1. Field of the Invention
The invention relates to a wireless communication system, and more particularly, to a method and an apparatus for the decryption of encrypted data transmitted in a wireless communication system.
2. Description of the Prior Art
An increasingly popular networking solution in today's world is wireless networking. Instead of using wires to transmit data, wireless networking uses a signal to transmit data. Without wires, users are no longer restricted to locations where only wires are available.
However, wireless networking is not without its disadvantages. The major issue with wireless networking concerns the security of the information transmitted. As a result, many of the protocols of wireless networking such as IEEE 802.11 employ some form of encryption to protect the private information from being easily intercepted. Some encryption schemes such as Wired Equivalent Privacy (WEP) are one key schemes, meaning that all wireless devices on the network encrypt their information using one shared key. Also, because all devices use the same key to encrypt data, all the devices can use the encryption key as a decryption key for incoming data. As one can imagine such a scheme only offers modest protection.
Other encryption schemes such as Wife Protected Access (WPA) or IEEE 802.11i are individual key schemes, meaning that each device on the network has its own individual key to encrypt data. Giving each device on the wireless network its own individual key does make security more robust in comparison to schemes such as WEP. When wireless communication is established between the access point and a wireless device, both of the wireless device and the access point store a ciphering key specific to the wireless device. Suppose that N wireless devices are in wireless communication with the access point. The access point keeps N different keys corresponding to these N wireless devices. When a wireless device wants to deliver data to a target host connected to the wired network, the wireless device, based on the above-mentioned ciphering scheme, has to encrypt the data with its own key. The access point receives the encrypted data, and retrieves the stored key corresponding to the wireless device for correctly decrypting the encrypted data. In the end, the access point converts the decrypted data into proper packets defined by the transmission standard of the wired network, and outputs the packets to the target host through the wired network.
It is clear that there is a great cost of using individual keys to perform the better ciphering scheme. That is, in order to decrypt incoming data from wireless devices (senders) on the wireless network, an access point (receiver) on the wireless network must store the keys specific to the wireless devices as decryption keys. This has an impact on the design of access points made to be compatible with encryption schemes employing individual keys.
Generally, the memory for storing keys (key-table memory) of an access point is required to have a fast access speed so as to not slow down the decryption and transmission of data. Such types of memory that fit this requirement are quite expensive, and as a result, the key-table memory of the wireless device is small, being only large enough to store a few keys. Problems arise when the wireless network has more devices and therefore keys than the number of keys that the key-table of a wireless device can store.
An obvious solution employed is to store a master list of the keys in the system memory of the wireless device. When a decryption key cannot be found in the key-table, a processor of the access point searches the master list stored in the system memory. The processor then uses a software driver to decrypt the received data through the wanted key found in the master list. This is also an unattractive solution because of the software decryption aspect. Software decryption not only slows data transmission and increases the size and complexity of the software driver, but it is also very taxing on the system resources of the access point, all of which leads to a decrease in system performance.