CN116782204A - Privacy enhanced beacon frames - Google Patents

Abstract

The present disclosure relates to privacy enhanced beacon frames. Embodiments for Privacy Enhanced (PE) beacon frames are disclosed. A PE Station (STA) may receive a PE beacon frame including a Medium Access Control (MAC) header including a first random Identifier (ID) and a first checksum ID; determining beacon parameters satisfying the configuration; the PE beacon frame is then received. When the first random ID and the first checksum ID correspond to an affiliated PE Access Point (AP) of a PE AP multi-link device (MLD), to identify the PE AP MLD, the PE STA may determine a checksum value using the AP MLD ID of the PE AP MLD and the first random ID, and identify the PE AP MLD based on a comparison of the determined checksum value with the first checksum ID. In some embodiments, the location of the changed sequence number adjacent to the MAC header enables early termination of the PE beacon frame reception.

Description

Privacy enhanced beacon frames

Cross Reference to Related Applications

The present application claims the benefit of U.S. provisional patent application No. 63/321,521, filed 3/18 at 2022, which is incorporated herein by reference in its entirety.

Background

Technical Field

Embodiments relate generally to wireless devices and beacons transmitted in wireless communication systems.

RELATED ART

Wireless Local Area Network (WLAN) communications are described in IEEE p802.11revme_d1.0, draft Standard for Information technology-Telecommunications and information exchange between systems Local and metropolitan area networks-Specific requirements, part 11:Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications "IEEE p802.11revme".

Disclosure of Invention

Some embodiments include systems, apparatuses, articles of manufacture, methods, and/or computer program products for Privacy Enhanced (PE) beacon frames and/or combinations and/or sub-combinations thereof. Some embodiments simplify PE beacon reception for associated PE STAs. PE beacon reception is often repeated, and some embodiments enable the PE STA to terminate PE beacon reception when no change to the PE BSS element is expected. Therefore, the PE STA can reduce power consumption. Conversely, when changes to a PE BSS element are expected, the PE beacon may notify the PE STA of the impending changes, provide timing associated with when such changes are expected, and provide new values (e.g., addresses) that enable the PE STA to maintain association and utilize wireless services accordingly. To receive the PE beacon, the associated PE STA performs a checksum calculation using the random ID from the PE beacon and the PE AP ID. The result of the checksum calculation may be compared to the checksum ID from the PE beacon and if the comparison yields a substantial match, the PE STA may confirm (e.g., discover) the PE AP that transmitted the PE beacon.

Some embodiments include a PE Station (STA) that may receive a PE beacon frame having a Medium Access Control (MAC) header including a first random Identifier (ID) and a first checksum ID. The PE STA may determine that the first random ID and the first checksum ID satisfy the configured PE beacon parameters and process the PE beacon frame in response to the determination.

In some embodiments, the MAC header includes an extended type and subtype corresponding to an encrypted PE beacon frame or PE discovery beacon frame. In some embodiments, the MAC header further includes a broadcast address. In some examples, the first random ID includes at least 8 octets (e.g., 8 or 9 octets). In some embodiments, the first random ID and the first checksum ID correspond to an affiliated PE Access Point (AP) of a PE AP multi-link device (MLD). To identify the PE AP MLD, the PE STA may select an AP MLD ID of the PE AP MLD, determine a checksum value using the AP MLD ID and the first random ID, and determine whether the first checksum ID satisfies the checksum value.

In some embodiments, the encrypted change sequence number is adjacent to a MAC header in the PE beacon frame. The PE STA may determine whether the change sequence number is the same as the change sequence number of the previous PE beacon frame and terminate reception of one or more remaining portions of the PE beacon frame when the change sequence number has changed. The PE STA may associate with the PE AP and determine whether one or more elements of a PE Basic Service Set (BSS) corresponding to the PE AP are to be updated. In some embodiments, one or more elements of the PE BSS identify a number of Target Beacon Transmission Times (TBTTs) until an updated second PE beacon frame including the one or more elements is received.

In some embodiments, the PE beacon frame includes a non-encryption Reduced Neighbor Report (RNR) element including a second random ID, a second checksum ID, and a PE multi-basic service set ID (MBSSID) size corresponding to the first neighbor PE AP. The PE MBSSID size corresponds to the size of the encrypted PE BSS information of the first neighboring PE AP. When a first neighbor PE AP is affiliated with a PE AP MLD, the encrypted PE BSS information includes a second RNR for maintaining one or more links of the PE AP MLD with at least one other neighbor PE AP affiliated with the PE AP MLD.

The PE STA may determine a Target PE Beacon Transmission Time (TPBTT) that includes a random time offset from the TBTT, where the TPBTT does not change a Timing Synchronization Function (TSF) timer corresponding to the PE AP transmitting the PE beacon frame. TPBTT may occur during the PE beacon randomization window duration based on the percentage of TBTT.

Some embodiments include a PE AP that may configure a PE beacon frame with a MAC header that includes a first random Identifier (ID) and a first checksum ID corresponding to the PE AP, wherein the MAC header includes an extended type and subtype corresponding to an encrypted PE beacon or PE discovery beacon. The PE AP may transmit a PE beacon frame at TPBTT. In some embodiments, the TPBTT is based at least in part on a random time offset from the TBTT, wherein the TPBTT does not change the TSF timer of the PE AP. In some embodiments, the PE AP is affiliated with the PE AP MLD. The PE beacon frame may include an unencrypted RNR element including a second random ID, a second checksum ID, and a PE MBSSID size corresponding to the neighbor PE AP, which also is affiliated with the PE AP MLD. The PE MBSSID size may correspond to the size of the encrypted PE BSS information of the neighboring PE AP.

Further embodiments, features, and advantages of the present disclosure, as well as the structure and operation of the various embodiments of the present disclosure, are described in detail below with reference to the accompanying drawings.

Drawings

The accompanying drawings, which are incorporated herein and form a part of the specification, illustrate the disclosure and, together with the description, further serve to explain the principles of the disclosure and to enable a person skilled in the pertinent art to make and use the disclosure.

Fig. 1 illustrates an exemplary system supporting Privacy Enhanced (PE) beacon frames according to some embodiments of the present disclosure.

Fig. 2 illustrates a block diagram of an exemplary wireless system supporting PE beacon frames, according to some embodiments of the present disclosure.

Fig. 3A-3C illustrate exemplary fields for PE beacon frame type detection according to some embodiments of the present disclosure.

Fig. 4A-4B illustrate exemplary implementations of random Identifiers (IDs) and checksum IDs in accordance with some embodiments of the present disclosure.

Fig. 5 illustrates an example of a broadcast probe/query mechanism according to some embodiments of the present disclosure.

Fig. 6 illustrates an example of PE Access Point (AP) identification from a PE beacon frame, according to some embodiments of the disclosure.

Fig. 7A illustrates an example of an encrypted PE beacon frame format according to some embodiments of the present disclosure.

