TRANSMISSION SECURITY FOR WIRELESS LANS
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is related to the following U.S. applications, of common assignee, from which priority is claimed, and the contents of which are incorporated herein in their entirety by reference:
"TRANSMISSION SECURITY FOR WIRELESS LANS," U.S. Provisional Patent Application Serial No. 60/322,094; and,
"TRANSMISSION SECURITY FOR WIRELESS LANS," U.S. Provisional Patent Application Serial No. 60/325,148.
STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH [0002] Not Applicable
REFERENCE TO MICROFICHE APPENDIX [0003] Not Applicable
BACKGROUND OF THE INVENTION
[0004] The present invention relates to network security, and more particularly, to methods and systems for providing transmission security on wireless communications systems such as wireless LANs.
[0005] The proliferation of wireless LAN and other telecommunications systems has increased the need for security measures at the link level of the OSI reference model. It is well-known in military communications systems that a hierarchy of security techniques is required for good protection of both the system itself and the data transported over the system. Military communications security often includes: (1) end- to-end data encryption for ultimate protection against data compromise; (2) link-by-link encryption to deter protocol attacks against the network control, such as denial-of-service and unauthorized access; and (3) Transmission Security (TRANSEC) at the Physical (PHY) layer to mitigate waveform exploitation, such as smart jamming, etc. As used herein, the term TRANSEC refers to any modification or variance of the transmitted
waveform that is operative to degrade the performance of a receiver trying to demodulate the transmitted waveform, when the receiver is not cognizant of the modifications or variances. A receiver cognizant of the modifications or variances can compensate so as to avoid any such degradation. Since TRANSEC thwarts demodulation by unauthorized parties, it also strengthens the various data-level encryption measures by denying the ability to collect cipher text for cryptanalysis or the ability to exploit network control information.
[0006] Prior art commercial wireless LAN standards have security features ranging from weak to non-existent. For example:
To avoid earlier stringent export controls, short (40-bit) encryption keys were specified in the 802.11 standard for WEP link-level encryption. With the relaxation of Government control of cryptographic products, these keys will be lengthened, and even the algorithms themselves may be strengthened. However, this encryption is applied only to data payloads, while all control fields remain in the clear in the standard.
• To avoid the modest complexity required for management of code changing, the 802.11 Direct-Sequence Spread-Spectrum (DSSS) standards employ only a single spreading code. Since TRANSEC in conventional DSSS systems requires spreading-code changes unpredictable by unauthorized users, there is no capability in 802.11 DSSS for such TRANSEC. As a result, numerous attacks against 802.11 DSSS equipment exists because the waveforms can be demodulated and/or mimicked at will by malicious parties.
• Non-spread-spectrum transmissions are used in higher-rate standards, e.g., OFDM is presently used in 802.11a and HiperLAN 2, and is being considered for others.
[0007] By contrast, Frequency-Hopping Spread-Spectrum (FHSS) standards (e.g., 802.11 FHSS and HomeRF) include a measure of TRANSEC. Although the frequency hopping (FH) sequences are published, the determination of the hop sequence and timing presents a substantial barrier to tampering and/or eavesdropping compared to the DSSS standards. However, the low emphasis of TRANSEC in existing standards, combined with removal of regulatory requirements for using spread-spectrum modulations in
traditional spread-spectrum bands will result in future systems whose only protection is link-level encryption of data payloads.
SUMMARY OF THE INVENTION
[0008] In DSSS transmission, the use of a spreading sequence known only to authorized users makes demodulation of transmission by others impossible. Similarly, unauthorized parties cannot generate packets that would be demodulated by valid users. One embodiment of the invention incorporates TRANSEC into non-spread-spectrum links (or deficient DS links such as IEEE 802.11b) by introducing variations of physical waveform parameters that can readily be compensated by intended users who are cognizant of the variations, but not by unauthorized parties. In various embodiments, the parameter variations may pertain to preamble detection, acquisition of phase and/or timing, or to the data modulation itself. Denial to unauthorized parties of any of these parameters regarding aspects of transmission would prevent demodulation of a packet, and could properly be referred to as TRANSEC measures.
