TWI794881B - Wireless communication method and apparatus for multi-link - Google Patents
Wireless communication method and apparatus for multi-link Download PDFInfo
- Publication number
- TWI794881B TWI794881B TW110125799A TW110125799A TWI794881B TW I794881 B TWI794881 B TW I794881B TW 110125799 A TW110125799 A TW 110125799A TW 110125799 A TW110125799 A TW 110125799A TW I794881 B TWI794881 B TW I794881B
- Authority
- TW
- Taiwan
- Prior art keywords
- mld
- fils
- link
- key
- sta
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/11—Allocation or use of connection identifiers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/15—Setup of multiple wireless link connections
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
本發明涉及無線通信,更具體地,涉及無線通信中在多鏈路操作(multi-link operation)中的超高輸送量(extreme-high-throughput,EHT)快速初始鏈路建立(fast initial link setup,FILS)支持。The present invention relates to wireless communication, and more particularly, to an extreme-high-throughput (EHT) fast initial link setup in multi-link operation (multi-link operation) in wireless communication , FILS) support.
除非在本文中另外指示,否則本部分中描述的方法不是對於列出申請專利範圍的現有技術,並且不因包含在該部分中而被承認是現有技術。Unless otherwise indicated herein, the approaches described in this section are not prior art to the claims claimed and are not admitted to be prior art by inclusion in this section.
在無線局域網(wireless local area network,WLAN)中,站(STA)需要首先發現存取點(access point,AP)以與AP建立通信(例如,發送和接收資料)。在當前的電氣和電子工程師協會(Institute of Electrical and Electronics Engineers,IEEE) 802.11規範下,AP可以廣播FILS發現信標,便於促進STA在通信範圍內發現AP以建立與AP的通信鏈路。鏈路建立通常包括發現(discovery)過程、認證(authentication)過程和關聯(association)過程。在已知的過程中使用了FILS發現訊框(discovery frame)。然而,當AP是AP多鏈路設備(multi-link device,MLD)和/或STA是STA MLD時,需要對如當前定義的FILS發現訊框進行一些修改,以便支持多鏈路操作。例如,對於AP MLD,雖然AP MLD中的AP具有其自己的服務集識別字(service set identifier,SSID),但AP MLD可以具有與AP的SSID不同的MLD級(MLD-level)SSID。因此,當前定義的FILS發現訊框需要被修改以指示此類資訊。此外,需要對當前的IEEE規範進行一些修改,以在多鏈路操作中支持EHT FILS。In a wireless local area network (wireless local area network, WLAN), a station (STA) needs to first discover an access point (access point, AP) to establish communication (eg, send and receive data) with the AP. Under the current Institute of Electrical and Electronics Engineers (Institute of Electrical and Electronics Engineers, IEEE) 802.11 specification, an AP can broadcast a FILS discovery beacon, so as to facilitate STAs to discover the AP within a communication range to establish a communication link with the AP. Link establishment usually includes discovery (discovery) process, authentication (authentication) process and association (association) process. The FILS discovery frame (discovery frame) is used in a known process. However, when the AP is an AP multi-link device (MLD) and/or the STA is a STA MLD, some modifications need to be made to the FILS discovery frame as currently defined in order to support multi-link operation. For example, for the AP MLD, although the AP in the AP MLD has its own service set identifier (service set identifier, SSID), the AP MLD may have an MLD-level (MLD-level) SSID different from the SSID of the AP. Therefore, the currently defined FILS discovery frames need to be modified to indicate such information. Additionally, some modifications to the current IEEE specification are required to support EHT FILS in multilink operation.
以下發明內容僅是例示性的,並且不旨在以任何方式限制。即,提供以下發明內容以引入這裡所描述的新穎且非明顯技術的概念、亮點、益處以及優點。下面詳細的描述中進一步描述了選擇的實現方式。因此,以下發明內容不旨在識別所要求保護主題的必要特徵,也不旨在用於確定所要求保護主題的範圍。The following summary is exemplary only and is not intended to be limiting in any way. That is, the following summary is provided to introduce the concepts, highlights, benefits and advantages of the novel and non-obvious technologies described herein. Selected implementations are further described in the detailed description below. Accordingly, the following summary is not intended to identify essential features of the claimed subject matter, nor is it intended for use in determining the scope of the claimed subject matter.
本發明的目的是提供與無線通信中的多鏈路操作中的EHT FILS支援有關的方案、概念、設計、技術、方法和裝置。在根據本發明的各種提出方案下,可以解決這裡描述的問題。The object of the present invention is to provide solutions, concepts, designs, techniques, methods and devices related to EHT FILS support in multi-link operation in wireless communication. Under various proposals according to the invention, the problems described here can be solved.
在一個方面,提供了一種多鏈路的無線通信方法,其包括:執行快速初始鏈路建立(FILS) 過程,以在多個鏈路上在存取點(AP)多鏈路設備(MLD)和非AP站STA MLD 之間建立無線通信;以及在完成所述 FILS 過程後,通過所述多個鏈路中的一個或多個鏈路進行通信。其中,在所述FILS過程中發送的FILS發現訊框指示所述AP MLD的服務集識別字SSID與所述AP MLD中的多個AP中發送所述FILS發現訊框的AP的SSID是否不同。In one aspect, a multi-link wireless communication method is provided, which includes: performing a Fast Initial Link Establishment (FILS) procedure to establish an access point (AP) multi-link device (MLD) and Establishing wireless communication between the non-AP stations STA MLD; and performing communication through one or more links in the plurality of links after completing the FILS process. Wherein, the FILS discovery frame sent in the FILS process indicates whether the SSID of the AP MLD is different from the SSID of the AP that sends the FILS discovery frame among multiple APs in the AP MLD.
在另一方面,提供了一種多鏈路的無線通信裝置,包括被配置為進行無線通信的收發器以及耦接到收發器的處理器。並且處理器被配置為執行如下操作:經由所述收發器執行FILS過程,以在多個鏈路上在AP MLD和非AP STA MLD 之間建立無線通信;以及在完成所述 FILS 過程後,經由所述收發器在所述多個鏈路中的一個或多個鏈路上進行通信。其中,在所述FILS過程中發送的FILS發現訊框指示所述AP MLD的SSID與所述AP MLD的多個AP中發送所述FILS發現訊框的AP的SSID是否不同。In another aspect, a multi-link wireless communication apparatus is provided that includes a transceiver configured for wireless communication and a processor coupled to the transceiver. And the processor is configured to perform the following operations: execute a FILS procedure via the transceiver to establish wireless communication between the AP MLD and the non-AP STA MLD on multiple links; and after completing the FILS procedure, via the The transceiver communicates over one or more of the plurality of links. Wherein, the FILS discovery frame sent in the FILS process indicates whether the SSID of the AP MLD is different from the SSID of the AP sending the FILS discovery frame among the multiple APs of the AP MLD.
通過本發明,可以實現無線通信中在多鏈路操作(multi-link operation)中的超高輸送量(extreme-high-throughput,EHT)快速初始鏈路建立(fast initial link setup,FILS)支持。Through the present invention, support for fast initial link setup (FILS) in multi-link operation (extreme-high-throughput, EHT) in wireless communication can be realized.
值得注意的是,儘管這裡提供的描述可以在某些無線電存取技術、網路和網路拓撲(例如Wi-Fi)的背景下,例如長期演進(Long-Term Evolution,LTE)、LTE-A、LTE-A Pro、5G、新無線電(New Radio,NR)、物聯網(Internet-of-Things,IoT)、窄帶物聯網(Narrow Band Internet of Things,NB-IoT)和工業物聯網(Industrial Internet of Things,IIoT),所提出的概念、方案及其任何變體/衍生物可以在、用於和通過其他類型的無線電接入技術、網路和網路拓撲實現。因此,本發明的範圍不限於本文描述的示例。It is worth noting that while the description provided here can be made in the context of certain radio access technologies, networks and network topologies (e.g. Wi-Fi), e.g. Long-Term Evolution (LTE), LTE-A , LTE-A Pro, 5G, New Radio (New Radio, NR), Internet-of-Things (IoT), Narrow Band Internet of Things (NB-IoT) and Industrial Internet of Things (Industrial Internet of Things, IIoT), the proposed concepts, solutions and any variants/derivatives thereof can be implemented in, for and through other types of radio access technologies, networks and network topologies. Accordingly, the scope of the present invention is not limited to the examples described herein.
這裡公開了所要求保護主題內容的詳細實施例和實現方式。然而,應當理解,公開的詳細實施例和實現方式僅為了示例體現為各種形式的所要求保護的主題內容。然而本發明可以體現為多種不同形式,不應理解為僅限於示例的實施例和實現方式。提供這些示例的實施例和實現方式以使得本發明的描述全面且完整並且能夠向本領域習知技藝者全面傳遞本發明的範圍。在下面的描述中,省略了已知特徵和技術的細節,以避免不必要地使得本發明的實施例和實現方式變得模糊。 概述 Detailed embodiments and implementations of the claimed subject matter are disclosed herein. It should be understood, however, that the detailed embodiments and implementations disclosed are merely illustrative of the various forms in which the claimed subject matter can be embodied. This invention may, however, be embodied in many different forms and should not be construed as limited to only the illustrated embodiments and implementations. These exemplary embodiments and implementations are provided so that this description of the present invention will be thorough and complete, and will fully convey the scope of the present invention to those skilled in the art. In the following description, details of known features and techniques are omitted to avoid unnecessarily obscuring the embodiments and implementations of the invention. overview
本發明的實現方式涉及與無線通信中在多鏈路操作中的EHT FILS支持有關的各種技術、方法、方案和/或解決方案。根據本發明,可以單獨地或聯合地實現許多可能的解決方案。也就是說,儘管可以在下面分別描述這些可能的解決方案,但是這些可能的解決方案中的兩個或更多個可以以一種組合或另一種組合的方式實現。Implementations of the present invention relate to various techniques, methods, schemes and/or solutions related to EHT FILS support in multi-link operation in wireless communications. According to the invention, many possible solutions can be realized individually or in combination. That is, although these possible solutions may be described separately below, two or more of these possible solutions may be implemented in one combination or another.
第1圖例示了示例網路環境100,其中可以實現根據本發明的各種解決方法和方案。第2圖至第12圖例示了根據本發明的在網路環境100中的各種所提出方案的實現方式的示例。參考第1圖至第12圖提供了各種所提出方案的以下描述。Figure 1 illustrates an
參考第1圖,網路環境100可以包括STA 110和STA 120,STA 110和STA 120可以根據諸如IEEE 802.11be 及更高版本的一個或多個IEEE 802.11標準,在多個鏈路(例如,鏈路1、鏈路2和鏈路3)上無線地通信。STA 110和STA 120中的每一個都可以用作MLD。例如,STA 110可以用作非AP MLD,其具有在STA 110內操作的多個虛擬STA(例如,STA 1、STA 2和STA 3)。相應地,STA 120可以用作AP MLD,其具有在STA 120內操作的多個虛擬AP(例如,AP 1、AP 2和AP 3)。在根據本發明的各種所提出方案下,STA 110和STA 120可以被配置為根據此處描述的各種所提出方案,執行無線通信中的在多鏈路操作中的EHT FILS支持。Referring to FIG. 1,
第2圖例示了在根據本發明的所提出方案下FILS發現訊框的示例設計200。參考第2圖的(A)部分,FILS 發現訊框可以包括各種資訊欄位,其中各種資訊欄位包括FILS發現資訊(FILS Discovery Information)欄位。參考第2圖的(B)部分,在FILS發現資訊欄位的各個資訊子欄位中,存在一個FILS 發現能力(FILS Discovery (FD) Capability)子欄位。FD能力子欄位可以包括若干子欄位,包括多鏈路存在指示符(Multiple Links Presence Indicator)子欄位,其可以指示發送FILS發現訊框的AP(例如,STA 120)是否作為AP MLD的一部分支持多鏈路操作。例如,多鏈路存在指示符子欄位可以設置為 1,以指示在信標和探測回應訊框(Beacon and Probe Response frame)中存在多鏈路元素(Multiple Links element)。另一方面,多鏈路存在指示符子欄位可以被設置為0,以指示在信標和探測回應訊框中不存在多鏈路元素。FIG. 2 illustrates an
第3圖例示了在根據本發明所提出方案下的FD能力子欄位的示例設計300。參考第3圖,FD 能力子欄位可以包括多個子欄位,其中包括多鏈路存在指示符子欄位。在提出的方案下,當FILS發現資訊欄位的FD 能力子欄位中的多鏈路存在指示符子欄位被設置為1並且AP MLD具有與發送該FILS發現訊框的AP(例如,STA 120的AP1、AP2或AP3)的SSID不同的AP MLD SSID,則FILS 發現資訊欄位還可以包括短MLD SSID子欄位,如第2圖的部分(B)所示。短 MLD SSID 子欄位可以包含 AP MLD 的 4 個八位元組的短SSID(例如,如 IEEE 規範的第 9.4.2.170 節(Reduced Neighbor Report element)中所定義的)。FIG. 3 illustrates an
在根據本發明的關於高層協議(higher-layer protocol,HLP)封裝(encapsulation)的提出方案下,FILS HLP容器(Container)元素可以用於封裝HLP封包。在提出的方案下,在非AP STA MLD(例如,STA 110)使用HLP封裝的情況下,非AP STA MLD可以為每個HLP封包構造FILS HLP容器元素。非AP STA MLD然後可以將多個FILS HLP容器元素放入關聯(或重新關聯)請求訊框(Association (or Reassociation) Request frame)中,只要它們適合媒體存取控制(Medium Access Control,MAC)管理協定資料單元(MAC Management Protocol Data Unit,MMPDU)的大小限制。FILS HLP 容器元素中的 HLP 封包可以包含任何 MAC 服務資料單元 (MAC Service Data Unit,MSDU) 格式(例如,如 IEEE 規範的第 5.1.4 節(MSDU format)中所定義的)。在所提出的方案下,封裝過程可以涉及非AP STA MLD用目的地MAC地址、HLP封包的源MAC地址和MSDU格式的HLP封包填充一個或多個FILS HLP容器元素。源MAC地址可以是非AP STA MLD的MLD MAC地址。封裝過程還可以涉及非 AP STA MLD將 FILS HLP 容器元素包括到關聯(或重新關聯)請求訊框中。Under the proposed solution on higher-layer protocol (higher-layer protocol, HLP) encapsulation (HLP) encapsulation according to the present invention, the FILS HLP container (Container) element can be used to encapsulate the HLP package. Under the proposed scheme, where a non-AP STA MLD (eg, STA 110) uses HLP encapsulation, the non-AP STA MLD can construct a FILS HLP container element for each HLP packet. The non-AP STA MLD can then place multiple FILS HLP container elements into an Association (or Reassociation) Request frame as long as they are suitable for Medium Access Control (MAC) management The size limit of the protocol data unit (MAC Management Protocol Data Unit, MMPDU). An HLP packet within a FILS HLP container element MAY contain any MAC Service Data Unit (MSDU) format (eg, as defined in Section 5.1.4 (MSDU format) of the IEEE specification). Under the proposed scheme, the encapsulation process may involve the non-AP STA MLD filling one or more FILS HLP container elements with the destination MAC address, the source MAC address of the HLP packet, and the HLP packet in MSDU format. The source MAC address may be the MLD MAC address of the non-AP STA MLD. The encapsulation process may also involve the non-AP STA MLD including the FILS HLP container element into the association (or reassociation) request frame.
在所提出的方案下,在AP MLD(例如,STA 120)接收到包括FILS HLP容器元素的關聯(或重新關聯)請求訊框的情況下,AP MLD可以解封裝(decapsulate)HLP封包,但是在成功完成金鑰確認(key confirmation)(例如,如 IEEE 規範的第 12.12.2.6 節(Key confirmation with FILS authentication)中定義的)之前,不會傳送 HLP 封包。金鑰確認成功後,AP MLD可以根據HLP封包的目的地MAC地址,將HLP封包轉發給上游網路(upstream network)或基本服務集(basic service set,BSS)。轉發 HLP 封包的順序可以與關聯(或重新關聯)請求訊框中 FILS HLP 容器元素的順序相同。如果金鑰確認失敗,AP MLD可以丟棄HLP封包,AP MLD也可以根據一定的規則來過濾HLP封包。Under the proposed scheme, in case the AP MLD (e.g., STA 120) receives an association (or re-association) request frame including a FILS HLP container element, the AP MLD can decapsulate the HLP packet, but in The HLP packet will not be transmitted until key confirmation (eg, as defined in Section 12.12.2.6 (Key confirmation with FILS authentication) of the IEEE specification) has been successfully completed. After the key confirmation is successful, the AP MLD can forward the HLP packet to the upstream network (upstream network) or basic service set (basic service set, BSS) according to the destination MAC address of the HLP packet. The order in which the HLP packets are forwarded can be the same as the order of the FILS HLP container elements in the associate (or reassociate) request frame. If the confirmation of the key fails, the AP MLD can discard the HLP packet, and the AP MLD can also filter the HLP packet according to certain rules.
在所提出的方案下,每個FILS HLP 容器元素的封包解封裝過程可以包括AP MLD從給定的FILS HLP 容器元素中提取目的地MAC地址、源MAC地址和HLP封包。然後,該過程可以包括AP驗證所提取的源MAC地址等於與關聯(或重新關聯)請求訊框的源MAC地址相關聯的非AP STA MLD(例如,STA 110)的MLD MAC地址。如果這些地址不同,AP 可以丟棄 FILS HLP 容器元素。接下來,該過程可以包括AP使用所提取的目的地MAC地址、所提取的源MAC地址和HLP封包以適當的格式構造訊框,以將HLP封包傳送到上游網路或BSS。Under the proposed scheme, the packet decapsulation process for each FILS HLP container element may include the AP MLD extracting the destination MAC address, source MAC address, and HLP packet from a given FILS HLP container element. The process may then include the AP verifying that the extracted source MAC address is equal to the MLD MAC address of the non-AP STA MLD (eg, STA 110 ) associated with the source MAC address of the association (or re-association) request frame. If these addresses differ, the AP MAY discard the FILS HLP container element. Next, the process may include the AP using the extracted destination MAC address, the extracted source MAC address, and the HLP packet to frame the HLP packet in an appropriate format to transmit the HLP packet to the upstream network or BSS.
