1. Field of the Invention
The present invention pertains generally to encrypted communications, and particularly to a mechanism for refreshing a key and indicating when the refreshed key is to be invoked.
2. Description of the Related Art
The market for home networking is developing at a phenomenal rate. Service providers from cable television, telephony and digital subscriber line markets are vying to deliver bundled services such as basic telephone service, Internet access and entertainment directly to the consumer. Collectively these services require a high-bandwidth network that can deliver 30 Mbits/s or even higher rates. The Institute of Electrical and Electronic Engineers (IEEE) 802.11a standard describes a cost-effective, robust, high-performance local-area network (LAN) technology for distributing this multimedia information within the home. Networks that will operate in accordance with standard 802.11a will use the 5-GHz UNII (unlicensed National Information Infrastructure) band and may achieve data rates as high as 54 Mbits/s, which is a significant improvement over other standards-based wireless technology. Other standards include, but are not limited to IEEE 802.11b, Bluetooth (802.15), and HiperLAN.
To provide a level of security, wireless systems that operate in accordance with 802.11a and the other standards allow for encrypted communication. However, depending on the length of the nonce (i.e. a pseudo-random or counter-derived value used with the encryption key to further enhance the encryption), communicating at high data rates may have an undesirable impact on encrypted communication. For example, if the nonce is relatively short, then the lifespan of the maximum security provided by that encryption (also called an entropy or key space) may be exhausted during a communications session spanning hours or even minutes. The key space is a function of how the nonce is derived, how the nonce affects the key from one packet to the next, the number of bits in the nonce, the packet size, and the communications bit rate. When the key space is exhausted, a new encryption key is generally created to provide maximum security for the communication.
FIG. 1 illustrates a diagram of a protocol architecture 100, as described by the Open Systems Interconnection (OSI) model, that is representative of a wireless device that operates in accordance with the IEEE 802.11a standard, which allows for encryption. (Note that other wireless or wired devices can also have a similar architecture.) Architecture 100 defines a networking framework for implementing protocols in seven layers, wherein control passes from one layer to the next. Specifically, a first station begins with an application layer 107 and proceeds to a physical layer 101 (i.e. down the hierarchy). A second station, receiving a transmission from the first station over a (radio) channel, begins with physical layer 101 and proceeds to application layer 107 (i.e. up the hierarchy).
Physical layer 101, which provides the hardware for sending and receiving data on a carrier, conveys the physical properties of the communication medium, electrical properties, and interpretation of the exchanged signals. Data link layer 102 is comprised of two sub-layers: the Media Access Control (MAC) sub-layer 102A and the Logical Link Control (LLC) sub-layer 102B (wherein MAC sub-layer 102A is lower than LLC sub-layer 102B). MAC sub-layer 102A provides the services required to control how a computer on the network gains access to the data as well as permission to transmit the data. LLC sub-layer 102B controls frame synchronization and flow control of the data. Network layer 103 provides the switching and routing services required to successfully transmit data between any two stations in the network. Transport layer 104 provides the services required to ensure complete data transfer, including error detection and recovery. Session layer 105 provides the services required to manage the data connections between stations. Presentation layer 106 provides the translation to allow the data to be transformed into a format that application layer 107 can understand. Finally, Application layer 107 provides an interface between a user and the wireless device. Application layer 107 may include applications such as ftp, email, telephone, and cable service.
The 1999 IEEE 802.11 standard includes encryption as a service in data link layer 102, specifically in MAC sub-layer 102A. However, the 1999 IEEE 802.11 standard omits any specification for how encryption keys are obtained as well as how these keys may be updated. In one embodiment, presentation layer 106 or session layer 105 (for purposes of this discussion, the “higher layer”) can be used to establish and manage these encryption keys. This higher layer typically initiates encrypted communication by obtaining a key from a key authentication server (which is generally external to the OSI model) and providing that key to MAC sub-layer 102A.
However, because MAC sub-layer 102A currently does not provide a mechanism to communicate to the higher layer that the key needs to be updated, the higher layer must redundantly store this information, monitor the state of the key (i.e. its location in the key space), and update the key independent of any communication with MAC sub-layer 102A. Moreover, because there is no defined protocol to update the key, the higher layer merely supplants the old key with a new key, thereby causing traffic disruption. Finally, the higher layer does not control communications regarding the data packet granularity (which is provided by MAC sub-layer 102A). Thus, the higher layer is unable to predict when repetition of nonces occurs (also known as collisions), which can undermine security.
Therefore, a need arises for an encryption solution that enhances security by updating the key while minimizing communication disruption when that key is being updated.