Fig. 7B illustrates exemplary fields of a beacon update field according to some embodiments of the present disclosure.

Fig. 8A-8F illustrate examples of Reduced Neighbor Report (RNR) element fields in an encrypted PE beacon according to some embodiments of the disclosure.

Fig. 9A illustrates an example of a discovery beacon frame, according to some embodiments of the disclosure.

Fig. 9B illustrates an example of a PE discovery beacon frame format with PE BSS information, according to some embodiments of the present disclosure.

Fig. 10A-10D illustrate examples of unencrypted PE RNR element fields of PE discovery beacon frames according to some embodiments of the present disclosure.

Fig. 11A illustrates an example of a conventional beacon according to some embodiments of the present disclosure.

Fig. 11B illustrates an example of randomization of PE beacon transmission periods in accordance with some embodiments of the disclosure.

Fig. 12 illustrates an exemplary method for a PE STA to utilize a PE beacon frame according to some embodiments of the present disclosure.

Fig. 13 illustrates an exemplary method for a PE AP to utilize PE beacon frames according to some embodiments of the present disclosure.

FIG. 14 illustrates an exemplary computer system for implementing some embodiments or portions thereof.

Fig. 15A illustrates an example system supporting legacy beacon frames carrying PE BSS information in accordance with some embodiments of the present disclosure.

Fig. 15B illustrates an example of a legacy beacon frame format with PE BSS information in accordance with some embodiments of the present disclosure.

The present disclosure is described with reference to the accompanying drawings. In the drawings, generally, like reference numbers indicate identical or functionally similar elements. Further, generally, the leftmost digit(s) of a reference number identifies the figure in which the reference number first appears.

Detailed Description

Some embodiments include systems, apparatuses, articles of manufacture, methods, and/or computer program products for Privacy Enhanced (PE) beacon frames and/or combinations and sub-combinations thereof. Some embodiments include a PE beacon frame with a Medium Access Control (MAC) header that includes a combination of an extended type field and a subtype field that enables a receiver to determine whether the PE beacon frame is an encrypted PE beacon frame or a PE discovery beacon frame. The MAC header of the PE beacon frame may include a random Identifier (ID) and a checksum ID that enable a PE Station (STA) to identify a corresponding PE Access Point (AP) that transmitted the PE beacon frame. Some embodiments include a field for encrypting a PE beacon frame and a PE discovery beacon frame. Some embodiments include PE beacon transmission period randomization for encrypting PE beacon frames and unsolicited PE discovery beacon frames.

Privacy in a wireless network (e.g., basic Service Set (BSS)) is beneficial to many BSS types, including but not limited to: a mobile Access Point (AP), an AP in a vehicle, a residential private network, a mesh backbone network, an internet of things (IoT) network, or a private network (e.g., a hospital, corporate network, hospital, government agency, public security, etc.). A Privacy Enhanced (PE) BSS includes privacy enhancement for PE APs and associated PE Stations (STAs). The PE BSS is not backward compatible with legacy STAs. A previously authenticated, associated, or preconfigured PE STA may discover, authenticate, and associate with a PE BSS (e.g., with a PE AP providing the PE BSS). The management frames are encrypted and most of the control frames are confused or encrypted. The physical layer protocol data unit (PPDU) and the MAC Protocol Data Unit (MPDU) transmitted in the PE BSS may be optimized to not include Personal Identification Information (PII) and/or personal related information (PCI). The PE BSS is included in a Wireless Local Area Network (WLAN) ecosystem.

Fig. 1 illustrates an exemplary system 100 supporting PE beacon frames according to some embodiments of the present disclosure. System 100 includes physical AP 110 in a channel with two BSSs (legacy AP 112 and PE AP 114). The legacy AP 112 provides a legacy BSS (e.g., with a Service Set Identifier (SSID) referred to as a "coffee shop") that does not provide any privacy enhancements to the associated legacy devices like the legacy STA 120. In contrast, PE AP 114 provides a PE BSS (e.g., a PE SSID named "PE coffee shop") that provides privacy enhancements to PE stations like PE STA 130. The system 100 also includes a PE AP 160 that may provide a different PE BSS (e.g., a PE SSID called "Sarah Knight car") that provides privacy enhancements to PE stations like the PE STA 170. Physical AP 110 and PE AP 160 may access network 150.

Legacy STA 120, PE STA 130, and/or PE STA 170 may be electronic devices that may include, but are not limited to, cellular telephones, smart phones, tablets, personal Digital Assistants (PDAs), or laptops. Network 150 may include, but is not limited to, any one of a Local Area Network (LAN), metropolitan Area Network (MAN), wireless Local Area Network (WLAN), and/or the internet, or any combination thereof. In some embodiments, PE AP 160 may be a multi-link device (MLD), where PE AP MLD 160 may include multiple APs, each AP including a corresponding radio transceiver that operates independently of other radio transceivers. Each PE AP of PE AP MLD 160 may correspond to a particular different link. For example, a first PE AP may communicate via a 2.4GHz link, a second PE AP may communicate via a 5GHz link, and a third PE AP may communicate via a 6GHz link.

Fig. 2 illustrates a block diagram of an exemplary wireless system supporting PE beacon frames, according to some embodiments of the present disclosure. For purposes of illustration and not limitation, FIG. 2 may be described with reference to elements of FIG. 1. For example, system 200 may be any of the following electronic devices of system 100: AP 110, PE AP 114, PE AP 160, PE STA 130, and/or PE STA 170. System 200 includes one or more processors 265, a transceiver 270, a communication interface 275, a communication infrastructure 280, a memory 285, and an antenna 290. Memory 285 may include Random Access Memory (RAM) and/or cache, and may include control logic (e.g., computer instructions) and/or data. The one or more processors 265 may execute instructions stored in the memory 285 to perform operations that enable the wireless system 200 to transmit and receive wireless communications supporting the PE beacon frames described herein. In some embodiments, one or more processors 265 may be "hard-coded" to perform these functions herein. According to some embodiments, transceiver 270 transmits and receives wireless communication signals including wireless communications supporting PE beacon frames, and may be coupled to one or more antennas 290 (e.g., 290a, 290 b). In some embodiments, a transceiver 270a (not shown) may be coupled to the antenna 290a, and a different transceiver 270b (not shown) may be coupled to the antenna 290b. Communication interface 275 allows system 200 to communicate with other devices, which may be wired and/or wireless. Communication infrastructure 280 may be a bus. Antenna 290 may include one or more antennas, which may be of the same or different types.

