1. Field of the Invention
The present invention relates to WLAN (Wireless Local Area Network) receivers and, more particularly, to ciphering key management techniques that control the use of cipher keys for decrypting received data.
2. Description of the Related Art
A wireless local area network is a flexible data communication system implemented as an extension to or as an alternative for a wired LAN. Using radio frequency or infrared technology, WLAN systems transmit and receive data over the air, minimizing the need for wired connections. Thus, WLAN systems combine data connectivity with user mobility.
Today, most WLAN systems use spread spectrum technology, a wide band radio frequency technique developed for use in reliable and secure communication systems. The spread spectrum technology is designed to trade off bandwidth efficiency for reliability, integrity and security. Two types of spread spectrum radio systems are frequently used: frequency hopping and direct sequence systems.
The standard defining and governing wireless local area networks that operate in the 2.4 GHz spectrum is the IEEE 802.11 standard. To allow higher data rate transmissions, the standard was extended to 802.11b, which allows data rates of 5.5 and 11 Mbps in the 2.4 GHz spectrum. Further extensions exist.
In order to address existing security gaps of the 802.11 standard's native security, i.e. the WEP (Wired Equivalent Privacy) protocol, the 802.11i security standard was developed. This enhanced security standard relies on the 802.1x standard for port-based access control, and the TKIP (Temporal Key Integrity Protocol) and CCMP (Counter-mode Cipher block chaining Message authentication code Protocol) protocols for data frame encapsulation and decapsulation. 802.1x provides a framework for WLAN station authentication and cryptographic key distribution, both features originally missing from the 802.11 standard. The TKIP and CCMP protocols are cipher protocols providing enhanced communication security over the original WEP protocol, the TKIP protocol being targeted at legacy equipment, and the CCMP protocol being targeted at future WLAN equipment.
According to both cipher protocols, there is generated an individual character string for each data frame used for encrypting the data frame. This encryption character string is based on a packet number or sequence number inserted in the data frame indicating data frame ordering. Out of order data frames are discarded. Further, the encryption character string depends on the MAC (Medium Access Control) addresses of the communicating WLAN counterparts, e.g., a WLAN station and a WLAN access point. At the transmitting WLAN counterpart, an integrity value is calculated from the original plaintext frame data and is inserted into the data frame during encapsulation in order to allow the receiving WLAN counterpart to verify whether the decapsulated frame data are identical to the original plaintext frame data. According to the TKIP and CCMP protocols, this integrity value is not only a simple CRC (Cyclic Redundancy Check) checksum, but is generated using a cryptographic MIC (Message Integrity Code) calculation.
When receiving decrypted data in a WLAN receiver applying WEP, TKIP and/or CCMP, or any other scheme, the cipher key needs to be determined for the respective transmitter. This cipher key must be stored at the receiver, potentially together with other cipher keys that relate to different transmitters. That is, the WLAN receiver needs to perform a search to determine the correct cipher key.
Prior art receivers therefore perform a software-driven serial search through all available cipher keys that are stored at the receiver. This technique has been proven to be quite inefficient, as the time needed to serially search through all of the available data may be substantially long in certain circumstances. Moreover, to perform the serial search, a significant data amount needs to be buffered, particularly in cases where a large number of cipher keys are already stored at the receiver. As the prior art systems use software solutions to determine the correct cipher key, there may also be problems with accuracy and precision in performing the determination.