在所提出的方案下,在接收到關聯(或重新關聯)請求訊框之後,AP MLD可以等待發送關聯(或重新關聯)回應訊框,直到經過了諸如 dot11HLPWaitTime的預定義持續時間。如果發送關聯(或重新關聯)回應訊框之前,AP MLD 從上游網路或 BSS 接收到一個或多個 HLP 封包,其中該上游網路或BSS以非 AP STA MLD 的 MLD MAC 地址或組地址(group address)作為目的地址,則AP MLD 可以在關聯(或重新關聯)回應訊框中的不同 FILS HLP 容器元素中發送每個 HLP 封包。關聯(或重新關聯)回應訊框中的 FILS HLP 容器元素的順序可以與 HLP 封包的接收順序相同。如果在發送關聯(或重新關聯)回應訊框之後AP MLD接收到非AP STA MLD的HLP封包,則AP MLD可以將HLP封包作為資料訊框發送。如果在發送關聯(或重新關聯)回應訊框之前,AP 沒有從上游網路或 BSS接收到以非 AP STA MLD 的 MLD MAC 地址或組地址為目的地址的任何 HLP 封包,則AP MLD 不在關聯(或重新關聯)回應訊框中發送任何 FILS HLP 容器元素。在所提出的方案下,關聯(或重新關聯)回應訊框中的狀態碼(status code)可以不受是否存在FILS HLP 容器元素的影響。 Under the proposed scheme, after receiving an association (or re-association) request frame, the AP MLD may wait to send an association (or re-association) response frame until a predefined duration such as dot11HLPWaitTime has elapsed. If the AP MLD receives one or more HLP packets from the upstream network or BSS before sending the Association (or Re-Association) Response frame, where the upstream network or BSS uses the MLD MAC address or group address of the AP STA MLD ( group address) as the destination address, the AP MLD can send each HLP packet in a different FILS HLP container element in the association (or reassociation) response frame. The order of the FILS HLP container elements in the associated (or reassociated) response frame can be the same as the order in which the HLP packets were received. If the AP MLD receives an HLP packet from a non-AP STA MLD after sending an association (or re-association) response frame, the AP MLD may send the HLP packet as a data frame. If the AP does not receive any HLP packet from the upstream network or BSS with the destination address of the MLD MAC address or group address of the non-AP STA MLD before sending the association (or re-association) response frame, the AP MLD is not in association ( or reassociate) response frame to send any FILS HLP container element. Under the proposed scheme, the status code in the association (or reassociation) response frame can be independent of the presence or absence of the FILS HLP container element.
在根據本發明的關於HLP封裝的所提出方案下,AP MLD(例如,STA 120)針對每個FILS HLP容器元素的封包封裝過程可以包括某些操作。首先,AP MLD可以通過某種方式設置HLP 容器元素的欄位。例如,AP MLD可以將目的地MAC地址(Destination MAC Address)欄位設置為接收到的HLP封包的目的地MAC地址,該目的地MAC地址可以是非AP STA MLD(例如,STA 110)的MLD MAC地址或組地址。如果接收到的 HLP 封包的目的地 MAC 地址與非 AP STA MLD 的 MLD MAC 地址不相同,但是等於非 AP STA MLD 的無線媒體 (wireless medium,WM) MAC 地址之一,則目的地MAC地址欄位可以被設置為非AP STA MLD的MLD MAC地址。此外,AP MLD可以將源MAC地址欄位設置為所接收的HLP封包的源MAC地址。此外,AP MLD可以將HLP封包欄位(HLP Packet field)設置為MSDU格式的HLP封包。然後,AP MLD 可以將FILS HLP 容器元素包括在關聯(或重新關聯)回應訊框中。接下來,AP MLD 可以發送關聯(或重新關聯)回應訊框。Under the proposed scheme regarding HLP encapsulation according to the present invention, the encapsulation process of AP MLD (eg, STA 120 ) for each FILS HLP container element may include certain operations. First, AP MLD can somehow set the fields of the HLP container element. For example, the AP MLD may set the Destination MAC Address (Destination MAC Address) field to the destination MAC address of the received HLP packet, and the destination MAC address may be the MLD MAC address of a non-AP STA MLD (for example, STA 110) or group address. If the destination MAC address of the received HLP packet is different from the MLD MAC address of the non-AP STA MLD, but equal to one of the non-AP STA MLD's wireless medium (WM) MAC addresses, the destination MAC address field Can be set to the MLD MAC address of the non-AP STA MLD. In addition, the AP MLD can set the source MAC address field to the source MAC address of the received HLP packet. In addition, the AP MLD can set the HLP packet field (HLP Packet field) as an HLP packet in MSDU format. The AP MLD can then include the FILS HLP container element in the Association (or Reassociation) Response Frame. Next, the AP MLD can send an Associate (or Re-Associate) Response frame.
在根據本發明的關於 HLP 封裝的所提出方案下,如果非 AP STA MLD(例如,STA 110)接收到具有一個或多個 FILS HLP 容器元素的關聯(或重新關聯)回應訊框,則非AP STA MLD可以先進行金鑰確認。金鑰確認成功後,非 AP STA MLD 可以為每個 HLP 封包生成 MA-UNITDATA.indication原語(primitive)。生成HLP 封包的 MA-UNITDATA.indication原語的順序可以與關聯(或重新關聯)回應訊框中的 FILS HLP 容器元素的順序相同。在金鑰確認失敗的情況下,非AP STA MLD可以丟棄HLP封包。 Under the proposed scheme regarding HLP encapsulation according to the present invention, if a non-AP STA MLD (eg, STA 110) receives an Association (or Re-Association) Response frame with one or more FILS HLP container elements, the non-AP STA MLD can perform key confirmation first. After the key confirmation is successful, the non-AP STA MLD can generate the MA-UNITDATA.indication primitive (primitive) for each HLP packet. The order of the MA-UNITDATA.indication primitives generating the HLP packet may be the same as the order of the FILS HLP container elements in the associated (or reassociated) response frame. In case of key validation failure, the non-AP STA MLD may discard the HLP packet.
在根據本發明的關於HLP封裝的所提出方案下,非AP STA MLD(例如,STA 110)針對每個FILS HLP容器元素的封包解封裝過程可以包括某些操作。首先,非AP STA MLD可以提取目的地MAC地址、源MAC地址和HLP封包。然後,非AP STA MLD可以驗證提取的目的地MAC地址是否等於非AP STA MLD的MLD MAC地址或組地址。如果目的地MAC地址不是用於非AP STA MLD的,則非AP STA MLD可以丟棄FILS HLP容器元素。接下來,非AP STA MLD可以生成具有多個參數的 MA-UNITDATA.indication原語,其中多個參數包括例如但不限於:源地址(提取的源MAC地址)、目的地地址(提取的目的地MAC地址)、路由資訊(所有的)、資料(提取的HLP封包)、接收狀態(成功)、優先順序(競爭)和服務等級(當目的地地址是單個地址時其可以是服務品質確認(QoSAck),或者當目標地址不是單個地址時其可以是服務品質否定確認 (QoSNoAck))。 Under the proposed scheme regarding HLP encapsulation according to the present invention, the encapsulation decapsulation process of the non-AP STA MLD (eg, STA 110 ) for each FILS HLP container element may include certain operations. First, the non-AP STA MLD can extract the destination MAC address, source MAC address and HLP packet. The non-AP STA MLD may then verify whether the extracted destination MAC address is equal to the non-AP STA MLD's MLD MAC address or group address. The non-AP STA MLD may discard the FILS HLP container element if the destination MAC address is not for the non-AP STA MLD. Next, the non-AP STA MLD may generate a MA-UNITDATA.indication primitive with multiple parameters including, for example but not limited to: source address (extracted source MAC address), destination address (extracted destination MAC address) address), routing information (all), data (extracted HLP packets), receive status (success), priority (competition) and service class (which can be a Quality of Service Acknowledgment (QoSAck) when the destination address is a single address) , or it can be a Quality of Service Negative Acknowledgment (QoSNoAck) when the target address is not a single address).
在根據本發明的關於 FILS 公開金鑰(Public Key)元素的所提出方案下,AP MLD 中的所有 AP(例如,STA 120 中的 AP1、AP2 和 AP3)可以在多個鏈路(例如,鏈路1、鏈路2和鏈路3)中使用一個公開金鑰,並且非AP STA MLD中的所有非AP STA(例如,STA 110中的STA1、STA2和STA3)可以在多個鏈路中使用一個公開金鑰。在所提出的方案下,AP MLD 中所有 AP 中的 Diffie-Hellman 值可以在多個鏈路中是公共的(common)。類似地,非AP STA MLD中的所有非AP STA中的Diffie-Hellman值可以在多個鏈路中是公共的。Under the proposed scheme on the FILS Public Key (Public Key) element according to the present invention, all APs in the AP MLD (for example, AP1, AP2 and AP3 in STA 120) can connect 1, 2 and 3) and all non-AP STAs in the non-AP STA MLD (for example, STA1, STA2 and STA3 in STA 110) can use it in multiple links a public key. Under the proposed scheme, the Diffie-Hellman values in all APs in the AP MLD can be common across multiple links. Similarly, Diffie-Hellman values in all non-AP STAs in the non-AP STA MLD may be common across multiple links.
在所提出的方案下,FILS公開金鑰(Public Key)元素可用於傳送一個設備的(經認證的)公開金鑰以與FILS認證交換(FILS authentication exchange)一起使用。第4圖例示了在所提出的方案下的FILS公開金鑰元素的示例設計400。參照第4圖,FILS公開金鑰元素可以包括元素ID(Element ID)欄位、長度(Length)欄位和元素ID擴展(Element ID Extension)欄位(例如,如IEEE規範的第9.4.2.1節(General)中所定義的)。FILS 公開金鑰元素還可以包括具有不同值的金鑰類型(Key Type)欄位。例如,金鑰類型欄位可以設置為 1,以指示 FILS 公開金鑰欄位包含根據互聯網工程任務組 (Internet Engineering Task Force,IETF) 徵求意見稿 (Request for Comments,RFC) 5280 編碼的 X.509v3 證書。金鑰類型欄位可以被設置為 2,以指示 FILS 公開金鑰欄位包含根據 IETF RFC 5480 編碼的未認證公開金鑰。金鑰類型欄位可以被設置為 3,以指示 FILS 公開金鑰欄位包含根據 IETF RFC 3279編碼的未認證公開金鑰。可以預留金鑰類型欄位的值 0 和 4 ~ 255。Under the proposed scheme, the FILS Public Key element can be used to convey a device's (certified) public key for use with a FILS authentication exchange. Fig. 4 illustrates an
在根據本發明的關於通過FILS共用金鑰認證(Shared Key authentication)的金鑰建立(key establishment)的所提出方案下,非AP STA MLD和AP MLD可以使用認證訊框執行金鑰建立以及使用關聯(或重新關聯)請求訊框和關聯(或重新關聯)回應訊框執行金鑰確認。如果非AP STA MLD選擇發起FILS共用金鑰認證,則非AP STA MLD可以首先選擇一個隨機的16個八位元組的隨機亂數(16-octet nonce),然後確定是否嘗試成對主金鑰安全關聯(Pairwise Master Key Securing Association,PMKSA)緩存。在嘗試進行 PMKSA 緩存的情況下,非 AP STA MLD 可以生成 PMKSA 識別字列表。如果非 AP STA MLD 嘗試發起可擴展認證協議 (Extensible Authentication Protocol,EAP) 註冊過程(registration procedure,RP) (EAP-RP),則非 AP STA MLD 可以根據 IETF RFC 6696 構建 EAP-發起/重新認證封包(EAP-initiate/Re-auth packet),並進行一些說明。例如,關於 EAP-RP 標記(flag),B標記可以設置為 0 以指示這不是 EAP-RP 引導消息(bootstrap message),L 標記可以設置為 1 以指示與STA共用rRK的可靠協力廠商 (Trusted Third Party,TTP)將在EAP-完成/重新認證封包(EAP-Finish/Re-auth packet)中提供rRK和rMSK的生命週期(lifetime)。此外,EAP識別字(Identifier)可以設置為0,並且Cryptosuite欄位可以不設置為1。在所提出的方案下,在需要完美前向保密(Perfect Forward Secrecy,PFS)的情況下,非AP STA MLD可以選擇有限循環組訊框(finite cyclic group frame) dot11RSNAConfigDLCGroupTable。這可以包括從互聯網編號分配機構 (Internet Assigned Numbers Authority,IANA) 維護的作為 IETF RFC 2409 (IKE) 的“組描述”(Group Description)屬性的存儲庫(repository)中識別出一個號碼。然後,STA MLD 可以生成臨時私密金鑰(ephemeral private key),並使用其隨機的臨時私密金鑰和來自所選有限循環組(finite cyclic group)的生成器(generator)執行組的標量操作(scalar-op)(例如,按照 IEEE 規範的第 12.4.4.1 節(General)),以計算臨時公開金鑰(ephemeral public key)。 Under the proposed scheme regarding key establishment through FILS Shared Key authentication according to the present invention, non-AP STA MLD and AP MLD can perform key establishment and usage association using authentication frames The (or reassociation) request frame and the association (or reassociation) response frame perform key validation. If the non-AP STA MLD chooses to initiate FILS shared key authentication, the non-AP STA MLD can first choose a random 16-octet random nonce (16-octet nonce), and then determine whether to try the pairwise master key Security Association (Pairwise Master Key Securing Association, PMKSA) cache. The non-AP STA MLD can generate a list of PMKSA Distinguished Words in case PMKSA caching is attempted. If the non-AP STA MLD attempts to initiate an Extensible Authentication Protocol (EAP) registration procedure (RP) (EAP-RP), the non-AP STA MLD MAY construct an EAP-initiation/reauthentication packet according to IETF RFC 6696 (EAP-initiate/Re-auth packet), and some instructions. For example, regarding the EAP-RP flag (flag), the B flag can be set to 0 to indicate that this is not an EAP-RP bootstrap message, and the L flag can be set to 1 to indicate that the trusted third party (Trusted Third) that shares the rRK with the STA Party, TTP) will provide the lifetime (lifetime) of rRK and rMSK in the EAP-Finish/Re-auth packet (EAP-Finish/Re-auth packet). In addition, the EAP identifier (Identifier) may be set to 0, and the Cryptosuite field may not be set to 1. Under the proposed scheme, when perfect forward secrecy (Perfect Forward Secrecy, PFS) is required, the non-AP STA MLD can choose a finite cyclic group frame (finite cyclic group frame) dot11RSNAConfigDLCGroupTable . This can include identifying a number from the repository maintained by the Internet Assigned Numbers Authority (IANA) as the IETF RFC 2409 (IKE) Group Description attribute. The STA MLD can then generate an ephemeral private key and perform group scalar operations using its random ephemeral private key and a generator from a selected finite cyclic group. -op) (eg, per Section 12.4.4.1 (General) of the IEEE specification) to compute an ephemeral public key.