Fig. 5 illustrates an example 500 of a broadcast probe/query mechanism according to some embodiments of the present disclosure. For purposes of illustration and not limitation, FIG. 5 may be described with reference to elements of other figures in the disclosure. For example, legacy AP 510, PE AP 514, PE AP 560, PE STA 530, and/or PE STA 570 of system 500 may correspond to legacy AP 112, PE AP 114, PE AP 160, PE STA 130, and/or PE 170 of system 100, respectively. PE STA 530 may actively scan for available PE BSSs. For example, the PE STA may transmit a broadcast or directed probe request frame to request a response from a legacy AP or PE AP. As shown in example 500, PE STA 530 may transmit broadcast probe request 540 to PE AP 514. In response, PE AP 514 may respond with a broadcast PE beacon frame 545, which may be an encrypted PE beacon frame or a PE discovery beacon frame. If broadcast PE beacon frame 545 includes PE BSS information for a plurality of PE BSSs, broadcast PE beacon frame 545 is a PE discovery beacon frame.

The PE STA may transmit a broadcast or directed PE query request frame to request a response from the PE AP providing the PE BSS. If the unicast PE query request is addressed to the associated PE AP (and corresponding PE BSS), the unicast PE query request is encrypted. The broadcast PE query request is transmitted unencrypted. For example, PE STA 570 may transmit broadcast PE query request 580 unencrypted to PE AP 560. In response, PE AP 560 may respond with a broadcast PE beacon frame 585, which may be an encrypted PE beacon frame or a PE discovery beacon frame. When broadcast PE beacon frame 585 is a PE discovery beacon frame, broadcast PE beacon frame 585 includes PE BSS information for a plurality of PE BSSs corresponding to PE AP 560. In some embodiments, the extended type and subtype values in the frame control field of the MAC header of broadcast PE beacon frame 545 or 585 may enable PE STAs to detect encrypted PE beacon frames or PE discovery beacon frames.

Fig. 3A-3C illustrate exemplary fields for PE beacon frame type detection according to some embodiments of the present disclosure. For purposes of illustration and not limitation, fig. 3A-3C may be described with reference to elements of other figures in the disclosure.

For example, the type and subtype combinations at row 360 of fig. 3C may be included in the MAC header 700 of fig. 7A, the MAC header 910 of fig. 9A, and the MAC header 935 of fig. 9B below. Example 300 illustrates a management frame format including a MAC header, a frame body, and a frame check sequence field. The fields within the MAC header are not encrypted and may include, but are not limited to, the following fields: frame control 312, address 1 314, address 2 316, and address 3 318. Frame control 312 is shown in more detail in example 320 of fig. 3B. Example 320 may include, but is not limited to, type 322 and subtype 324. Exemplary values for type 322 and subtype 324 are shown in example 350 of FIG. 3C. Type 322 is used to detect whether the frame is a data, control or management frame. Subtype 324 defines finer granularity content of MPDUs.

Some embodiments utilize a combination of type 322 and subtype 324 values to modify the structure of the MAC header to enable the PE STA to detect and determine the type of PE beacon frame. For example, upon receiving a PE beacon frame (e.g., the encrypted PE beacon frame in example 700 of fig. 7A or the PE discovery beacon frame in example 930 of fig. 9B), a receiver (e.g., a PE STA) may determine whether the receiver may decrypt the PE beacon frame based on a combination of the type 322 and subtype 324 values in the corresponding MAC header field. In some embodiments, the type and subtype values shown in line 360 of example 350 of fig. 3C may be used to detect and determine PE beacon frame types. As an example, when type 322= "11" and subtype 324= "0010", a PE beacon frame may be identified as an encrypted PE beacon frame. In another example, when type 322= "11" and subtype 324= "0011", the PE beacon frame may be identified as a PE discovery beacon frame. The combination of type 322 and subtype 324 corresponding to a PE beacon frame may affect the following fields of example 300: address 1 314, address 2 316, and address 3 318, as shown in table 1 below.

Table 1: MAC header address rules

As shown in table 1, when MAC header 710 in example 700 of fig. 7A includes a combination of type 322 and subtype 324 corresponding to an encrypted PE beacon frame, or when MAC header 935 in example 930 of fig. 9B includes a combination of type 322 and subtype 324 corresponding to a PE discovery beacon frame, address 2 316 and address 3318 may include corresponding random ID and checksum ID values. In some embodiments, the MAC header 910 in the example 900 of fig. 9A includes a combination of the type 322 and subtype 324 corresponding to the discovery beacon frame, and address 2 316 and address 3318 may include corresponding random ID and checksum ID values. In other words, the address fields in MAC header 710, MAC header 935, and/or MAC header 910 of the respective PE beacon frame format and discovery beacon format may include a corresponding random ID and checksum ID. In some embodiments, address 1 314 comprises a broadcast address, and each of the address fields (address 1 314, address 2 316, and address 3318) is 6 octets in length.

The PE AP periodically changes the random ID and the checksum ID to protect the identity of the PE AP. In some embodiments, the random ID and checksum ID may be additional fields added to the MAC header in example 300 prior to the frame body field. In some embodiments, the length of the random ID and checksum ID fields may vary.

Fig. 4A-4B illustrate examples 400 and 450 of implementations of random IDs and checksum IDs in accordance with some embodiments of the present disclosure. For purposes of illustration and not limitation, fig. 4A-4B may be described with reference to elements of other figures in the disclosure. For example, A1 414, A2, and A3 418 of fig. 4A-4B may correspond to address fields address 1 314, address 2 316, and address 3 318 of fig. 3A. Examples 400 and 450 show how three address fields can support a random ID and checksum ID of greater than 6 octets. For example, example 400 includes a 9 octet random ID 440 and a 9 octet checksum ID 445. Thus, the A1 414 and A2 436 (e.g., the first 3 octets of A2) fields may be used to carry the random ID 440. A2438 (the last 3 octets of A2) combined with A3 418 can be used to carry the checksum ID 445. Example 450 shows how three address fields may be partitioned to support an 8-octet random ID 470 and an 8-octet checksum ID 475. For example, A1 414 and A2 462 (e.g., the first 2 octets of A2) fields may be used to carry the random ID 470. A2 468 (the last 2 octets of A2) combined with A3 418 can be used to carry a checksum ID 475. A2 464 (the remaining 2 octets in the middle of A2) may be a reserved field, reserved 472.

Returning to the last column of Table 1, PE framing may be transmitted by the PE AP. The MAC header of the PE beacon frame is different from other sets of frames transmitted by the PE AP. For example, the PE AP may configure a set of group addresses: offset of transmitter Over The Air (OTA) MAC address, group address Sequence Number (SN) and/or Packet Number (PN).

Fig. 6 illustrates an example 600 of PE AP identification from a PE beacon frame according to some embodiments of the disclosure. For purposes of illustration and not limitation, FIG. 6 may be described with reference to elements of other figures in the disclosure. For example, PE AP MLD 610, PE AP 611, PE AP 612, PE AP 613, and/or PE STA 620 may be system 200 of fig. 2. PE AP MLD 610 includes identifier AP MLD ID 605 and PE AP MLD 610 includes 3 affiliated PE APs 611, 612, and 613. Each affiliated PE AP (e.g., PE AP 611, PE AP 612, and PE AP 613) in PE AP MLD 610 selects a different random ID value (e.g., random ID 1 is different from random ID2 and random ID 3). PE STA 620 may not be an MLD. The PE STA 620 may be configured with an identifier AP MLD ID 605 for the PE AP MLD 610.