[0009] Introducing waveform parameter variations can be directed at producing a variety of effects if the parameter variations are left uncompensated at the receiver, h one embodiment, the waveform pattern variations cause a modest number of data errors at the receiver sufficient to cause a packet to fail CRC check; this normally results in the packet being discarded by the MAC layer, and may be sufficient to protect against unsophisticated attacks. In general, embodiments of the invention introduce pattern variations that cause total failure of demodulation at the receiver so that forced downloading of damaged packets provides little useful information. Representative TRANSEC measures utilized by embodiments of the invention include, but are not limited to:
• Modification of the whitening/scrambling sequence to cause data errors
• Introduction of alternate (non-linear) scrambling processes
• Modification of the mapping of serial data onto waveforms
• Altered preamble characteristics to confuse acquisition
• Employment of alternate preamble formats to frustrate acquisition
• Modulation of the carrier phase to disrupt phase-tracking accuracy
• Introduction of carrier-phase discontinuities to throw the PLL out of lock
• Introduction of time jumps in the modulation envelope to disrupt sample timing
[0010] Among the TRANSEC measures listed above are (1) those which disrupt the modulation process itself (e.g., degrading phase or timing information), as well as (2) those which confuse the various mappings of information to modulation parameters (e.g., assignment of bits to carriers in orthogonal frequency division multiplexing (OFDM — 802.11a) or to waveforms in complementary code keying (CCK — 802.11b), assignment of bits of constellation points in QAM, etc.) In embodiments where TRANSEC depends upon distorting the mapping of bits, rather than physically degrading the demodulation, the distortion of information preferably include MAC-level control fields normally not protected by link level encryption in present standards. For example, the Wired Equivalency Privacy (WEP) protocol may be used in IEEE 802.11 standard networks to protect link-level data during wireless transmission. With WEP, the sender encrypts the content of a data frame, but leaves the MAC header in the clear. In one embodiment of the invention, a non-linear scrambling of the bit stream applies to the entire MAC frame, including the MAC header. This protection of control fields provides a new level of protection compared to prior art wireless LANs.
[0011] The TRANSEC measures described herein provide security because authorized users possess the information required to compensate for the distortions introduced, whereas others do not. In particular, desired users must share information regarding the timing and parameter values used at the transmitter, which must be subsequently compensated at the receiver. For example, if a phase discontinuity is introduced to cause a severe transient in the phase-tracking circuit if uncompensated, then the intended receiver must anticipate where this phase jump will occur relative to a reference time (e.g., frame sync) as well as knowing the phase-jump value. If there were
four possible timings and three possible phase-jump values for the transient, then an unauthorized party must guess which of twelve combinations was used in order to compensate. In the various embodiments of the invention, the system design is such that intended users have this TRANSEC information in advance. Means for distributing TRANSEC information are well-known for DSSS systems. Intended users generally share some form of secret key information: this may or may not be combined with timing information, some field in the Physical Layer (PHY) header (or equivalent collateral information), or even with some or all of the actual data payload. Ultimately, intended users are able to generate the same randomized parameters at transmitter and receiver such that TRANSEC variations can be removed at the receiver.
[0012] To support the simultaneous use of existing standards-compliant devices mixed with devices implementing the standard but having enhanced security using the TRANSEC concepts taught herein, it is attractive to use the PHY frame format specified in the standard, but to interpret some field of the PHY header to determine whether the enhanced mode is used for a particular frame. An example is using the SERVICE field in IEEE 802.11 devices to indicate TRANSEC frames; the SERVICE field is currently underutilized in IEEE 802.11, but even future extended use of this field under the standard does not prevent recognition of any still-undefined pattern for indication of TRANSEC frames.
