[go: up one dir, main page]

WO2024090853A1 - Dispositif et procédé de protection de trame dans un réseau local sans fil - Google Patents

Dispositif et procédé de protection de trame dans un réseau local sans fil Download PDF

Info

Publication number
WO2024090853A1
WO2024090853A1 PCT/KR2023/015720 KR2023015720W WO2024090853A1 WO 2024090853 A1 WO2024090853 A1 WO 2024090853A1 KR 2023015720 W KR2023015720 W KR 2023015720W WO 2024090853 A1 WO2024090853 A1 WO 2024090853A1
Authority
WO
WIPO (PCT)
Prior art keywords
frame
sta
power management
header
mld
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2023/015720
Other languages
English (en)
Inventor
Jeong Soo Lee
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Frontside LLC
Original Assignee
Frontside LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Frontside LLC filed Critical Frontside LLC
Priority to KR1020257013183A priority Critical patent/KR20250096713A/ko
Publication of WO2024090853A1 publication Critical patent/WO2024090853A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L5/00Arrangements affording multiple use of the transmission path
    • H04L5/0091Signalling for the administration of the divided path, e.g. signalling of configuration information
    • H04L5/0096Indication of changes in allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0056Systems characterized by the type of code used
    • H04L1/0061Error detection codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/16Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
    • H04L1/1607Details of the supervisory signal
    • H04L1/1614Details of the supervisory signal using bitmaps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L5/00Arrangements affording multiple use of the transmission path
    • H04L5/003Arrangements for allocating sub-channels of the transmission path
    • H04L5/0053Allocation of signalling, i.e. of overhead other than pilot signals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0637Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. Transmission Power Control [TPC] or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0203Power saving arrangements in the radio access network or backbone network of wireless communication networks
    • H04W52/0206Power saving arrangements in the radio access network or backbone network of wireless communication networks in access points, e.g. base stations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. Transmission Power Control [TPC] or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0212Power saving arrangements in terminal devices managed by the network, e.g. network or access point is leader and terminal is follower
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. Transmission Power Control [TPC] or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0212Power saving arrangements in terminal devices managed by the network, e.g. network or access point is leader and terminal is follower
    • H04W52/0216Power saving arrangements in terminal devices managed by the network, e.g. network or access point is leader and terminal is follower using a pre-established activity schedule, e.g. traffic indication frame
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. Transmission Power Control [TPC] or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0225Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal
    • H04W52/0229Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal where the received signal is a wanted signal
    • H04W52/0235Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal where the received signal is a wanted signal where the received signal is a power saving command
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. Transmission Power Control [TPC] or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0261Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level
    • H04W52/0274Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level by switching on or off the equipment or parts thereof
    • H04W52/028Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level by switching on or off the equipment or parts thereof switching on or off only a part of the equipment circuit blocks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/15Setup of multiple wireless link connections
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Definitions

