The invention relates to arranging addressing in wireless local area networks and particularly to arranging temporary MAC addresses for wireless terminals.
In addition to data services provided by wired local area networks, several different wireless local area networks have been developed that provide wideband wireless data transmission service in a limited coverage area. These techniques include IEEE 802.11-based WLAN networks. These local area networks can be used to provide very fast data transmission and access to the Internet at different hot spots, such as in offices or at airports.
In wireless local area networks, the communicating devices are identified with fixed MAC (Medium Access Control) layer addresses of the data link layer L2 of the OSI model that are permanently assigned to them typically at the manufacturing stage. For instance, for WLAN networks according to IEEE 802.11 specifications, IEEE allocates an OUI identifier (Organizationally Unique Identifier) to each manufacturer, on the basis of which identifier the manufacturers can determine MAC addresses for the devices. In this way, it becomes possible to guarantee the global uniqueness of the MAC addresses; in other words no other WLAN device can have the same MAC address at the same time. However, the fixed MAC addresses determined by manufacturers cause a security risk: a MAC address can be picked up from every message transferred over the air interface and from RADIUS authentication packets also in other parts of the network. When the MAC address of the device is known, the movements of the device can be followed, and its traffic can be deliberately disturbed by causing collisions with packets by using a ‘stolen’ MAC address.
In order to arrange anonymity, it has been suggested that temporary random MAC addresses be used for WLAN networks. In such a case, the WLAN terminal could at first communicate through a well-known group address, such as a broadcast address. After allocation of a random MAC address to the terminal, the MAC address could be transmitted to the terminal by using the same group address, after which communication can be started with it to identify the terminal. However, two terminals might request for temporary MAC addresses substantially simultaneously. In such a case, both terminals may take into use the MAC address transmitted through the broadcast address of the network, whereby two terminals would have the same address in use.