PE STA 620 configured with identifier AP MLD ID 605 for PE AP MLD 610 may discover PE AP MLD 610 from any PE beacon frames transmitted by affiliated PE APs (e.g., PE AP 611, PE AP 612, and PE AP 613). Other PE STAs that are not aware of the AP MLD ID 605 (e.g., not provided with the AP MLD ID 605) would expect the PE AP 611, PE AP 612, and/or PE AP 613 to be uncorrelated with each other (e.g., not affiliated with the AP MLD 605). PE STA 620 may select AP MLD ID 605 and may receive PE beacon frames from any affiliated PE AP (e.g., PE AP 611, PE AP 612, and PE AP 613). PE STA 620 may use the received random ID (e.g., random ID2 from PE AP 612) and AP MLD ID 605 to calculate a checksum ID. PE STA 620 may compare the calculated checksum value with the checksum ID2 received in the PE beacon frame. If the calculated checksum value substantially matches checksum ID2, PE STA 620 may verify the identity of PE AP 612. In other words, PE STA 620 determines that PE AP 612 has been found that is affiliated with AP MLD 610. In some embodiments, the checksum used in the comparison is a previously stored value.

In some embodiments, for an 8-octet random ID, the calculated checksum value may be determined using the Hash Message Authentication Code (HMAC) -SHA and Address Resolution Key (ARK) functions shown below:

the determined checksum id=trunk-64 (HMAC-SHA-256 (ARK, "AP MLD ID", random ID)),

wherein the method comprises the steps of

The AP MLD ID is a 128-bit identifier of PE AP MLD 610

The random ID is a 64-bit random ID 2 of PE AP 612, and

the determined checksum value is the 64-bit checksum ID 2 of PE AP 612.

In some embodiments, the PE STA stores information for the PE AP and the corresponding PE BSS. The PE STA stores many PE AP parameters as shown in table 2.

Table 2: information stored by PE STA

Based on the information stored in table 2, the PE STA may choose to authenticate to the PE BSS. In some embodiments, the STA may choose to continue to establish pre-association security to obtain more information about the PE AP. In some embodiments, the PE AP ARK is used to detect the identity of the PE AP (e.g., the key is a long-term AP key that may be used in the AP MLD ID calculation). BIGTK key 1 may be a short term key used to protect the payload of a beacon frame. BIGTK key 2 may be a long-term key used to calculate an integrity checksum of the PE discovery beacon (e.g., calculated by PE discovery beacon MME). In some embodiments, a salt for a Target PE Beacon Transmission Time (TPBTT) may be stored by the PE STA (see fig. 11B).

The PE beacon frame may have a separate Sequence Number (SN) and/or Packet Number (PN) counter that is incremented when the PE AP transmits the PE beacon frame. PN and SN may be used for PE beacon payload encryption. An example of PE beacon frame protection is shown below in table 3:

table 3: PE beacon frame encryption key

Fig. 7A illustrates an example 700 of an encrypted PE beacon frame format according to some embodiments of the disclosure. For purposes of illustration and not limitation, FIG. 7A may be described with reference to elements of other figures in the disclosure. For example, example 700 may be included in broadcast PE beacon frame 545 transmitted from PE AP 560 of fig. 5 and/or broadcast PE beacon frame 585 transmitted by PE AP 514. The PE beacons contain minimal information to maintain the association. The encrypted PE beacon frame format of example 700 may include a MAC header 710, a change sequence number 720, a Timing Synchronization Function (TSF) 722, a beacon update 730, a Traffic Indication Map (TIM) 740, a Reduced Neighbor Report (RNR) 750, and an optional element 760. Note that the following fields are transmitted encrypted: change sequence number 720, TSF 722, beacon update 730, TIM 740, and/or RNR 750.

The fields of the encrypted PE beacon frame format of example 700 are shown in table 1 below.

Table 4: exemplary encrypted PE beacon frame element

In some embodiments, the change sequence number 720 is located near the MAC header 710 being processed and is processed thereafter. The change sequence number 720 signals to the PE STA whether any PE BSS parameters of the PE BSS provided by the PE AP (e.g., PE AP 514 or PE AP 560) have changed or are changed in the future. For example, if the BSS parameters have changed or are to be changed, the value of the change sequence number 720 may be increased (e.g., by +1). Accordingly, a PE STA (e.g., PE STA 530 or PE STA 570) that receives the encrypted PE beacon frame of example 700 and decrypts the changed sequence number 720 may determine whether any BSS parameters of the corresponding PE BSS have changed or are to be changed. For example, if no BSS parameters have changed, the PE STA may terminate further reception of the encrypted PE beacon frame of example 700 if the PE STA is not interested in any buffered Downlink (DL) packets. Such early termination of an encrypted PE beacon frame may save PE STA resources (e.g., battery power) and the PE STA may, for example, return to a sleep or dormant state.

Fig. 8A-8F illustrate examples of encrypted Reduced Neighbor Report (RNR) element fields in an encrypted PE beacon format according to some embodiments of the disclosure. For purposes of illustration and not limitation, fig. 8A-8F may be described with reference to elements of other figures in the disclosure. For example, the RNR element 850 of FIG. 8A may correspond to the RNR 750 of FIG. 7A. For example, RNR element 850 may include the contents of an affiliated PE AP of PE AP MLD and encrypted portions of Multiple BSSID (MBSSID) PE information.

The example 800 of fig. 8A includes an RNR element 850 that includes one or more neighbor AP information fields (e.g., neighbor AP information 852). Because the RNR element 850 is transmitted encrypted, the RNR element 850 may utilize a legacy RNR format in the encrypted PE beacon frame format. Thus, neighbor AP information 852 includes a Target Beacon Transmission Time (TBTT) information header 860 and TBTT information 870. The TBTT information 870 field includes BSS parameters 880 and MLD parameters 890. For example, assume that PE AP MLD includes 3 affiliated PE APs and that the first PE AP transmits the encrypted PE beacon frame of example 700. The MLD ID field may be generated by the reporting first PE AP to identify a list of reporting PE APs that are affiliated with the same PE AP MLD. The link ID field indicates a link identifier of the reporting first PE AP within the PE AP MLD to which the reporting first PE AP is attached (e.g., the first PE AP of the PE AP MLD).

Fig. 7B illustrates an example of a beacon update 730 according to some embodiments of the present disclosure. For purposes of illustration and not limitation, FIG. 7B may be described with reference to elements of other figures in the disclosure. For example, beacon update 730 is included in encrypted PE beacon frame example 700 of fig. 7A. Some embodiments enable the PE AP to use the beacon update 730 to notify the associated PE STA that changes to one or more PE BSS parameters are imminent, when they come and any corresponding new values. Thus, the associated PE STA may adjust the stored information in time to receive the PE beacon frame with updated information and thus maintain association with the PE AP.