在所提出的方案下,非AP STA MLD可以以某種方式構造認證訊框(Authentication frame)。例如,根據是否使用 PFS,非 AP STA MLD 可以將認證演算法編號設置為 4(對於沒有 PFS 的 FILS 共用金鑰認證)或 5(對於具有 PFS 的 FILS 共用金鑰認證)(例如,如IEEE 規範的第 9.4.1.1 節(Authentication Algorithm Number field)中所定義的)。非AP STA MLD還可以將認證事務序列編號(Authentication transaction sequence number)設置為1。隨機隨機亂數(random nonce)可以被編碼在FILS Nonce元素中(例如,如在IEEE規範的第9.4.2.189節(FILS Nonce element (11ai))中定義的)。如果生成了 PMKSA 識別字列表,則非 AP STA MLD 可以使用該列表來構建穩健安全網路(Robust Security Network)元素中的 PMKID 清單(PMKID List)欄位。隨機 FILS 會話(Session)可以被編碼在FILS 會話元素中(例如,如在IEEE規範的第 9.4.2.179 節(FILS Session element (11ai))中所定義的)。如果生成了EAP-發起/重新認證(EAP-Initiate/Re-authentication)封包,則可以將其複製到FILS 打包(Wrapped Data)欄位中(例如,如IEEE規範的第9.4.2.187節(FILS Wrapped Data element (11ai))中所定義的)。在需要 PFS 的情況下,所選的有限循環組可以被編碼在有限循環組欄位(Finite Cyclic Group field)中(例如,如 IEEE 規範的第 9.4.1.42 節(Finite Cyclic Group field)中所定義的),並且臨時公開金鑰可以根據 IEEE 規範的第 12.4.7.2.4 節(Element to octet string conversion)中元素到位元組串的轉換,被編碼在FFE 欄位(例如,如 IEEE 規範的第 9.4.1.40 節(FFE field)中所定義的)。此外,被支持的多個鏈路的每個鏈路的無線媒體(wireless medium,WM)MAC地址(包括STA MLD地址)和MLD MAC地址可以被編碼在多鏈路地址(Multiple Link Address)元素中。在構造認證訊框後,非AP STA MLD可以向AP MLD發送該認證訊框。Under the proposed scheme, the non-AP STA MLD can construct an authentication frame (Authentication frame) in a certain way. For example, a non-AP STA MLD could set the Authentication Algorithm Number to 4 (for FILS Shared Key Authentication without PFS) or 5 (for FILS Shared Key Authentication with PFS) depending on whether PFS is used (e.g., as described in IEEE Spec as defined in Section 9.4.1.1 (Authentication Algorithm Number field) of . The non-AP STA MLD can also set the authentication transaction sequence number (Authentication transaction sequence number) to 1. A random random nonce may be encoded in the FILS Nonce element (eg, as defined in Section 9.4.2.189 of the IEEE specification (FILS Nonce element (11ai))). If a PMKSA identifier list is generated, non-AP STA MLDs can use this list to construct the PMKID List (PMKID List) field in the Robust Security Network (Robust Security Network) element. A random FILS session (Session) may be encoded in a FILS session element (eg, as defined in Section 9.4.2.179 of the IEEE specification (FILS Session element (11ai))). If an EAP-Initiate/Re-authentication packet is generated, it can be copied into the FILS Wrapped Data field (for example, as described in Section 9.4.2.187 of the IEEE specification (FILS Wrapped Data) Data element (11ai))). In cases where PFS is required, the selected finite cyclic group can be encoded in the finite cyclic group field (Finite Cyclic Group field) (for example, as defined in Section 9.4.1.42 (Finite Cyclic Group field) of the IEEE specification ), and the temporary public key can be encoded in the FFE field according to the element to octet string conversion in Section 12.4.7.2.4 (Element to octet string conversion) of the IEEE specification (for example, as in
在所提出的方案下,在未使用PMKSA緩存並且AP MLD未連接到或者未識別出認證伺服器(Authentication Server)的情況下(其中該認證伺服器由非AP STA MLD使用EAP-發起/重新認證封包(EAP-Initiate/Re-auth packet)的金鑰Name-NAI欄位中的域(realm)而標識),則 AP MLD 可以發送狀態碼(Status Code)欄位被設置為113的認證訊框,以向非 AP STA MLD指示“由於未知的認證伺服器而導致認證被拒絕”。否則,AP MLD 可以生成它自己的隨機亂數(nonce)並為非 AP STA MLD 構造認證訊框。AP MLD可以將非AP STA MLD發送的認證訊框中的FILS 會話(FILS Session)元素複製到該回應認證訊框中。如果不使用PMKSA緩存,則此訊框可以包含FILS打包資料(FILS wrapped data),該資料封裝了從認證伺服器接收到的EAP-完成/重新認證封包(EAP-Finish/Re-auth packet)。此外,如果使用了PFS,則AP MLD 發送的認證訊框的 FFE 欄位可以包含 AP MLD 的臨時公開金鑰(ephemeral public key)。在該訊框中,AP MLD 可以根據是否使用了PFS,將認證演算法編號設置為 4 或 5,AP MLD 可以將認證序號(Authentication sequence number)設置為 2。在使用了PMKSA 緩存的情況下,AP 可以指示在PMKID 列表中所選的 PMKID。在 PFS 用於交換的情況下,AP MLD 可以通過 STA MLD 的臨時公開金鑰和它自己的臨時私密金鑰執行組的標量操作(group’s scalar-op)(例如,如 IEEE 規範的第 12.4.4.1 節(General)中所定義的),生成臨時的 Diffie-Hellman 共用秘密資訊(Diffie-Hellman shared secret,DHss)。在提出的方案下,AP MLD可以將所支持的多個鏈路的每個鏈路的WM MAC地址(包括AP MLD地址)以及AP MLD的MLD MAC地址編碼在多鏈路地址(Multiple Link Address)元素中,AP MLD可以將多鏈路地址元素包括在認證訊框中。此外,AP MLD可以向非AP STA MLD發送認證訊框。在發送FILS認證訊框後,AP可以按照IEEE規範的第12.12.2.5節(Key establishment with FILS authentication)進行金鑰建立。Under the proposed scheme, where the PMKSA cache is not used and the AP MLD is not connected to or does not recognize an Authentication Server (where the Authentication Server is initiated/reauthenticated by a non-AP STA MLD using EAP- packet (EAP-Initiate/Re-auth packet) key Name-NAI field (realm) in the field), then AP MLD can send the status code (Status Code) field is set to 113 authentication frame , to indicate "authentication denied due to unknown authentication server" to the non-AP STA MLD. Otherwise, the AP MLD can generate its own random nonce and construct an Authentication Frame for the non-AP STA MLD. The AP MLD can copy the FILS Session (FILS Session) element in the authentication frame sent by the non-AP STA MLD to the response authentication frame. If PMKSA caching is not used, this frame MAY contain FILS wrapped data that encapsulates the EAP-Finish/Re-auth packet received from the authentication server. In addition, if PFS is used, the FFE field of the authentication frame sent by AP MLD can contain AP MLD's ephemeral public key. In this frame, AP MLD can set the authentication algorithm number to 4 or 5 according to whether PFS is used, and AP MLD can set the authentication sequence number (Authentication sequence number) to 2. In case PMKSA caching is used, the AP can indicate the selected PMKID in the PMKID list. In the case where PFS is used for the exchange, the AP MLD can perform the group's scalar-op via the STA MLD's ephemeral public key and its own ephemeral private key (e.g., as described in clause 12.4.4.1 of the IEEE specification section (General)), generate temporary Diffie-Hellman shared secret information (Diffie-Hellman shared secret, DHss). Under the proposed scheme, AP MLD can encode the WM MAC address (including the AP MLD address) of each link of the supported multiple links and the MLD MAC address of the AP MLD in the multiple link address (Multiple Link Address) element, the AP MLD may include the multilink address element in the authentication frame. In addition, the AP MLD can send an authentication frame to the non-AP STA MLD. After sending the FILS authentication frame, the AP can establish the key according to Section 12.12.2.5 (Key establishment with FILS authentication) of the IEEE specification.
在所提出的方案下,可以使用來自FILS金鑰建立過程的兩個隨機亂數(nonce)和秘密資訊(secret)來獲得(derive)成對主金鑰(Pairwise Master Key,PMK)。可以使用雜湊演算法(hash algorithm),從特定于 FILS 金鑰建立的輸入資料上的協商的認證和金鑰管理 (Authentication and Key Management,AKM) 中生成用於識別 PMKSA 的 PMK 識別字 (PMKID)。根據協商的AKM,PMK的長度可以是256位元或384位元,而PKMID的長度可以是128位元。如果FILS 共用金鑰(FILS Shared Key)認證用於生成輸入金鑰材料(input keying material),則 PMK 和 PMKID 可以按如下方式得出: PMK = HMAC - Hash(SNonce || ANonce,rMSK [ || DHss]) PMKID = Truncate - 128(Hash(EAP-Initiate / Reauth)) Under the proposed scheme, two random nonces (nonce) and secret information (secret) from the FILS key establishment process can be used to derive (derived) Pairwise Master Key (PMK). The PMK identifier (PMKID) used to identify the PMKSA can be generated from the negotiated Authentication and Key Management (AKM) on the input data specific to FILS key establishment using a hash algorithm (hash algorithm) . Depending on the negotiated AKM, the PMK can be 256-bit or 384-bit long, while the PKMID can be 128-bit long. If FILS Shared Key authentication is used to generate input keying material, PMK and PMKID can be derived as follows: PMK = HMAC - Hash(SNonce || ANonce, rMSK[||DHss]) PMKID = Truncate - 128 (Hash (EAP-Initiate/Reauth))
當FILS公開金鑰(Public Key)認證用於生成輸入金鑰材料時,PMK和PMKID可以按如下方式得出: PMK = HMAC - Hash (SNonce || ANonce, DHss])(MLD-level) PMKID = Truncate - 128(Hash(gSTA || gAP))(MLD -level) When FILS public key (Public Key) authentication is used to generate input key material, PMK and PMKID can be obtained as follows: PMK = HMAC - Hash (SNonce || ANonce, DHss]) (MLD-level) PMKID = Truncate - 128 (Hash (gSTA || gAP)) (MLD -level)
這裡,SNonce表示STA MLD 隨機亂數(nonce),ANonce表示AP MLD隨機亂數。此外,rMSK 表示來自 EAP-RP 交換的共用秘密資訊(secret),DHss 表示當執行Diffie-Hellman 交換時從 Diffie-Hellman 交換匯出的共用秘密資訊(secret),因為當使用橢圓曲線加密 (Elliptic Curve Cryptography,ECC) 時,只有來自橢圓曲線 Diffie-Hellman(Elliptic Curve Diffie-Hellman) 的 x 座標被包括在內。方括號表示在執行 Diffie-Hellman 交換時包含共用秘密資訊,否則不包含共用秘密資訊。EAP-Initiate/Reauth 表示 STA使用具有FILS 共用金鑰認證的金鑰建立過程發送的EAP-RP 封包。此外,gSTA表示STA MLD的Diffie-Hellman值,gAP表示AP MLD的Diffie-Hellman值。Hash表示特定於協商的 AKM 的雜湊演算法(參見 IEEE 規範的表 9-151(AKM suite selectors))。Here, SNonce means STA MLD random nonce (nonce), and ANonce means AP MLD random nonce. In addition, rMSK represents the shared secret information (secret) from EAP-RP exchange, and DHss represents the shared secret information (secret) exported from Diffie-Hellman exchange when performing Diffie-Hellman exchange, because when using Elliptic Curve Encryption (Elliptic Curve Cryptography, ECC), only the x-coordinates from Elliptic Curve Diffie-Hellman (Elliptic Curve Diffie-Hellman) are included. Square brackets indicate the inclusion of the shared secret when performing a Diffie-Hellman exchange, and the absence of the shared secret otherwise. EAP-Initiate/Reauth indicates the EAP-RP packet sent by the STA using the key establishment process with FILS shared key authentication. In addition, gSTA represents the Diffie-Hellman value of STA MLD, and gAP represents the Diffie-Hellman value of AP MLD. Hash represents the negotiation-specific AKM hash algorithm (see Table 9-151 (AKM suite selectors) of the IEEE specification).
對於成對瞬態金鑰安全關聯(Pairwise Transient Key Security Association,PTKSA)金鑰生成,偽隨機函數(pseudo-random function,PRF)的輸入可以是PMKSA的PMK、常量標籤(constant label)以及STA MLD MAC地址、AP MLD MAC地址、STA MLD 的隨機亂數和 AP MLD 的隨機亂數的串接(concatenation)。當協商的AKM為00-0F-AC:14或00-0F-AC:16時,金鑰加密金鑰(Key Encryption Key,KEK)的長度可以為256位元,完整性校驗值金鑰(Integrity Check Value Key,ICK)的長度可以為256位元。當協商的AKM為00-0F-AC:15或00-0F-AC:17時,KEK的長度可以為512位元,ICK的長度可以為384位元。當協商的 AKM 為 00-0FAC:16 時,FILS-FT(fast transition,FT)可以為256位元。當協商的AKM為00-0F-AC:17時,FILS-FT可以為384位元;否則,不能推導出 FILS-FT。因此,根據協商的 AKM,從金鑰推導函數 (key derivation function,KDF) 提取的位元總數可以是 512+TK 位元、896+TK 位元或 1280+TK 位元,其中 TK 位元按如下方式確定: FILS-Key-Data = PRF – X (PMK,“FILS PTK KDerivation”,SPR || AA || SNonce || ANonce [ || DHss]) ICK = L (FILS-Key-Data, 0, ICK_bits) KEK = L (FILS-Key-Data, ICK_bits, KEK_bits) TK = L (FILS-Key-Data, ICK_bits + KEK_bits) For Pairwise Transient Key Security Association (PTKSA) key generation, the input of pseudo-random function (pseudo-random function, PRF) can be PMK of PMKSA, constant label (constant label) and STA MLD Concatenation of MAC address, AP MLD MAC address, STA MLD random number and AP MLD random number. When the negotiated AKM is 00-0F-AC:14 or 00-0F-AC:16, the length of the key encryption key (Key Encryption Key, KEK) can be 256 bits, and the integrity check value key ( Integrity Check Value Key (ICK) can be 256 bits in length. When the negotiated AKM is 00-0F-AC:15 or 00-0F-AC:17, the length of the KEK may be 512 bits, and the length of the ICK may be 384 bits. When the negotiated AKM is 00-0FAC:16, FILS-FT (fast transition, FT) can be 256 bits. When the negotiated AKM is 00-0F-AC:17, the FILS-FT can be 384 bits; otherwise, the FILS-FT cannot be derived. Therefore, depending on the negotiated AKM, the total number of bits extracted from the key derivation function (KDF) can be 512+TK bits, 896+TK bits, or 1280+TK bits, where the TK bits are as follows Determined by: FILS-Key-Data = PRF – X(PMK, "FILS PTK KDerivation", SPR || AA || SNonce || ANonce[ || DHss]) ICK = L (FILS-Key-Data, 0, ICK_bits) KEK = L (FILS-Key-Data, ICK_bits, KEK_bits) TK = L (FILS-Key-Data, ICK_bits + KEK_bits)
當使用FILS認證來執行快速轉換(fast transition,FT)初始移動域關聯(initial mobility domain association)時,FILS-FT可以如下確定: FILS-FT = L (FILS-Key-Data, ICK_bits + KEK_bits + TK_bits, FILS-FT_bits) When using FILS authentication to perform a fast transition (FT) initial mobility domain association, FILS-FT can be determined as follows: FILS-FT = L (FILS-Key-Data, ICK_bits + KEK_bits + TK_bits, FILS-FT_bits)
這裡,ICK_bits以位元為單位表示ICK的長度,KEK_bits以位元為單位表示KEK的長度,FILS-FT_bits表示當使用FILS認證來執行FT初始移動域關聯(initial mobility domain association)時以位元為單位的FILS-FT的長度。根據協商的 AKM,X 可以是 IEEE 規範的表 12-7(Cipher suite key lengths)中的 512+TK位元、768+TK位元、896+TK位元或 1280+TK位元。PMK 表示當使用 PMKSA 緩存時,來自 PMKSA 的PMK,其可以是從初始 FILS 連接創建的或者是從緩存的 PMKSA 創建的。當使用 FILS 認證執行 FT 初始移動域關聯時,它等於主 PMK(Maser PMK,MPMK)(例如,如 IEEE 規範的第 12.7.1.6.3 節(PMKR0)中所定義)。SPA 表示 STA MLD MAC 地址,AA 表示 AP MLD MAC 地址,ANonce 表示 STA MLD 的隨機亂數,ANonce 表示 AP MLD 的隨機亂數,DHss 表示當執行Diffie-Hellman 交換並且使用PMKSA 緩存時,從 Diffie-Hellman 交換匯出的共用秘密資訊。此外,方括號表示在使用 PMKSA 緩存同時執行 Diffie-Hellman 交換時包含共用秘密資訊,並且否則表示沒有共用秘密資訊。生成 FILS-Key-Data後,如果執行了 Diffie-Hellman 交換,共用秘密資訊 DHss 可以被不可挽回地刪除。Here, ICK_bits represents the length of ICK in bits, KEK_bits represents the length of KEK in bits, and FILS-FT_bits represents the length in bits when FILS authentication is used to perform FT initial mobility domain association (initial mobility domain association). The length of the FILS-FT in units. Depending on the negotiated AKM, X can be 512+TK bits, 768+TK bits, 896+TK bits, or 1280+TK bits in Table 12-7 (Cipher suite key lengths) of the IEEE specification. PMK Indicates the PMK from the PMKSA when using PMKSA caching, either created from the initial FILS connection or from a cached PMKSA. It is equal to the Master PMK (Maser PMK, MPMK) when performing FT Initial Mobility Domain Association using FILS authentication (e.g., as defined in Section 12.7.1.6.3 (PMKR0) of the IEEE specification). SPA means STA MLD MAC address, AA means AP MLD MAC address, ANonce means STA MLD random number, ANonce means AP MLD random number, DHss means Diffie-Hellman Exchange exported shared secret information. Additionally, square brackets indicate the inclusion of the shared secret when performing a Diffie-Hellman exchange concurrently with the PMKSA cache, and indicate no shared secret otherwise. After generating FILS-Key-Data, the shared secret information DHss can be irretrievably deleted if a Diffie-Hellman exchange is performed.
在根據本發明的關於對 FILS 金鑰確認的關聯(或重新關聯)請求的所提出方案下,用於 FILS 認證的金鑰確認可以是關聯(或重新關聯)請求訊框,其後是關聯(或重新關聯)回應訊框。關聯(或重新關聯)請求訊框和關聯(或重新關聯)回應訊框的元件(components)可以使用 KEK 來保護。STA MLD可以構造用於FILS認證的關聯(或重新關聯)請求訊框(例如,根據IEEE規範的第9.3.3.5節(Association Request frame format)和第9.3.3.7節(Reassociation Request frame format))。雜湊演算法可用于生成 FILS 金鑰確認(FILS Key Confirmation)元素,特定的雜湊演算法可以取決於協商的 AKM(例如,根據 IEEE 規範的第 9.4.2.24.3 節(AKM suites))。Under the proposed scheme regarding the association (or re-association) request for FILS key confirmation according to the present invention, the key confirmation for FILS authentication can be an association (or re-association) request frame followed by an association ( or reassociate) response box. Components of an association (or reassociation) request frame and an association (or reassociation) response frame can be protected using a KEK. The STA MLD may construct an association (or reassociation) request frame for FILS authentication (eg, according to Section 9.3.3.5 (Association Request frame format) and Section 9.3.3.7 (Reassociation Request frame format) of the IEEE specification). A hashing algorithm may be used to generate the FILS Key Confirmation element, and the specific hashing algorithm may depend on the negotiated AKM (e.g., according to section 9.4.2.24.3 of the IEEE specification (AKM suites)).