[0013] In one aspect, the invention comprises a method of incorporating TRANSEC in a wireless LAN system that includes at least one transmitter and at least one receiver for communicating a transmitted waveform characterized by one or more waveform parameters. The method includes selecting at least one of the waveform parameters, preferably below the MAC level, to be varied. The method further includes varying, at the at least one transmitter, the one or more selected waveform parameters according to a predetermined parameter profile. The method also includes configuring a demodulation process at the at least one receiver so as to compensate for the varying of the one or more selected waveform parameters. A receiver not cognizant of the predetermined parameter profile incurs a demodulation performance degradation of the transmitted waveform as a result of varying the one or more selected waveform parameters.
[0014] Another embodiment further includes varying the one or more selected waveform parameters so as to affect the demodulation process at the PHY level.
[0015] Another embodiment further includes varying the one or more selected waveform parameters so as to induce variations in waveform phase information required for demodulation.
[0016] Another embodiment further includes varying the one or more selected waveform parameters so as to induce variations in waveform timing information required for demodulation.
[0017] Another embodiment further includes varying the one or more selected waveform parameters so as to deny access to information relating to a PHY preamble.
[0018] Another embodiment further includes varying the one or more selected waveform parameters so as to affect a mapping from a demodulation decision to a final information format.
[0019] Another embodiment further includes scrambling a serial data stream at the transmitter after a standard scrambling operation at the physical layer.
[0020] Another embodiment further includes scrambling the serial data stream so as to scramble an entire MAC frame encapsulated within a PHY frame.
[0021] Another embodiment further includes mapping a serial data stream at the transmitter to one or more OFDM carriers.
[0022] Another embodiment further includes mapping a serial data stream at the transmitter to one or more transmitter waveforms.
[0023] In another aspect, the invention comprises a system for incorporating TRANSEC in a wireless LAN architecture that includes at least one transmitter and at least one receiver for communicating a transmitted waveform characterized by one or more waveform parameters. The system includes means for selecting at least one of the waveform parameters, preferably below the MAC level, to be varied. The system further includes means for varying, at the at least one transmitter, the one or more selected waveform parameters according to a predetermined parameter profile. The system also includes means for configuring a demodulation process at the at least one receiver so as to compensate for the varying of the one or more selected waveform parameters. A receiver not cognizant of the predetermined parameter profile incurs a demodulation
performance degradation of the transmitted waveform as a result of varying the one or more selected waveform parameters.
[0024] In another embodiment, the means for varying the one or more waveform parameters affects the demodulation process at the PHY level.
[0025] In another embodiment, the means for varying the one or more waveform parameters induces variations in waveform phase information required for demodulation.
[0026] In another embodiment, the means for varying the one or more waveform parameters induces variations in waveform timing information required for demodulation.
[0027] In another embodiment, the means for varying the one or more waveform parameters is operative to deny access to information relating to a PHY preamble.
[0028] In another embodiment, the means for varying the one or more waveform parameters is operative to affect a mapping from a demodulation decision to a final information format.
[0029] In another embodiment, the means for varying the one or more waveform parameters scrambles a serial data stream at the transmitter after a standard scrambling operation at the physical layer.
[0030] In another embodiment, the means for varying the one or more waveform parameters scrambles the serial data stream so as to scramble an entire MAC frame encapsulated within a PHY frame.
[0031] In another embodiment, the means for varying the one or more waveform parameters maps a serial data stream at the transmitter to one or more OFDM carriers.
[0032] In another embodiment, the means for varying the one or more waveform parameters maps a serial data stream at the transmitter to one or more transmitter waveforms.
[0033] In another embodiment, the predetermined parameter profile uniquely corresponds to a key.
[0034] In other embodiments, the key includes a code word, a time of day, or a combination thereof.
[0035] In another embodiment, access to the key is limited to the at least one transmitter and the at least one receiver.
[0036] In another embodiment, the means for varying the one or more waveform parameters predicates the variation of the one or more waveform parameters upon a field in a serial data stream being transmitted via the transmitted waveform.