For example, when the change sequence number 720 of fig. 7A indicates that BSS parameters have changed or are to be changed, these changes are indicated in the beacon update 730. As shown in fig. 7B, beacon update 730 may include change information 770 and other elements 780. The change information 770 may include a Beacon Change Mode (BCM) 772 and a group address set change (GSC) 774, as shown in tables 5 and 6, respectively, below.

Table 5: beacon Change Mode (BCM)

Table 6: group address set change (GSC)

Group address set change (GSC) value	Purpose(s)
		0	No change, no new profile
1	Adding new profiles
		2-3	Reservation of

The value of BCM and/or GSC affects the information included in other element 780 as shown in table 7.

Table 7: information beacon reception parameters for beacon update

Fig. 9A illustrates an example 900 of a discovery beacon in accordance with some embodiments of the disclosure. Example 900 may include a MAC header 910, a country/transmit power envelope 915, a Reduced Neighbor Report (RNR) 920, and a management Message Integrity Check (MIC) element (MME) 925. An AP (e.g., AP 110 or PE AP) may send a discovery beacon to advertise a PE BSS. As described above, in some embodiments, MAC header 910 may include an extension type (e.g., 11) and subtype (e.g., 0011) that enable PE STAs to identify discovery beacons (e.g., using a random ID and checksum ID). The fields of example 900 are described in table 8 below. In some embodiments, the STA may ignore the MME 925 if the STA does not set a Beacon Integrity Group Temporary Key (BIGTK) with the transmitting AP. The MME 925 is a hashed checksum that may be used to detect the integrity of the discovery beacon. If the MME calculated from the PE beacon frame content matches the MME transmitted in the PE beacon frame, the receiver knows that the femto encrypted portion of the PE beacon frame has not been altered by an attacker.

Table 8: discovery of exemplary information in beacons

Fig. 9B illustrates an example of a PE discovery beacon frame format 930 of PE BSS information having multiple PE BSSs according to some embodiments of the disclosure. For purposes of illustration and not limitation, FIG. 9B may be described with reference to elements of other figures in the disclosure. For example, the PE discovery beacon frame format of example 930 may correspond to broadcast PE beacon frame 545 or broadcast PE beacon frame 585 of fig. 5. A problem with the example 900 of fig. 9A is that if the RNR 920 includes two or more PE BSSs, an attacker may be able to track discovery beacon transmitters because the RNR 920 is transmitted unencrypted. In the encrypted PE beacon frame of example 700, RNR 750 is encrypted when transmitted via a single PE BSS. Encrypted PE beacon frame tracking is complex because only the MAC header 710 is unprotected (e.g., not encrypted) and the associated field values (e.g., random ID and checksum ID) may change. In addition, the PE AP may more easily change TSF with a single PE BSS.

The PE discovery beacon frame of example 930 may include a MAC header 935, a country/TX power envelope 940, a PE RNR 950, a plurality of PE BSSID elements 960, and an MME 970. The country/TX power envelope 940 and MME 970 may correspond to the country/TX power envelope 915 and MME 925 of fig. 9A. In some embodiments, the integrity protection may have a separate key, e.g., BIGTK key 2, provided to the associated PE STA. If the integrity key is not known, the PE STA ignores the MME 970.

As described above, the MAC header 935 may include information that allows the PE STA to determine that the PE beacon frame is a type and subtype of a PE discovery beacon frame. In addition, the MAC header 935 may include a corresponding random ID and checksum ID to allow a receiver (e.g., PE STA) to discover the PE AP of the PE discovery beacon frame of transmission example 930.

In some embodiments, PE RNR 950 is a non-encryption element that may include information of legacy BSSs and PE BSSs in the same channel or other channels and corresponding sizes of PE BSS specific information sub-elements (e.g., for each PE BSS, corresponding sizes of PE BSS specific information 960-1 to 960-m are included in the order in which TBTT information 1030 is included in the RNR element).

Fig. 10A-10D illustrate examples of PE RNR 1010 element fields of unencrypted PE discovery beacons according to some embodiments of the present disclosure. For purposes of illustration and not limitation, fig. 10A-10D may be described with reference to elements of other figures in the disclosure. For example, the PE RNR element 1010 of FIG. 10A may be the same as PE RNR 950 of FIG. 9B. The PE RNR element 1010 may include neighbor legacy AP information and neighbor PE AP information, where the neighbor legacy AP and the neighbor PE AP are in the same channel. In example 1000, neighbor AP information 1015 corresponds to a neighbor PE AP. Neighbor AP information 1015 may include TBTT information header 1020 and TBTT information 1030. The TBTT information header 1020 is shown in fig. 10C. In some embodiments, TBTT information 1030 of fig. 10D includes a random ID 1032, a checksum ID 1034, and a PE MBSSID size 1036. The random ID 1032 and checksum ID 1034 may have sizes (e.g., 6-9 octets) as described above in table 1 and with respect to fig. 4A and 4B. PE MBSSID size 1036 describes the size of the corresponding PE BSS specific information (e.g., PE BSS specific information 960-1) of fig. 9B. As described above, a PE STA receiving a PE RNR 950 that is unencrypted in transmission may use the random ID 1032 and checksum ID 1034 to discover a corresponding neighboring PE AP (of the PE discovery beacon of transmission example 930). In addition, the PE STA may use the PE MBSSID size 1036 to obtain encryption information specific to the PE BSS corresponding to the neighbor AP information 1015.

Returning to fig. 9B, the encryption information of PE BSS specific information 960 of example 930 is described below in table 9.

Table 9: PE BSS specific information for PE discovery beacon frames

P56962USP1

In some embodiments, the beacon update elements as shown in table 7 may include elements of the beacon update 730 of fig. 7B (e.g., a beacon update control field) also shown in tables 5 and 6. The beacon update element provides information of possible changes in PE beacon frame content or transmission timing. The goal of the corresponding element is that the PE STA is able to receive the PE beacon with minimal power consumption (e.g., the receiver may minimize channel listening and computation in PE beacon reception).

Fig. 11A illustrates an example 1100 of a legacy beacon according to some embodiments of the present disclosure. The AP may transmit legacy beacons at Target Legacy Beacon Transmission Times (TLBTTs) 1110a, 1110b, 1110c, and 1110 d. The TLBTT may be equal to a Sequence Number (SN) beacon interval, where the beacon interval 1120 may be equal to 100 Time Units (TUs) (e.g., 102.4 ms).