  • the present disclosure relates to a wireless local area network (WLAN), and more particularly, to a method for protecting a frame in the WLAN and a device using the same.
  • WLAN wireless local area network
  • a wireless local area network may be formed by one or more access points (APs) that provide a shared wireless communication medium for use by a number of client devices also referred to as stations (STAs).
  • APs access points
  • STAs stations
  • Orthogonal frequency division multiple access is a multiple access scheme where different subsets of subcarriers are allocated to different users, and this scheme allows simultaneous data transmission to or from one or more users.
  • a physical layer protocol data unit is a data unit (or data packet) to carry various information in the WLAN.
  • PPDU physical layer protocol data unit
  • OFDMA OFDMA
  • users are allocated different subsets of subcarriers that can change from one PPDU to the next.
  • an AP may allocate different RUs for STAs. The AP can simultaneously transmit various formats of PPDUs to multiple STAs.
  • MIC Message Integrity Check
  • the present disclosure provides a method for protecting a frame in a wireless local area network.
  • the present disclosure further provides a device for protecting a frame in a wireless local area network.
  • a method for protecting a frame in a wireless local area network includes generating a Quality of Service (QoS) Null frame to inform an access point that the station changes the station's power management mode, and transmitting the QoS Null frame.
  • QoS Null frame including a medium access control (MAC) header.
  • the QoS Null frame includes a protection field indicating that the QoS Null frame includes integrity check information to calculate message integrity check (MIC) for protecting an integrity of a part or all of the MAC header.
  • a device for a wireless local area network includes a processor, and a memory operatively coupled with the processor and configured to store instructions that, when executed by the processor, cause the device to perform functions.
  • the functions include generating a Quality of Service (QoS) Null frame to inform an access point that the device changes the device's power management mode, and transmitting the QoS Null frame.
  • QoS Null frame includes a medium access control (MAC) header.
  • the QoS Null frame includes a protection field indicating that the QoS Null frame includes integrity check information to calculate message integrity check (MIC) for protecting an integrity of a part or all of the MAC header.
  • MIC message integrity check
  • new PPDU transmission designs are provided to support signaling regarding features and resource allocations.
  • FIG. 1 shows a block diagram of an example wireless communication network.
  • FIG. 2 shows a block diagram of an example wireless communication device.
  • FIG. 3 shows an example of UL MU transmission.
  • FIG. 4 shows an example of multi-link operation.
  • FIG. 5 shows an example of an enhanced multi-link single radio operation.
  • FIG. 6 shows an example of contents in EML Operating Mode Notification frame.
  • FIG. 7 shows an example of MAC frame format.
  • FIG. 8 shows an example of EMLSR operation according to an embodiment of the present disclosure.
  • FIG. 9 shows another example of EMLSR operation according to an embodiment of the present disclosure.
  • FIG. 10 shows still another example of EMLSR operation according to an embodiment of the present disclosure.
  • FIG. 11 shows an example of cross link power management according to an embodiment of the present disclosure.
  • FIG. 12 shows another example of cross link power management according to an embodiment of the present disclosure.
  • FIG. 13 shows an example of MAC frame format according an embodiment of the present disclosure.
  • FIG. 14 shows an example of attack in the power management.
  • FIG. 15 shows an example of control response protection according to an embodiment of the present disclosure.
  • FIG. 16 shows an example of MAC Header protection according to an embodiment of the present disclosure.
  • FIG. 17 shows an example of MAC Header protection according to an embodiment of the present disclosure.
  • the following description is directed to certain implementations for the purposes of describing innovative aspects of this disclosure.
  • RF radio frequency
  • IEEE 802.11 the Institute of Electrical and Electronics Engineers
  • the IEEE 802.15 the Bluetooth® standards as defined by the Bluetooth Special Interest Group (SIG), or the Long Term Evolution (LTE), 3G, 4G or 5G (New Radio (NR)) standards promulgated by the 3rd Generation Partnership Project (3GPP), among others.
  • SIIG Bluetooth Special Interest Group
  • LTE Long Term Evolution
  • 3GPP 3rd Generation Partnership Project
  • the described implementations can be implemented in any device, system or network that is capable of transmitting and receiving RF signals according to one or more of the following technologies or techniques: code division multiple access (CDMA), time division multiple access (TDMA), frequency division multiple access (FDMA), orthogonal FDMA (OFDMA), single-carrier FDMA (SC-FDMA), single-user (SU) multiple-input multiple-output (MIMO) and multi-user (MU) MIMO.
  • CDMA code division multiple access
  • TDMA time division multiple access
  • FDMA frequency division multiple access
  • OFDMA orthogonal FDMA
  • SC-FDMA single-carrier FDMA
  • SU single-user
  • MIMO multiple-input multiple-output
  • MU multi-user
  • the described implementations also can be implemented using other wireless communication protocols or RF signals suitable for use in one or more of a wireless personal area network (WPAN), a wireless local area network (WLAN), a wireless wide area network (WWAN), or an internet of things (I
  • OFDMA is an OFDM-based multiple access scheme where different subsets of subcarriers are allocated to different users, and this scheme allows simultaneous data transmission to or from one or more users.
  • OFDMA users are allocated different subsets of subcarriers that can change from one PPDU to the next. Similar to OFDM, OFDMA employs multiple subcarriers, but the subcarriers are divided into several groups where each group is referred to as a resource unit (RU).
  • RU resource unit
  • a physical layer protocol data unit may span one or more subchannels and may include a preamble portion and a data portion. Signaling refers to control fields or information in the preamble portion that can be used by a wireless communication device to interpret another field or portion of the preamble portion or the data portion of the PPDU.
  • a wireless channel may be formed from multiple subchannels.
  • a subchannel may include a set of subcarriers. Portions of the wireless channel bandwidth can be divided or grouped to form different resource units (RUs).
  • An RU may be a unit for resource allocation and may include one or more subcarriers.
  • a preamble portion of a PPDU may include signaling to indicate which RUs are allocated to different devices.
  • signaling include indicators regarding which subchannels include further signaling or which subchannels may be punctured.
  • PPDUs and related structures defined for current wireless communication protocols. As new wireless communication protocols enable enhanced features, new preamble designs are needed support signaling regarding features and resource allocations. Furthermore, it desirable to define a new preamble signaling protocol that can support future wireless communication protocols.
  • FIG. 1 shows a block diagram of an example wireless communication network.
  • the wireless communication network 10 can be an example of a wireless local area network (WLAN) such as a Wi-Fi network (and will hereinafter be referred to as WLAN 10).
  • WLAN 10 can be a network implementing at least one of the IEEE 802.11 family of wireless communication protocol standards (such as that defined by the IEEE 802.11-2016 specification or amendments thereof including, but not limited to, 802.11ah, 802.11ad, 802.11ay, 802.11ax, 802.11az, 802.11ba and 802.11be).
  • the WLAN 10 may include numerous wireless communication devices such as an access point (AP) 11 and multiple stations (STAs) 12. While only one AP 11 is shown, the WLAN network 10 also can include multiple APs.
  • Each of the STAs 12 also may be referred to as a mobile station (MS), a mobile device, a mobile handset, a wireless handset, an access terminal (AT), a user equipment (UE), a subscriber station (SS), or a subscriber unit, among other possibilities.
  • the STAs 12 may represent various devices such as mobile phones, personal digital assistant (PDAs), other handheld devices, netbooks, notebook computers, tablet computers, laptops, display devices (for example, TVs, computer monitors, navigation systems, among others), music or other audio or stereo devices, remote control devices (“remotes”), printers, kitchen or other household appliances, key fobs (for example, for passive keyless entry and start (PKES) systems), among other possibilities.
  • PDAs personal digital assistant
  • netbooks notebook computers
  • tablet computers laptops
  • display devices for example, TVs, computer monitors, navigation systems, among others
  • music or other audio or stereo devices for example, remote control devices (“remotes”), printers, kitchen or other household appliances
  • key fobs
  • a single AP 11 and an associated set of STAs 12 may be referred to as a basic service set (BSS), which is managed by the respective AP 11.
  • the BSS may be identified to users by a service set identifier (SSID), as well as to other devices by a basic service set identifier (BSSID), which may be a medium access control (MAC) address of the AP 11.