在所提出的方案下,對於當使用PMKSA緩存時的FILS共用金鑰認證和FILS公開金鑰認證,FILS金鑰確認元素的KeyAuth欄位可以通過使用協商的雜湊演算法的基於雜湊的消息認證代碼(Hash-Based Message Authentication Code,HMAC)模式按如下方式構建,其中協商的雜湊演算法利用ICK 金鑰以及STA MLD 的隨機亂數(nonce)、AP MLD 的隨機亂數、STA MLD MAC 地址、AP MLD MAC 地址以及有條件地(conditionally)STA MLD 的公共 Diffie-Hellman 值和 AP MLD 的公共 Diffie-Hellman值的串接: Key-Auth = HMAC-Hash (ICK, SNonce || ANonce || STA-MLD-MAC || AP-MLD-MAC [ || gSTA || gAP]) Under the proposed scheme, for both FILS public key authentication and FILS public key authentication when PMKSA cache is used, the KeyAuth field of the FILS key confirmation element can pass the hash based message authentication code using the negotiated hash algorithm (Hash-Based Message Authentication Code, HMAC) mode is constructed as follows, where the negotiated hash algorithm uses the ICK key and the random nonce of the STA MLD, the nonce of the AP MLD, the STA MLD MAC address, the AP Concatenation of MLD MAC address and conditionally (conditionally) STA MLD's public Diffie-Hellman value and AP MLD's public Diffie-Hellman value: Key-Auth = HMAC-Hash (ICK, SNonce || ANonce || STA-MLD-MAC || AP-MLD-MAC [ || gSTA || gAP])
這裡,Hash表示特定於協商的AKM的雜湊演算法(參見IEEE規範的表9-151(AKM suite selectors)),SNonce表示STA MLD的隨機亂數(nonce),ANonce表示AP MLD的隨機亂數,STA-MLD- MAC表示STA MLD的MLD MAC地址,AP-MLD-MAC表示AP MLD的MLD MAC地址,gSTA表示STA MLD的Diffie-Hellman的公共值(public value),gAP表示AP MLD的Diffie-Hellman公共值,方括號表示當通過FILS 共用金鑰認證(FILS Shared Key authentication)執行PFS或者通過FILS公開金鑰認證執行PMKSA 緩存時包括Diffie-Hellman公共值。Here, Hash represents the negotiation-specific AKM hash algorithm (see Table 9-151 (AKM suite selectors) of the IEEE specification), SNonce represents the random nonce of STA MLD, ANonce represents the random nonce of AP MLD, STA-MLD-MAC indicates the MLD MAC address of the STA MLD, AP-MLD-MAC indicates the MLD MAC address of the AP MLD, gSTA indicates the public value of Diffie-Hellman of the STA MLD, and gAP indicates the Diffie-Hellman of the AP MLD Public values, square brackets indicate that Diffie-Hellman public values are included when performing PFS via FILS Shared Key authentication or PMKSA caching via FILS Public Key authentication.
對於未使用 PMKSA 緩存時的 FILS 公開金鑰認證,FILS 金鑰確認元素的 KeyAuth 欄位可以是使用協商的雜湊演算法(negotiated hash algorithm)的STA MLD 的私密金鑰的數位簽名,該協商的雜湊演算法是針對按如下順序的STA MLD 的公共Diffie-Hellman 值、AP MLD 的公共 Diffie-Hellman 值、STA MLD 的隨機亂數(nonce)、AP MLD 的隨機亂數、STA MLD MAC 地址和 AP MLD MAC 地址的串接: Key-Auth = Sig-STA (gSTA || gAP || SNonce || ANonce || STA-MLD-MAC || AP-MLD-MAC) For FILS public key authentication when no PMKSA cache is used, the KeyAuth field of the FILS Key Confirmation element may be a digital signature of the private key of the STA MLD using a negotiated hash algorithm, the negotiated hash algorithm The algorithm is for STA MLD's public Diffie-Hellman value, AP MLD's public Diffie-Hellman value, STA MLD's nonce, AP MLD's nonce, STA MLD MAC address, and AP MLD's in the following order Concatenation of MAC addresses: Key-Auth = Sig-STA (gSTA || gAP || SNonce || ANonce || STA-MLD-MAC || AP-MLD-MAC)
這裡,Sig-STA()表示使用STA MLD的私密金鑰(類似於STA MLD的可信公開金鑰)的數位簽名。簽名的形式可以取決於 STA MLD 使用的公開金鑰類型(參見IETF RFC 3447的RSA部分,FIPS 186-4的DSA部分,以及 ISO/IEC 14888-3的 ECDSA部分)。要簽名的資料可以首先被雜散(hash),並且與適當的數位簽名演算法一起使用的雜湊演算法可以特定於協商的 AKM。Here, Sig-STA() means a digital signature using STA MLD's private key (similar to STA MLD's trusted public key). The form of the signature MAY depend on the type of public key used by the STA MLD (see the RSA section of IETF RFC 3447, the DSA section of FIPS 186-4, and the ECDSA section of ISO/IEC 14888-3). The material to be signed may first be hashed, and the hashing algorithm used with an appropriate digital signature algorithm may be specific to the negotiated AKM.
在所提出的方案下,可以以 KEK 作為金鑰使用具有關聯資料的認證加密(Authenticated Encryption with Associated Data,AEAD)演算法(例如,如在IEEE規範的第12.12.2.7節(AEAD cipher mode for FILS)中定義的),來加密關聯(重新關聯)請求訊框。與用於關聯請求訊框的 AEAD 演算法一起使用的附加認證資料 (Additional Authentication Data,AAD) 可以包括以下資料,這些資料作為單獨的元件按以下順序傳遞:(i) STA 的 MAC 地址,(ii) AP 的基本服務集識別字 (basic service set identifier,BSSID),(iii) STA 的隨機亂數,(iv) AP 的隨機亂數,以及 (v) 關聯(重新關聯)請求訊框的從能力資訊欄位(包含)到 FILS 會話元素(包含)的內容。此外,與用於關聯請求訊框的 AEAD 演算法一起使用的附加認證資料 (Additional Authentication Data,AAD)可以包括 (vi) STA MLD MAC 地址和 (vii) AP MLD MAC 地址。傳遞給AEAD 演算法的明文(plaintext)可以是未加密訊框體中FILS會話元素後的資料。AEAD演算法的輸出可以變成為在加密和認證的關聯(重新關聯)請求訊框中 FILS 會話元素之後的資料。演算法的輸出可以如IETF RFC 5116中所規定的那樣。產生的關聯(重新關聯)請求訊框可以被傳送到AP MLD。AP MLD 可以將接收到的關聯(重新關聯)請求訊框的 FILS 會話與用於識別認證訊框中FILS會話的 FILS 會話進行比較。如果它們不同,則認證交換失敗。Under the proposed scheme, an Authenticated Encryption with Associated Data (AEAD) algorithm (for example, as described in section 12.12.2.7 of the IEEE specification (AEAD cipher mode for FILS) can be used with KEK as a key. ), to encrypt the association (reassociation) request frame. Additional Authentication Data (AAD) used with the AEAD algorithm used to associate request frames may include the following data, delivered as separate elements in the following order: (i) the STA's MAC address, (ii) ) AP's basic service set identifier (BSSID), (iii) STA's random number, (iv) AP's random number, and (v) association (re-association) request frame slave capability Info field (inclusive) to the content of the FILS session element (inclusive). Additionally, the Additional Authentication Data (AAD) used with the AEAD algorithm for the association request frame may include (vi) STA MLD MAC address and (vii) AP MLD MAC address. The plaintext passed to the AEAD algorithm can be the data following the FILS session element in the unencrypted frame body. The output of the AEAD algorithm may become the data following the FILS session element in the encrypted and authenticated association (reassociation) request frame. The output of the algorithm may be as specified in IETF RFC 5116. The resulting association (re-association) request frame can be sent to the AP MLD. The AP MLD can compare the FILS session of the received association (re-association) request frame with the FILS session used to identify the FILS session in the authentication frame. If they differ, the authentication exchange fails.
在所提出的方案下,AP MLD可以以KEK 作為金鑰使用AEAD演算法(例如,如IEEE規範的第12.12.2.7節(AEAD cipher mode for FILS)中所定義的)來解密和驗證接收到的關聯(重新關聯)請求訊框。AAD可以如上所定義地被重構,並且可以與接收到的訊框的密文(ciphertext)一起被傳遞至AEAD解密操作。如果 AEAD 解密操作的輸出返回了失敗指示,則認證交換失敗。如果輸出沒有返回失敗指示,則輸出明文可以替換密文,作為訊框體中跟隨 FILS 會話元素的部分,並且通過檢查 FILS 金鑰確認元素的值可以繼續處理接收到的訊框。AP MLD可以驗證在關聯(重新關聯)請求訊框中接收的RSNE是否與來自 STA MLD 的認證訊框中的RSNE 包含相同的 AKM 組合(AKM suite)和密碼組合(cipher suites)以及 RSN 能力。如果這些欄位不同,則認證交換失敗。對於 FILS 共用金鑰認證,AP MLD可以以與上述STA MLD構建其 Key-Auth 相同的方式構建驗證器(verifier)Key-Auth'。AP MLD 可以將 Key-Auth' 與接收訊框的 FILS 秘鑰確認元素中的 KeyAuth 欄位進行比較。如果它們不同,則認證失敗。Under the proposed scheme, the AP MLD can decrypt and authenticate the received Association (reassociation) request frame. The AAD can be reconstructed as defined above and can be passed to the AEAD decryption operation together with the ciphertext of the received frame. If the output of the AEAD decryption operation returns a failure indication, the authentication exchange has failed. If the output does not return a failure indication, the output plaintext may replace the ciphertext as part of the frame body following the FILS session element, and processing of the received frame may continue by checking the value of the FILS key confirmation element. The AP MLD can verify that the RSNE received in the Association (Reassociation) Request frame contains the same AKM suite and cipher suites and RSN capabilities as the RSNE in the Authentication frame from the STA MLD. If these fields are different, the authentication exchange fails. For FILS common key authentication, the AP MLD can construct the verifier Key-Auth' in the same way as the STA MLD above constructs its Key-Auth'. The AP MLD MAY compare the Key-Auth' to the KeyAuth field in the FILS KeyConfirmation element of the received frame. If they are different, authentication fails.
對於 FILS 公開金鑰認證,AP MLD 可以使用來自 FILS 公開金鑰元素的 STA MLD 的(經認證的)公開金鑰,來驗證 KeyAuth 欄位中包含的簽名是否對應於 STA MLD根據使用的簽名方案通過按順序串接如下內容所形成的簽名:STA的公共Diffie-Hellman值(gSTA)、AP的公共Diffie-Hellman值(gAP)、STA的隨機亂數(SNonce)、AP的隨機亂數(ANonce)、STA的MAC地址(STA-MAC)和AP的BSSID(AP -BSSID)。此外,根據 IETF RFC 5280 中檢查證書和憑證連結的過程,AP MLD 可以以加密方式和從安全性原則的角度來檢查憑證連結中的所有證書。如果這些驗證中的任何一個驗證失敗,則認證失敗。For FILS public key authentication, the AP MLD can use the (certified) public key of the STA MLD from the FILS public key element to verify that the signature contained in the KeyAuth field corresponds to the signature passed by the STA MLD according to the signature scheme used. The signature formed by concatenating the following contents in sequence: STA’s public Diffie-Hellman value (gSTA), AP’s public Diffie-Hellman value (gAP), STA’s random number (SNonce), AP’s random number (ANonce) , STA MAC address (STA-MAC) and AP BSSID (AP-BSSID). In addition, AP MLD can cryptographically and security-principally check all certificates in a credential chain according to the procedure for checking certificates and credential chains in IETF RFC 5280. If any of these verifications fail, the authentication fails.
在所提出的方案下,如果認證被認為失敗,則ICK、KEK、TK和PTKSA可以被不可挽回地刪除,並且AP MLD可以返回狀態碼設置為112的認證訊框,以指示“由於 FILS 認證失敗導致認證被拒絕”。如果在此失敗的認證嘗試中沒有使用 PMKSA 緩存,則還可以刪除 PMKSA。如果使用了 PMKSA 緩存,則失敗的原因可能是模擬攻擊(impersonation attack)。因此,當具有 PMKSA 緩存的 FILS 失敗時,AP MLD 可以決定保留緩存的 PMKSA。Under the proposed scheme, if the authentication is deemed to have failed, the ICK, KEK, TK, and PTKSA can be irretrievably deleted, and the AP MLD can return an authentication frame with status code set to 112 to indicate "authentication failed due to FILS resulting in authentication being denied". The PMKSA can also be deleted if the PMKSA cache was not used in this failed authentication attempt. If a PMKSA cache is used, the failure could be due to an impersonation attack. So when FILS with PMKSA cache fails, AP MLD can decide to keep the cached PMKSA.
在根據本發明的關於用於 FILS 金鑰確認的關聯(重新關聯)回應訊框的提出方案下,AP MLD 可以構建用於 FILS 認證的關聯(重新關聯)回應訊框(例如,如IEEE 規範的第 9.3.3.6 節(Association Response frame format)和第 9.3.3.8 節(Reassociation Response frame format))。與關聯(重新關聯)請求訊框一樣,雜湊演算法可用于生成 FILS 金鑰確認元素,特定的雜湊演算法可以取決於協商的 AKM(參見第9.4.2.24.3節(AKM suites))。另外,AP MLD可以構造金鑰傳送(Key Delivery)元素,以指示多個鏈路中每個鏈路的當前的組臨時金鑰(Group Temporal Key,GTK)和金鑰接收序列計數器(receive sequence counter,RSC)、多個鏈路中每個鏈路的當前完整性組臨時金鑰(Integrity Group Temporal Key,IGTK)和IGTK封包號(IGTK packet number,IPN)(如果啟用了管理訊框保護)、多個鏈路中每個鏈路的當前信標完整性組臨時金鑰(Beacon Integrity Group Temporal Key,BIGTK)和BIGTK封包號(BIGTK packet number,BIPN)(如果啟用了信標保護)。AP MLD 可以將金鑰傳送元素放入關聯(重新關聯)回應訊框中。Under the proposed scheme of the association (re-association) response frame for FILS key confirmation according to the present invention, AP MLD can construct the association (re-association) response frame for FILS authentication (for example, as in IEEE specification Sections 9.3.3.6 (Association Response frame format) and 9.3.3.8 (Reassociation Response frame format)). As with the Association (Reassociation) Request frame, a hashing algorithm can be used to generate the FILS Key Confirmation element, the specific hashing algorithm MAY depend on the negotiated AKM (see Section 9.4.2.24.3 (AKM suites)). In addition, the AP MLD can construct a key delivery (Key Delivery) element to indicate the current group temporary key (Group Temporal Key, GTK) and key receiving sequence counter (receive sequence counter) of each link in multiple links , RSC), the current Integrity Group Temporal Key (IGTK) and IGTK packet number (IPN) for each of the multiple links (if management frame protection is enabled), The current Beacon Integrity Group Temporal Key (BIGTK) and BIGTK packet number (BIPN) for each of the multiple links (if beacon protection is enabled). The AP MLD MAY place a Key Transfer element in the Association (Reassociation) Response frame.
