[go: up one dir, main page]

WO2025231613A1 - Devices and methods for privacy-preserving communication in a wlan - Google Patents

Devices and methods for privacy-preserving communication in a wlan

Info

Publication number
WO2025231613A1
WO2025231613A1 PCT/CN2024/091431 CN2024091431W WO2025231613A1 WO 2025231613 A1 WO2025231613 A1 WO 2025231613A1 CN 2024091431 W CN2024091431 W CN 2024091431W WO 2025231613 A1 WO2025231613 A1 WO 2025231613A1
Authority
WO
WIPO (PCT)
Prior art keywords
mpdu
msdu
wlan station
encrypted
mld
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/CN2024/091431
Other languages
French (fr)
Inventor
Stephen Mccann
Michael Montemurro
Arik Klein
Oren Hencinski
Guogang HUANG
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to PCT/CN2024/091431 priority Critical patent/WO2025231613A1/en
Publication of WO2025231613A1 publication Critical patent/WO2025231613A1/en
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Definitions

  • the present disclosure relates to wireless communications. More specifically, the present disclosure relates to devices and methods for privacy-preserving communication in a wireless local area network, WLAN, in particular a WLAN (also referred to as Wi-Fi network) according to the IEEE 802.11 framework of standards.
  • WLAN wireless local area network
  • Wi-Fi network also referred to as Wi-Fi network
  • IEEE 802.11-based wireless local area networks WLANs, (also referred to as Wi-Fi networks) have become popular at an unprecedented rate.
  • the IEEE 802.11 standard amendment IEEE 802.11bi is looking to define privacy mechanisms related to WLAN operation.
  • WLAN privacy mechanisms require cryptographic encapsulation between the WLAN devices.
  • One of the main privacy challenges is not exposing Personally Identifiable Information, PII, in WLAN headers in the transmission of both data and management frames after association. This is because WLAN communication exposes PII and tracking information that can be used by an attacker to monitor a device or user.
  • An 802.11 frame header includes not only receiver/transmitter information, but also the source and destination addresses of the data transmitted over the WLAN. There are no IEEE 802.11 procedures that reduce the exposure of PII for data communications.
  • a WLAN station such as an access point, AP, or a non-AP station, is provided for communicating with a further WLAN station, such as a non-AP station or an AP.
  • the WLAN station according to the first aspect is configured to cryptographically encrypt a MAC Service Data Unit, MSDU, payload, wherein the MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU, wherein the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs.
  • the WLAN station according to the first aspect is configured to generate a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, based on the cryptographically encrypted MSDU payload, including the one or more encrypted SAs and the one or more encrypted DAs, and to transmit the MPDU or A-MPDU to the further WLAN station.
  • the WLAN station according to the first aspect is configured to transmit the MPDU or A-MPDU to the further WLAN station in the form of a PHY protocol data unit, PPDU.
  • the WLAN station according to the first aspect implements an improved privacy scheme that allows a transmitted IEEE 802.11 frame to contain a minimum amount of information that can be tracked, potentially exposing PII over the WLAN.
  • the MPDU or A-MPDU comprises a header, in particular a MAC header, with a plurality of address fields, wherein one of the plurality of address fields, in particular the Address 2 field, comprises a variable transmitter address, TA, i.e. a variable TA value, and wherein another one of the plurality of address fields, in particular the Address 1 field, comprises a variable receiver address, RA, i.e. a variable RA value.
  • a variable TA (value) and a variable RA (value) means that the TA (value) and the RA (value) may change across transmissions.
  • the variable TA (value) and the variable RA (value) may be randomly chosen or generated by the WLAN station according to the first aspect.
  • one or more of the plurality of address fields of the header of the MPDU or A-MPDU, in particular the Address 3 and 4 fields thereof comprise i.e. indicate a basic service set identifier, BSSID, of the WLAN station or the AP with which the WLAN station is associated.
  • the WLAN station is configured to transmit a frame to the further WLAN station, wherein the frame comprises an indication of the capability of the WLAN station to include the one or more encrypted SAs and the one or more encrypted DAs in the MPDU or A-MPDU and wherein the frame is a Beacon frame, a Probe Response frame, an Association Request frame, or a Reassociation Request frame.
  • the WLAN station is configured to exchange the actual SA of the WLAN station with the further WLAN station by means of a security association establishment procedure, such as a 4-way handshake procedure, a Fast Transition, FT, procedure, or a Fast Initial Link Setup, FILS, procedure.
  • a security association establishment procedure such as a 4-way handshake procedure, a Fast Transition, FT, procedure, or a Fast Initial Link Setup, FILS, procedure.
  • the WLAN station is a Multi-Link Device, MLD, with a plurality of affiliated stations for communicating via a plurality of links with the further WLAN station in the form of a further MLD with a plurality of further affiliated stations.
  • the MLD comprises processing circuitry configured to encrypt the MSDU payload.
  • the MLD comprises a communication interface configured to distribute the encrypted MSDU payload, including the one or more encrypted SAs and the one or more encrypted DAs, to one or more of the plurality of affiliated stations.
  • Each of the one or more affiliated stations is configured to generate the MPDU or A-MPDU based on the encrypted MSDU payload and to transmit the MPDU or A-MPDU to a corresponding further affiliated station of the plurality of further stations affiliated with the further MLD that is operating on the same link as the respective station affiliated with the MLD.
  • the processing circuitry of the MLD is further configured to assign a packet number, PN, to the MSDU payload, wherein each of the one or more affiliated stations is configured to assign a respective sequence number, SN, to the MSDU payload.