The associated STA receives the beacon frame to maintain the AP operating parameters and detects the availability of buffered DL frames from the beacon frame. Passive scanning is based on a fixed beacon duration. The passively scanning STA selects the duration of the channel and listens to ensure that at least one beacon frame transmission is received during the listening interval, e.g., a scan time of about 110ms at the channel. Some passive scanning enhancements transmit frames more frequently (unsolicited probe responses) to make BSSs easier to discover and reduce active scanning. An attacker may use a fixed beacon transmission interval to track the AP. Some embodiments provide privacy enhancement by using random beacon transmission intervals to make PE AP tracking more challenging and complex.

Fig. 11B illustrates an example 1130 of randomization of PE beacon transmission periods in accordance with some embodiments of the disclosure. Some embodiments include determining a Target PE Beacon Transmission Time (TPBTT) 1140a-1140d based on a beacon interval (e.g., beacon interval 1145a-1145 d) plus a corresponding random time offset 1155 (e.g., corresponding random time offset 1155a-1155 d) of the SN X. The time interval may be settable and may include a default value (e.g., per 100 TUs). The size of the PE beacon randomization window (e.g., 1150a-1150 d) may also be configured and may be set to default (e.g., 50 TUs, or 20% of the beacon transmission interval (e.g., 20% of 100 TUs)).

In some embodiments, TPBTT can be determined as follows:

tpbtt=sn beacon interval+maximum random time offsethash (SN, salt), where random time offsethash has the value [ -0.5, +0.5]

The salt may be stored by the PE STA. Each associated STA may calculate a random offset 1155 and determine the next TPBTT. If the channel is busy during TPBTT, the actual beacon transmission time may be delayed. The PE AP beacon randomization implementation does not make changes to the TSF.

As shown in example 1130, the randomization added to PE beacon transmissions makes it more difficult for an attacker to track TPBTTs 1110a-1100d than the TLBTTs 1140a-1140d of example 1100. Assuming a default PE beacon transmission interval of 100TU and a default PE beacon randomization window of 50TU, the passive scan time 1160 for receiving PE beacons in the channel may be: 110ms + maximum random time = 160ms. The listening time may be longer than the beacon interval to have some tolerance for delayed beacon transmissions. For example, the channel may be busy at the TBTT, so the beacon may be transmitted after the channel is idle again. As an example, for a 2.4GHz band with 3 non-overlapping channels, the corresponding passive scan time for the 3 non-overlapping channels may be 480ms (e.g., 3 channels 160 ms=480 ms).

Fig. 12 illustrates an example method 1200 for a PE STA to utilize a PE beacon frame, according to some embodiments of the disclosure. For purposes of illustration and not limitation, FIG. 12 may be described with reference to elements of other figures in the disclosure. For example, method 1200 may be performed by PE STA 130 and/or PE STA 170 of fig. 1 or system 200 of fig. 2.

At 1205, PE STA 170 may select a received beacon. For example, if a PE STA has acquired a unicast DL frame, the PE STA may wake up the next PE beacon to check if more DL frames are coming. If no DL frame is received, the PE STA may wake up to receive the next set of addressed frames, or the PE STA may save power and wake up again only for PE beacons transmitted after a long time. If the PE STA is a multi-link device, the PE STA may only wake up to receive PE beacons in one of the links in the plurality of links.

At 1210, PE STA 170 may calculate a Target PE Beacon Transmission Time (TPBTT) for the beacon.

At 1215, PE STA 170 may configure PE beacon parameters (e.g., random ID and checksum ID) to receive.

At 1220, the PE STA 170 may wake up before the selected and calculated TPBTT.

At 1225, PE STA 170 may receive the partial PE beacon frame, at least the MAC header, and change sequence number 720.

At 1230, PE STA 170 determines whether the MAC header of the received PE beacon frame satisfies the configured beacon parameters (e.g., the random ID and checksum ID substantially match the random ID and checksum ID from the configuration of the beacon update elements as listed in table 7). When a received parameter (e.g., element) matches a configured PE beacon parameter and the changed sequence number of the PE beacon frame matches the saved changed sequence number of the last received PE beacon frame, then the receiver knows that the BSS parameter has not changed. Thus, the receiver may not need to receive and parse the remainder of the PE beacon frame field, or the receiver may parse only selected elements like the TIM. If the change sequence number does not match the saved value, the PE STA receives a complete PE beacon frame (e.g., the remainder of the PE beacon frame).

The received PE beacon frame may not be for the PE STA (e.g., the MAC header of the PE beacon frame does not meet the configured beacon parameters) and the PE STA may continue to receive and attempt to receive the PE beacon frame. Method 1200 returns to 1225.

In some examples, the PE STA may stop receiving PE beacon frames and consider the PE beacon frames to be lost. The method 1200 then proceeds to 1235. In this case, the STA selects the next PE beacon 1205 to receive. If the received PE beacon frame is for a PE STA, method 1200 proceeds to 1240.

At 1235, when the configured PE beacon parameters are not satisfied, the PE STA 170 returns to the sleep state and the method 1200 returns to 1205.

At 1240, when the configured PE beacon parameters are met, PE STA 170 determines whether buffered DL frames are of interest (e.g., based on TIM or whether a change sequence number indicates a pending change). When the PE STA 170 is not interested in the buffered DL frame, the method 1200 returns to 1235. Otherwise, the method 1200 proceeds to 1245.

At 1245, PE STA 170 receives the buffered DL frame.

Fig. 13 illustrates an exemplary method 1300 for a PE AP to utilize PE beacon frames according to some embodiments of the present disclosure. For purposes of illustration and not limitation, FIG. 13 may be described with reference to elements of other figures in the disclosure. For example, method 1300 may be performed by AP 110, PE AP 114, and/or PE AP 160 of fig. 1 or system 200 of fig. 2.

At 1310, PE AP 160 may be associated with a Privacy Enhanced (PE) Station (STA).

At 1320, PE AP 160 may configure a PE beacon frame that includes a random ID and a checksum ID corresponding to PE AP 160.

At 1330, PE AP 160 may transmit a PE beacon frame according to a Target PE Beacon Transmission Time (TPBTT).

At 1340, PE AP 160 may determine whether the PE beacon frame includes a plurality of PE BSSIDs. When a PE beacon frame (e.g., PE discovery beacon frame) includes multiple PE BSSIDs, method 1300 proceeds to 1350. Otherwise, method 1300 proceeds to 1360.

At 1350, PE AP 160 includes an unencrypted PE Reduced Neighbor Report (RNR) in the PE discovery beacon frame, where the PE RNR includes a neighbor random ID, a neighbor checksum ID, and a corresponding PE multi-basic service set ID (MBSSID) size corresponding to the encrypted neighbor PE BSS specific information field. The PE AP repeats BSS information added to the PE RNR and PE BSS specific information of each BSS, which is added to the PE discovery beacon frame.

At 1360, PE AP 160 includes an encrypted change sequence number adjacent to the MAC header field (e.g., PE AP transmits an encrypted PE beacon frame).