第5圖例示了在根據本發明的所提出方案下的金鑰傳送(Key Delivery)元素的示例設計500。參照第5圖,金鑰傳送元素可以包括多個欄位,包括例如元素ID欄位、長度欄位、元素ID擴展欄位、金鑰RSC欄位和金鑰資料封裝(Key Data Encapsulation,KDE)列表欄位。金鑰RSC欄位可以包含用於GTK的接收序列計數器(RSC),該GTK被安裝到發送金鑰傳送元素的鏈路上。KDE 列表欄位可以包含使用預定義格式封裝的一個或多個KDE。例如,KDE 列表欄位可以包括用於與發送金鑰傳送元素的同一鏈路的 GTK KDE、IGTK KDE 和 BIGTK KDE。此外,KDE列表欄位可以包括用於發送金鑰傳送元素的不同鏈路的多鏈路GTK KDE、多鏈路IGTK KDE和多鏈路BITKK KDE。Fig. 5 illustrates an
第6圖例示了在根據本發明的所提出方案下的多鏈路GTK KDE元素的示例設計600。參照第6圖,多鏈路GTK KDE元素可以包括多個欄位,包括例如金鑰ID欄位、發送(Tx)欄位、預留欄位、鏈路ID欄位、金鑰RSC欄位和GTK欄位。金鑰 ID 欄位可以指示 GTK金鑰識別字的值。發送(Tx)欄位可以指示出在其上發送 GTK 的鏈路。如果Tx 欄位的值為 1,則 IEEE 802.1X 元件可以將從 KDE 匯出的臨時金鑰(temporal key)配置進tis IEEE 802.11 MAC(#2507),用於發送和接收。如果Tx 欄位的值為 0,則 IEEE 802.1X 元件可以將從 KDE匯出的臨時金鑰配置進tis IEEE 802.11 MAC(#2507),僅用於接收。鏈路ID欄位可以指示正在安裝的 GTK 的鏈路(例如,操作類別和主要通道號)。金鑰 RSC 欄位可以包含安裝在鏈路 ID 欄位所指示鏈路上的GTK的接收序列計數器(RSC)。RSC欄位值的傳送可以使得STA能夠識別在由鏈路ID欄位所指示鏈路上重放的MAC協定資料單元(MAC protocol data unit,MPDU)。如果 RSC欄位值在長度上小於 8 個八位元組,則剩餘的八位元組可以設置為 0。發送序列計數器 (transmit sequence counter,TSC) 或封包編號 (packet number,PN) 的最低有效八位元組可以在RSC欄位的第一個八位元組中。Fig. 6 illustrates an
第7圖示出了在根據本發明的所提出方案下的多鏈路IGTK KDE元素的示例設計700。參照第7圖,多鏈路IGTK KDE元素可以包括多個欄位,包括例如金鑰ID欄位、IPN欄位、鏈路ID欄位和IGTK欄位。金鑰ID欄位可以指示IGTK金鑰識別字的值。鏈路ID 欄位可以指示正在安裝IGTK 的鏈路(例如,操作類別和主要通道號)。IPN欄位可以對應于由鏈路ID欄位指示的鏈路上的廣播/多播發送器使用的最後一個封包號,並且它可以被接收器用作用於IGTK的廣播完整性協議(Broadcast Integrity Protocol,BIP)重播計數器的初始值。Fig. 7 shows an
第8圖例示了在根據本發明的所提出方案下的多鏈路BIGTK KDE元素的示例設計800。參照第8圖,多鏈路BIGTK KDE元素可以包括多個欄位,包括例如金鑰ID欄位、BIPN欄位,鏈路ID欄位和BIGTK欄位。金鑰 ID 欄位可以指示 BIGTK 金鑰識別字的值。鏈路 ID 欄位可以指示正在安裝 BIGTK 的鏈路(例如,操作類別和主要通道號)。BIPN欄位可以對應于由鏈路ID欄位指示的鏈路上的最後一個受保護的信標訊框(Beacon frame)的管理消息完整性檢查(Management Message Integrity Check,MIC)元素(MIC element,MME)中攜帶的BIPN值,並且它可以被接收器用作BIGTK 的 BIP 重放計數器的初始值。Fig. 8 illustrates an
在根據本發明的提出方案下,對於使用PMKSA緩存時的FILS共用金鑰認證和FILS公開金鑰認證,可以使用協商的雜湊演算法的HMAC模式,按照如下方式構造FILS金鑰確認元素的KeyAuth欄位,其中協商的雜湊演算法利用ICK 金鑰以及AP MLD 的隨機亂數、STA MLD 的隨機亂數(nonce)、AP MLD MAC 地址、STA MLD MAC 地址、以及有條件地(conditionally)AP MLD 的公共 Diffie-Hellman值和STA MLD 的公共 Diffie-Hellman 值的串接: Key-Auth = HMAC-Hash (ICK, ANonce || SNonce || AP-MLD-MAC || STA-MLD-MAC [ || gAP || gSTA ]) Under the proposed scheme according to the present invention, for FILS shared key authentication and FILS public key authentication when using PMKSA cache, the HMAC mode of the negotiated hash algorithm can be used to construct the KeyAuth column of the FILS key confirmation element in the following manner bits, where the negotiated hash algorithm utilizes the ICK key and AP MLD's nonce, STA MLD's nonce, AP MLD MAC address, STA MLD MAC address, and conditionally AP MLD's Concatenation of the public Diffie-Hellman value and the public Diffie-Hellman value of the STA MLD: Key-Auth = HMAC-Hash (ICK, ANonce || SNonce || AP-MLD-MAC || STA-MLD-MAC [ || gAP || gSTA ])
這裡,Hash表示特定於協商的AKM的雜湊演算法,ANonce表示AP MLD的隨機亂數,SNonce表示STA MLD的隨機亂數,AP-MLD-MAC表示AP MLD的MLD MAC地址,STA-MLD-MAC表示STA MLD的MLD MAC地址,gAP表示AP MLD的Diffie-Hellman公共值,gSTA表示STA MLD的Diffie-Hellman公共值,方括號表示當通過FILS 共用金鑰認證(FILS Shared Key authentication)執行PFS時包括Diffie-Hellman公共值。否則表示沒有包括 Diffie-Hellman 公共值。Here, Hash represents the hash algorithm specific to the negotiated AKM, ANonce represents the random number of AP MLD, SNonce represents the random number of STA MLD, AP-MLD-MAC represents the MLD MAC address of AP MLD, STA-MLD-MAC Indicates the MLD MAC address of STA MLD, gAP indicates the Diffie-Hellman public value of AP MLD, gSTA indicates the Diffie-Hellman public value of STA MLD, and the square brackets indicate that when PFS is executed through FILS Shared Key authentication (FILS Shared Key authentication) includes Diffie-Hellman public value. Otherwise, no Diffie-Hellman public values are included.
在提出的方案下,對於未使用PMKSA緩存時的FILS公開金鑰認證,FILS金鑰確認元素的KeyAuth欄位可以是使用協商的雜湊演算法的輸出的AP MLD私密金鑰的數位簽名,該協商的雜湊演算法是基於按如下順序的AP MLD 的公共 Diffie-Hellman 值、STA MLD 的公共 Diffie-Hellman 值、AP MLD 的隨機亂數、STA MLD 的隨機亂數、AP MLD MAC 地址和 STA MLD MAC 地址的串接。數位簽名的具體構造可以取決於公開金鑰/私密金鑰對的密碼系統,具體如下: Key-Auth = Sig-AP (gAP || gSTA || ANonce || SNonce || AP-MLD-MAC || STA-MLD-MAC) Under the proposed scheme, for FILS public key authentication when no PMKSA cache is used, the KeyAuth field of the FILS key confirmation element can be the digital signature of the AP MLD private key output using the negotiated hash algorithm. The hash algorithm is based on AP MLD's public Diffie-Hellman value, STA MLD's public Diffie-Hellman value, AP MLD's nonce, STA MLD's nonce, AP MLD MAC address, and STA MLD MAC in the following order Concatenation of addresses. The specific construction of the digital signature can depend on the cryptographic system of the public key/private key pair, as follows: Key-Auth = Sig-AP (gAP || gSTA || ANonce || SNonce || AP-MLD-MAC || STA-MLD-MAC)
這裡,Sig-AP()可以表示使用AP MLD的私密金鑰(與AP MLD的可信公開金鑰類似的)的數位簽名。簽名的形式可以取決於 AP MLD 使用的公開金鑰類型(參見IETF RFC 3447 的 RSA部分,FIPS 186-4的DSA部分,以及 ISO/IEC 14883-3 的ECDSA部分)。要簽名的資料可以首先被雜散(hash),並且與適當的數位簽名演算法一起使用的雜湊演算法可以特定於協商的 AKM。Here, Sig-AP() may represent a digital signature using the AP MLD's private key (similar to the AP MLD's trusted public key). The form of the signature MAY depend on the type of public key used by the AP MLD (see the RSA section of IETF RFC 3447, the DSA section of FIPS 186-4, and the ECDSA section of ISO/IEC 14883-3). The material to be signed may first be hashed, and the hashing algorithm used with an appropriate digital signature algorithm may be specific to the negotiated AKM.
在根據本發明的提出方案下,可以以 KEK 作為金鑰使用AEAD演算法(例如,如在IEEE規範的第12.12.2.7節(AEAD cipher mode for FILS)中定義的),來加密關聯(重新關聯)回應訊框。與用於關聯(重新關聯)回應訊框的 AEAD 演算法一起使用的附加認證資料 (Additional Authentication Data,AAD)可以包括以下資料,這些資料作為單獨的元件按以下順序傳遞:AP 的 BSSID、STA 的 MAC 地址、AP 的隨機亂數、STA 的隨機亂數、以及關聯(重新關聯)回應訊框的從能力資訊欄位(包含)到 FILS 會話元素(包含)的內容。此外,與用於關聯回應訊框的AEAD演算法一起使用的附加認證資料(Additional Authentication Data,AAD)可以包括STA MLD MAC地址和AP MLD MAC地址。傳遞給AEAD 演算法的明文(plaintext)可以是未加密訊框體中 FILS 會話元素後的資料。AEAD 演算法的輸出可以變成為在加密和認證的關聯(重新關聯)回應訊框中 FILS 會話元素之後的資料。演算法的輸出可以如IETF RFC 5116中所規定的那樣。產生的關聯(重新關聯)回應訊框可以被傳送到STA MLD。Under the proposed scheme according to the present invention, the association (re-association ) in response to the frame. Additional Authentication Data (AAD) for use with the AEAD algorithm used to associate (re-associate) response frames may include the following data, delivered as separate elements in the following order: AP's BSSID, STA's MAC address, AP's nonce, STA's nonce, and the contents of the Association (Reassociation) Response frame from the Capability Info field (inclusive) to the FILS Session element (inclusive). In addition, the additional authentication data (Additional Authentication Data, AAD) used together with the AEAD algorithm for associating the response frame may include the STA MLD MAC address and the AP MLD MAC address. The plaintext passed to the AEAD algorithm can be the data following the FILS session element in the unencrypted frame body. The output of the AEAD algorithm may become data following the FILS session element in the encrypted and authenticated association (reassociation) response frame. The output of the algorithm may be as specified in IETF RFC 5116. The resulting association (re-association) response frame can be sent to the STA MLD.
在所提出的方案下,STA MLD可以以KEK 作為金鑰使用AEAD演算法(例如,如IEEE規範的第12.12.2.5節(Key establishment with FILS authentication)中所定義的)來解密和驗證接收到的關聯(重新關聯)回應訊框。AAD可以按如上所定義的被重構,並且可以與接收到的訊框的密文(ciphertext)一起被傳遞至AEAD解密操作。STA MLD 可以將接收到的訊框的 FILS 會話與被選擇用於識別FILS的STA MLD的FILS 會話進行比較。如果它們不同,則認證失敗。如果AEAD 解密操作的輸出返回了失敗指示,則認證交換失敗。如果輸出沒有返回失敗指示,則輸出明文可以替換密文,作為訊框體中跟隨 FILS 會話元素的部分,並且通過檢查 FILS 金鑰確認元素的值可以繼續處理接收到的訊框。STA MLD 可以驗證在關聯(重新關聯)回應訊框中接收的 RSNE是否與信標、探測回應和來自 AP MLD 的認證訊框中含有相同的AKM 組合(AKM suite)和密碼組合(cipher suites)以及 RSN 能力。如果這些欄位不同,則認證失敗。Under the proposed scheme, STA MLD can decrypt and authenticate the received Associate (re-associate) response frame. The AAD can be reconstructed as defined above and can be passed to the AEAD decryption operation along with the ciphertext of the received frame. The STA MLD may compare the FILS session of the received frame with the FILS session of the STA MLD selected to identify the FILS. If they are different, authentication fails. If the output of the AEAD decryption operation returns a failure indication, the authentication exchange has failed. If the output does not return a failure indication, the output plaintext may replace the ciphertext as part of the frame body following the FILS session element, and processing of the received frame may continue by checking the value of the FILS key confirmation element. STA MLD can verify whether the RSNE received in the association (re-association) response frame contains the same AKM combination (AKM suite) and cipher suites (cipher suites) in the beacon, probe response and authentication frame from the AP MLD and RSN capability. If these fields are different, authentication fails.
在所提出的方案下,對於 FILS 共用金鑰(Shared Key)認證,STA MLD可以以與上述AP構建其金鑰認證(Key-Auth)相同的方式來構建驗證器Key-Auth'。STA MLD可以將Key-Auth'與接收到的訊框的FILS金鑰確認元素中的KeyAuth欄位進行比較。如果它們不同,則認證失敗。對於 FILS 公開金鑰認證,STA MLD 可以使用來自 FILS 公開金鑰元素的 AP MLD(經認證的)公開金鑰,來驗證 KeyAuth 欄位中包含的簽名是否對應於 AP 根據使用的簽名方案通過按順序串接如下內容所形成的簽名:AP 的公共 Diffie-Hellman 值 (gAP)、STA 的公共 Diffie-Hellman 值 (gSTA)、AP 的隨機亂數 (ANonce)、STA 的隨機亂數 (SNonce)、AP 的 BSSID (AP-BSSID) 以及STA 的 MAC 地址 (STA-MAC)。此外,根據 IETF RFC 5280 中檢查證書和憑證連結的過程,AP MLD 可以以加密方式和從安全性原則的角度來檢查憑證連結中的所有證書。如果這些驗證中的任何一個驗證失敗,則認證失敗。Under the proposed scheme, for FILS shared key (Shared Key) authentication, STA MLD can construct the authenticator Key-Auth' in the same way as the above-mentioned AP constructs its key authentication (Key-Auth). The STA MLD may compare the Key-Auth' with the KeyAuth field in the FILS KeyValidation element of the received frame. If they are different, authentication fails. For FILS public key authentication, the STA MLD can use the AP MLD's (certified) public key from the FILS public key element to verify that the signature contained in the KeyAuth field corresponds to the A signature formed by concatenating the following contents: AP's public Diffie-Hellman value (gAP), STA's public Diffie-Hellman value (gSTA), AP's random number (ANonce), STA's random number (SNonce), AP The BSSID of the AP (AP-BSSID) and the MAC address of the STA (STA-MAC). In addition, AP MLD can cryptographically and security-principally check all certificates in a credential chain according to the procedure for checking certificates and credential chains in IETF RFC 5280. If any of these verifications fail, the authentication fails.
在所提出的方案下,如果認證被認為失敗,則ICK、KEK、PMK和TK可以被不可挽回地刪除,並且STA MLD應放棄交換。否則,則認證成功並且 STA MLD 和 AP MLD 可以不可挽回地刪除非持久性秘密資訊建鑰資料(nonpersistent secret keying material),該非持久性秘密資訊建鑰資料是通過FILS共用金鑰認證(Shared Key authentication)的金鑰建立(key establishment)過程(例如,參見IEEE規範的第12.12.2.3節(Key establishment with FILS Shared Key authentication))創建或者通過FILS公開金鑰認證(Public Key authentication)的金鑰建立(key establishment)過程(例如,參見IEEE規範的第12.12.2.4節(Key establishment with FILS Public Key authentication))創建的。KEK 和 PMK 可用於後續的金鑰管理(例如,如 IEEE 規範的第 12.6 節(RSNA security association management)中所規定的)。在rMSK的生命週期(lifetime)已知的情況下,STA MLD和AP MLD可以將PMKSA的生命週期設置為rMSK的生命週期。否則,STA MLD和AP MLD可以將PMKSA的生命週期設置為值dot11RSNAConfigPMKLifetime。在成功完成 FILS 認證過程後,STA MLD 可以處理關聯(重新關聯)回應訊框中的金鑰傳送元素(Key Delivery element)。STA MLD可以安裝GTK和金鑰RSC,並且在管理訊框保護(management frame protection)被啟用的情況下為多條鏈路中的每條鏈路安裝IGTK和IPN,並且在金鑰交付元素中存在BIGTK和BIPN以及dot11BeaconProtectionEnabled 為真的情況下為多條鏈路中的每條鏈路安裝BIGTK和BIPN。Under the proposed scheme, if the authentication is considered failed, the ICK, KEK, PMK and TK can be irretrievably deleted and the STA MLD should abandon the exchange. Otherwise, the authentication is successful and STA MLD and AP MLD can irretrievably delete the non-persistent secret keying material (nonpersistent secret keying material), which is passed FILS shared key authentication (Shared Key authentication ) key establishment (key establishment) process (for example, see Section 12.12.2.3 (Key establishment with FILS Shared Key authentication) of the IEEE specification) or key establishment through FILS public key authentication (Public Key authentication) ( key establishment) procedure (see, for example, Section 12.12.2.4 (Key establishment with FILS Public Key authentication) of the IEEE specification). The KEK and PMK can be used for subsequent key management (eg, as specified in section 12.6 (RSNA security association management) of the IEEE specification). When the lifetime (lifetime) of the rMSK is known, the STA MLD and the AP MLD can set the lifetime of the PMKSA to the lifetime of the rMSK. Otherwise, STA MLD and AP MLD may set the lifetime of PMKSA to the value dot11RSNAConfigPMKLifetime. After successful completion of the FILS authentication process, the STA MLD can process the Key Delivery element in the Association (Reassociation) Response frame. STA MLD can install GTK and key RSC, and if management frame protection (management frame protection) is enabled, install IGTK and IPN for each link in multiple links, and present in the key delivery element BIGTK and BIPN and dot11BeaconProtectionEnabled is true to install BIGTK and BIPN for each of the multiple links.
第9圖例示了在根據本發明的所提出方案下強健安全網路(Robust Security Network,RSN)能力欄位(Capabilities field)的示例設計900。如第9圖所示,RSN能力欄位可以包含多個子欄位,多個子欄位中包括單獨定址訊框的擴展金鑰ID(Extended Key ID for Individually Addressed Frames)子欄位。當密碼組合(cipher suite)是密碼塊鏈消息認證代碼協定(Cipher Block Chaining Message Authentication Code Protocol,CCMP)或 Galois/計數器模式協定 (Galois/Counter Mode Protocol,GCMP)時,單獨定址訊框的擴展金鑰 ID子欄位(位於 RSN 能力欄位的第 13位元或 B13)可以設置為 1,以指示 STA 支援用於 PTKSA的在0~1範圍內的金鑰 ID 值。FIG. 9 illustrates an
在根據本發明的關於強健安全網路協會 (Robust Security Network Association,RSNA) 金鑰更新(rekeying)的提出方案下,當鏈路的兩端均支持用於單獨定址訊框的擴展金鑰 ID 時,可以安裝新的 PTKSA而不丟失資料,前提是新 PTKSA 使用與舊PTKSA不同的金鑰 ID。值得注意的是,如果使用了相同的金鑰ID,則可能會發生資料丟失,因為當在一端新金鑰用於發送並且在另一端它被用於接收時無法精確地協調(由於軟體處理延遲)。如果新的 PTKSA 使用不同的金鑰 ID,假設在發送側首次使用新金鑰之前該新金鑰已安裝在接收側,則可以不需要精確協調。在轉換期間,可以使用金鑰 ID 將接收到的封包明確標識為屬於舊的或新的 PTKSA。Under the proposed scheme for Robust Security Network Association (RSNA) key rekeying according to the present invention, when both ends of the link support extended key IDs for individually addressed frames , you can install a new PTKSA without losing data, provided that the new PTKSA uses a different key ID from the old PTKSA. It is worth noting that if the same key ID is used, data loss may occur, because at one end the new key is used for sending and at the other end it is used for receiving, which cannot be precisely coordinated (due to software processing delays ). If the new PTKSA uses a different key ID, fine reconciliation may not be required, assuming the new key is installed on the receiving side before the first use of the new key on the sending side. During transition, the key ID can be used to unambiguously identify received packets as belonging to the old or new PTKSA.