  • the AP 11 periodically broadcasts beacon frames (“beacons”) including the BSSID to enable any STAs 12 within wireless range of the AP 11 to “associate” or re-associate with the AP 11 to establish a respective communication link (hereinafter also referred to as a “Wi-Fi link”), or to maintain a communication link, with the AP 11.
  • beacon frames including the BSSID to enable any STAs 12 within wireless range of the AP 11 to “associate” or re-associate with the AP 11 to establish a respective communication link (hereinafter also referred to as a
  • the beacons can include an identification of a primary channel used by the respective AP 11 as well as a timing synchronization function for establishing or maintaining timing synchronization with the AP 11.
  • the AP 11 may provide access to external networks to various STAs 12 in the WLAN via respective communication link.
  • each of the STAs 12 is configured to perform passive or active scanning operations (“scans”) on frequency channels in one or more frequency bands (for example, the 2.4 GHz, 5 GHz, 6 GHz or 60 GHz bands).
  • scans passive or active scanning operations
  • a STA 12 listens for beacons, which are transmitted by respective APs 11 at a periodic time interval referred to as the target beacon transmission time (TBTT) (measured in time units (TUs) where one TU may be equal to 1024 microseconds ( ⁇ s)).
  • TBTT target beacon transmission time
  • TUs time units
  • ⁇ s microseconds
  • Each STA 12 may be configured to identify or select an AP 11 with which to associate based on the scanning information obtained through the passive or active scans, and to perform authentication and association operations to establish a communication link with the selected AP 11.
  • the AP 11 assigns an association identifier (AID) to the STA 12 at the culmination of the association operations, which the AP 11 uses to track the STA 104.
  • AID association identifier
  • STAs 12 may form networks without APs 11 or other equipment other than the STA.
  • a network is an ad hoc network (or wireless ad hoc network).
  • Ad hoc networks may alternatively be referred to as mesh networks or peer-to-peer (P2P) networks.
  • P2P peer-to-peer
  • ad hoc networks may be implemented within a larger wireless network such as the WLAN 10.
  • the STAs 12 may be capable of communicating with each other through the AP 11 using communication links, STAs 12 also can communicate directly with each other via direct wireless links. Additionally, two STAs 12 may communicate via a direct communication link regardless of whether both STAs 12 are associated with and served by the same AP 11.
  • one or more of the STAs 12 may assume the role filled by the AP 11 in a BSS.
  • Such a STA may be referred to as a group owner (GO) and may coordinate transmissions within the ad hoc network.
  • GO group owner
  • the AP 11 and STAs 12 may function and communicate (via the respective communication links) according to the IEEE 802.11 family of wireless communication protocol standards (such as that defined by the IEEE 802.11-2016 specification or amendments thereof including, but not limited to, 802.11ah, 802.11ad, 802.11ay, 802.11ax, 802.11az, 802.11ba and 802.11be). These standards define the WLAN radio and baseband protocols for the PHY and medium access control (MAC) layers.
  • the AP 11 and STAs 12 transmit and receive wireless communications (hereinafter also referred to as “Wi-Fi communications”) to and from one another in the form of PPDUs.
  • Wi-Fi communications wireless communications
  • the AP 11 and STAs 12 in the WLAN 10 may transmit PPDUs over an unlicensed spectrum, which may be a portion of spectrum that includes frequency bands traditionally used by Wi-Fi technology, such as the 2.4 GHz band, the 5 GHz band, the 60 GHz band, the 3.6 GHz band, and the 900 MHz band. Some implementations of the AP 11 and STAs 12 described herein also may communicate in other frequency bands, such as the 6 GHz band, which may support both licensed and unlicensed communications. The AP 11 and STAs 12 also can be configured to communicate over other frequency bands such as shared licensed frequency bands, where multiple operators may have a license to operate in the same or overlapping frequency band or bands.
  • Each of the frequency bands may include multiple channels (which may be used as subchannels of a larger bandwidth channel).
  • PPDUs conforming to the IEEE 802.11n, 802.11ac and 802.11ax standard may be transmitted over the 2.4 and 5 GHz bands, each of which is divided into multiple 20 MHz channels.
  • these PPDUs are transmitted over a physical channel having a minimum bandwidth of 20 MHz, but larger channels can be formed through channel bonding.
  • PPDUs may be transmitted over physical channels having bandwidths of 40 MHz, 80 MHz, 160 or 320 MHz by bonding together multiple 20 MHz channels (which may be referred to as subchannels).
  • Each PPDU is a composite structure that includes a PHY preamble and a payload in the form of a PHY service data unit (PSDU).
  • the information provided in the preamble may be used by a receiving device to decode the subsequent data in the PSDU.
  • the preamble fields may be duplicated and transmitted in each of the multiple component channels.
  • the PHY preamble may include both a first portion (or “legacy preamble”) and a second portion (or “non-legacy preamble”).
  • the first portion may be used for packet detection, automatic gain control and channel estimation, among other uses.
  • the first portion also may generally be used to maintain compatibility with legacy devices as well as non-legacy devices.
  • the format of, coding of, and information provided in the second portion of the preamble is based on the particular IEEE 802.11 protocol to be used to transmit the payload.
  • Uplink means that the signal (or message or PPDU) is transmitted by a STA to an AP
  • downlink means that the signal (or message or PPDU) is transmitted by the AP to one or more STAs.
  • FIG. 2 shows a block diagram of an example wireless communication device.
  • the wireless communication device 50 can be an example of a device for use in a STA such as one of the STAs 12 described above with reference to FIG. 1. In some implementations, the wireless communication device 50 can be an example of a device for use in an AP such as the AP 11 described above with reference to FIG. 1. The wireless communication device 50 is capable of transmitting (or outputting for transmission) and receiving wireless communications (for example, in the form of wireless packets).
  • the wireless communication device can be configured to transmit and receive packets in the form of PPDUs and/or medium access control (MAC) protocol data units (MPDUs) conforming to an IEEE 802.11 wireless communication protocol standard, such as that defined by the IEEE 802.11-2016 specification or amendments thereof including, but not limited to, 802.11ah, 802.11ad, 802.11ay, 802.11ax, 802.11az, 802.11ba and 802.11be.
  • MAC medium access control
  • the wireless communication device 50 can be, or can include, a chip, system on chip (SoC), chipset, package or device that includes one or more processor 51.
  • the processor 51 can include an intelligent hardware block or device such as, for example, a processing core, a processing block, a central processing unit (CPU), a microprocessor, a microcontroller, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a programmable logic device (PLD) such as a field programmable gate array (FPGA), discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein.
  • the processor 51 processes information received through a transceiver 53, and processes information to be output through the transceiver 53 through the wireless medium.
  • the processor 806 may implement a physical (PHY) layer and/or a MAC layer configured to perform various operations related to the generation and transmission of PPDUs, MPDUs, frames or packets.
  • a memory 52 can include tangible storage media such as random-access memory (RAM) or read-only memory (ROM), or combinations thereof.
  • the memory 808 also can store non-transitory processor- or computer-executable software code containing instructions that, when executed by the processor 51, cause the wireless communication device 50 to perform various operations described herein for wireless communication, including the generation, transmission, reception and interpretation of PPDUs, MPDUs, frames or packets.
  • various functions of components disclosed herein, or various blocks or steps of a method, operation, process or algorithm disclosed herein can be implemented as one or more modules of one or more computer programs.
  • the transceiver 53 generally includes at least one radio frequency (RF) transmitter (or “transmitter chain”) for transmitting radio signals and at least one RF receiver (or “receiver chain”) for receiving radio signals.
  • RF transmitters and receivers may include various DSP circuitry including at least one power amplifier (PA) and at least one low-noise amplifier (LNA), respectively.
  • PA power amplifier
  • LNA low-noise amplifier
  • the RF transmitters and receivers may, in turn, be coupled to one or more antennas.
  • the wireless communication device 50 can include, or be coupled with, multiple transmit antennas (each with a corresponding transmit chain) and multiple receive antennas (each with a corresponding receive chain).
  • VHT Very high throughput
  • HE high efficiency
  • EHT extremely high throughput
  • EHT STA may be used to represent a STA supporting at least EHT.
  • EHT STA can further support VHT and/or HE.
  • 'UHR' is used to represent any later (post-EHT) version of a new wireless communication protocol conforming to a future IEEE 802.11 wireless communication protocol standard or other standard, and is for illustration purpose only.
  • 'UHR' may be referred to as other terms, for example, Ultra Low Latency (ULL), High Reliability (HR), etc.
  • the UHR PPDU may support future amendments to the IEEE 802.11 wireless communication standard.