  • the WLAN station is a non-access point, non-AP, MLD and wherein the non-AP MLD is configured to generate a Reconfiguration Multi-Link element, wherein the Reconfiguration Multi-Link element comprises a STA Info field and wherein the STA Info field of the Reconfiguration Multi-Link element further comprises an alternative affiliated non-AP station MAC address value to be used as a transmitter address, TA, in an Address 2 field or as a receiver address, RA, in an Address 1 field of one or more further frames that will be exchanged with that affiliated non-AP station for announcing or negotiating the further MAC address of the non-AP station affiliated with the non-AP MLD.
  • the STA Info field of the Reconfiguration Multi-Link element further comprises a timer field indicative of the time the alternative affiliated station MAC address takes effect.
  • the timer field may be indicative of the remaining duration that the alternative affiliated station MAC address is effective.
  • the non-AP MLD is configured to transmit a Link Reconfiguration Update Request frame, a Link Reconfiguration Request frame, a Link Reconfiguration Response frame, or a cryptographically encapsulated frame to the further MLD and wherein the Link Reconfiguration Update Request frame, the Link Reconfiguration Request frame, the Link Reconfiguration Response frame, or the cryptographically encapsulated frame comprises the Reconfiguration Multi-Link element.
  • the Link Reconfiguration Update Request frame comprises a Control Pairwise Transient Key, CPTK, element, wherein the CPTK element comprises a first nonce field (containing an Anonce) and a second nonce field (containing a Snonce) for generating a PTK for control frames exchanged between the AP MLD and the associated non-AP MLD.
  • CPTK Control Pairwise Transient Key
  • a method for operating a WLAN station i.e. an access point, AP, or a non-AP station, is provided for communicating with a further WLAN station, i.e. a non-AP station or an AP.
  • the method according to the second aspect comprises:
  • MSDU MAC Service Data Unit
  • MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU
  • MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs;
  • the method according to the second aspect can be performed by the WLAN station according to the first aspect.
  • further features of the method according to the second aspect result directly from the functionality of the WLAN station according to the first aspect as well as its different implementation forms described above and below.
  • a WLAN station i.e. an access point, AP, or a non-AP station
  • the WLAN station is configured to receive from the further WLAN station a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, wherein the MPDU or A-MPDU is based on an encrypted MAC Service Data Unit, MSDU, payload, wherein the encrypted MSDU payload comprises an encrypted MSDU, an encrypted aggregate MSDU, A-MSDU, or an encrypted MAC Management Protocol Data Unit, MMPDU, wherein the encrypted MSDU, the encrypted A-MSDU, or the encrypted MMPDU comprises one or more encrypted source address, SA, values and one or more encrypted destination address, DA, values.
  • the MPDU or A-MPDU comprises a header, in particular a MAC header, with a plurality of address fields, wherein one of the plurality of address fields, in particular the Address 2 field, comprises a variable transmitter address, TA, i.e. a variable TA value, and wherein another one of the plurality of address fields, in particular the Address 1 field, comprises a variable receiver address, RA, i.e. a variable RA value.
  • a variable TA (value) and a variable RA (value) means that the TA (value) and the RA (value) may change across transmissions, as already described above.
  • one or more of the plurality of address fields of the header of the MPDU or A-MPDU, in particular the Address 3 and 4 fields thereof comprise, i.e. indicate a basic service set identifier, BSSID, of the AP with which the further WLAN station is associated.
  • the WLAN station is configured to receive a frame from the further WLAN station, wherein the frame comprises an indication of the capability of the further WLAN station to include the one or more encrypted SAs and the one or more encrypted DAs in the MPDU or A-MPDU and wherein the frame is a Beacon frame, a Probe Response frame, an Association Request frame, or a Reassociation Request frame.
  • the WLAN station according to the third aspect is configured to exchange the SA value of the WLAN station with the further WLAN station by means of a security association establishment procedure, such as a 4-way handshake procedure, a Fast Transition, FT, procedure, or a Fast Initial Link Setup, FILS, procedure.
  • a security association establishment procedure such as a 4-way handshake procedure, a Fast Transition, FT, procedure, or a Fast Initial Link Setup, FILS, procedure.
  • the WLAN station is a Multi-Link Device, MLD, with a plurality of affiliated stations for communicating via a plurality of links with the further WLAN station in the form of a further MLD with a plurality of further affiliated stations.
  • MLD Multi-Link Device
  • Each affiliated station is configured to receive the MPDU or A-MPDU from a corresponding further affiliated station of the plurality of further stations affiliated with the further MLD and operating on the same link, and to derive the encrypted MSDU payload from the MPDU or A-MPDU.
  • the MLD comprises a communication interface configured to receive from one more of the plurality of affiliated stations the encrypted MSDU payload, wherein the MLD further comprises processing circuitry configured to decrypt the encrypted MSDU payload.
  • each affiliated station is configured to extract a sequence number, SN, from the MPDU or A-MPDU and to determine, based on the SN, whether the MPDU or A-MPDU is a duplicate.
  • the processing circuitry of the MLD is further configured to extract a respective packet number, PN, from the MSDU payload and to verify, based on the extracted PN, whether the MSDU payload is a duplicate, in particular across multiple links that are setup with the further MLD prior to delivering it to the higher levels of the protocol stack.