Fig. 15A illustrates an example system 1500 supporting legacy beacon frames carrying PE BSS information in accordance with some embodiments of the present disclosure. The exemplary system 1500 includes a legacy STA-compatible (LSC) AP 1510 having a BSS with an SSID (e.g., a "coffee shop"). LSC AP 1510 may be associated with legacy STA 1520 and PE STA 1530 and LSC AP 1510 may access network 1555. For purposes of illustration and not limitation, fig. 15A may be described with reference to elements of other figures in the disclosure. For example, network 1555 may be the same as network 150 of fig. 1, and PE STA 1530 may correspond to PE STA 130 or PE STA 170 of fig. 1. LSC AP 1510 is not suitable for use cases where AP privacy is required, such as mobile APs or APs in automobiles. Although LSC AP 1510 privacy cannot be improved, LSC AP 1510 may include privacy enhancement for PE STA 1530.

Fig. 15B illustrates an example 1530 of a legacy beacon format with PE BSS information, according to some embodiments of the present disclosure. For purposes of illustration and not limitation, FIG. 15B may be described with reference to elements of other figures in the disclosure. For example, PE RNR 1550 may correspond to PE RNR 950 of fig. 9B, and RNR 1580 may correspond to RNR 750 of fig. 7A, respectively. Example 1530 includes legacy BSS information 1540 and PE RNR 1550 includes information having a size of a PE BSS specific information subelement (e.g., for each PE BSS, a corresponding size of PE BSS specific information 1560-1 through 1560-M is included).

Various embodiments may be implemented, for example, using one or more well-known computer systems, such as computer system 1400 shown in fig. 14. Computer system 1400 can be any well-known computer capable of performing the functions described herein. For example, and without limitation, AP 110, PE AP 114, PE STA 130, PE AP 160, PE STA 170 of fig. 1, PE STA 1530, LSC AP 1510 of fig. 15, system 200 of fig. 2, method 1200 of fig. 12, method 1300 of fig. 14 (and/or other devices and/or components shown in the figures) may be implemented using computer system 1400 or portions thereof.

Computer system 1400 includes one or more processors (also referred to as central processing units or CPUs), such as processor 1404. The processor 1404 is connected to a communication infrastructure 1406, which may be a bus. The one or more processors 1404 may each be a Graphics Processing Unit (GPU). In an embodiment, the GPU is a processor designed to handle dedicated electronic circuits for mathematically intensive applications. GPUs may have efficient parallel structures for parallel processing of large data blocks, such as computer graphics applications, graphics, video, and so forth, general-purpose, mathematically intensive data.

Computer system 1400 also includes a user input/output device 1403, such as a monitor, keyboard, pointing device, and the like, that communicates with communication infrastructure 1406 via user input/output interface 1402. Computer system 1400 also includes a main memory or primary storage 1408, such as Random Access Memory (RAM). Main memory 1408 may include one or more levels of cache. Main memory 1408 has stored therein control logic components (e.g., computer software) and/or data.

Computer system 1400 may also include one or more secondary storage devices or memories 1410. Secondary memory 1410 may include, for example, a hard disk drive 1412 and/or a removable storage device or drive 1414. Removable storage drive 1414 may be a floppy disk drive, a magnetic tape drive, an optical disk drive, an optical storage device, a magnetic tape backup device, and/or any other storage device/drive.

Removable storage drive 1414 may interact with a removable storage unit 1418. Removable storage unit 1418 includes a computer usable or readable storage device having stored therein computer software (control logic means) and/or data. Removable storage unit 1418 may be a floppy disk, magnetic tape, optical disk, DVD, optical storage disk, and/or any other computer data storage device. The removable storage drive 1414 reads from and/or writes to a removable storage unit 1418 in a well known manner.

According to some embodiments, secondary memory 1410 may include other means, tools, or other methods for allowing computer programs and/or other instructions and/or data to be accessed by computer system 1400. Such means, tools, or other methods may include, for example, a removable storage unit 1422 and an interface 1420. Examples of removable storage unit 1422 and interface 1420 can include a program cartridge and cartridge interface (such as that found in video game devices), a removable memory chip (such as an EPROM or PROM) and associated socket, a memory stick and USB port, a memory card and associated memory card slot, and/or any other removable storage unit and associated interface.

Computer system 1400 may also include a communication or network interface 1424. The communications interface 1424 enables the computer system 1400 to communicate and interact with any combination of remote devices, remote networks, remote entities, etc. (referenced individually and collectively by reference numeral 1428). For example, the communication interface 1424 may allow the computer system 1400 to communicate with remote devices 1428 via a communication path 1426, which may be wired and/or wireless, and may include any combination of LANs, WANs, the internet, and the like. The control logic and/or data can be transferred to and from computer system 1400 via communications path 1426.

The operations in the foregoing embodiments may be implemented in a wide variety of configurations and architectures. Thus, some or all of the operations in the foregoing embodiments may be performed in hardware, software, or in both hardware and software. In some embodiments, a tangible, non-transitory apparatus or article of manufacture comprises a tangible, non-transitory computer-usable or readable medium having stored thereon control logic means (software), also referred to herein as a computer program product or program storage device. This includes, but is not limited to, computer system 1400, main memory 1408, secondary memory 1410, and removable storage units 1418 and 1422, as well as tangible articles of manufacture embodying any combination of the foregoing. Such control logic, when executed by one or more data processing devices (such as computer system 1400), causes such data processing devices to operate as described herein.

Based on the teachings contained in this disclosure, it will be apparent to a person skilled in the relevant art how to make and use embodiments of this disclosure using data processing devices, computer systems, and/or computer architectures other than those shown in FIG. 14. In particular, embodiments may operate with software, hardware, and/or operating system implementations other than those described herein.

It should be appreciated that the detailed description section, and not the summary and abstract sections, is intended to be used to interpret the claims. The summary and abstract sections may set forth one or more, but not all exemplary embodiments of the disclosure as contemplated by the inventors, and thus are not intended to limit the disclosure or the appended claims in any way.

Although the present disclosure has been described herein with reference to exemplary embodiments in the exemplary field and application, it should be understood that the present disclosure is not limited thereto. Other embodiments and modifications are possible and are within the scope and spirit of the present disclosure. For example, and without limiting the generality of this paragraph, embodiments are not limited to the software, hardware, firmware, and/or entities shown in the figures and/or described herein. Furthermore, embodiments (whether explicitly described herein or not) have significant utility for fields and applications beyond the examples described herein.

The implementations have been described herein with the aid of functional building blocks illustrating the implementation of specific functions and relationships thereof. For ease of description, the boundaries of these functional building blocks have been arbitrarily defined herein. Alternate boundaries may be defined so long as the specified functions and relationships (or equivalents thereof) are appropriately performed. Furthermore, alternative embodiments may use orders that differ from those described herein for performing the functional blocks, steps, operations, methods, and the like.

