1. Field of the Invention
The present invention relates to wireless networks. More particularly, it relates to a synchronization mechanism for a wireless local area network (LAN).
2. Description of the Prior Art
A key challenge to successful deployment of Wireless LANs (WLAN) is securing the wireless link. Due to its wireless nature, hacking into or gaining access and snooping into the data contained on any other computer on the wireless network is fairly trivial in a WLAN. Thus, data must be encrypted to prevent such unauthorized viewing. This encryption can be done either at the application layer or at the link layer level. The link level encryption is more useful as it does not require any modifications to existing applications. There are several mechanisms available to secure WLANs at the link layer:
Wired Equivalent Privacy (WEP)
Although WEP is by far the most widely used method, it has been shown to have several weaknesses. One main weakness being the absence of automatic periodic renewal of the encryption key. Thus, if someone captures enough WEP encrypted packets, it becomes relatively easy to deduce the encryption key.
WiFi Protected Access (WPA)
WPA is a relatively new standard that overcomes some short comings of WEP. It provides a mechanism for key rotation and hence is more secure.
Since WEP is the most widely deployed mechanism, solutions that enable key rotation in the WEP have been proposed. However, this leads to the problem of encryption key synchronization. The WLAN Access Point (AP) and the wireless station (STA) must share the same WEP encryption key. During initial encryption key setup and key rotation, it is possible that the AP and the STA get out of sync, i.e., the AP and STA update their encryption keys at slightly different times and hence have different encryption keys. During this out-of-sync period, the AP and the STA will not be able to communicate with each other. Worse yet, because they are out of sync, the signaling protocol exchange between them for encryption key setting may not be able to finish, creating a deadlock.
This problem not only occurs in the proposed key rotation in the WEP solutions, but may also occur with any type of mechanism in which the data packets (frames) used in the signaling protocol for key setting are encrypted. The present invention proposes a mechanism to solve the encryption key synchronization problem.
WPA does not suffer from the same problems as WEP key synchronization due to the fact that signaling protocol data is unencrypted. However, concerns have been raised regarding the unencrypted signaling data being explored by hackers. The proposed encryption key synchronization mechanism of the present invention can be used within the WPA framework with encrypted signaling data frames.