  • PN packet number
  • the WLAN station is an access point, AP, MLD wherein the AP MLD is configured to receive a Reconfiguration Multi-Link element, wherein the Reconfiguration Multi-Link element comprises a STA Info field and wherein the STA Info field of the Reconfiguration Multi-Link element further comprises an alternative affiliated non-AP station MAC address value to be used as a transmitter address, TA, in an Address 2 field or as a receiver address, RA, in an Address 1 field of one or more further frames that will be exchanged with that affiliated non-AP station for announcing or negotiating the further MAC address of the non-AP station affiliated with the non-AP MLD.
  • the STA Info field of the Reconfiguration Multi-Link element further comprises a timer field indicative of the time the alternative affiliated station MAC address takes effect.
  • the timer field may be indicative of the remaining duration that the alternative affiliated station MAC address is effective.
  • the AP MLD is configured to receive a Link Reconfiguration Update Request frame, a Link Reconfiguration Request frame, a Link Reconfiguration Response frame, or a cryptographically encapsulated frame from the further MLD and wherein the Link Reconfiguration Update Request frame, the Link Reconfiguration Request frame, the Link Reconfiguration Response frame, or the cryptographically encapsulated frame comprises the Reconfiguration Multi-Link element.
  • the Link Reconfiguration Update Request frame comprises a Control Pairwise Transient Key, CPTK, element, wherein the CPTK element comprises a first nonce field (containing an ANonce) and a second nonce field (containing a SNonce) for generating a PTK for control frames exchanged between the AP MLD and the associated non-AP MLD.
  • CPTK Control Pairwise Transient Key
  • a method for operating a WLAN station, i.e. an access point, AP, or a non-AP station for communicating with a further WLAN station, i.e. a non-AP station or an AP.
  • the method according to the fourth aspect comprises receiving from the further WLAN station a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, wherein the MPDU or A-MPDU is based on an encrypted MAC Service Data Unit, MSDU, payload, wherein the encrypted MSDU payload comprises an encrypted MSDU, an encrypted aggregate MSDU, A-MSDU, or an encrypted MAC Management Protocol Data Unit, MMPDU, wherein the encrypted MSDU, the encrypted A-MSDU, or the encrypted MMPDU comprises one or more encrypted source address, SA, values and one or more encrypted destination address, DA, values.
  • the method according to the fourth aspect can be performed by the WLAN station according to the third aspect.
  • further features of the method according to the fourth aspect result directly from the functionality of the WLAN station according to the third aspect as well as its different implementation forms described above and below.
  • a computer program product comprising program code which causes a computer or a processor to perform the method according to the second aspect or the method according to the fourth aspect, when the program code is executed by the computer or the processor.
  • Fig. 1a shows a schematic diagram illustrating a WLAN station according to an embodiment in the form of an AP in communication with a plurality of further WLAN stations according to an embodiment in the form of a plurality of non-AP stations;
  • Fig. 1b shows a schematic diagram illustrating a WLAN station according to an embodiment in the form of an AP MLD in communication with a further WLAN station according to an embodiment in the form of a non-AP MLD;
  • Fig. 2 shows a schematic diagram illustrating a frame transmitted from a WLAN station according to an embodiment to one or more further WLAN stations according to an embodiment, wherein MSDU header information is included in the frame body of the frame;
  • Fig. 3 shows a schematic diagram illustrating a STA Info field of a Multi-link element, MLE, of a frame transmitted from a WLAN station according to an embodiment to one or more further WLAN stations according to an embodiment;
  • Fig. 4 shows a table illustrating the Reconfiguration Operation Type subfield encoding implemented by a WLAN station according to an embodiment and a further WLAN station according to an embodiment;
  • Fig. 5 shows a schematic diagram illustrating a CPTK element encoding implemented by a WLAN station according to an embodiment and a further WLAN station according to an embodiment
  • Fig. 6 shows a schematic diagram illustrating the format of a Link Reconfiguration Request frame implemented by a WLAN station according to an embodiment and a further WLAN station according to an embodiment;
  • Fig. 7 shows a flow diagram illustrating steps of a method of operating a WLAN station according to an embodiment
  • Fig. 8 shows a flow diagram illustrating a method of operating a further WLAN station according to an embodiment.
  • a disclosure in connection with a described method may also hold true for a corresponding device or system configured to perform the method and vice versa.
  • a corresponding device may include one or a plurality of units, e.g. functional units, to perform the described one or plurality of method steps (e.g. one unit performing the one or plurality of steps, or a plurality of units each performing one or more of the plurality of steps) , even if such one or more units are not explicitly described or illustrated in the figures.
  • a specific apparatus is described based on one or a plurality of units, e.g.
  • a corresponding method may include one step to perform the functionality of the one or plurality of units (e.g. one step performing the functionality of the one or plurality of units, or a plurality of steps each performing the functionality of one or more of the plurality of units) , even if such one or plurality of steps are not explicitly described or illustrated in the figures. Further, it is understood that the features of the various exemplary embodiments and/or aspects described herein may be combined with each other, unless specifically noted otherwise.
  • FIG. 1a shows a wireless communication network 100 in the form of a wireless local area network, WLAN, in accordance with the IEEE 802.11 framework of standards (also referred to as a Wi-Fi network 100) .
  • the WLAN or Wi-Fi network 100 comprises a WLAN station 110 (also referred to as Wi-Fi station 110 herein) , which may be implemented in the form of an AP 110, and a plurality of further WLAN stations 120 (also referred to as further Wi-Fi stations 120 herein) in the form of, for instance, non-AP stations 120.