[0037] In another aspect, the invention comprises a system for incorporating TRANSEC in a wireless LAN architecture that includes at least one transmitter and at least one receiver for communicating a transmitted waveform characterized by one or more waveform parameters. The system includes a TRANSEC specification module for selecting at least one of the waveform parameters, below the MAC level, to be varied. The system also includes a parameter processor for varying, at the at least one transmitter, the one or more selected waveform parameters according to a predetermined parameter profile. The system also includes a demodulation processor for configuring a demodulation process at the at least one receiver so as to compensate for the varying of the one or more selected waveform parameters. A receiver not cognizant of the predetermined parameter profile incurs a demodulation performance degradation of the transmitted waveform as a result of varying the one or more selected waveform parameters.
BRIEF DESCRIPTION OF DRAWINGS
[0038] The foregoing and other objects of this invention, the various features thereof, as well as the invention itself, may be more fully understood from the following description, when read together with the accompanying drawings in which:
[0039] FIG. 1 A shows a block diagram of the modulation functions that a typical prior art transmitter performs within a network operating according to the IEEE 802.1 la standard;
[0040] FIG. IB shows a block diagram of the modulation functions that a typical prior art transmitter performs within a network operating according to the IEEE 802.1 lb standard;
[0041] FIG 2 shows components for applying TRANSEC in an existing wireless LAN system;
[0042] FIG. 3 shows, in block diagram form, an apparatus for assuring temporal variation in the non-linear scrambling of FIG. 2;
[0043] FIG. 4 shows an embodiment that examines the SERVICE field of the incoming data in order to determine whether or not to apply the non-linear scrambling for TRANSEC; and,
[0044] FIG. 5 shows one embodiment of a system for incorporating TRANSEC into an existing wireless LAN architecture according to the present invention.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
[0045] FIG. 1 A shows a block diagram of the modulation functions 100 that a typical prior art transmitter performs within a network operating according to the IEEE 802.1 la standard. FIG. IB shows a block diagram of the modulation functions 102 that a typical prior art transmitter performs within a network operating according to the IEEE 802.11b standard.
[0046] FIG. 1 A shows a module 104 for providing a processor interface, followed by a second module 106 for whitening (i.e., scrambling) the incoming bit stream, and followed by a third module 108 for applying a forward error correction (FEC) algorithm to the bit stream. The IEEE 802.1 la modulation functions 100 further include a fourth module 110 for mapping the bit stream from the third module into bit groups, fifth module 112 for assigning bit groups to proper carrier signals, a sixth module 114 for mapping the bit groups to carrier complex amplitudes, a seventh module 116 for further mapping the bit stream to bit groups, and an eighth module 118 for applying an IFFT to the bit groups.
[0047] FIG. IB shows a module 120 for providing a processor interface, followed by a second module 122 for whitening the incoming bit stream. The IEEE 802.1 lb modulation functions 102 further include a third module 124 for mapping the bit stream into bit groups, followed by a fourth module 126 for mapping the bit groups to phase and waveforms.
[0048] The modulation circuitry in such prior art systems is often complex and highly integrated, so that modifications will likely be difficult to design and test, and would likely result in bugs or system degradation. In FIGs. 1 A and IB, the blocks with shading depict those functions that are typically difficult to readily modify. One
preferred embodiment of the invention therefore effects the TRANSEC measures as simply as possible for a given level of protection. One such embodiment for applying TRANSEC in wireless LANs includes a mapping module 130 that operates on the serial stream of bits at the modulator, after the standard scrambling operation 132, as shown in FIG 2. The standard scrambling operation 132 corresponds to the second module 106 of FIG. 1A, and the second module 122 of FIG. IB. In this embodiment, the mapping module 130 applies a non-linear scrambling process to the serial stream, although other embodiments may incorporate other transformative mappings known in the art to the serial data stream. The non-linear scrambling process of the mapping module 130 in FIG. 2 is preferably a pseudo-random sequence based on a pre-determined key code, time of day, or both, that can be repeated by an intended receiver to compensate for the mapping (i.e., remove the pseudo-random sequence). This approach minimizes the changes necessary to existing subsystems on both the transmitter and receiver ends of the wireless network. Although the modem may need to access some portions of the serial stream (e.g., PHY header information), the modem would most naturally access this data prior to the scrambling operation, while the information is in its original, raw format. Thus, operating on the serial stream (e.g., applying a non-linear scrambling) after the standard scrambling reduces the likelihood of an incidental impact to other existing modem subsystems.