在所提出的方案下,如果對於認證者(Authenticator)和請求者(Supplicant),RSN能力欄位的單獨定址訊框的擴展金鑰ID子欄位都是1,則認證者可以在0 ~ 1範圍內為PTKSA分配新的金鑰ID,此新的金鑰ID與先前握手中分配的金鑰 ID 不同,此外,認證者可以使用
MLMESETKEYS.request原語(primitive)來安裝新金鑰,以接收由PTK(與分配的金鑰ID相關聯)所保護的單獨定址的 MPDU。否則,可以使用金鑰 ID 0並且可以將金鑰的安裝推遲,直到接收到消息 4 之後。認證者可以向請求者發送消息3。值得注意的是,在現有 PTK 仍然有效的情況下,認證者IEEE 802.11 MAC 可以使用現有金鑰繼續發送受保護的、單獨定址的 MPDU(如果有的話)。通過安裝新金鑰用於進行接收,認證者能夠使用舊金鑰(如果存在)或新金鑰接收受保護的、單獨定址的 MPDU。
Under the proposed scheme, if the extended key ID subfield of the separate addressing frame of the RSN capability field is 1 for both the Authenticator and the Supplicant, the authenticator can be between 0 ~ 1 Assign a new key ID to PTKSA within the scope, this new key ID is different from the key ID assigned in the previous handshake, in addition, the authenticator can use the MLMESETKEYS.request primitive (primitive) to install the new key to receive the Individually addressed MPDUs protected by a PTK (associated with an assigned Key ID). Otherwise,
第10圖示出了在所提出的方案下的RSNA金鑰更新(rekeying)的示例場景1000。參考第10圖,RSNA 金鑰更新過程可以使用兩個金鑰。在場景 1000 中,金鑰可以在兩個握手週期(handshake period)內持續生效(in place)(用於接收處理)。PTKSA 生命週期可以是兩個握手週期。新金鑰安裝可以替換具有相同金鑰 ID 的舊金鑰。因此,擁有兩個活動金鑰可以允許從一個 PTKSA 到下一個 PTKSA 的平滑、時間寬鬆的過渡。Fig. 10 shows an
在根據本發明的關於CCMP封裝(encapsulation)的提出方案下,PN值可以順序編號每個MPDU。每個發送器可以為每個 PTKSA 和組臨時金鑰安全關聯 (Group Temporal Key Security Association,GTKSA)保持單個 PN(例如,48 位元計數器)。PN 可以被實現為嚴格遞增整數的 48 位元值,並且當相應的臨時金鑰被初始化或刷新時其被初始化為 1。Under the proposed scheme on CCMP encapsulation according to the present invention, the PN value can sequentially number each MPDU. Each sender MAY maintain a single PN (eg, 48-bit counter) for each PTKSA and Group Temporal Key Security Association (GTKSA). PN can be implemented as a strictly increasing integer 48-bit value, and it is initialized to 1 when the corresponding ephemeral key is initialized or refreshed.
在根據本發明的關於GCMP封裝的提出方案下,PN值可以順序編號每個MPDU。每個發送器可以為每個 PTKSA 和 GTKSA 保持單個 PN(例如,48位元計數器)。PN 可以被實現為嚴格遞增整數的 48 位元值,並且當相應的臨時金鑰被初始化或刷新時其被初始化為 1。Under the proposed scheme about GCMP encapsulation according to the present invention, the PN value can sequentially number each MPDU. Each transmitter can maintain a single PN (for example, a 48-bit counter) for each PTKSA and GTKSA. PN can be implemented as a strictly increasing integer 48-bit value, and it is initialized to 1 when the corresponding ephemeral key is initialized or refreshed.
在根據本發明的關於多鏈路操作中的 RSNA 金鑰更新的提出方案下,當 STA (例如,STA 110) 重新加密訊框以在相同鏈路或不同鏈路上進行重傳時,STA可以將CCMP或GCMP報頭中金鑰ID欄位的值設置為與第一次傳輸的MPDU的金鑰ID欄位的值相同。否則,由於不同金鑰ID的PN空間不同,重放檢測(replay detection)可能會遇到困難。 例示性實現方式 Under the proposed scheme for RSNA key update in multi-link operation according to the present invention, when a STA (e.g., STA 110) re-encrypts a frame for retransmission on the same link or a different link, the STA can use The value of the Key ID field in the CCMP or GCMP header is set to be the same as the value of the Key ID field in the first transmitted MPDU. Otherwise, replay detection may encounter difficulties due to different PN spaces for different key IDs. Exemplary Implementation
第11圖示出了根據本發明的實施方式的至少具有示例裝置1110和示例裝置1120的示例系統1100。裝置1110和裝置1120中的每一個可以執行各種功能以實現本文描述的與無線通信中多鏈路操作中的EHT FILS支持有關的方案、技術、過程和方法,包括參照上述各種提出的設計、思想、方案、系統和方法以及下面描述的過程的各種方案。例如,裝置1110可以是STA 110的示例實現方式,裝置1120可以是STA 120的示例實現方式。Figure 11 shows an
裝置1110和裝置1120中的每一個可以是電子裝置的一部分,電子裝置可以是STA或AP,例如可擕式或移動裝置、可穿戴裝置、無線通信裝置或計算裝置。例如,裝置1110和裝置1120中的每一個都可以在智慧型電話、智慧手錶、個人數位助理、數碼相機或諸如平板電腦、膝上型電腦或筆記本電腦的計算設備中實現。裝置1110和裝置1120中的每一個也可以是機器類型裝置的一部分,,機器型裝置可以是諸如不可移動或固定裝置的IoT裝置、家庭裝置、有線通信裝置或計算裝置。例如,裝置1110和裝置1120中的每一個都可以在智慧恒溫器、智慧冰箱、智慧門鎖、無線揚聲器或家庭控制中心中實現。當在網路裝置中實現或實現為網路裝置時,裝置1110和/或裝置1120可以在網路節點(例如WLAN中的AP)中實現。Each of device 1110 and device 1120 may be part of an electronic device, which may be a STA or AP, such as a portable or mobile device, a wearable device, a wireless communication device, or a computing device. For example, each of apparatus 1110 and apparatus 1120 may be implemented in a smartphone, smart watch, personal digital assistant, digital camera, or computing device such as a tablet, laptop, or notebook computer. Each of device 1110 and device 1120 may also be part of a machine type device, which may be an IoT device such as a non-removable or fixed device, a home device, a wired communication device, or a computing device. For example, each of device 1110 and device 1120 may be implemented in a smart thermostat, a smart refrigerator, a smart door lock, a wireless speaker, or a home control center. When implemented in or as a network device, device 1110 and/or device 1120 may be implemented in a network node (eg, an AP in a WLAN).
在一些實現方式中,裝置1110和裝置1120中的每一個可以以一個或多個積體電路(integrated-circuit,IC)晶片的形式實現,例如但不限於,一個或多個單核處理器、一個或多個多核處理器、一個或多個精簡指令集計算(reduced-instruction-set-computing,RISC)處理器或一個或多個複雜指令集計算(complex-instruction-set-computing,CISC)處理器。在上述各種方案中,裝置1110和裝置1120中的每一個都可以在STA或AP中實現或實現為STA或AP。裝置1110和裝置1120中的每一個可以分別包括第11圖中所示的那些元件中的至少一部分,例如處理器1112和處理器1122。裝置1110和裝置1120中的每一個還可以包括與本發明的所提出方案不相關的一個或多個其他元件(例如,內部電源、顯示裝置和/或使用者介面設備),並且因此,為了簡單和簡潔,裝置1110和裝置1120的這些元件均未在第11圖中示出。In some implementations, each of device 1110 and device 1120 may be implemented in the form of one or more integrated-circuit (IC) chips, such as, but not limited to, one or more single-core processors, One or more multicore processors, one or more reduced-instruction-set-computing (RISC) processors, or one or more complex-instruction-set-computing (CISC) processors device. In the foregoing various solutions, each of the apparatus 1110 and the apparatus 1120 may be implemented in or as an STA or an AP. Each of the apparatus 1110 and the apparatus 1120 may include at least some of those elements shown in FIG. 11 , such as a processor 1112 and a processor 1122 , respectively. Each of device 1110 and device 1120 may also include one or more other elements (e.g., an internal power supply, a display device, and/or a user interface device) that are not relevant to the proposed solution of the present invention, and thus, for the sake of simplicity and brevity, none of these elements of device 1110 and device 1120 are shown in FIG. 11 .
在一方面,處理器1112和處理器1122中的每一個可以以一個或多個單核處理器、一個或多個多核處理器、一個或多個RISC處理器、或者一個或更多CISC處理器的形式實現。也就是說,即使這裡使用單數術語“處理器”來指代處理器 1112 和處理器 1122,但處理器 1112 和處理器 1122 中的每一個在一些實現中可以包括多個處理器,在其他實現方式中可以包括單個處理器。在另一方面,處理器1112和處理器1122中的每一個均可以以硬體(以及可選地,固件)的形式實現,硬體具有的電子元件包括例如但不限於一個或多個電晶體、一個或多個二極體、一個或多個電容器、一個或多個電阻器、一個或多個電感器、被配置和佈置成實現特定目的的一個或多個憶阻器(memristors)和/或一個或多個變容二極體。換言之,在至少一些實施方式中,處理器1112和處理器1122中的每一個可以是專用器件,其被專門設計、佈置和配置成執行特定任務,特定任務包括根據本發明的各種實施方式的與無線通信中多鏈路操作中的EHT FILS支持有關的各種任務。In one aspect, each of processor 1112 and processor 1122 can be implemented as one or more single-core processors, one or more multi-core processors, one or more RISC processors, or one or more CISC processors form is realized. That is, even though the singular term "processor" is used herein to refer to processor 1112 and processor 1122, each of processor 1112 and processor 1122 may include multiple processors in some implementations and in other implementations. A single processor can be included in the mode. In another aspect, each of processor 1112 and processor 1122 may be implemented in the form of hardware (and optionally firmware) with electronic components including, for example but not limited to, one or more transistors , one or more diodes, one or more capacitors, one or more resistors, one or more inductors, one or more memristors configured and arranged to achieve a specific purpose, and/or or one or more varactor diodes. In other words, in at least some embodiments, each of processor 1112 and processor 1122 may be a special-purpose device that is specially designed, arranged, and configured to perform specific tasks, including specific tasks according to various embodiments of the present invention. EHT FILS supports various tasks related in multi-link operation in wireless communication.
在一些實現方式中,裝置1110還可以包括耦接至處理器1112的收發器1116。收發器1116可以無線地發送和接收資料。在一些實現方式中,裝置1120還可以包括耦接至處理器1122的收發器1126。收發器1126可以包括能夠無線發送和接收資料的收發器。裝置1110的收發器1116和裝置1120的收發器1126可以通過多個鏈路鏈路1~鏈路N中的一個或多個鏈路(例如第一鏈路和第二鏈路)彼此通信,其中N>1。In some implementations, the apparatus 1110 can also include a
在一些實現方式中,裝置1110可以進一步包括記憶體1114,其耦接到處理器1112並且能夠由處理器1112存取其中資料。在一些實現方式中,裝置1120還可以包括耦接到處理器1122並且能夠由處理器1122存取其中資料的記憶體1124。記憶體1114和記憶體1124中的每一個可以包括隨機存取記憶體(random-access memory,RAM),例如動態RAM(DRAM)、靜態RAM(SRAM)、晶閘管RAM(T-RAM)和/或零電容RAM(Z- RAM)。可替代地或另外地,記憶體1114和記憶體1124中的每一個可以包括唯讀記憶體(read-only memory,ROM),例如掩模ROM、可程式設計ROM(PROM)、可擦除可程式設計ROM(EPROM)和/或電可擦除可程式設計ROM(EEPROM)。替代地或附加地,記憶體1114和記憶體1124中的每一個可以包括非易失性隨機存取記憶體(non-volatile random-access memory,NVRAM),例如快閃記憶體、固態記憶體、鐵電RAM(FeRAM)、磁阻RAM(MRAM)和/或相變記憶體。In some implementations, the device 1110 may further include a
裝置1110和裝置1120中的每一個可以是能夠使用根據本發明的各種提出方案彼此通信的通信實體。出於說明性目的而非限制,下面描述了裝置1110(裝置1110作為STA 110,是受約束的非AP MLD)的能力和裝置1120(裝置1120作為STA 120,其可以是受約束的AP MLD)的能力。值得注意的是,雖然下面描述的示例實現是在WLAN的背景下提供的,但同樣可以在其他類型的網路中實現。Each of the device 1110 and the device 1120 may be a communication entity capable of communicating with each other using various proposed schemes according to the present invention. For illustrative purposes and not limitation, the following describes the capabilities of apparatus 1110 (apparatus 1110 as
在根據本發明的關於無線通信中的多鏈路操作中EHT FILS支持的提出方案下,分別在非AP STA MLD和AP MLD中實現的裝置1110的處理器1112和裝置1120的處理器1122中的每一個,可以執行FILS過程以在多個鏈路上在AP MLD和非AP STA MLD之間建立無線通信。此外,在FILS過程完成後,裝置1110的處理器1112和裝置1120的處理器1122中的每一個,可以在多個鏈路中的一個或多個鏈路上進行通信。Under the proposed scheme concerning EHT FILS support in multi-link operation in wireless communication according to the present invention, in the processor 1112 of the device 1110 and the processor 1122 of the device 1120 respectively implemented in the non-AP STA MLD and the AP MLD Each, a FILS procedure may be performed to establish wireless communication between the AP MLD and the non-AP STA MLD over multiple links. Additionally, each of processor 1112 of device 1110 and processor 1122 of device 1120 may communicate over one or more of the plurality of links after the FILS process is complete.
在一些實現方式中,在FILS過程中發送的FILS發現訊框可以指示AP MLD的SSID是否與AP MLD中的多個AP中發送FILS發現訊框的AP的SSID不同。In some implementations, the FILS discovery frame sent during the FILS process may indicate whether the SSID of the AP MLD is different from the SSID of the AP that sent the FILS discovery frame among the APs in the AP MLD.
在一些實現方式中,FILS 發現訊框的FILS 發現資訊(Discovery Information)欄位中的FD 能力(Capability)子欄位中的多鏈路存在指示符(Multiple Links Presence Indicator)子欄位被設置為1,以指示AP MLD的SSID不同於AP MLD中的多個AP中發送FILS發現訊框的AP的SSID。在一些實現方式中,在多鏈路存在指示符子欄位被設置為1的情況下,FILS發現資訊欄位還可以包括短MLD SSID(Short MLD SSID)子欄位,該短MLD SSID子欄位包含AP MLD的4個八位元組(4-octet)短SSID。In some implementations, the Multiple Links Presence Indicator (Multiple Links Presence Indicator) subfield in the FD Capability (Capability) subfield of the FILS Discovery Information (Discovery Information) field of the FILS discovery frame is set to 1, to indicate that the SSID of the AP MLD is different from the SSID of the AP sending the FILS discovery frame among multiple APs in the AP MLD. In some implementations, when the multi-link presence indicator subfield is set to 1, the FILS discovery information field may further include a short MLD SSID (Short MLD SSID) subfield, the short MLD SSID subfield The bits contain the 4-octet short SSID of the AP MLD.
在一些實現方式中,在執行FILS過程時,在非AP STA MLD中實現的處理器1112可以通過以下方式通過HLP封裝執行關聯或重新關聯過程:(a)構建FILS HLP容器(Container)元素以形成HLP封包;(b) 在關聯或重新關聯請求訊框中向 AP MLD 發送 FILS HLP 容器元素。在一些實現方式中,FILS HLP容器元素可以包括目的地MAC地址、源MAC地址和MSDU格式的HLP封包。此外,源MAC地址可以包括或者可以是非AP STA MLD的MLD MAC地址。In some implementations, when executing the FILS process, the processor 1112 implemented in the non-AP STA MLD can perform the association or re-association process through HLP encapsulation in the following manner: (a) construct the FILS HLP container (Container) element to form HLP packet; (b) Send the FILS HLP container element to the AP MLD in an Association or Reassociation Request frame. In some implementations, a FILS HLP container element may include a destination MAC address, a source MAC address, and an HLP packet in MSDU format. Additionally, the source MAC address may include or may be the MLD MAC address of the non-AP STA MLD.