  • FIG. 3 shows an example of UL MU transmission.
  • UL MU operation allows an AP to solicit simultaneous immediate response frames from one or more STAs.
  • the AP may send a trigger frame to one or more STAs (for example, STA1 and STA2).
  • the trigger frame may be sent as MU PPDU (for example, HE MU PPDU or EHT MU PPDU).
  • the STA1 and STA2 may send response PDUs (for example, HE TB PPDU or EHT TB PPDU) in response to the trigger frame.
  • the interframe space between a PPDU that contains a triggering frame and the TB PPDU is a Short Interframe Space (SIFS).
  • SIFS Short Interframe Space
  • the AP sends an Ack or BlockAck frame acknowledging the one or more TB PPDUs to the response STAs (for example, STA1 and STA2).
  • the trigger frame allocates resources for and solicits one or more PPDU transmissions.
  • the trigger frame also carries other information required by the responding STA to send a TB PPDU or a non-HT PPDU.
  • the trigger frame may be sent as various types such as a basic trigger frame, multi-user request to send (MU-RTS) frame, multi-user block ack request (MU-BAR) frame, Beamforming Report Poll (BFRP) Trigger frame, etc.
  • the trigger frame may include a UL bandwidth field, an CS required field, one or more STA IDs and one or more resource unit (RU) Allocation field.
  • the UL bandwidth field indicates the bandwidth of the response PPDU.
  • the CS required field indicate whether the response STAs are required to use energy detection (ED) to sense the medium and to consider the medium state and the network allocation vector (NAV) in determining whether or not to respond.
  • the one or more STA IDs identifies the one or more response STAs.
  • the RU Allocation subfield indicates RU allocation for the response PPDU.
  • a NAV is an indicator, maintained by each STA, of time periods when transmission onto the wireless medium (WM) is not initiated by the STA regardless of whether the STA's clear channel assessment (CCA) function senses that the WM is busy.
  • Transmission opportunity (TXOP) is an interval of time during which a particular STA has the right to initiate frame exchange sequences onto the WM.
  • a WLAN device classify a received PPDU as an inter-PPDU if (i) the received PPDU is transmitted by an AP which is not associated with the WLAN device, (ii) the received PPDU’s BSS is not the BSS of the WLAN device, or (iii) the received PPDU is a downlink MU PPDU and the WLAN device is an AP.
  • a WLAN device classify a received PPDU as an intra-PPDU if (i) the received PPDU is transmitted by an AP which is associated with the WLAN device, (ii) the received PPDU’s BSS is the BSS of the WLAN device, or (iii) the received PPDU is a downlink MU PPDU and the WLAN device is an AP.
  • Timing synchronization function keeps TSF timers for all stations in the same BSS synchronized.
  • STAs can maintain a local TSF timer.
  • Each STA can maintain a TSF timer with modulus 2 64 counting in increments of microseconds.
  • the AP is the timing master for the TSF.
  • the AP can periodically transmit beacon frames which contain the value of the AP's TSF timer in order to synchronize the TSF timers of other STAs in a BSS.
  • a receiving STA can accept the timing information in the beacon frames and can update the receiving STA's TSF timer. If the receiving STA's TSF timer is different from the timestamp in the received beacon frame, the receiving STA can set its local TSF timer to the received timestamp value.
  • FIG. 4 shows an example of multi-link operation.
  • the IEEE 802.11be has defined multi-link operation (MLO) to support sending data frames concurrently on multiple links.
  • MLO allows the users to enjoy the multilink benefits unavailable for a simple noncontiguous wide spectrum on a single link, such as asynchronous channel access and enhanced power save.
  • the MLO can aggregate a various number of links of different widths. For example, Link1 has a bandwidth of 160 MHz and Link2 has a bandwidth of 40 MHz.
  • MLD has a single MAC address and uses this MAC address as its own identity. MLO enables frame transmission and retransmission on any link regardless of the link of the initial transmission of the frame.
  • a multi-link device may be a logical entity that is capable of supporting more than one affiliated STA and can operate using one or more affiliated STAs, and that presents one medium access control (MAC) data service and a single MAC-service access point (SAP) to the logical link control (LLC) sublayer.
  • An affiliated AP is an affiliated STA that is an AP STA and the corresponding MLD is an AP MLD.
  • An affiliated STA is a STA, which can be an AP STA or non-AP STA, that provides link-specific, lower MAC and physical layer (PHY) services within an MLD.
  • An enabled link is a setup link of a non-AP MLD to which at least one traffic identifier (TID) is mapped either in downlink or in uplink.
  • a disabled link is a setup link of a non-AP MLD to which no TID is mapped neither in downlink nor in uplink.
  • a TID is any of the identifiers usable by higher layer entities to distinguish MAC service data units (MSDUs) to MAC entities that support quality of service (QoS) within the MAC data service.
  • multilink multiradio MLD If an MLD implements multiple radios and uses these multiple radios concurrently for the MLO, these devices are defined as multilink multiradio (MLMR) MLD. If an MLD only implements single radio and still wants to operate multiple links, then these devices are called multilink single-radio (MLSR) MLD.
  • MLMR multilink multiradio
  • MLR multilink single-radio
  • An AP MLD may include multiple APs each capable of communicating on multiple communication links and may establish a BSS on the multiple communication links.
  • a STA MLD may include multiple STAs capable of communicating with other devices (such as an AP MLD) on multiple communication links. If congestion on a first communication link is above a certain level, the MLDs may switch from communicating on the first communication link to communicating on a second communication link. In some implementations, associating with one another on one communication link allows the MLDs to use the same association configuration, encryption keys, and other ML communication parameters when communicating on one or more of the other communication links associated with the MLDs.
  • FIG. 5 shows an example of an enhanced multi-link single radio operation.
  • Enhanced multi-link single radio (EMLSR) operation is a mode of operation that allows a non-AP MLD with multiple receive chains to listen on a set of enabled links when the corresponding STAs affiliated with the non-AP MLD are in the awake state for an initial Control frame (for example, a trigger frame sent by an AP affiliated with an AP MLD, followed by frame exchanges on the link on which the initial Control frame was received).
  • an initial Control frame for example, a trigger frame sent by an AP affiliated with an AP MLD, followed by frame exchanges on the link on which the initial Control frame was received.
  • AP MLD includes AP1 and AP2 as affiliated APs
  • STA MLD includes STA1 and STA2 as affiliated STAs.
  • each AP within the AP MLD tries to access the corresponding band/channel by running EDCA function independently.
  • AP1 of the AP MLD is operating on the 6 GHz band (Link1) and AP2 is operating on the 5 GHz band (Link2).
  • Link1 6 GHz band
  • Link2 is operating on the 5 GHz band (Link2).
  • AP1 on the 6 GHz band completes backoff, so AP1 sends a MU-RTS frame to start EMLSR operation.
  • STA1 of STA MLD receives the MU-RTS and understands the following DL data transmission which will be carried out on the 6 GHz band.
  • EMLSR operation can provide throughput enhancement and latency reduction similar to that of concurrent dual-radio MLDs.
  • EMLSR operation enables a wireless device having a single radio to receive data using multiple channels/links.
  • the device can listen on the enabled links by leaving its affiliated wireless STAs corresponding to those links in an awake state (“listening mode”).
  • the listening operation can include performing clear channel assessment (CCA) and receiving an initial control frame of a frame exchange sequence that is initiated by an AP MLD.
  • CCA clear channel assessment
  • a non-AP MLD may operate in the EMLSR mode on a specified set of the enabled links between the non-AP MLD and its associated AP MLD.
  • the specified set of the enabled links in which the EMLSR mode is applied is called EMLSR links.
  • the EMLSR links can be indicated in the EMLSR Link Bitmap subfield of the EML Control field of the EML Operating Mode Notification frame by setting the bit positions of the EMLSR Link Bitmap subfield to 1.
  • the STA(s) affiliated with the non-AP MLD that operates on the link(s) that corresponds to the bit position(s) of the EMLSR Link Bitmap subfield set to 0 may be in doze state if a STA affiliated with the non-AP MLD that operates on one of the EMLSR links is in awake state.
  • FIG. 6 shows an example of contents in EML Operating Mode Notification frame.
  • the EML Operating Mode Notification frame is used to indicate that a non-AP MLD with which the transmitting STA is affiliated is changing its EML operation.
  • a non-AP MLD that supports EMLSR operation sets the EMLSR Mode subfield to 1 to indicate that the non-AP MLD operates in EMLSR mode and to 0 to indicate that the non-AP MLD does not operate in EMLSR mode.
  • the EMLSR Mode subfield is set to 0 if the enhanced multi-link multi-radio (EMLMR) Mode subfield is set to 1.
  • An AP MLD that receives an EML Operating Mode Notification frame from a STA affiliated with a non-AP MLD sets the EMLSR Mode subfield of the EML Operating Mode Notification frame that is sent in response to the value obtained from the received EML Operating Mode Notification frame.
  • the EMLSR Link Bitmap subfield indicates the subset of the enabled links that is used by the non-AP MLD in the EMLSR mode.