  • the non-AP stations 120 may comprise smartphones, laptop computers, tablet computers, desktop computers or other types of wireless devices 120.
  • the AP 110 as a WLAN station 110 and the non-AP stations 120 as further WLAN stations 120 will be described in more detail below.
  • the non-AP stations 120 may be implemented as the WLAN station and the AP 110 as the further WLAN station as well in accordance with the following embodiments.
  • the AP 110 may comprise a processing circuitry 111 and a communication interface 113, in particular a wireless communication interface 113 enabling communication in accordance with the IEEE 802.11 framework of standards over a channel 130.
  • the processing circuitry 111 may be implemented in hardware and/or software and may comprise digital circuitry, or both analog and digital circuitry.
  • Digital circuitry may comprise components such as application-specific integrated circuits (ASICs) , field-programmable gate arrays (FPGAs) , digital signal processors (DSPs) , or general-purpose processors.
  • the AP 110 may further comprise a memory 115 configured to store executable program code which, when executed by the processing circuitry 111, causes the AP 110 to perform the functions and methods described herein.
  • the non-AP station (s) 120 may comprise a processing circuitry 121 and a communication interface 123, in particular a wireless communication interface 123 enabling a communication in accordance with the IEEE 802.11 framework of standards over the channel 130.
  • the processing circuitry 121 may be implemented in hardware and/or software and may comprise digital circuitry, or both analog and digital circuitry.
  • Digital circuitry may comprise components such as application-specific integrated circuits (ASICs) , field-programmable gate arrays (FPGAs) , digital signal processors (DSPs) , or general-purpose processors.
  • the non-AP station (s) 120 may further comprise a memory 125 configured to store executable program code which, when executed by the processing circuitry 121, causes the non-AP station (s) 120 to perform the functions and methods described herein.
  • the WLAN station may be implemented as an AP Multi-Link Device, AP MLD, 110 or a non-AP MLD 120 (and likewise the further WLAN station may be implemented as a non-AP MLD 120 or an AP MLD 110) .
  • the AP MLD 110 comprises a plurality of affiliated access points, APs, 114a-c communicating via a plurality of setup links 130a, b (for instance a 2.4 GHz link 130a and a 5 GHz link 130b) with a plurality of the corresponding non-AP stations 124a, b affiliated with the non-AP MLD 120 in an IEEE 802.11 based WLAN 100 using a Multi-Link Operation, MLO, mode.
  • MLO Multi-Link Operation
  • data and most management traffic may be exchanged directly between the MLDs 110, 120 through one or more of the affiliated APs 114a, b.
  • Control traffic is usually exchanged between the affiliated non-AP STAs 124a, b and the affiliated APs 114a, b on a given link 130a or 130b.
  • MLO mode communications between the two MLDs 110, 120 may use either one of the independently operating radio links 130a, b.
  • MLO at the MAC layer together with a multi-link device (MLD) has been introduced in IEEE 802.11be.
  • MLO provides requirements for MLDs to maintain multiple WLAN connections across multiple links.
  • a multiple link operation may also include a single radio STA that is able to multiplex between different frequency bands providing multiple logical WLAN connections. It allows traffic to flow on multiple links and provides a performance gain of using multiple channels.
  • each link such as the links 130a, b shown in figure 1b, may be established during an ML setup procedure between the AP MLD 110 and the non-AP MLD 120.
  • the MLDs 110, 120 may each comprise processing circuitry 111, 121, for instance, one or more processors or CPUs for processing data as well as implementing a respective Upper MAC Layer 111, 121.
  • the processing circuitry 111, 121 may be implemented in hardware and/or software and may comprise digital circuitry, or both analog and digital circuitry.
  • Digital circuitry may comprise components such as application-specific integrated circuits (ASICs) , field-programmable gate arrays (FPGAs) , digital signal processors (DSPs) , or general-purpose processors.
  • the MLDs 110, 120 may further each comprise a memory configured to store executable program code which, when executed by the processing circuitry 111, 121, causes the respective MLD 110, 120 to perform the functions and methods described herein.
  • the WLAN station implemented, for instance, as the AP 110 of figure 1a or the AP MLD 110 of figure 1b and the further WLAN station implemented, for instance, as the non-AP station (s) 120 of figure 1a or the non-AP MLD 110 of figure 1b, in the following some technical background as well as terminology will be introduced making use of one or more of the following abbreviations and/or acronyms:
  • an access point is a wireless station (STA) that provides access to other networks.
  • An AP can support many connected non-AP STAs and deliver data to associated non-AP STAs.
  • APs use control information to control traffic flow over the wireless medium among all associated non-AP STAs within a BSS.
  • Data traffic is exchanged between two or more stations (STAs) in a WLAN to facilitate communication, one of which is typically an AP.
  • the data frames are either generated by the two or more STAs and/or by an external network.
  • This traffic is delivered in a secured manner over the WLAN when the AP and the corresponding non-AP STAs negotiate a cryptographic encapsulation method and keys to encrypt the data traffic.
  • Management traffic is exchanged between the AP and one or more non-AP STAs in a BSS to establish and maintain state of data communications.
  • Security can be negotiated to encrypt or sign management traffic.
  • Control traffic is exchanged between the AP and the non-AP STAs in a BSS to control the flow of the data frame exchange.
  • a MAC Service Data Unit refers to data information that is exchanged with the logical link control (LLC) to higher protocol layers, or to a bridge port.