在一些實現方式中,在執行FILS過程時,在AP MLD中實施的處理器1122可以通過以下方式接收和解封裝HLP封包:(a)從FILS HLP 容器元素提取目的地MAC地址、源MAC地址和HLP封包;(b)確定所提取的源MAC地址和與關聯或重新關聯請求訊框的源MAC地址相關聯的非AP STA MLD的MLD MAC地址是否相匹配;(c)回應於確定所提取的源 MAC 地址與非 AP STA MLD 的 MLD MAC 地址相匹配:(i)構建包含 HLP 封包的訊框;(ii)將該訊框傳送到上游網路或 BSS。此外,回應於確定所提取的源MAC地址與非AP STA MLD的MLD MAC地址不匹配,處理器1122可以丟棄FILS HLP容器元素。In some implementations, when performing a FILS process, the processor 1122 implemented in the AP MLD can receive and decapsulate the HLP packet by: (a) extracting the destination MAC address, source MAC address, and HLP packet from the FILS HLP container element packet; (b) determine whether the extracted source MAC address matches the MLD MAC address of the non-AP STA MLD associated with the source MAC address of the association or re-association request frame; (c) respond to determining the extracted source MAC address The MAC address matches the MLD MAC address of the non-AP STA MLD: (i) builds a frame containing the HLP packet; (ii) transmits the frame to the upstream network or BSS. Further, processor 1122 may discard the FILS HLP container element in response to determining that the extracted source MAC address does not match the MLD MAC address of the non-AP STA MLD.
在一些實現方式中,在執行FILS過程時,分別在非AP STA MLD和AP MLD中實現的裝置1110的處理器1112和裝置1120的處理器1122中的每一個,可以在多個鏈路上通過AP MLD中的多個AP和非AP STA MLD中的多個STA,使用多個鏈路的一個公開金鑰執行認證過程。在一些實現方式中,AP MLD中的多個AP中的Diffie-Hellman值在多個鏈路上可以是公共的。類似地,非AP STA MLD中的多個STA中的Diffie-Hellman值可以在多個鏈路中是公共的。In some implementations, when performing the FILS process, each of the processor 1112 of the device 1110 and the processor 1122 of the device 1120 respectively implemented in the non-AP STA MLD and the AP MLD may pass the AP Multiple APs in the MLD and non-AP STAs Multiple STAs in the MLD perform authentication procedures using one public key for multiple links. In some implementations, Diffie-Hellman values among multiple APs in an AP MLD may be common across multiple links. Similarly, Diffie-Hellman values among multiple STAs in the non-AP STA MLD may be common across multiple links.
在一些實現方式中,在執行FILS過程中,分別在非AP STA MLD和AP MLD中實現的處理器1112和處理器1122中的每一個,可以使用PMK和PMKID來執行認證過程。在一些實現方式中,可以使用與AP MLD和非AP STA MLD相關的MLD級資訊來生成PMK和PMKID中的每一個。In some implementations, in performing the FILS process, each of processor 1112 and processor 1122 implemented in the non-AP STA MLD and AP MLD, respectively, may use the PMK and PMKID to perform the authentication process. In some implementations, each of the PMK and PMKID may be generated using MLD-level information related to the AP MLD and the non-AP STA MLD.
在一些實現方式中,在執行FILS過程中,在非AP STA MLD中實現的處理器1112可以通過以下方式來執行認證過程:(a)通過以下方式生成認證訊框:(i)對非AP STA MLD的MLD MAC地址進行編碼,該MLD MAC地址是多個鏈路中一個或多個支持的鏈路的每個鏈路的WM MAC地址;(ii) 在認證訊框的多鏈路地址元素中包含編碼的 MAC 地址;(b)向AP MLD 發送認證訊框。In some implementations, during the execution of FILS, the processor 1112 implemented in the non-AP STA MLD may perform the authentication process by: (a) generating an authentication frame by: (i) for the non-AP STA The MLD MAC address of the MLD, which is the WM MAC address of each link of one or more supported links in the multiple links; (ii) in the multilink address element of the authentication frame Contains the encoded MAC address; (b) sends an authentication frame to the AP MLD.
在一些實現方式中,在執行FILS程式中,在AP MLD中實現的處理器1122可以通過以下方式執行認證過程:(a)通過以下方式生成認證訊框:(i)編碼AP MLD的MLD MAC地址,該MLD MAC地址是多個鏈路中的一個或多個支持的鏈路的每個鏈路的WM MAC地址;(ii) 在認證訊框的多鏈路地址元素中包含編碼的 MAC 地址;(b) 向非 AP STA MLD 發送認證訊框。In some implementations, in executing the FILS program, the processor 1122 implemented in the AP MLD may perform the authentication process by: (a) generating an authentication frame by: (i) encoding the MLD MAC address of the AP MLD , the MLD MAC address is the WM MAC address of each of one or more supported links in the plurality of links; (ii) includes the encoded MAC address in the multilink address element of the authentication frame; (b) Send an authentication frame to the non-AP STA MLD.
在一些實現方式中,在執行FILS過程時,在AP MLD中實現的處理器1122可以通過以下方式執行關聯或重新關聯過程:(a)通過構建金鑰傳送元素來生成關聯或重新關聯回應訊框,其中該金鑰傳送元素指示:(i) 與多個鏈路中的每個鏈路相關聯的當前GTK和金鑰 RSC,(ii) 在管理訊框保護被啟用的情況下與多個鏈路中的每個鏈路相關聯的當前IGTK和 IPN,以及(iii)在信標保護被啟用的情況下與多個鏈路中的每個鏈路相關聯的當前BIGTK和BIPN;(b) 向非 AP STA MLD 發送關聯或重新關聯回應訊框。在一些實現方式中,金鑰傳送元素可以包含KDE清單欄位,該KDE列表欄位包括多鏈路GTK KDE、多鏈路IGTK KDE和與多個鏈路中的發送金鑰傳送元素的一個或多個鏈路中的每個鏈路相關聯的多鏈路BIGTK KDE。In some implementations, when performing the FILS process, the processor 1122 implemented in the AP MLD may perform the association or re-association process by: (a) generating an association or re-association response frame by constructing a key transfer element , where the key transfer element indicates: (i) the current GTK and key RSC associated with each of the multiple links, (ii) the the current IGTK and IPN associated with each link in the road, and (iii) the current BIGTK and BIPN associated with each of the multiple links if beacon protection is enabled; (b) Send an Association or Re-Association Response frame to the non-AP STA MLD. In some implementations, the key transfer element may contain a KDE list field that includes a multi-link GTK KDE, a multi-link IGTK KDE, and one or more A multilink BIGTK KDE associated with each of the multiple links.
在一些實現方式中,多鏈路GTK KDE可以包括:(i)指示GTK金鑰識別字的值的金鑰ID欄位,(ii)指示用於發送GTK的鏈路的發送欄位(Transmit field),(iii)指示要安裝GTK的鏈路的鏈路ID欄位,以及(iv)金鑰RSC欄位,該金鑰RSC欄位包含在鏈路ID欄位所指示鏈路上安裝的GTK的RSC。在一些實現方式中,對於支援相同金鑰識別字的AP MLD和非AP STA MLD,GTK金鑰識別字可以是MLD級的(MLD-level)。In some implementations, the multi-link GTK KDE may include: (i) a Key ID field indicating the value of the GTK key identifier, (ii) a Transmit field indicating the link used to transmit the GTK ), (iii) a link ID field indicating the link on which GTK is to be installed, and (iv) a key RSC field containing the ID of the GTK installed on the link indicated by the link ID field RSC. In some implementations, for an AP MLD and a non-AP STA MLD that support the same key identifier, the GTK key identifier may be MLD-level.
在一些實現方式中,多鏈路IGTK KDE可以包括:(i)指示IGTK金鑰識別字的值的金鑰ID欄位,(ii)鏈路ID欄位,指示將在其上安裝IGTK的鏈路, (iii) IPN欄位,其對應于在鏈路ID欄位指示的鏈路上發送器使用的最後一個封包號碼,並且該最後一個封包號碼被接收器用作IGTK的BIP重放計數器(replay counter)的初始值。在一些實現方式中,對於支援相同金鑰識別字的AP MLD和非AP STA MLD,IGTK金鑰識別字可以是MLD級的。In some implementations, a multi-link IGTK KDE may include: (i) a key ID field indicating the value of the IGTK key identifier, (ii) a link ID field indicating on which IGTK will be installed TK's link, (iii) IPN field, which corresponds to the last packet number used by the sender on the link indicated by the link ID field, and this last packet number is used by the receiver as the BIP replay counter for IGTK (replay counter) initial value. In some implementations, the IGTK key identifier may be at MLD level for AP MLD and non-AP STA MLD that support the same key identifier.
在一些實現方式中,多鏈路BIGTK KDE可以包括:(i)指示BIGTK金鑰識別字的值的金鑰ID欄位,(ii) 鏈路ID欄位,指示將在其上安裝BIGTK的鏈路, (iii) BIPN欄位,其對應于在鏈路ID欄位指示的鏈路上最後一個受保護的信標訊框的MME中攜帶的BIPN值,並且該BIPN值被接收器用作BIGTK的BIP重放計數器(replay counter)的初始值。在一些實現方式中,對於支援相同金鑰識別字的AP MLD和非AP STA MLD,BIGTK金鑰識別字可以是MLD級的。In some implementations, a multi-link BIGTK KDE may include: (i) a key ID field indicating the value of the BIGTK key identifier, (ii) a link ID field indicating on which BIGTK will be installed TK's link, (iii) BIPN field, which corresponds to the BIPN value carried in the MME of the last protected beacon frame on the link indicated by the link ID field, and this BIPN value is used by the receiver as The initial value of the BIP replay counter of BIGTK. In some implementations, the BIGTK key identifier may be at MLD level for AP MLD and non-AP STA MLD that support the same key identifier.
在一些實現方式中,在通信中,處理器1112和處理器1122中的每一個分別經由收發器1116或收發器1126發送或接收重傳的訊框,該重傳的訊框的CCMP或GCMP報頭中的金鑰ID欄位等於第一次傳輸的 MPDU 的金鑰 ID 欄位。
例示性過程
In some implementations, in communication, each of processor 1112 and processor 1122 sends or receives a retransmitted frame via
第12圖示出了根據本發明的實現方式的示例過程1200。過程1200可以表示實現上述提出的各種設計、概念、方案、系統和方法的一個方面。更具體地,過程1200可以表示根據本發明的與無線通信中多鏈路操作中的EHT FILS支持有關的所提出的多種概念和方案的一個方面。過程1200可以包括如框1210和1220中的一個或多個所示的一個或多個操作、動作或功能。儘管被示出為離散的框,根據所需的實現方式,過程1200的各個框可以被劃分為附加的框、組合成更少的框或者被取消。此外,過程1200的框可以按照第12圖中所示的循序執行,或者,可以按照不同的循序執行。此外,過程1200的框/子框中的一個或一個可以重複或反覆運算地執行。過程1200可以由裝置1110和裝置1120或其任何變型來實施或在裝置1110和裝置1120中實現。僅出於說明性目的而非限制,以下在裝置1110作為無線網路(例如,符合一項或多項 IEEE 802.11 標準的 WLAN)的STA 110(例如,STA或AP)和裝置1120作為STA 120(例如,同級STA或AP)的背景下描述過程1200。過程1200可以在框1210處開始。Figure 12 shows an
在1210,過程1200可以涉及分別在非AP STA MLD和AP MLD中實現的裝置1110和裝置1120中的每一個,執行FILS過程以在多個鏈路上在AP MLD和非AP STA MLD之間建立無線通信。過程1200可以從框1210 進行到框1220。At 1210,
在1220,過程1200可以涉及裝置1110和裝置1120中的每一個在完成FILS過程後在多個鏈路中的一個或多個鏈路上進行通信。At 1220,
在一些實現方式中,在FILS過程中發送的FILS發現訊框可以指示AP MLD的SSID是否與AP MLD中的多個AP中發送FILS發現訊框的AP的SSID不同。In some implementations, the FILS discovery frame sent during the FILS process may indicate whether the SSID of the AP MLD is different from the SSID of the AP that sent the FILS discovery frame among the APs in the AP MLD.
在一些實現方式中,FILS 發現訊框的FILS 發現資訊(Discovery Information)欄位中的FD 能力(Capacity)子欄位中的多鏈路存在指示符(Multiple Links Presence Indicator)子欄位被設置為1,以指示AP MLD的SSID不同於AP MLD中的多個AP中發送FILS發現訊框的AP的SSID。在一些實現方式中,在多鏈路存在指示符子欄位被設置為1的情況下,FILS發現資訊欄位還可以包括短MLD SSID(Short MLD SSID)子欄位,該短MLD SSID子欄位包含AP MLD的4個八位元組(4-octet)短SSID。In some implementations, the Multiple Links Presence Indicator (Multiple Links Presence Indicator) subfield in the FD Capability (Capacity) subfield in the FILS Discovery Information (Discovery Information) field of the FILS discovery frame is set to 1, to indicate that the SSID of the AP MLD is different from the SSID of the AP sending the FILS discovery frame among multiple APs in the AP MLD. In some implementations, when the multi-link presence indicator subfield is set to 1, the FILS discovery information field may further include a short MLD SSID (Short MLD SSID) subfield, the short MLD SSID subfield The bits contain the 4-octet short SSID of the AP MLD.
在一些實現方式中,在執行FILS過程時,過程1200可以涉及非AP STA MLD可以通過以下方式通過HLP封裝執行關聯或重新關聯過程:(a)構建FILS HLP容器(Container)元素以形成HLP封包;(b)在關聯或重新關聯請求訊框中向 AP MLD 發送 FILS HLP 容器元素。在一些實現方式中,FILS HLP容器元素可以包括目的地MAC地址、源MAC地址和MSDU格式的HLP封包。此外,源MAC地址可以包括或者可以是非AP STA MLD的MLD MAC地址。In some implementations, when performing the FILS process, the
在一些實現方式中,在執行FILS過程時,過程1200還可以涉及AP MLD可以通過以下方式接收和解封裝HLP封包:(a)從FILS HLP 容器元素提取目的地MAC地址、源MAC地址和HLP封包;(b)確定所提取的源MAC地址和與關聯或重新關聯請求訊框的源MAC地址相關聯的非AP STA MLD的MLD MAC地址是否相匹配;(c) 回應於確定所提取的源 MAC 地址與非 AP STA MLD 的 MLD MAC 地址相匹配:(i) 構建包含 HLP 封包的訊框;(ii) 將該訊框傳送到上游網路或 BSS。此外,過程1200還可以涉及回應於確定所提取的源MAC地址與非AP STA MLD的MLD MAC地址不匹配,丟棄FILS HLP容器元素。In some implementations, when performing the FILS process, the
在一些實現方式中,在執行FILS過程時,過程1200可以涉及裝置1110和裝置1120中的每一個可以在多個鏈路上通過AP MLD中的多個AP和非AP STA MLD中的多個STA,使用多個鏈路的一個公開金鑰執行認證過程。在一些實現方式中,AP MLD中的多個AP中的Diffie-Hellman值在多個鏈路上可以是公共的。類似地,非AP STA MLD中的多個STA中的Diffie-Hellman值可以在多個鏈路中是公共的。In some implementations, when performing the FILS process,
在一些實現方式中,在執行FILS過程中,過程1200可以涉及裝置1110和裝置1120中的每一個可以使用PMK和PMKID來執行認證過程。在一些實現方式中,可以使用與AP MLD和非AP STA MLD相關的MLD級(MLD-level)資訊來生成PMK和PMKID中的每一個。In some implementations, in performing a FILS process,
在一些實現方式中,在執行FILS過程中,過程1200可以涉及在非AP STA MLD中實現的裝置1110可以通過以下方式來執行認證過程:(a)通過以下方式生成認證訊框:(i)對非AP STA MLD的MLD MAC地址進行編碼,該MLD MAC地址是多個鏈路中一個或多個支持的鏈路的每個鏈路的WM MAC地址;(ii) 在認證訊框的多鏈路地址元素中包含編碼的 MAC 地址;(b) 向AP MLD 發送認證訊框。In some implementations, in performing the FILS process, the
在一些實現方式中,在執行FILS程式中,過程1200可以涉及在AP MLD中實現的裝置1120可以通過以下方式執行認證過程:(a)通過以下方式生成認證訊框:(i)編碼AP MLD的MLD MAC地址,該MLD MAC地址是多個鏈路中的一個或多個支持的鏈路的每個鏈路的WM MAC地址;(ii) 在認證訊框的多鏈路地址元素中包含編碼的 MAC 地址;(b) 向非 AP STA MLD 發送認證訊框。In some implementations, in executing a FILS program,
在一些實現方式中,在執行FILS過程時,過程1200可以涉及在AP MLD中實現的裝置1120可以通過以下方式執行關聯或重新關聯過程:(a)通過構建金鑰傳送元素來生成關聯或重新關聯回應訊框,其中該金鑰傳送元素指示:(i) 與多個鏈路中的每個鏈路相關聯的當前 GTK 和金鑰 RSC,(ii) 在管理訊框保護被啟用的情況下與多個鏈路中的每個鏈路相關聯的當前 IGTK 和 IPN,以及(iii)在信標保護被啟用的情況下與多個鏈路中的每個鏈路相關聯的當前BIGTK和BIPN;(b) 向非 AP STA MLD 發送關聯或重新關聯回應訊框。在一些實現方式中,金鑰傳送元素可以包含KDE清單欄位,該KDE列表欄位包括多鏈路GTK KDE、多鏈路IGTK KDE和與多個鏈路中發送金鑰傳送元素的一個或多個鏈路中的每個鏈路相關聯的多鏈路BIGTK KDE。In some implementations, when performing a FILS process,
在一些實現方式中,多鏈路GTK KDE可以包括:(i)指示GTK金鑰識別字的值的金鑰ID欄位,(ii)發送欄位(Transmit field),用於指示在其上發送GTK的鏈路,(iii)鏈路ID欄位,用於指示將要在其上安裝GTK的鏈路,以及(iv)金鑰RSC欄位,該金鑰RSC欄位包含在鏈路ID欄位所指示鏈路上安裝的GTK的RSC。在一些實現方式中,對於支援相同金鑰識別字的AP MLD和非AP STA MLD,GTK金鑰識別字可以是MLD級的(MLD-level)。In some implementations, the multi-link GTK KDE may include: (i) a key ID field indicating the value of the GTK key identifier, (ii) a Transmit field indicating on which to transmit GTK's link, (iii) link ID field to indicate the link on which GTK is to be installed, and (iv) key RSC field contained in the link ID field RSC for GTK installed on the indicated link. In some implementations, for an AP MLD and a non-AP STA MLD that support the same key identifier, the GTK key identifier may be MLD-level.
