The issue of network security has gained popular attention in both the industry and the academic community. The security issue of a wireless network is far more serious as compared to that of a wired Ethernet. The U.S. Institute for Electrical and Electronics Engineers (IEEE) defined a series of 802.11 and 802.16 standards to enhance the security of wireless local area and wireless metropolitan area networks and to provide a Mobile Terminal (MT) with a secure access to a Base Station (BS). The national standard GB15629.11 of wireless local area network, commonly referred to as the WLAN Authentication and Privacy Infrastructure (WAPI) protocol, was published in China in May, 2003. Both data communication and broadcast communication are incorporated into a Broadband Wireless Multimedia (BWM) network which is a new wireless network architecture for which the issues of secure access and secrete communication shall also be addressed.
For whatever wireless network, two communication modes are typically involved: point-to-point unicast communication and point-to-multipoint group/multicast communication (or referred to as broadcast in a group). Guaranteed authenticity of entities of both communication parties and secrecy of communication contents are required for unicast communication, and also guaranteed legality of group/multicast entities and secrecy of group/multicast messages are required for secure group/multicast communication. Furthermore, a group/multicast receiving terminal is limited to a specific privilege to ensure that only an authorized terminal can read the group/multicast message properly, which requires that firstly the issue of distributing a group/multicast key securely shall be addressed effectively. How to manage the group/multicast key effectively is one of crucial issues to implement secure group/multicast communication.
In the standard of IEEE802.11, security of a Wireless Local Area Network (WLAN) is achieved in a Wired Equivalent Privacy (WEP) protocol with simple management of a key, where a shared key is set manually between a mobile terminal and an access point. In this phase, the IEEE802.11 neither relates to the issue of managing a group/multicast key nor provides a solution for group/multicast security.
Due to serious security defects in the WEP encryption protocol, the IEEE proposed the standard of IEEE802.11i to address the security issue of the WEP. Also the national standard GB15629.11 of the wireless local area network, i.e., WAPI, was proposed in China to overcome some drawbacks of the WEP. The IEEE802.11i and the WAPI are very similar in terms of group/multicast key management despite their different authentication mechanism: a Group/multicast Session Key (GSK) is encrypted with a predefined Unicast Session Key (USK) and distributed. That is, a base station selects a group/multicast session key and encrypts the group/multicast session key with unicast session keys shared with terminals respectively and transmits the encrypted GSKs to the corresponding terminals. Each of the terminals may decrypt the encrypted group/multicast session key with the unicast session key shared with the base station upon reception of a message of the encrypted group/multicast session key to obtain the GSK. The base station may perform secure group/multicast communication after all of the terminals receive the same group/multicast session key. The foregoing process has to be repeated if the group/multicast session key is updated.
A drawback of the above method is inefficiency, and particularly when the group/multicast session key is updated, the base station has to repeat the foregoing process of distributing the group/multicast session key: the base station selects a group/multicast session key, encrypts the GSK with unicast session keys shared with the terminals respectively and transmits the encrypted GSKs to the corresponding terminals.
In the standard of wireless metropolitan area network proposed by the U.S. IEEE, i.e., the standard of IEEE802.16, group/multicast key management learns the IEEE802.11i. However, a new design idea on the issue of secure group/multicast key management was proposed in the standard of IEEE802.16e proposed by the IEEE by introducing a Group/multicast Key Encryption Key (GKEK) to set up a management method with two levels of the Group/multicast Key Encryption Key (GKEK) and the Group/multicast Session Key (GSK). The idea of the method lies in that firstly a base station encrypts the GKEK with unicast session keys setup with terminals respectively and transmits the encrypted GKEKs to the corresponding terminals; the terminals decrypt the encrypted GKEKs with the unicast session keys upon reception of messages; then the base station encrypts the GSK with the GKEK and broadcasts the encrypted GSK to all of the terminals; and the terminals with the GKEK may obtain the same GSK. Thus, a group/multicast session key process has been performed. The same process is performed to update the group/multicast session key, that is, the base station encrypts a GSK with the GKEK being a key and broadcasts the encrypted GSK to all of the terminals.
The group/multicast key management method of the IEEE802.16e also suffers from the following drawbacks: temporal synchronization is used and management of status is complicated; a new key is enabled and disabled dependent upon temporal judgment and it is complex to maintain a synchronous clock in a distributed system.
In view of the above situation, a similar group/multicast session key management method was proposed in China in the fields of wireless metropolitan area network and broadband wireless multimedia.
However this method suffers the following drawbacks.
1. Despite the use of the management method with two levels of a GKEK and a GSK, the GKEK and the GSK are the same for all of the terminals, thus lacking the advantages and characteristics of hierarchical key management.
2. The GKEK is the same for all of the terminals, therefore, it is more likely for any of the terminals to reveal the GKEK to another terminal, thus resulting in low security.
3. No method for updating a GKEK is suggested. Since the GKEK as a basic key is the same for all of the terminals and security thereof is low, the GKEK has to be replaced frequently.
4. No effective method for updating a GKEK is presented, and the GKEK is just encrypted and distributed respectively by the base station to the terminals as in the method for distributing a group/multicast key encryption key.
5. In the foregoing item 4, it may take a long period of time for updating dependent upon the number of terminals, which may cause a phenomenon of interrupted group/multicast communication when the key is updated.
Although the solution proposed in the IEEE802.16e and the solution proposed in China in the fields of wireless metropolitan area network and broadband wireless multimedia may improve the efficient issue of the group/multicast key management to some extent and improve efficiency of distributing and updating a group/multicast session key, these solutions have not address the drawbacks of the IEEE802.11i, the WAPI and the IEEE802.16 thoroughly. That is, at least the Group/multicast Key Encryption Key (GKEK) to be distributed is also encrypted by the base station respectively with the unicast session keys shared with the terminals and transmitted to the corresponding terminals. Moreover, the issue of updating the Group/multicast Key Encryption Key (GKEK) has not been handled but is addressed by simply repeating the initial distribution process.