  • the bit position i of the EMLSR Link Bitmap subfield corresponds to the link with the Link ID equal to i and is set to 1 to indicate that the link is used by the non-AP MLD for the EMLSR mode and is a member of the EMLSR links; otherwise the bit position is set to 0.
  • a STA affiliated with the non-AP MLD can transmit an EML Operating Mode Notification frame with the EMLSR Mode subfield of the EML Control field of the frame set to 1 to an AP affiliated with an AP MLD.
  • An AP affiliated with the AP MLD that received the EML Operating Mode Notification frame from the STA affiliated with the non-AP MLD can transmit an EML Operating Mode Notification frame to one of the STAs affiliated with the non-AP MLD within a timeout interval.
  • the non-AP MLD When a non-AP MLD is operating in the EMLSR mode with an AP MLD supporting the EMLSR mode, the non-AP MLD can be able to listen on the EMLSR links, by having its affiliated STA(s) corresponding to those links in awake state.
  • the listening operation includes CCA and receiving the initial Control frame of frame exchanges that is initiated by the AP MLD.
  • An AP affiliated with the AP MLD that initiates frame exchanges with the non-AP MLD on one of the EMLSR links can begin the frame exchanges by transmitting the initial Control frame to the non-AP MLD.
  • the initial Control frame may be a MU-RTS Trigger frame or a BSRP Trigger frame.
  • a STA affiliated with a non-AP MLD that is in the listening operation and that receives an MU-RTS Trigger Frame or BSRP Trigger frame addressed to it can respond except when the frame exchanges initiated by the initial Control frame on one of the EMLSR links overlaps with group addressed frame transmissions on the other EMLSR link where the non-AP STA intends to receive the group addressed frames.
  • a STA affiliated with the non-AP MLD After receiving the initial Control frame for initiating frame exchanges and transmitting an immediate response frame as a response to the initial Control frame, a STA affiliated with the non-AP MLD that was listening on the corresponding link can be able to transmit or receive frames on the link in which the initial Control frame was received and cannot transmit or receive on the other EMLSR link(s) until the end of the frame exchanges.
  • the STA affiliated with the non-AP MLD can be capable of receiving a PPDU that is sent using more than one spatial stream on the link in which the initial Control frame was received a SIFS after the end of its response frame transmission solicited by the initial Control frame.
  • the other AP(s) affiliated with the AP MLD may not transmit frames to the other STA(s) affiliated with the non-AP MLD on the other EMLSR link(s).
  • the AP affiliated with the AP MLD can transmit before the TXNAV timer expires another initial Control frame addressed to the STA affiliated with the non-AP MLD if the AP intends to continue the frame exchanges with the STA and did not receive the response frame from this STA for the most recently transmitted frame that requires an immediate response after a SIFS.
  • Only one STA affiliated with the non-AP MLD that is operating on one of the EMLSR links may initiate frame exchanges with the AP MLD.
  • FIG. 7 shows an example of MAC frame format. Not all fields are essential and names of the fields are for illustration purpose only.
  • a MAC frame contains a MAC header, a Frame Body and a frame check sequence (FCS) field.
  • the frame body contains information specific to the frame type.
  • the FCS field may contain a 32-bit cyclic redundancy check (CRC).
  • CRC cyclic redundancy check
  • the FCS field value may be calculated over all of the fields of the MAC header and the Frame Body field.
  • the Type and Subtype subfields in the MAC header together identify the function of the frame. There are three frame types: control, data, and management.
  • the More Fragments subfield in Data or Management frames indicates that another fragment of the current MSDU or current MMPDU follows.
  • the Retry subfield indicates that current Data or Management frame is a retransmission of an earlier frame.
  • the Power Management (PM) subfield is used to indicate the power management mode of a STA.
  • the More Data subfield indicates to a STA in PS mode that more BUs are buffered for that STA at the AP.
  • the More Data subfield is valid in individually addressed Data or Management frames transmitted by an AP to a STA in PS mode.
  • the More Data subfield indicates that buffered data is present.
  • the Protected Frame subfield indicates that the Frame Body field contains information that has been processed by a cryptographic encapsulation algorithm.
  • +HTC subfield may indicate that the frame contains an HT Control field.
  • the Duration field (or Duration/ID field) in Data and Management frames may contain a duration for single and multiple protection.
  • the Duration field of the frame can set a NAV value at receiving STAs that protects up to the end of any following Data, Management, or response frame plus any additional overhead frames.
  • the Duration field of the frame can set a NAV that protects up to the estimated end of a sequence of multiple frames.
  • a non-AP STA can be in one of two power management modes.
  • active mode the STA receives and transmits frames at any time if the STA is in awake state.
  • a non-HE STA can remain in the awake state.
  • a HE STA can remain in the awake state, unless the STA is unavailable.
  • a STA that is unavailable is not capable of receiving PPDUs.
  • PS power save
  • the STA enters the awake state to receive or transmit frames. The STA remains in doze state (or sleep state) otherwise.
  • a STA in PS mode can be in one of two power states. In awake state, the STA is fully powered. In doze state, the STA is not able to transmit or receive PPDUs and consumes very low power. The manner in which a STA transitions between power states is determined by its power management mode.
  • a STA that is associated with an AP and that changes power management mode can inform the AP of this fact using a Power Management subfield within a Frame Control field of transmitted frames.
  • the Power Management subfield set to 1 indicates that the STA will be in power save mode.
  • the Power Management subfield set to 0 indicates that the STA will be in active mode.
  • the STA can remain in its current power management mode until the STA informs the AP of a power management mode change via a frame exchange sequence that includes an acknowledgment from the AP.
  • Power management mode does not change during any single frame exchange sequence. This means the Power Management subfield is the same for all MAC protocol data units (MPDUs) in an aggregate-MPDU (A-MPDU). The Power Management subfield may be ignored in frame exchange sequences initiated by the AP.
  • MPDUs MAC protocol data units
  • A-MPDU aggregate-MPDU
  • the AP can buffer individually addressed buffered units addressed to STAs operating in a PS mode. These buffered buffered units can be transmitted only at designated times. A STA that has transmitted a frame to an AP with which it is not associated and from which it expects a response can remain in the awake state until such a response is received or until the procedure has timed out.
  • a STA can inform the AP by completing a successful frame exchange that is initiated by the STA.
  • This frame exchange sequence can include a Management frame, Extension frame or Data frame from the STA, and an Ack or a BlockAck frame from the AP.
  • the Power Management subfield(s) in the Frame Control field of the frame(s) sent by the STA in this exchange indicates the power management mode that the STA can adopt upon successful completion of the entire frame exchange sequence.
  • a non-AP STA may not change power management mode using a frame exchange sequence that does not receive an Ack or BlockAck frame from the AP, or using a BlockAckReq frame. Since a PS-Poll frame exchange sequence does not necessarily result in an Ack frame from the AP, a non-AP STA cannot change power management mode using the PS-Poll frame.
  • FIG. 8 shows an example of EMLSR operation according to an embodiment of the present disclosure.
  • STA1 and STA2 are affiliated STAs of STA MLD.
  • the AP sends a MU-RTS as an initial control frame.
  • STA0 sends a CTS as a response to the MU-RTS.
  • STA1 which uses same link with STA0 sets a NAV based on the received MU-RTS.
  • a STA can use information from an RTS frame or MU-RTS Trigger frame as the most recent basis to update its NAV setting.
  • FIG. 9 shows another example of EMLSR operation according to an embodiment of the present disclosure.
  • STA1 that used information from an RTS frame or MU-RTS Trigger frame as the most recent basis to update its NAV setting is permitted to reset its NAV if no PHY-RXSTART.indication primitive is received from the PHY during a NAVTimeout period starting when the MAC receives a PHY-RXEND.indication primitive corresponding to the detection of the RTS frame or MU-RTS Trigger frame.
  • the NAVTimeout period may be equal to (2 ⁇ aSIFSTime)+(CTS_Time)+aRxPHYStartDelay+(2 ⁇ aSlotTime). If an RTS frame is used for the most recent NAV update, CTS_Time is calculated using the length of the CTS frame and the data rate at which the RTS frame used for the most recent NAV update was received. If an MU-RTS Trigger frame was used for the most recent NAV update, CTS_Time is calculated using the length of the CTS frame and the 6 Mb/s data rate. aRxPHYStartDelay may have the predefined value (for example, 32 us for EHT TB PPDUs).
  • FIG. 10 shows still another example of EMLSR operation according to an embodiment of the present disclosure.
