first, the terminal transmits an authentication request frame to the base station by the wireless communication (step S1002). This authentication request frame describes that the authentication by the common key scheme is requested. Note that the secret key Sk is already distributed to both the base station and the terminal at the step S1001.
Next, if the base station accepts the authentication request, the base station generates a check text CT from this secret key Sk and an internally generated initial vector IV through the WEP random number generator (step S1003). Normally, this CT has the length of 128 bytes. The base station transmits the generated CT by the wireless communication (step S1004).
The terminal receives the CT as a plaintext, and encrypts the CT by the secret key Sk (Sk(CT)) according to the method of FIG. 31 described above (step S1005). Then, the terminal transmits the encrypted text containing this Sk(CT) to the base station by the wireless communication (step S1006).
Finally, the encrypted text transmitted from the terminal is verified at the base station (step S1007). If it is correct, the authentication completion frame in a success status is sent. Otherwise the frame in a failure status is sent (step S1008). This verification is carried out by checking whether Sk(Sk(CT)(=CTxe2x80x2) obtained by decrypting Sk(CT) according to the method of FIG. 33 described above coincides with CT originally generated by the base station or not.
As described above, in conjunction with the spread of the wireless LAN system, the situation where a plurality of wireless LAN systems are existing contiguously or coexisting in the same area can possibly occur in the general home. Here, the exemplary case shown in FIG. 1 in which the home wireless communication systems are provided in two neighboring homes, A""s home and B""s home, within an apartment complex will be considered.
In the example shown in FIG. 1, a wireless base station A is provided in A""s home and a wireless base station B is provided in B""s home. However, the covered areas of the base stations A and B may very well be extended beyond their respective homes. For example, from a viewpoint of the base station A of A""s home, not only terminals 1 and 3 that belong to the A""s home but also a terminal 2 located outside or a terminal 4 in B""s home are also existing within the covered area of the base station A. But the terminal 2 located outside and the terminal 4 in B""s home are not terminals belonging to A""s home so that even if there is a registration and authentication request from the terminal 2 or 4, there is no need for the base station A to carry out the authentication with respect to the terminal 2 or 4. Namely, the base station A is required to carry out the authentication only with respect to the terminals 1 and 3 that belong to A""s home.
Consequently, it is desirable for the base station A to manage the terminal registration and authentication such that the authentication will not be carried out with respect to the terminals other than the terminals 1 and 3 of A""s home. The same is also true for the base station B of B""s home.
Also, devices for use in the home are required to be connectable with each other even if they are manufactured by different manufacturers. In the wireless LAN such as IEEE 802.11 in which the manufacturer specific specification is permitted, the distribution of the secret key can be carried out at the step S1001 of FIG. 34. For example, it suffices to provide a built-in secret key in the base station and the terminal. However, in the home wireless communication system, there is a need for a separate mechanism to exchange the secret key between devices of different manufacturers by a secure and easy method using wireless communications.
It is therefore an object of the present invention to provide a wireless communication system for IEEE 802.11 or the like, which is capable of executing the registration and authentication between wireless terminals or between a wireless base station and a wireless terminal securely and easily.
According to one aspect of the present invention there is provided a method for registration and authentication of a wireless terminal with respect to a wireless base station in a wireless communication system having the wireless base station and the wireless terminal for carrying out wireless communications with the wireless base station, the method comprising: (a) switching a mode of the wireless base station from a normal mode to a registration mode, as a user operates the wireless base station; (b) switching a mode of the wireless terminal from the normal mode to the registration mode, as the user operates the wireless terminal; (c) transmitting a registration request information containing a terminal public key specific to the wireless terminal, a terminal encryption scheme using the terminal public key, and a terminal identifier of the wireless terminal, from the wireless terminal to the wireless base station; (d) upon receiving the registration request information at the wireless base station, transmitting a registration confirmation information indicating a registration of the wireless terminal, from the wireless base station to the wireless terminal, the registration confirmation information being encrypted by using the terminal public key and the terminal encryption method at the wireless base station; (e) switching the mode of the wireless base station from the registration mode to an authentication mode; (f) when the wireless terminal correctly decrypts the registration confirmation information by using a terminal secret key corresponding to the terminal public key, switching the mode of the wireless terminal from the registration mode to the authentication mode; (g) after the mode of the wireless terminal is switched to the authentication mode, transmitting an authentication notice information containing a base station secret key specific to the wireless base station, a base station encryption scheme using the base station secret key, and a base station identifier of the wireless base station, from the wireless base station to the wireless terminal, the authentication notice information being encrypted by using the terminal public key and the terminal encryption scheme at the wireless base station; (h) when the wireless terminal correctly decrypts the authentication notice information by using the terminal secret key, transmitting an authentication acknowledgement information indicating a receipt of the authentication notice information from the wireless terminal to the wireless base station, the authentication acknowledgement information being encrypted by using the base station secret key and the base station encryption scheme at the wireless terminal, and switching the mode of the wireless terminal from the authentication mode to the normal mode; and (i) when the wireless base station correctly decrypts the authentication acknowledgement information by using the base station secret key, switching the mode of the wireless base station from the authentication mode to the normal mode.
Other features and advantages of the present invention will become apparent from the following description taken in conjunction with the accompanying drawings.