[0049] FIG. 3 shows, in block diagram form, an apparatus 200 for assuring temporal variation in the non-linear scrambling of FIG. 2, according to one embodiment. The upper part 202 of the FIG 3, a non-time varying configuration, simply employs a key to seed a cipher stream generator 204, the output of which is then combined with the standard-scrambled stream 206. The use of a stream cipher and the combination by exclusive-or function as shown are only examples; generally the non-linear scrambling operation can take on many forms known in the art. The principal aspect of the apparatus 200 shown in the lower part of FIG 3 is that some, or all, of the input stream 208 (e.g., the PHY header and or MAC frame) can be used to alter the characteristics of the non-linear scrambling operation 210. Although not shown in FIG. 3, an intermediate function block may be used to analyze the input stream 208 and selectively pass only certain portions of the input stream 208 to the non-linear scrambling operation 210.
[0050] Some embodiments of the invention may analyze particular fields of the incoming serial data stream to determine whether or not to vary a particular waveform parameter for TRANSEC. For example, FIG. 4 depicts an embodiment that examines the SERVICE field of the incoming data via a pattern match module 220 in order to determine whether or not to apply the non-linear scrambling for TRANSEC. This enables truly standard frames (with respect to prior-art network standards) to be interspersed with TRANSEC-protected frames in normal use. The pattern-matching function would be made programmable, under firmware control, so that future use of the SERVICE field could be accommodated. When the SERVICE (or other such) field contains a pattern enabled for TRANSEC, then the non-linear scrambling operation is used; otherwise, the non-linear scrambling is disabled. This mechanism could also be used to enable/inhibit additional or alternative TRANSEC measures as described herein. In FIG. 4, the SERVICE field detection is shown with a non-time varying non-linear scrambling configuration, as described in FIG. 3.
[0051] FIG. 5 shows one embodiment of a system 300 for incorporating TRANSEC into an existing wireless LAN architecture according to the present invention. The TRANSEC specification module 302 receives user input regarding the desired level of security and translates the user input into values related to the waveform parameters. Such values may include which parameters are to be varied, minimum/maximum values, thresholds, time durations, etc., and combinations thereof. The input to the TRANSEC specification module 302 may include a key, which would also be distributed to all desired recipients of the transmitted waveform. The key may include a code word, a time of day, or a combination of the both. The TRANSEC specification module 302 provides the values related to the waveform parameters to the parameter processor 304, which interfaces to the existing modulation functions 306 of the transmitter, and implements the actual parameter variations to the transmitted waveform. The parameter processor 304 may include, for example, the component or components necessary to perform non-linear scrambling on the serial bit stream at the modulator, after the standard scrambling operation described herein. Each receiver within the network includes a demodulation processor 308 for configuring and coordinating the demodulation functions at the receiver. The demodulation processor
interfaces to the existing demodulation functions 310 of the receiver, and is operative to remove the effects of the waveform parameter variations effected by the transmitter. For simplicity, FIG. 5 shows only one receiver on the network, but other embodiments may operate with multiple receivers; other receivers are configured as the one shown in FIG. 5. The demodulation processor 308 receives information regarding which waveform parameters the transmitter varied; in one embodiment receives the information regarding the waveform parameters as a key, as described herein. Although not shown in FIG. 5, each receiver may also include a TRANSEC specification module similar to the one shown for the transmitter, for converting the key into values suitable for the demodulation processor 308.
[0052] The invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are therefore to be considered in respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of the equivalency of the claims are therefore intended to be embraced therein.
PAGE INTENTIONALLY LEFT BLANK