References herein to "one embodiment," "an example embodiment," or similar phrases indicate that the embodiment described may include a particular feature, structure, or characteristic, but every embodiment may not necessarily include the particular feature, structure, or characteristic. Also, such phraseology and terminology does not necessarily refer to the same embodiment. Furthermore, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the knowledge of one skilled in the relevant art to effect such feature, structure, or characteristic in connection with other embodiments whether or not explicitly described herein.

The breadth and scope of the present disclosure should not be limited by any of the above-described exemplary embodiments, but should be defined only in accordance with the following claims and their equivalents.

The present disclosure contemplates that entities responsible for collecting, analyzing, disclosing, transmitting, storing, or otherwise using such personal information data will adhere to established privacy policies and/or privacy practices. In particular, such entities should exercise and adhere to privacy policies and practices that are recognized as meeting or exceeding industry or government requirements for maintaining the privacy and security of personal information data. Such policies should be readily accessible to the user and should be updated as the collection and/or use of the data changes. Personal information from users should be collected for legal and reasonable use by entities and not shared or sold outside of these legal uses. Furthermore, such collection/sharing should only be after receiving user informed consent. In addition, such entities should consider taking any necessary steps to defend and secure access to such personal information data and to ensure that others who have access to personal information data adhere to their privacy policies and procedures. In addition, such entities may subject themselves to third party evaluations to prove compliance with widely accepted privacy policies and practices. In addition, policies and practices should be adjusted to collect and/or access specific types of personal information data and to suit applicable laws and standards including specific considerations of jurisdiction. For example, in the united states, the collection or acquisition of certain health data may be governed by federal and/or state law, such as the health insurance transfer and liability act (HIPAA); while health data in other countries may be subject to other regulations and policies and should be processed accordingly. Thus, different privacy practices should be maintained for different personal data types in each country.

Claims (20)

1. A Privacy Enhanced (PE) Station (STA), comprising:

a transceiver; and

a processor communicatively coupled to the transceiver and configured to:

receiving, via the transceiver, a PE beacon frame including a Medium Access Control (MAC) header, the MAC header including a first random Identifier (ID) and a first checksum ID;

determining that the first random ID and the first checksum ID satisfy configured beacon parameters; and

in response to the determination, the PE beacon frame is processed.

2. The PE STA of claim 1, wherein the MAC header includes an extended type and subtype corresponding to an encrypted PE beacon frame or PE discovery beacon frame.

3. The PE STA of claim 2 wherein the MAC header further comprises a broadcast address.

4. The PE STA of claim 2, wherein the first random ID comprises at least 8 octets.

5. The PE STA of claim 1, wherein the first random ID and the first checksum ID correspond to an affiliated PE Access Point (AP) of a PE AP multi-link device (MLD), and wherein to identify the PE AP MLD, the processor is further configured to:

selecting an AP MLD ID of the PE AP MLD;

Determining a checksum value using the AP MLD ID and the first random ID; and

determining whether the first checksum ID satisfies the checksum value.

6. The PE STA of claim 1, wherein an encrypted change sequence number is adjacent to the MAC header in the PE beacon frame, and wherein the processor is further configured to:

determining whether the change sequence number has changed from a previous PE beacon frame; and

when the change sequence number has changed, the reception of one or more remaining portions of the PE beacon frame is terminated.

7. The PE STA of claim 1, wherein the processor is further configured to:

associated with a PE AP; and

one or more elements of a PE Basic Service Set (BSS) corresponding to the PE AP are determined to be updated.

8. The PE STA of claim 7, wherein the one or more elements of the PE BSS comprise a number of Target Beacon Transmission Times (TBTTs) until an updated second PE beacon frame comprising the one or more elements is received.

9. The PE STA of claim 1, wherein the PE beacon frame includes a non-encryption Reduced Neighbor Report (RNR) element including a second random ID, a second checksum ID, and a PE multi-basic service set ID (MBSSID) size corresponding to a neighbor PE Access Point (AP).

10. The PE STA of claim 9, wherein the PE MBSSID size corresponds to a size of encrypted PE BSS information of the neighbor PE AP.

11. The PE STA of claim 10, wherein the encrypted PE BSS information includes a second RNR to maintain one or more links of a PE AP MLD with at least one other neighbor PE AP affiliated with the PE AP MLD.

12. The PE STA of claim 1, wherein the processor is further configured to: a Target PE Beacon Transmission Time (TPBTT) is determined that includes a random time offset from a Target Beacon Transmission Time (TBTT), wherein the TPBTT does not change a Timing Synchronization Function (TSF) timer corresponding to a PE Access Point (AP) transmitting the PE beacon frame.

13. The PE STA of claim 12 wherein the TPBTT occurs during a PE beacon randomization window duration based on a percentage of the TBTT.

14. A Privacy Enhanced (PE) Access Point (AP), comprising:

a transceiver; and

a processor communicatively coupled to the transceiver and configured to:

configuring a PE beacon frame including a Medium Access Control (MAC) header including a first random Identifier (ID) and a first checksum ID corresponding to the PE AP, wherein the MAC header includes an extended type and a subtype corresponding to an encrypted PE beacon or PE discovery beacon; and

The PE beacon frame is transmitted via the transceiver at a Target PE Beacon Transmission Time (TPBTT).

15. The PE AP of claim 14 wherein the TPBTT is based at least in part on a random time offset from a Target Beacon Transmission Time (TBTT), wherein the TPBTT does not change a Timing Synchronization Function (TSF) timer of the PE AP.

16. The PE AP of claim 14 wherein the PE beacon frame includes a non-encryption Reduced Neighbor Report (RNR) element including a second random ID, a second checksum ID, and a PE multi-basic service set ID (MBSSID) size corresponding to a neighbor PE Access Point (AP), wherein the PE MBSSID size corresponds to a size of encrypted PE BSS information of the neighbor PEAP.

17. A method for a Privacy Enhanced (PE) Station (STA), comprising:

receiving a PE beacon frame including a Medium Access Control (MAC) header, the MAC header including a first random Identifier (ID) and a first checksum ID;

determining that the first random ID and the first checksum ID satisfy configured beacon parameters; and

in response to the determination, the PE beacon frame is processed.

18. The method of claim 17, wherein the first random ID and the first checksum ID correspond to an affiliated PE Access Point (AP) of a PE AP multi-link device (MLD), wherein to identify the PE AP MLD, the method further comprises:

Selecting an AP MLD ID of the PE AP MLD;

determining a checksum value using the AP MLD ID and the first random ID; and

determining whether the first checksum ID satisfies the checksum value.

19. The method of claim 17, wherein an encrypted change sequence number is adjacent to the MAC header, the method further comprising:

determining whether the change sequence number has changed from a previous PE beacon frame; and

when the change sequence number has changed, the reception of the remainder of the PE beacon frame is terminated.

20. The method of claim 17, further comprising:

associated with a PE AP; and

one or more elements of a PE Basic Service Set (BSS) corresponding to the PE AP are determined to be updated.