  • EMLSR mode after a STA affiliated with an STA MLD receives an initial Control frame (i.e., MU-RTS) and set its NAV, if the STA affiliated with the STA MLD can't perform a listening operation (i.e., CCA and receiving the initial Control frame of frame exchanges), the resetting NAV is not permitted even though no PHY-RXSTART.indication primitive is received from the PHY during the NAVTimeout period. But, if the STA affiliated with the STA MLD can perform a listening operation during the NAVTimeout period, the resetting NAV is permitted when no PHY-RXSTART.indication primitive is received from the PHY during the NAVTimeout period.
  • STA2 of the STA MLD does not perform the listening operation since STA2 sends a RTS as an initial Control frame.
  • STA1 of the STA MLD does not reset the NAV.
  • FIG. 11 shows an example of cross link power management according to an embodiment of the present disclosure.
  • a first STA of STA MLD operating on a first link can change the power management of a second STA of STA MLD operating on a second link.
  • a QoS Null frame with empty Frame Body field is used to change the power management mode.
  • STA1 of STA MLD sends a QoS Null frame with PM bit set to 0, and STA2 of STA MLD also sends a QoS Null frame with PM bit set to 0 and a Multi-Link Control (MLC) field indicating the Link1.
  • MLC Multi-Link Control
  • the MLC field indicates a link to which the corresponding PM bit is applied. Since the QoS Null frame of STA1 and the QoS Null frame of STA2 indicates same power management mode on Link1, STA1 is allowed to enter in active mode.
  • STA1 of STA MLD sends a QoS Null frame with PM bit set to 1, but STA2 of STA MLD sends a QoS Null frame with PM bit set to 0 and the MLC field indicating the Link1. Since the QoS Null frame of STA1 and the QoS Null frame of STA2 does not indicate same power management mode on Link1, STA1 is not allowed to enter in a power save mode.
  • a STA affiliated with a non-AP MLD may change the power management (e.g., active mode, power save mode) of the STA operating on the other EMLSR link(s) by sending a Multi-Link Control (MLC) A-Control field.
  • MLC Multi-Link Control
  • the MLC A-Control field can include a MLC field indicating a link and a PM bit corresponding to the link.
  • the non-AP MLD may not trigger that more than one affiliated STA simultaneously send frames to change the power management of a single STA affiliated with the non-AP MLD.
  • a non-AP can avoid that more than one frame simultaneously sent to AP MLD indicates a different power management status for a single STA.
  • FIG. 12 shows another example of cross link power management according to an embodiment of the present disclosure.
  • a non-AP MLD changes the power management mode (e.g., active mode, power save mode) of a STA operating on the EMLSR link(s).
  • a second STA (STA2) affiliated with the non-AP MLD that operates on the second EMLSR link (Link2) sends the MLC A-Control field to change the power management of a first STA (STA1) affiliated with the non-AP MLD that operates on the first EMLSR link (Link1)
  • the first STA (STA1) does not change the power management mode on the first EMLSR link until a timer (called as an MLC Processing Delay timer) is expired.
  • STA1 can change the power management mode after a predefined time. If STA2 indicates same power management mode with the current power management mode of the STA1, STA2 can send a frame to change the power management mode of the STA1 at any time.
  • the first STA affiliated with the non-AP MLD that operates on the first EMLSR link does not send the MLC A-Control field to change the power management mode of the second STA until a timer (e.g., the Multi-Link Control Processing Delay timer) is expired.
  • the first STA can send the MLC A-Control field to change the power management mode of the second STA after a predefined time. If the first STA indicate same power management mode in the MLC A-Control field as current power management mode of the second STA, the first STA can send a frame carrying such MLC A-Control field at any time.
  • the AP MLD When a non-AP MLD changes the power management mode of a STA operating on the EMLSR link(s), the AP MLD signals to the non-AP MLDs in the Beacon, Probe Response, (Re)Association Response frames a value of the MLC Processing Delay timer, which is the delay time to synchronize the control information among the affiliated APs. If the non-AP MLD intends to send frames for changing the power management mode through other links, the non-AP MLD can start the MLC Processing Delay timer for that STA after sending a frame that triggers to change the power management mode for the specific affiliated STA.
  • the STA can apply the status change of power management mode when the MLC Processing Delay timer is expired. For example, when a non-AP MLD sent the MLC A-Control field to change the power management mode of an affiliated STA to a doze state, the affiliated STA can stay in an awake state until the MLC Processing Delay timer is expired.
  • An attacker may transmit a frame (e.g., QoS Data frame, QoS Null frame, and/or Management frame) having a fake Power Management subfield to an AP on behalf of a victim STA.
  • the fake Power Management subfield inform the AP a fake power management mode of the victim STA.
  • the AP may buffer packets for the victim STA even when the victim STA is in active mode. Or the AP may try to deliver packets to the victim STA while the victim STA is in doze state.
  • the message integrity check (MIC) of the Power Management subfield in the Frame Control field is required.
  • the integrity check of the MAC header in the QoS Data, QoS Null, and/or Management frame is required. Dynamic information (e.g., Duration field) in the MAC header can be masked to 0.
  • IEEE 802.11 standard defines counter mode (CTR) with cipher-block chaining message authentication code (CBC-MAC) protocol (CCMP) as one of robust security network association (RSNA) to provide data confidentiality, authentication, integrity, and replay protection.
  • CTR counter mode
  • CBC-MAC cipher-block chaining message authentication code
  • RSNA robust security network association
  • CCMP is based on the CTR with CBC-MAC (CCM) of the Advanced Encryption Standard (AES) encryption algorithm.
  • CCM combines CTR for data confidentiality and CBC-MAC for authentication and integrity.
  • CCM can protect the integrity of both the MPDU Data field and selected portions of the IEEE 802.11 MPDU header.
  • CCM is a generic mode that can be used with any block-oriented encryption algorithm.
  • CCM may have two parameters, M and L.
  • FIG. 13 shows an example of MAC frame format according an embodiment of the present disclosure.
  • a Frame Body field in the MAC frame includes a CCMP Header, Data and MIC.
  • CCMP-128 processing expands the original MPDU size by 16 octets, 8 octets for the CCMP Header field and 8 octets for the MIC field.
  • CCMP-256 processing expands the original MPDU size by 24 octets, 8 octets for the CCMP Header field, and 16 octets for the MIC field.
  • the CCMP Header field is constructed from packet number (PN), ExtIV, and Key ID subfields.
  • PN is 48-bits PN represented as an array of 6 octets.
  • PN5 is the most significant octet of the PN, and PN0 is the least significant.
  • the ExtIV subfield (for example, bit 5) of the Key ID octet signals that the CCMP Header field extends the MPDU header by a total of 8 octets, compared to the 4 octets added to the MPDU header when Wired equivalent privacy (WEP) is used.
  • the ExtIV bit may always be set to 1 for CCMP.
  • the CCMP Header in a target frame may further contain a Protected Header, Header Key ID, a first partial TSF (e.g., TSF timer [6:13]), and Header-MIC (H-MIC).
  • the first partial TSF may include a part of TSF timer value.
  • the H-MIC of the target frame can be calculated through Cipher-based message authentication code (CMAC)-128 and/or Galois Message Authentication Code (GMAC)-128.
  • CMAC-128 provides data integrity and replay protection using AES-128 in CMAC Mode with a 128-bit integrity key and a CMAC TLen value of 128 (16 octets).
  • the PN can be generated by concatenating the first partial TSF timer in the first TSF subfield and a second partial TSF which is determined by the STA's local TSF timer. (e.g., [14:53]).
  • PN PN0
  • PN5 TSF timer [6:53].
  • the PN can be generated by concatenating (or combining) at least one of the first partial TSF timer, the second partial TSF, a counter, a link identifier and an additional value.
  • the MAC header is the input of the MIC calculation.
  • the Power Management subfield may not be masked and may be included in the additional authentication data (AAD) construction.
  • AAD additional authentication data
  • BSSID Address 2 field
  • the EOSP subfield may not be masked and may be included in the AAD construction.
  • the Protected Header subfield can be included in the CCMP header.
  • the Protected Header subfield may be one type of a protection field which indicates that the corresponding frame includes integrity check information to calculate MIC for protecting an integrity of a part or all of the corresponding frame (and/or an integrity of a part or all of MAC header in the corresponding frame).
  • Integrity check information may include at least one of the Header Key ID, a partial TSF timer and H-MIC.
  • the Protected Header subfield in the CCMP header is set to a first value (e.g., 1) if the MAC header integrity check information is carried. Otherwise it is set to a second value (e.g., 0).
  • the Header Key ID can be the same as the Key ID of the encrypted Data. In such cases, the Header Key ID is not carried.
  • the Protection subfield to indicate that the QoS Null frame includes integrity check information can be included in the Frame Control field of the MAC header.
  • the Protection subfield may be a bit 14 of the Frame Control field or a bit 7 in the QoS Control field.
  • the Protection subfield may set to 1 if the MAC header integrity check information is carried. Otherwise it may be set to 0.
  • the Protection subfield i.e., the Bit 14 in the Frame Control field