  • LLC logical link control
  • a MAC Protocol Data Unit, MPDU takes the MSDU (or a part thereof) and maps the information to an 802.11 Data frame by including header information such as address information, a sequence number (SN) , QoS information, and FCS, as well as the data payload itself. If secure communication is negotiated between peer MACs, the MPDU is cryptographically encapsulated. A cryptographically encapsulated MPDU also includes a packet number (PN) that is used to perform replay detection for the received data and during the operation of data encryption/decryption.
  • PN packet number
  • MMPDU MAC Management Protocol Data Unit
  • the MMPDU occupies a position in the management plane similar to that of the MSDU in the data plane.
  • data can be aggregated using either MSDUs or MPDUs.
  • MSDU aggregation When MSDU aggregation is negotiated, several MSDUs with the same destination address (DA) are grouped into a single A-MSDU (aggregate-MSDU) .
  • the A-MSDU is used to form the payload of an MPDU.
  • A-MPDU aggregated MPDUs
  • MAC peers establish a block ack (acknowledgement) agreement to communicate A-MPDUs (aggregated MPDUs) .
  • A-MPDU consist of several MPDUs that are transmitted as a single PHY protocol data unit (PPDU) .
  • PPDU PHY protocol data unit
  • BA Block acknowledgement
  • IEEE 802.11be has introduced a multi-link device (MLD) , such as the AP MLD 110 and the non-AP MLD 120 illustrated in figure 1b.
  • the MLDs 110, 120 communicate over multiple WLAN radio links 130a, b that have been setup between the AP MLD 110 and its associated non-AP MLD 120.
  • the ML setup allows traffic to flow on multiple setup links and provides a performance gain of using multiple channels.
  • the AP MLD 110 has one or more affiliated APs 114a-c, where each affiliated AP 114a-c is operating on a different channel 130a, b.
  • the non-AP MLD 120 has one or more affiliated non-AP STAs 124a, b, where each affiliated non-AP STA 124a, b is operating on a different setup link 130a, b.
  • the AP MLD 110 has 3 different links.
  • the non-AP MLD 120 has been associated with the AP MLD 110 by setting up 2 links 130a, b with the AP MLD 110, on which the frames are exchanged between the AP MLD 110 and the non-AP MLD 130.
  • a Multi-Link Element allows providing information corresponding to links of an MLD other than the link (s) used for transmitting the frame in which the MLE is contained.
  • MLEs e.g. Basic and Reconfiguration MLEs
  • the MLE is included mainly in Beacon, Probe Response, Authentication, Association Request and Association Response frames when exchanged between MLDs.
  • a Multi-Link Control field differentiates the different Types of MLEs.
  • a Common Info field carries information that is common to all the links.
  • a Link Info field carries information specific to each link (e.g. affiliated APs and STAs) . During the process of MLD discovery, the Link Info field is not included within the Basic MLE, as described in the 802.11be amendment, section 35.3.4.4.
  • a Link Reconfiguration Request frame is used by a non-AP MLD to request the addition or deletion of links to its ML setup.
  • a WLAN station implemented, for instance, as the AP 110 of figure 1a or the AP MLD 110 of figure 1b is configured to cryptographically encrypt a MAC Service Data Unit, MSDU, payload, which may be provided by a higher layer of the protocol stack of the AP or AP MLD 110.
  • an MSDU payload may be or comprise an MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU, wherein the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs.
  • the cryptographically encrypted i.e.
  • encapsulated MSDU payload generated by the AP or AP MLD 110 (being the WLAN transmitter station 110 for a current transmission) includes the one or more encrypted SAs and the one or more encrypted DAs.
  • the AP 110 or AP MLD 110 is further configured to generate a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, based on the cryptographically encrypted MSDU payload, including the one or more encrypted SAs and the one or more encrypted DAs.
  • An exemplary MPDU or A-MPDU 200 is illustrated in figure 2, which will be described in more detail further below.
  • the AP 110 or any of the APs 114a, b affiliated with the AP MLD 110 is further configured to transmit the MPDU 200 or A-MPDU to one or more further WLAN stations, such as the non-AP stations 120 of figure 1a or the corresponding stations 124a, b affiliated with the non-AP MLD 120 of figure 1b.
  • the WLAN station is configured to transmit the MPDU 200 or A-MPDU to the one or more further WLAN stations in the form of a PPDU.
  • the operations described above may be performed by the WLAN station, such as the AP 110 of figure 1a or the AP MLD 110 of figure 1b, after agreeing to use this procedure (as part of privacy negotiations) with the further WLAN station (s) , such as the non-AP stations 120 of figure 1a or the non-AP MLD 120 of figure 1b.
  • Figure 2 shows that in addition to including the SA (s) 212 and DA (s) 211 the WLAN station may further include other information (e.g. 802.1Q indicator 213) as part of the encrypted payload 210 of the MPDU 200 transmitted from the WLAN station to the further WLAN station (s) , i.e. the associated peer WLAN station (s) .
  • the MPDU 200 (which, as already described above, may be part of an A-MPDU) comprises a header with a plurality of address fields 203a-d, wherein one of the plurality of address fields, in particular the Address 2 field 203b, comprises a variable transmitter address, TA, value and wherein another one of the plurality of address fields 203a-d, in particular the Address 1 field 203a, comprises a variable receiver address, RA, value.
  • a variable TA (value) and a variable RA (value) means that the TA (value) and the RA (value) may change, for instance, across transmissions.
  • the WLAN station may use, for instance, random addresses for TA and RA to preserve privacy of data communications, when transmitting frames over the wireless medium.