在一些實現方式中,多鏈路IGTK KDE可以包括:(i)指示IGTK金鑰識別字的值的金鑰ID欄位,(ii)鏈路ID欄位,指示將在其上安裝IGTK的鏈路, (iii) IPN欄位,其對應于在鏈路ID欄位指示的鏈路上發送器使用的最後一個封包號碼,並且該最後一個封包號碼被接收器用作IGTK的BIP重放計數器(replay counter)的初始值。在一些實現方式中,對於支援相同金鑰識別字的AP MLD和非AP STA MLD,IGTK金鑰識別字可以是MLD級的。In some implementations, a multi-link IGTK KDE may include: (i) a key ID field indicating the value of the IGTK key identifier, (ii) a link ID field indicating on which IGTK will be installed TK's link, (iii) IPN field, which corresponds to the last packet number used by the sender on the link indicated by the link ID field, and this last packet number is used by the receiver as the BIP replay counter for IGTK (replay counter) initial value. In some implementations, the IGTK key identifier may be at MLD level for AP MLD and non-AP STA MLD that support the same key identifier.
在一些實現方式中,多鏈路BIGTK KDE可以包括:(i)指示BIGTK金鑰識別字的值的金鑰ID欄位,(ii) 鏈路ID欄位,指示將在其上安裝BIGTK的鏈路, (iii) BIPN欄位,其對應于在鏈路ID欄位指示的鏈路上最後一個受保護的信標訊框的MME中攜帶的BIPN值,並且該BIPN值被接收器用作BIGTK的BIP重放計數器(replay counter)的初始值。在一些實現方式中,對於支援相同金鑰識別字的AP MLD和非AP STA MLD,BIGTK金鑰識別字可以是MLD級的。In some implementations, a multi-link BIGTK KDE may include: (i) a key ID field indicating the value of the BIGTK key identifier, (ii) a link ID field indicating on which BIGTK will be installed TK's link, (iii) BIPN field, which corresponds to the BIPN value carried in the MME of the last protected beacon frame on the link indicated by the link ID field, and this BIPN value is used by the receiver as The initial value of the BIP replay counter of BIGTK. In some implementations, the BIGTK key identifier may be at MLD level for AP MLD and non-AP STA MLD that support the same key identifier.
在一些實現方式中,在通信中,過程1200可以涉及裝置1110和裝置1120中的每一個發送或接收重傳的訊框,該重傳的訊框的CCMP或GCMP報頭中的金鑰ID欄位等於第一次傳輸的 MPDU 的金鑰 ID 欄位。
補充說明
In some implementations, in communication,
本文中所描述的主題有時例示了包含在不同的其它部件之內或與其連接的不同部件。要理解的是,這些所描繪架構僅是示例,並且實際上能夠實施實現相同功能的許多其它架構。在概念意義上,實現相同功能的部件的任意佈置被有效地“關聯”成使得期望之功能得以實現。因此,獨立於架構或中間部件,本文中被組合為實現特定功能之任何兩個部件能夠被看作彼此“關聯”成使得期望之功能得以實現。同樣,如此關聯之任何兩個部件也能夠被視為彼此“在操作上連接”或“在操作上耦接”,以實現期望功能,並且能夠如此關聯的任意兩個部件還能夠被視為彼此“在操作上可耦接”,以實現期望的功能。在操作在可耦接之特定示例包括但不限於物理上能配套和/或物理上交互的部件和/或可無線地交互和/或無線地交互的部件和/或邏輯上交互和/或邏輯上可交互的部件。The herein described subject matter sometimes illustrates different components contained within, or connected with, various other components. It is to be understood that these depicted architectures are examples only, and that in fact many other architectures can be implemented which achieve the same functionality. In a conceptual sense, any arrangement of components to achieve the same functionality is effectively "associated" such that the desired functionality is achieved. Hence, any two components herein combined to achieve a particular functionality can be seen as "associated with" each other such that the desired functionality is achieved, independent of architectures or intermediary components. Likewise, any two components so associated can also be viewed as being "operably connected" or "operably coupled" to each other to achieve the desired functionality, and any two components capable of being so associated can also be viewed as being "operably coupled" to each other. "Operationally coupleable" to achieve the desired functionality. Specific examples of operatively coupleable components include, but are not limited to, physically matable and/or physically interacting components and/or wirelessly interactable and/or wirelessly interacting components and/or logically interacting and/or logically interactive components.
此外,關於本文中任何複數和/或單數術語的大量使用,本領域習知技藝者可針對上下文和/或應用按需從複數轉化為單數和/或從單數轉化為複數。為了清楚起見,本文中可以明確地闡述各種單數/複數互易。Furthermore, with regard to the substantial use of any plural and/or singular terms herein, one skilled in the art may convert from plural to singular and/or from singular to plural as appropriate to the context and/or application. For the sake of clarity, various singular/plural reciprocities may be explicitly set forth herein.
另外,本領域技術人員將理解,通常,本文中所用的術語且尤其是在所附的申請專利範圍(例如,所附的申請專利範圍的主體)中所使用的術語通常意為“開放”術語,例如,術語“包含”應被解釋為“包含但不限於”,術語“具有”應被解釋為“至少具有”,術語“包括”應解釋為“包括但不限於”,等等。本領域習知技藝者還將理解,如果引入的申請專利範圍列舉的特定數目是有意的,則這種意圖將在申請專利範圍中明確地列舉,並且在這種列舉不存在時不存在這種意圖。例如,作為理解的幫助,所附的申請專利範圍可以包含引入申請專利範圍列舉的引入性短語“至少一個”和“一個或更多個”的使用。然而,這種短語的使用不應該被解釋為暗示申請專利範圍列舉通過不定冠詞“一”或“一個”的引入將包含這種所引入的申請專利範圍列舉的任何特定申請專利範圍限制於只包含一個這種列舉的實現方式,即使當同一申請專利範圍包括引入性短語“一個或更多”或“至少一個”以及諸如“一”或“一個”這樣的不定冠詞(例如,“一和/或一個”應被解釋為意指“至少一個”或“一個或更多個”)時,這同樣適用於用來引入申請專利範圍列舉的定冠詞的使用。另外,即使明確地列舉了特定數量的所引入的申請專利範圍列舉,本領域技術人員也將認識到,這種列舉應被解釋為意指至少所列舉的數量(例如,在沒有其它的修飾語的情況下,“兩個列舉”的無遮蔽列舉意指至少兩個列舉或者兩個或更多個列舉)。此外,在使用類似於“A、B和C中的至少一個等”的慣例的那些情況下,在本領域技術人員將理解這個慣例的意義上,通常意指這種解釋(例如,“具有A、B和C中的至少一個的系統”將包括但不限於單獨具有A、單獨具有B、單獨具有C、一同具有A和B、一同具有A和C、一同具有B和C和/或一同具有A、B和C等的系統)。在使用類似於“A、B或C等中的至少一個”的慣例的那些情況下,在本領域技術人員將理解這個慣例的意義上,通常意指這樣的解釋(例如,“具有A、B或C中至少一個的系統”將包括但不限於單獨具有A、單獨具有B、單獨具有C、一同具有A和B、一同具有A和C、一同具有B和C、和/或一同具有A、B和C等的系統)。本領域技術人員還將理解,無論在說明書、申請專利範圍還是附圖中,實際上呈現兩個或更多個另選的項的任何轉折詞語和/或短語應當被理解為構想包括這些項中的一個、這些項中的任一個或者這兩項的可能性。例如,短語“A或B”將被理解為包括“A”或“B”或“A和B”的可能性。Additionally, those skilled in the art will understand that terms used herein, and especially in the appended claims (eg, the subject of the appended claims), generally mean "open" terms For example, the term "comprising" should be interpreted as "including but not limited to", the term "having" should be interpreted as "having at least", the term "comprising" should be interpreted as "including but not limited to", and so on. Those skilled in the art will also understand that if a specific number of an incorporated claim recitation is intended, such intent will be expressly recited in the claim, and no such recitation is present in the absence of such recitation. intention. For example, as an aid to understanding, the appended claims may contain usage of the introductory phrases "at least one" and "one or more" to introduce the claims' recitations. However, use of such phrases should not be construed to imply that the introduction of a claim list by the indefinite article "a" or "an" limits any particular claim containing such an introduced claim list to only includes one such enumerated implementation even when the same claim includes the introductory phrase "one or more" or "at least one" and an indefinite article such as "a" or "an" (e.g., "a and /or a" shall be construed to mean "at least one" or "one or more"), the same applies to the use of the definite article used to introduce a claim enumeration. In addition, even if a specific number of an incorporated claim recitation is expressly recited, those skilled in the art will recognize that such a recitation should be construed to mean at least that recited number (e.g., in the absence of other modifiers In the case of , an unambiguous listing of "two listings" means at least two listings or two or more listings). Furthermore, where a convention similar to "at least one of A, B, and C, etc." is used, such an interpretation is generally intended in the sense that one skilled in the art would understand this convention (e.g., "has A , B, and C" would include, but not limited to, A alone, B alone, C alone, A and B together, A and C together, B and C together, and/or A, B, and C, etc. system). In those cases where a convention similar to "at least one of A, B, or C, etc." is used, such an interpretation is generally intended in the sense that those skilled in the art will understand the convention (e.g., "has A, B, etc. or C" will include, but not limited to, A alone, B alone, C alone, A and B together, A and C together, B and C together, and/or A together, systems of B and C, etc.). Those skilled in the art will also understand that any transitional word and/or phrase that actually presents two or more alternative items, whether in the specification, claims, or drawings, should be construed as contemplating the inclusion of those items. one, either, or both of these items. For example, the phrase "A or B" will be understood to include the possibilities of "A" or "B" or "A and B."
根據上述內容,將領會的是,本文中已經為了例示目的而描述了本發明的各種實現方式,並且可以在不脫離本發明範圍和精神的情況下進行各種修改。因此,本文中所公開的各種實現方式不旨在是限制性的,真正的範圍和精神由所附申請專利範圍指示。From the foregoing it will be appreciated that various implementations of the invention have been described herein for purposes of illustration and that various modifications may be made without departing from the scope and spirit of the invention. Accordingly, the various implementations disclosed herein are not intended to be limiting, with the true scope and spirit being indicated by the appended claims.
100: 網路環境
110, 120: STA
200: FILS發現訊框
300: FD能力子欄位
400: FILS公開金鑰元素
500: 金鑰傳送(Key Delivery)元素
600: 多鏈路GTK KDE元素
700: 多鏈路IGTK KDE元素
800: 多鏈路BIGTK KDE元素
900: RSN能力欄位
1000: 場景
1100: 示例系統
1110, 1120: 裝置
1112,1122: 處理器
1116, 1126: 收發器
1114, 1124: 記憶體
1200: 示例過程
1210, 1220: 框
100:
在附圖的圖中,通過示例而非限制的方式示出了本發明,在附圖中,相似的附圖標記指示相似的元件。當結合某實施例描述特定的特徵、結構或特性時,應當認為,結合其他實施例來實現這樣的特徵、結構或特性屬於本領域習知技藝者的知識範圍,不論是否沒有明確指示。 第1圖例示了示例網路環境,其中可以實現根據本發明的各種解決方法和方案。 第2圖例示了在根據本發明的所提出方案下FILS發現訊框的示例設計。 第3圖例示了在根據本發明所提出方案下的FD能力子欄位的示例設計。 第4圖例示了在所提出的方案下的FILS公開金鑰元素的示例設計。 第5圖例示了在根據本發明的所提出方案下的金鑰傳送(Key Delivery)元素的示例設計。 第6圖例示了在根據本發明的所提出方案下的多鏈路GTK KDE元素的示例設計。 第7圖示出了在根據本發明的所提出方案下的多鏈路IGTK KDE元素的示例設計。 第8圖例示了在根據本發明的所提出方案下的多鏈路BIGTK KDE元素的示例設計。 第9圖例示了在根據本發明的所提出方案下強健安全網路(Robust Security Network,RSN)能力欄位(Capabilities field)的示例設計。 第10圖示出了在所提出的方案下的RSNA金鑰更新(rekeying)的示例場景。 第11圖示出了根據本發明的實施方式的的示例通信系統。 第12圖示出了根據本發明的實現方式的示例過程。 The invention is shown by way of example and not limitation in the figures of the drawings, in which like reference numerals indicate like elements. When a particular feature, structure or characteristic is described in conjunction with an embodiment, it should be considered that it is within the knowledge of those skilled in the art to implement such feature, structure or characteristic in combination with other embodiments, whether or not explicitly stated otherwise. Figure 1 illustrates an example network environment in which various solutions and schemes according to the present invention can be implemented. Fig. 2 illustrates an example design of a FILS discovery frame under the proposed scheme according to the present invention. Fig. 3 illustrates an example design of the FD capability subfield under the proposed scheme according to the present invention. Fig. 4 illustrates an example design of a FILS public key element under the proposed scheme. Fig. 5 illustrates an example design of a Key Delivery element under the proposed scheme according to the present invention. Fig. 6 illustrates an example design of a multi-link GTK KDE element under the proposed scheme according to the present invention. Fig. 7 shows an example design of a multi-link IGTK KDE element under the proposed scheme according to the present invention. Fig. 8 illustrates an example design of a multi-link BIGTK KDE element under the proposed scheme according to the present invention. FIG. 9 illustrates an example design of a Robust Security Network (RSN) capability field (Capabilities field) under the proposed scheme according to the present invention. Figure 10 shows an example scenario of RSNA key rekeying under the proposed scheme. Figure 11 shows an example communication system according to an embodiment of the present invention. Figure 12 illustrates an example process in accordance with an implementation of the invention.
1200: 示例過程
1210, 1220: 框
1200:
Claims (20)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/325,788 US11924911B2 (en) | 2020-05-22 | 2021-05-20 | Extreme-high-throughput fast initial link setup support in multi-link operation in wireless communications |
US17/325,788 | 2021-05-20 |
Publications (2)
Publication Number | Publication Date |
---|---|
TW202247695A TW202247695A (en) | 2022-12-01 |
TWI794881B true TWI794881B (en) | 2023-03-01 |
Family
ID=84060292
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW110125799A TWI794881B (en) | 2021-05-20 | 2021-07-14 | Wireless communication method and apparatus for multi-link |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN115379589A (en) |
TW (1) | TWI794881B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW202110265A (en) * | 2019-07-12 | 2021-03-01 | 美商高通公司 | Multi-link communication |
CN112449376A (en) * | 2019-09-05 | 2021-03-05 | 苹果公司 | System and method for enhanced high throughput (ehT) station |
US20210120599A1 (en) * | 2020-03-12 | 2021-04-22 | Laurent Cariou | Apparatus, system and method of communicating a multi-link element |
-
2021
- 2021-07-13 CN CN202110789316.3A patent/CN115379589A/en active Pending
- 2021-07-14 TW TW110125799A patent/TWI794881B/en active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW202110265A (en) * | 2019-07-12 | 2021-03-01 | 美商高通公司 | Multi-link communication |
TW202110267A (en) * | 2019-07-12 | 2021-03-01 | 美商高通公司 | Multi-link communication |
CN112449376A (en) * | 2019-09-05 | 2021-03-05 | 苹果公司 | System and method for enhanced high throughput (ehT) station |
US20210120599A1 (en) * | 2020-03-12 | 2021-04-22 | Laurent Cariou | Apparatus, system and method of communicating a multi-link element |
Also Published As
Publication number | Publication date |
---|---|
TW202247695A (en) | 2022-12-01 |
CN115379589A (en) | 2022-11-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11924911B2 (en) | Extreme-high-throughput fast initial link setup support in multi-link operation in wireless communications | |
US9071416B2 (en) | Galois/counter mode encryption in a wireless network | |
CA2662841C (en) | Method and system for secure processing of authentication key material in an ad hoc wireless network | |
AU2003295466B2 (en) | 802.11using a compressed reassociation exchange to facilitate fast handoff | |
US9735957B2 (en) | Group key management and authentication schemes for mesh networks | |
US7676676B2 (en) | Method and apparatus for performing mutual authentication within a network | |
AU2004231612B2 (en) | 802.11 using a compressed reassociation exchange to facilitate fast handoff | |
JP2011139457A (en) | System and method for secure transaction of data between wireless communication device and server | |
JP2002247047A (en) | Session shared key sharing method, radio terminal authenticating method, radio terminal and base station device | |
WO2007111710A2 (en) | Method and apparatus for providing a key for secure communications | |
BRPI0716621A2 (en) | AD-HOC NETWORK KEY MANAGEMENT | |
WO2023083170A1 (en) | Key generation method and apparatus, terminal device, and server | |
TWI794881B (en) | Wireless communication method and apparatus for multi-link | |
Haverinen et al. | Rfc 4186: Extensible authentication protocol method for global system for mobile communications (gsm) subscriber identity modules (eap-sim) | |
WO2024026735A1 (en) | Authentication method and apparatus, device, and storage medium | |
Tong et al. | The Research of the SM2, SM3 and SM4 Algorithms in WLAN of Transformer Substation | |
Egners et al. | Fsasd: A framework for establishing security associations for sequentially deployed wmn | |
Soliman et al. | An efficient application of a dynamic crypto system in mobile wireless security | |
Kambourakis et al. | Key Management in 802.16 e | |
Castelluccia-INRIA | Securing 802.11 (WiFi) networks |