  • the Protection subfield can indicate whether the Data is encrypted or not.
  • the MAC header integrity check information may include at least one of the Header Key ID, a partial TSF timer and H-MIC.
  • the MAC header integrity check information can be carried between MAC Header and FCS field.
  • FCS value and the MAC header integrity check information can be combined through various schemes (for example, exclusive OR).
  • the MAC header integrity check information can be carried in the FCS field. Different combining function can be applied.
  • the MAC header integrity check information can be carried in the MAC header.
  • the Sequence Control field (2 octets) may carry a part or all of the MAC header integrity check information and/or the A-Control field can carry a part of all of the MAC header integrity check information.
  • a STA affiliated with a non-AP MLD may change the power management (e.g., active mode, power save mode) of the STA operating on the other EMLSR link(s) by sending the MLC A-Control field.
  • the MLC A-Control field can also be applied to the integrity check when the cross-link power management is used.
  • the MAC header is the input of the MIC calculation.
  • the MLD A-Control field cannot be masked and may be included in the AAD construction.
  • FIG. 14 shows an example of attack in the power management.
  • a victim STA sends to an AP a target frame (e.g., QoS Data, QoS Null, or Management frame) with a Power Management subfield in the Frame Control field equal to 1 to indicates that the victim STA will be in PS mode. While overhearing that the target frame, the attacker STA makes the AP fail to correctly receive the target frame by transmitting a jamming signal. The attacker STA sends an Ack frame to the victim STA on behalf of the AP. After the victim STA enter into the doze state, the victim STA can't receive a frame sent by the AP.
  • a target frame e.g., QoS Data, QoS Null, or Management frame
  • a Power Management subfield in the Frame Control field equal to 1 to indicates that the victim STA will be in PS mode.
  • the attacker STA makes the AP fail to correctly receive the target frame by transmitting a jamming signal.
  • the attacker STA sends an Ack frame to the victim STA on behalf of the AP
  • Control Response frame e.g. Ack frame and/or BlockAck frame
  • the Control response frame may contain the integrity check information.
  • the Protection subfield to indicate that the Ack frame includes the integrity check information can be included in the Frame Control field of the MAC header.
  • the Protection subfield may be a bit 14 of the Frame Control field.
  • the Protection subfield may set to 1 if the integrity check information is carried. Otherwise it may be set to 0.
  • the integrity check information is carried between MAC Header and FCS field. Or, the integrity check information is carried in the FCS field.
  • the integrity check information is carried in the A-Control field.
  • the Protection subfield to indicate that the Block Ack frame includes the integrity check information can be included in the Frame Control field of the MAC header.
  • the Protection subfield may be a bit 14 of the Frame Control field and/or Bit 0 in the BA Control field.
  • the Protection subfield may set to 1 if the integrity check information is carried. Otherwise it may be set to 0.
  • the integrity check information is carried in between the BA Information and FCS field.
  • FIG. 15 shows an example of control response protection according to an embodiment of the present disclosure.
  • a STA can need more processing time to generate the integrity check information.
  • the STA indicates the control response protection processing delay to a peer STA.
  • the STA that intends to receive the control response frame (e.g., Ack and Block Ack frames) with the integrity check information can guarantee the control response protection processing delay time in the soliciting frame by using a padding mechanism (e.g., EOF padding).
  • a padding mechanism e.g., EOF padding
  • control response frame After receiving the control response frame, if the H-MIC in the control response frame is not matched with the MIC calculated by the soliciting STA, the control response frame may be ignored. It is considered as the transmission failure of the soliciting frame.
  • a PPDU synchronous scrambler is used to scramble DATA field, composed of SERVICE, PSDU, tail, and pad parts in a PPDU.
  • the octets of the PSDU are placed in the transmit serial bit stream, bit 0 first and bit 7 last.
  • the same scrambler is used to scramble transmit data and to descramble receive data.
  • a transmitting STA can set the first 7 bits of the scrambling sequence as TXVECTOR parameter SCRAMBLER_INITIAL_VALUE.
  • a receiving STA may generate the RXVECTOR parameter SCRAMBLER_INITIAL_VALUE as the integer representation of the first 7 bits of the scrambling sequence, with the first bit of the scrambling sequence being the LSB of the SCRAMBER_INITIAL_VALUE.
  • FIG. 16 shows an example of MAC Header protection according to an embodiment of the present disclosure.
  • a STA that obtains a TXOP sends an RTS frame to an AP.
  • the AP sends a CTS frame to the STA as a response to the RTS frame.
  • TXVECTOR parameter SCRAMBLER_INITIAL_VALUE in the CTS frame transmitted by the STA is A.
  • RXVECTOR parameter SCRAMBLER_INITIAL_VALUE in the CTS frame received by the AP is A.
  • the STA sends a DATA frame with an H-MIC to the AP. Therefore, the PN used for the H-MIC calculation includes the Header PN field value, which is B, and the RXVECTOR parameter SCRAMBLER_INITIAL_VALUE, which is A.
  • the transmitter can sequentially increase the Header PN field value for each MPDU.
  • the recipient STA sets the TXVECTOR parameter SCRAMBLER_INITIAL_VALUE to a random number.
  • the recipient STA In the replay detection, the recipient STA only maintains the Header PN field value. If the Header PN field value of a received frame is less than or equal to the latest Header PN field value that the recipient STA maintains, then the frame is discarded.
  • the recipient STA At the end of the TXOP, the recipient STA resets the SCRAMBLER_INITIAL_VALUE used for the Header MIC calculation. Therefore, another negotiation about SCRAMBLER_INITIAL_VALUE is needed when the TXOP starts.
  • FIG. 17 shows an example of MAC Header protection according to an embodiment of the present disclosure.
  • An Ack frame (and/or BlockAck frame) contains the integrity check information that may include the Header Key ID, Header PN and H-MIC.
  • the H-MIC of the Ack frame can be calculated through CMAC-128 and/or GMAC-128.
  • the PN can be generated by concatenating the Header PN field value carried in the frame with the RXVECTOR parameter SCRAMBLER_INITIAL_VALUE of the (MU)-RTS (and/or BSRP Trigger frame) received from the recipient STA at the beginning or middle of the TXOP. That is, the PN used for the H-MIC calculation includes two parts: the first part is determined by the transmitter, and the second part is determined by the recipient STA.
  • the MAC header is the input of the H-MIC calculation.
  • the Address 1 field may not be masked and may be included in the AAD construction.
  • a STA that obtains a TXOP sends a RTS frame to an AP.
  • TXVECTOR parameter SCRAMBLER_INITIAL_VALUE in the RTS frame is A.
  • the AP sends a CTS frame to the STA and receives a DATA frame from the STA.
  • TXVECTOR parameter SCRAMBLER_INITIAL_VALUE in the CTS frame is A.
  • the AP sends an Ack frame with an H-MIC to the STA.
  • the RXVECTOR parameter SCRAMBLER_INITIAL_VALUE in the received RTS frame is A. Therefore, the PN used for the H-MIC calculation includes the Header PN field value, which is B, and the RXVECTOR parameter SCRAMBLER_INITIAL_VALUE, which is A.
  • a TXOP holder is a STA that has either been granted a TXOP by the hybrid coordinator (HC) or successfully contended for a TXOP.
  • a TXOP responder is a STA that transmits a frame in response to a frame received from a TXOP holder during a frame exchange sequence, but that does not acquire a TXOP in the process.
  • a TXOP holder that transmits a PPDU using one of the modulation classes can transmit a short Control frame as the final transmission in a TXOP.
  • the TXOP responder can verify whether the control response frame is correctly received at the TXOP holder before applying information in the MAC header sent by the TXOP holder. If the TXOP responder does not receive the follow-up frame (e.g., CF-END, CTS-to-self) a SIFS after the control response, then the TXOP responder can assume that the TXOP holder did not receive the control response frame. As a result, the responder can discard the received MAC header information (e.g., the PM subfield).
  • the follow-up frame e.g., CF-END, CTS-to-self
  • a phrase referring to “at least one of” or “one or more of” a list of items refers to any combination of those item, including single members.
  • “at least one of: a, b, and c” is intended to cover the possibilities of: a only, b only, c only, a combination of a and b, a combination of a and c, a combination of b and c, and a combination of a and b and c.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Un dispositif pour un réseau local sans fil génère une trame nulle de qualité de service (QoS) comprenant un en-tête de commande d'accès au support (MAC). La trame nulle de QoS comprend un champ de protection indiquant que la trame nulle de QoS comprend des informations de vérification d'intégrité pour calculer une vérification d'intégrité de message (MIC) pour protéger une intégrité d'une partie ou de la totalité de l'en-tête MAC.
PCT/KR2023/015720 2022-10-28 2023-10-12 Dispositif et procédé de protection de trame dans un réseau local sans fil Ceased WO2024090853A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020257013183A KR20250096713A (ko) 2022-10-28 2023-10-12 무선랜에서 프레임 보호를 위한 장치 및 방법