  • one or more of the plurality of address fields 203a-d, in particular the Address 3 and 4 fields 203c, 203d, of the MDPU 200 may comprise a basic service set identifier, BSSID.
  • the frame shown in figure 2 may further comprise fields: Frame Control 201, Duration 202, Sequence Control 204, QoS Control 205, HT Control 206 and FCS 220.
  • the WLAN station (as well as the further WLAN station (s) ) may be configured to advertise the ability to provide privacy by (optionally) including “MSDU encapsulation” as a capability.
  • the WLAN station may include in a Beacon frame, a Probe Response frame, an Association Request frame, or a Reassociation Request frame an indication of the capability of the WLAN station to include the one or more encrypted, i.e. cryptographically encapsulated SAs and the one or more encrypted, i.e. cryptographically encapsulated DAs in the MPDU 200 or A-MPDU.
  • the indication may be included in a new Boolean field in an existing 802.11 element, such as the Extended Capability element, the RSNXE, or a newly defined privacy element.
  • a WLAN station may discover that a peer WLAN station supports “MSDU encapsulation” privacy mechanisms through active or passive scanning.
  • a WLAN non-AP station initiates a connection to a peer WLAN AP, it may include the “MSDU encapsulation” capability in (Re) Association Request frames.
  • a WLAN AP receives an (Re) Association Request frame that includes the “MSDU encapsulation” capability along with privacy parameters and completes the negotiation of privacy protection, it may include the “MSDU encapsulation” capability in the (Re) Association Response frame.
  • the MAC address used to identify the WLAN station on the LAN should be protected over the wireless medium.
  • the MAC address used by a WLAN station on the LAN may be communicated as part of security negotiation. This could be done by including the MAC address in the MAC address KDE in the 4-way handshake, FILS Authentication, or FT Authentication.
  • the MLD address is already included in the 4-way handshake procedure.
  • the LAN MAC address may replace the MLD address in the 4-way handshake procedure.
  • the WLAN station and the further WLAN station may be implemented to implement the following transmitting (TX) and receiving (RX) processing stages:
  • TX Assign a packet number, PN, and encapsulate the MSDU Payload.
  • the WLAN station and the further WLAN station maintain RA and TA addresses that are different from what is used over the DS and the network.
  • the SA 212 and DA 211 addresses, and optionally other MSDU header information (e.g. an 802.1Q subfield 213 and Type subfield 214) together with the data payload 215, are included as part of the frame body 210 of the data frame 200.
  • the WLAN station is configured to include an Ethernet frame header as part of the payload, as illustrated in figure 2.
  • the Address 3 and 4 fields 203c, d of the 802.11 frame header may be set to the BSSID of the affiliated AP link.
  • the contents of the frame body are sent through the DS to the LAN, external network, or higher layer protocol stack.
  • the Frame Body subfield 210 of the IEEE 802.11 frame 200 carries an IEEE 802.3 Ethernet frame.
  • the WLAN station is implemented as an AP MLD 110 or a non-AP MLD 120 and the further WLAN station is implemented as a non-AP MLD 120 or an AP MLD 110.
  • the WLAN station is implemented as the non-AP MLD 120 of figure 1b and configured to update the link MAC Address in a way described in the following.
  • the non-AP MLD 120 may be configured to announce or negotiate a new MAC Address corresponding to a link after association with the AP MLD 110.
  • this new MAC Address corresponds to either the Address field 1 203a or the Address field 2 203b, as described above in the context of figure 2.
  • a STA Info field 300 of a Reconfiguration ML element may comprise a further STA MAC Address subfield 306, as illustrated in figure 3.
  • the conventional “STA MAC Address” subfield 302 becomes the old MAC address.
  • An Update Timer subfield 307 may be added to indicate the time this new MAC address corresponding to a link will take effect.
  • the Update Timer subfield 307 may be indicative of the remaining duration that the alternative affiliated station MAC address is effective. This allows the AP MLD 110 (i.e. the further WLAN station for this embodiment) to have time to prepare this change especially when the buffer has some encrypted packets (with the old MAC address if the Control frame and MPDU Header protection is considered) to be transmitted. It is possible to change this link MAC address on a periodic basis.
  • the frame shown in figure 3 may further comprise fields: STA Info Length 301, AP Removal Timer 303, Operation Parameters 304 and NSTR Indication Bitmap 305.
  • the corresponding Reconfiguration Operation Type may be set to Operation Parameter Update (i.e. value 1) or a newly defined value (e.g. Link MAC Address Update) , as illustrated by the table shown in figure 4.
  • Operation Parameter Update i.e. value 1
  • Link MAC Address Update e.g. Link MAC Address Update
  • the non-AP MLD 120 may also be configured to update the corresponding Control PTK, CPTK.
  • Link Reconfiguration Update Request/Response frames (that utilize the Reconfiguration MLE) may be used to update the link MAC address and the corresponding CPTK.
  • the non-AP MLD 120 and the AP MLD 110 may exchange an ANonce and SNonce for the corresponding CPTK.
  • a CPTK element 500 as illustrated in figure 5, or a key derivation key, KDK may be included as an additional element 606 within the Link Reconfiguration Notify/Request/Response frames, as shown in figure 6 for the Link Reconfiguration Request.
  • the CPTK element may be added to the Common Info field of the Reconfiguration MLE (for the Link Reconfiguration Notify and Request frames) , or the Basic MLE (for the Link Reconfiguration Response frame) .
