1. Field of the Invention
The present invention relates to a wireless network under a Wi-Fi Protected Access Pre-Shared Key (WPA-PSK) environment, and more particularly, to a method and apparatus for managing a station by providing an encrypted key to the station in a wireless network under a WPA-PSK environment.
2. Description of the Related Art
A security level for communications in a wireless network is lower than in a wired network, since a route of data transmission in the wireless network is not physically fixed unlike in the wired network. Thus, most of radio communication protocols support encryption of data packets to be transmitted in order to securely establish a wireless communication. In particular, a WPA-PSK scheme used in a radio local area network (LAN) allows only stations that share the same encryption key with an access point to access a network and establish a communication with the access point.
FIG. 1 is a timing diagram illustrating a process of producing a session key in a WPA-PSK network. In the WPA-PSK network, an access point and stations share a Pre-Shared Key (PSK). The PSK is used to generate a session key for encrypting and decrypting messages that are exchanged between the access point and each of the stations.
In operation 110, the access point and a station go through a predetermined authentication process and a predetermined association process. For this authentication and association, an open authentication method defined in the IEEE 802.11 standard may be used.
In operation 120, the access point that went through the authentication process and the association process, produces a first random number. In operation 125, the station that went through the authentication process and the association process, produces a second random number. In operations 130 and 140, the access point and the station exchange the first and the second random numbers. In this case, a message that contains the first random number and a message that contains the second random number respectively contain a medium access control (MAC) address of the access point and a MAC address of the station. Accordingly, the access point and the station can share the first and the second random numbers, the MAC address of the access point, and the MAC address of the station.
In operations 150 and 155, each of the access point and the station produces a session key according to the same algorithm. For generation of the session key, a PSK is further required, in addition to the first and the second random numbers, the MAC address of the access point, and the MAC address of the station, which are already shared by the access point and the station. That is, the station must have the same PSK as that of the access point in order to produce the same session key as that of the access point, that is, in order to establish a communication with the access point. Thus, a user must manage in order for the station and the access point to store the same PSK.
In order to improve such an inconvenience, the Wi-Fi Alliance (WFA) has proposed a Simple Config protocol, whereby a registrar allows a station to go through an authentication process so as to achieve the same PSK as that of an access point without a user's intervention. The Simple Config protocol is specified in the Windows Connect Now (WCN)-NET Specifications.
FIG. 2 is a timing diagram illustrating a process of allowing a station to access the WPA-PSK network. In operation 201, the station transmits a probe request message to an access point, and the access point transmits a probe response message to the station in response to the probe request message. If the access point supports the Simple Config protocol, the access point includes information indicating that it supports the Simple Config protocol into the probe response message. The station that supports the Simple Config protocol determines as to whether the Simple Config protocol is to be continued, based on the probe response message.
If the station detects the access point, which is to be accessed, through exchange of the probe request message and the probe response message, in operations 202 and 203, the station performs an authentication process and an association process that are defined in the IEEE 802.11 standard, respectively, so as to be associated with the access point. Although being associated with the access point by performing operation 203, the station cannot produce a Pairwise Transient Key (PTK), which is a session key, without a PSK, and thus cannot normally exchange data in the WPA-PSK network. A process of producing a session key by using a shared key, which is described above with reference to FIG. 1, is referred to as 4-way handshaking.
In operation 204, the station and the access point exchange messages according to the WFA Simple Config protocol so as to share the same PSK. In this case, a registrar is used to exchange messages with the station in the WFA Simple Config protocol. The registrar, which is an entity that provides the station with access information for allowing the station to access a wireless network, may be included in the access point or be embodied as a device separately from the access point. In FIG. 2, it is assumed that the registrar is included in the access point.
In operation 205, the station and the access point that obtain the same PSK in operation 204 perform 4-way handshaking in order to produce the same PTK. In operation 206, the station and the access point establish a data communication by using the produced PTK.
FIG. 3 illustrates a process in which a station and an access point establish a communication according to a WFA Simple Config protocol. That is, FIG. 3 illustrates operation 204 of the process, illustrated in FIG. 2, in greater detail.
Referring to FIG. 3, the station exchanges 8 messages with a registrar by using the Simple Config protocol and without a PSK. The station (an enrollee illustrated in FIG. 3) and the registrar produce an encryption key, which is to be used in messages exchanged between the station and the access point, according to a Diffie-Hellman key exchange method. The registrar encrypts wireless network access information including the PSK by using the encryption key, and transmits the encrypted result to the station.
More specifically, referring to FIG. 3, the Diffie-Hellman key exchange method allows generation of a key for producing an AuthKey and a KeywrapKey. For this end, the station and the registrar exchange a PKE and a PKR, which are their Diffie-Hellman public keys, by using M1 and M2 messages, and produce a Key Derivation Key (KDK, which is named since it is used to derive the AuthKey and the KeywrapKey), which is the result of performing the Diffie-Hellman key exchange method, by using the PKE and PKR.
That is, the registrar that has already possessed the PKR obtains the PKE by receiving the M1 message, and thus, can produce the KDK by using the PKR and the PKE, and the AuthKey and the KeywrapKey by using the KDK. Also, the registrar produces an HMAC (message authentication code) by using the AuthKey, adds the M2 message into the produced HMAC, and transmits the HMAC to the station.
The station receives the M2 message, produces the AuthKey and the KeywrapKey, and verifies a HMAC part of the M1 message by using the AuthKey. HMAC parts of the M2 through M8 messages indicate addition of code for verifying whether a message is altered by a third party. As a result, the station and the registrar obtain the same AuthKey and the KeywapKey by exchanging the M1 and M2 messages.
Then, the station and the registrar are capable of determining whether they have the same password by exchanging E-Hash1, E-Hash2, R-Hash1, and R-Hash2 (which are generated based on a password, random numbers, i.e., E-S1, E-S2, R-S1, and R-S2, the PKE, and the PKR) by using the M3 and M4 messages, and exchanging R-S1, E-S1, R-S2, and E-S2, which are encrypted using the KeywrapKey, by using the M3 through M7 messages. That is, the station is authenticated using the M3 through M7 messages.
Here, the password is a unique value that the station supporting SimpleConfig has. A user inputs a secret number via a user interface of the registrar, and the registrar authenticates the station using the password.
If the station is authenticated, the registrar encrypts Config data, which is wireless network access information, and transmits the encrypted result to the station by using the M8 message. In this case, Config data contains the PSK, and may further contain Service Set Identifier (SSID), etc.
As described above, when a user desires to allow a station to temporarily access a wireless network that distributes a PSK by using the WFA Simple Config protocol, the registrar must distribute different PSKs to stations that desire to access the wireless network. Also, when the station that is allowed to temporarily access the wireless network discontinues the access, the user must delete a PSK allocated to this station from a list of PSKs of an access point so that the station cannot further access the network.
However, in this case, the user must find out the allocated PSK. If information that identifies the station is made in a format that the user cannot understand, the user may have difficulties in finding out the allocated PSK. Also, if the user does not delete a PSK, which is to be deleted, by mistake, the station can access the network semipermanently.