Applications Claiming Priority (8)

Application Number Priority Date Filing Date Title
KR10-2022-0140822 2022-10-28
KR20220140822 2022-10-28
KR10-2023-0094665 2023-07-20
KR20230094665 2023-07-20
KR10-2023-0101568 2023-08-03
KR20230101568 2023-08-03
KR20230109490 2023-08-22
KR10-2023-0109490 2023-08-22

Publications (1)

Publication Number Publication Date
WO2024090853A1 true WO2024090853A1 (fr) 2024-05-02

Family

ID=90831201

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2023/015720 Ceased WO2024090853A1 (fr) 2022-10-28 2023-10-12 Dispositif et procédé de protection de trame dans un réseau local sans fil

Country Status (2)

Country Link
KR (1) KR20250096713A (fr)
WO (1) WO2024090853A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10104553B2 (en) * 2013-03-15 2018-10-16 Qualcomm Incorporated Protected control frames
WO2019182420A1 (fr) * 2018-03-22 2019-09-26 주식회사 윌러스표준기술연구소 Procédé et terminal de communication sans fil faisant appel à une trame de réveil de longueur variable
US20210345239A1 (en) * 2020-04-29 2021-11-04 Qualcomm Incorporated Dynamic parameters for multi-user channel access
US20220132306A1 (en) * 2020-10-23 2022-04-28 Apple Inc. Protected High-Throughput Control Subfield
EP4002899A1 (fr) * 2020-11-20 2022-05-25 Apple Inc. Améliorations de la confidentialité et du fonctionnement de dispositif à liaisons multiples

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10104553B2 (en) * 2013-03-15 2018-10-16 Qualcomm Incorporated Protected control frames
WO2019182420A1 (fr) * 2018-03-22 2019-09-26 주식회사 윌러스표준기술연구소 Procédé et terminal de communication sans fil faisant appel à une trame de réveil de longueur variable
US20210345239A1 (en) * 2020-04-29 2021-11-04 Qualcomm Incorporated Dynamic parameters for multi-user channel access
US20220132306A1 (en) * 2020-10-23 2022-04-28 Apple Inc. Protected High-Throughput Control Subfield
EP4002899A1 (fr) * 2020-11-20 2022-05-25 Apple Inc. Améliorations de la confidentialité et du fonctionnement de dispositif à liaisons multiples

Also Published As

Publication number Publication date
KR20250096713A (ko) 2025-06-27

Similar Documents

Publication Publication Date Title
US12250741B2 (en) Security for multi-link operation in a wireless local area network (WLAN)
WO2024025340A1 (fr) Dispositif et procédé d'accès à un canal
WO2010044624A2 (fr) Procédé permettant une transmission de trame de multidiffusion et une détection de trame de multidiffusion dupliquée
WO2016108633A1 (fr) Procédé et dispositif permettant d'effectuer une transmission de liaison montante après la réception d'une trame de déclenchement dans un système de lan sans fil
WO2016105128A1 (fr) Procédé d'émission et de réception d'un signal d'accusé de réception/accusé de réception négatif pour des données multi-utilisateur en liaison montante dans un système lan sans fil, et appareil correspondant
WO2019088732A1 (fr) Procédé de transmission ou de réception de trame dans un lan sans fil et appareil associé
WO2021201504A1 (fr) Procédé et dispositif de mise à jour de paramètres dans un système de communication prenant en charge une liaison multiple
US20240305987A1 (en) Wireless packet header protection
WO2016163798A1 (fr) Procédé et appareil de réception de pdu mac dans un système de communication mobile
WO2018231012A1 (fr) Procédé et appareil permettant de contrôler l'encombrement de réseau dans un système de communication mobile de prochaine génération
WO2019190154A1 (fr) Procédé et appareil de transmission d'une demande de planification dans un système de communication mobile
CN120982063A (zh) 基于多链路设备(mld)的中继架构
WO2016111558A1 (fr) Procédé et dispositif d'émission et de réception de trame concernant une émission multi-utilisateurs dans un système de réseau local sans fil
WO2024071665A1 (fr) Dispositif et procédé de transmission de trame de balise
WO2024150979A1 (fr) Dispositif et procédé de reconfiguration de liaisons multiples dans un réseau local sans fil
WO2024090853A1 (fr) Dispositif et procédé de protection de trame dans un réseau local sans fil
US20240298173A1 (en) Secure control information
WO2024233066A1 (fr) Améliorations de planification pour partage d'opportunité de transmission
WO2024090854A1 (fr) Dispositif et procédé de protection de trame de commande dans un réseau local sans fil
WO2025033912A1 (fr) Opération pour dispositif multilien
WO2025063505A1 (fr) Commutation de sous-canal pour réseau local sans fil
WO2025018818A1 (fr) Commutation de sous-canal pour réseau local sans fil
WO2025053601A1 (fr) Dispositif et procédé de partage d'opportunité de transmission
WO2024144101A1 (fr) Dispositif et procédé de transmission de données à faible latence dans un réseau local sans fil
US20240381418A1 (en) Scheduling enhancements for transmit opportunity sharing

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23882960

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWP Wipo information: published in national office

Ref document number: 1020257013183

Country of ref document: KR

122 Ep: pct application non-entry in european phase

Ref document number: 23882960

Country of ref document: EP

Kind code of ref document: A1