  • the non-AP MLD 120 generates and sends the SNonce 505 in the Link Reconfiguration request and the AP MLD 110 generates and sends the ANonce 504 in the Link Reconfiguration response.
  • the frame shown in figure 5 may further comprise fields: Element ID 501, Length 502 and Link ID 503.
  • the frame shown in figure 6 may further comprise fields: Category 601, Protected EHT Action 602, Dialog Token 603, Reconfiguration MLE 604 and OCI element 605.
  • Figure 7 shows a flow diagram illustrating steps of a method 700 for operating a WLAN station in the transmission path, such as the AP 110 or the non-AP station 120 of figure 1a, for communicating with a further associated WLAN station, such as the non-AP station 120 or the AP 110 of figure 1a.
  • the method 700 also illustrates the operation of a WLAN station in the transmission path, such as the AP MLD 110 or the non-AP MLD 120 of figure 1b, for communicating with the further WLAN station, such as the non-AP MLD 120 or the AP MLD 110 of figure 1b.
  • the method 700 illustrated in figure 7 comprises a step 701 of encrypting a MAC Service Data Unit, MSDU, payload, wherein the MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU.
  • the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs.
  • the method 700 comprises a step 703 of generating, based on the encrypted MSDU payload, a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU.
  • the method 700 further comprises a step 705 of transmitting the MPDU or A-MPDU to the further WLAN receiver station 120.
  • the method 700 can be implemented by the WLAN station 110 in a transmission operation, further features of the method 700 result directly from the functionality of the WLAN transmitter station 110 as well as its different embodiments described above and below.
  • FIG 8 shows a flow diagram illustrating a method 800 for operating a WLAN station, such as the non-AP station 120 or the AP 110 of figure 1a, for communicating with a peer associated WLAN station, such as the AP 110 or the non-AP station 120 of figure 1a.
  • the method 800 also illustrates the operation of a WLAN station, such as the AP MLD 110 or the non-AP MLD 120 of figure 1b, for communicating with a further WLAN station, such as the non-AP MLD 120 or the AP MLD 110 of figure 1b.
  • the method 800 illustrated in figure 8 comprises a step 801 of receiving from the further WLAN station 110; 120 a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, wherein the MPDU or A-MPDU is based on an encrypted MAC Service Data Unit, MSDU, payload.
  • the encrypted MSDU payload comprises an encrypted MSDU, an encrypted aggregate MSDU, A-MSDU, or an encrypted MAC Management Protocol Data Unit, MMPDU, wherein the encrypted MSDU, the encrypted A-MSDU, or the encrypted MMPDU comprises one or more encrypted source address values, SAs, and one or more encrypted destination address values, DAs.
  • the method 800 can be implemented by the WLAN station 120, further features of the method 800 result directly from the functionality of the WLAN station 120 as well as its different embodiments described above and below.
  • a WLAN station may advertise its ability to provide privacy by (optionally) including “MSDU encapsulation” as a capability.
  • a WLAN station may include the “MSDU encapsulation” capability with any other privacy parameters in (Re) Association Request frames.
  • the peer WLAN stations maintain RA and TA addresses that are different from what is used over the network.
  • Figure 2 shows the SA 212 and DA 211 addresses, and optionally other MSDU header information (e.g. an 802.1Q subfield 213 and Type subfield 214) together with the data payload 215, are included as part of the frame body 210 of the data frame 200.
  • the non-AP MLD may announce or negotiate a new MAC Address corresponding to any link after association.
  • Figure 3 shows that an additional STA MAC Address subfield 306 may be added in the STA Info field for the Reconfiguration ML element.
  • An Update Timer subfield 307 may be added to indicate the time this new link MAC address will take effect.
  • the Update Timer field 307 may be indicative of the remaining duration that the alternative affiliated station MAC address is effective.
  • the disclosed system, apparatus, and method may be implemented in other manners.
  • the described embodiment of an apparatus is merely exemplary.
  • the unit division is merely logical function division and may be another division in an actual implementation.
  • a plurality of units or components may be combined or integrated into another system, or some features may be ignored or not performed.
  • the displayed or discussed mutual couplings or direct couplings or communication connections may be implemented by using some interfaces.
  • the indirect couplings or communication connections between the apparatuses or units may be implemented in electronic, mechanical, or other forms.
  • the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
  • functional units in the embodiments of the present disclosure may be integrated into one processing unit, or each of the units may exist alone physically, or two or more units are integrated into one unit.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A WLAN station (110; 120) for communicating with a further WLAN station (120; 110) is disclosed. The WLAN station (110; 120) is configured to encrypt a MAC Service Data Unit, MSDU, payload, wherein the MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU, wherein the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs. Moreover, the WLAN station (110; 120) is configured to generate a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, based on the encrypted MSDU payload, and to transmit the MPDU or A-MPDU to the further WLAN station (120; 110).

Description

DEVICES AND METHODS FOR PRIVACY-PRESERVING COMMUNICATION IN A WLAN TECHNICAL FIELD
The present disclosure relates to wireless communications. More specifically, the present disclosure relates to devices and methods for privacy-preserving communication in a wireless local area network, WLAN, in particular a WLAN (also referred to as Wi-Fi network) according to the IEEE 802.11 framework of standards.
