A wireless network is a flexible data and voice communication medium implemented as an extension for, or as an alternative to, a wired network. By using radio frequency (RF) technology, wireless communication networks transmit and receive data and voice over the air, minimizing the need and the cost typically associated with a wired connection. Moreover, wireless communication networks offer mobility and flexibility for users. For example, doctors and nurses in hospitals can use hand-held devices or notebook computers to access patient information from a server through wireless networks without having to search for a physical jack to plug their devices or computers into. In terms of flexibility, a wireless communication network of nodes can be configured and/or reconfigured for a temporary assignment, operation, or mission.
A problem that exists in many wireless communication networks is that of providing a comprehensive security scheme that ensures privacy and integrity of data and voice communication. Some wireless networks utilize cryptographic techniques to convert unencrypted information or signals into information or signals using secret conventions called keys, such that the information or signals are unintelligible to third parties who are not aware of the secret (i.e., the key) used to convert the signals, or to perform the reverse operation using hardware or software means designed for this purpose. Cryptography can be useful for detecting loss of data integrity, authenticating players, and protecting confidential information.
One existing cryptographic approach involves a wireless node sharing a group key with the remaining nodes of the wireless network. Unfortunately, should any one device on the wireless network fall into the hands of an attacker, the security of every device in the network can be compromised.
This problem is exacerbated in an environment that includes a network of mobile wireless nodes (i.e., radios) that are likely to be lost during normal operations. An exemplary network is a temporary wireless communication network configured for a military operation. Typically, multi-party intercommunication within such a network (i.e., communications between more than two parties) calls for security critical assets, such as algorithms and keying information, to be stored in each mobile node. The loss of one mobile node can result in the loss of these security critical assets, thus compromising the larger system.
This problem has been mitigated somewhat in two party communication networks using public key management techniques for generating a unique traffic encryption key between two nodes. Since all secure communication sessions have a unique traffic encryption key, the loss of a node only creates the potential for insecure communications between those two nodes. Unfortunately, such techniques cannot be used for multi-party intercommunications.
A Type 1 product is defined as a classified or controlled cryptographic item (CCI) endorsed by a regulatory agency, such as the United States National Security Agency for securing classified and sensitive government information, when appropriately keyed with a secret trusted key. Unfortunately in a communication network of Type 1 mobile nodes keyed with a secret trusted key, the loss of a mobile node and its recovery by an adversary could be devastating to the outcome of a field operation as well as all future communications within the system of similarly keyed products is compromised. Accordingly, rekeying of all similarly keyed products is required following loss of one of the mobile nodes. This rekeying presents a significant logistics problem. Moreover, personnel that use and are responsible for the Type 1 mobile nodes (radios) may not purchase them or may not deploy them if losing a radio during a field operation can result in a security incident.
Consequently, what is needed is technique for enhancing the security of a wireless communication network. What is further needed is a technique for securing communication over a wireless communication network in which loss of a mobile node (radio) does not represent the loss of security critical keying information.