BACKGROUND
IEEE 802.11-based wireless local area networks, WLANs, (also referred to as Wi-Fi networks) have become popular at an unprecedented rate. The IEEE 802.11 standard amendment IEEE 802.11bi is looking to define privacy mechanisms related to WLAN operation. WLAN privacy mechanisms require cryptographic encapsulation between the WLAN devices. One of the main privacy challenges is not exposing Personally Identifiable Information, PII, in WLAN headers in the transmission of both data and management frames after association. This is because WLAN communication exposes PII and tracking information that can be used by an attacker to monitor a device or user. An 802.11 frame header includes not only receiver/transmitter information, but also the source and destination addresses of the data transmitted over the WLAN. There are no IEEE 802.11 procedures that reduce the exposure of PII for data communications.
SUMMARY
It is an objective of the present disclosure to provide improved devices and methods for privacy-preserving a communication in a WLAN, in particular a WLAN according to the IEEE 802.11 framework of standards, i.e. a Wi-Fi network.
The foregoing and other objectives are achieved by the subject matter of the independent claims. Further implementation forms are apparent from the dependent claims, the description and the figures.
According to a first aspect a WLAN station, such as an access point, AP, or a non-AP station, is provided for communicating with a further WLAN station, such as a non-AP station or an AP. The WLAN station according to the first aspect is configured to cryptographically encrypt a MAC Service Data Unit, MSDU, payload, wherein the MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU, wherein the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs. Moreover, the WLAN station according to the first aspect is configured to generate a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, based on the cryptographically encrypted MSDU payload, including the one or more encrypted SAs and the one or more encrypted DAs, and to transmit the MPDU or A-MPDU to the further WLAN station. In an implementation form the WLAN station according to the first aspect is configured to transmit the MPDU or A-MPDU to the further WLAN station in the form of a PHY protocol data unit, PPDU. Thus, the WLAN station according to the first aspect implements an improved privacy scheme that allows a transmitted IEEE 802.11 frame to contain a minimum amount of information that can be tracked, potentially exposing PII over the WLAN.
In a further possible implementation form of the WLAN station according to the first aspect, the MPDU or A-MPDU comprises a header, in particular a MAC header, with a plurality of address fields, wherein one of the plurality of address fields, in particular the Address 2 field, comprises a variable transmitter address, TA, i.e. a variable TA value, and wherein another one of the plurality of address fields, in particular the Address 1 field, comprises a variable receiver address, RA, i.e. a variable RA value. In this context, a variable TA (value) and a variable RA (value) means that the TA (value) and the RA  (value) may change across transmissions. In an implementation form, the variable TA (value) and the variable RA (value) may be randomly chosen or generated by the WLAN station according to the first aspect.
In a further possible implementation form, one or more of the plurality of address fields of the header of the MPDU or A-MPDU, in particular the Address 3 and 4 fields thereof, comprise i.e. indicate a basic service set identifier, BSSID, of the WLAN station or the AP with which the WLAN station is associated.
In a further possible implementation form, the WLAN station is configured to transmit a frame to the further WLAN station, wherein the frame comprises an indication of the capability of the WLAN station to include the one or more encrypted SAs and the one or more encrypted DAs in the MPDU or A-MPDU and wherein the frame is a Beacon frame, a Probe Response frame, an Association Request frame, or a Reassociation Request frame.
In a further possible implementation form, the WLAN station is configured to exchange the actual SA of the WLAN station with the further WLAN station by means of a security association establishment procedure, such as a 4-way handshake procedure, a Fast Transition, FT, procedure, or a Fast Initial Link Setup, FILS, procedure.
In a further possible implementation form, the WLAN station is a Multi-Link Device, MLD, with a plurality of affiliated stations for communicating via a plurality of links with the further WLAN station in the form of a further MLD with a plurality of further affiliated stations. The MLD comprises processing circuitry configured to encrypt the MSDU payload. Moreover, the MLD comprises a communication interface configured to distribute the encrypted MSDU payload, including the one or more encrypted SAs and the one or more encrypted DAs, to one or more of the plurality of affiliated stations. Each of the one or more affiliated stations is configured to generate the MPDU or A-MPDU based on the encrypted MSDU payload and to transmit the MPDU or A-MPDU to a corresponding further affiliated station of the plurality of further stations affiliated with the further MLD that is operating on the same link as the respective station affiliated with the MLD.
In a further possible implementation form, the processing circuitry of the MLD is further configured to assign a packet number, PN, to the MSDU payload, wherein each of the one or more affiliated stations is configured to assign a respective sequence number, SN, to the MSDU payload.
In a further possible implementation form, the WLAN station is a non-access point, non-AP, MLD and wherein the non-AP MLD is configured to generate a Reconfiguration Multi-Link element, wherein the Reconfiguration Multi-Link element comprises a STA Info field and wherein the STA Info field of the Reconfiguration Multi-Link element further comprises an alternative affiliated non-AP station MAC address value to be used as a transmitter address, TA, in an Address 2 field or as a receiver address, RA, in an Address 1 field of one or more further frames that will be exchanged with that affiliated non-AP station for announcing or negotiating the further MAC address of the non-AP station affiliated with the non-AP MLD.
In a further possible implementation form, the STA Info field of the Reconfiguration Multi-Link element further comprises a timer field indicative of the time the alternative affiliated station MAC address takes effect. Alternatively, the timer field may be indicative of the remaining duration that the alternative affiliated station MAC address is effective.
In a further possible implementation form, the non-AP MLD is configured to transmit a Link Reconfiguration Update Request frame, a Link Reconfiguration Request frame, a Link Reconfiguration Response frame, or a cryptographically encapsulated frame to the further MLD and wherein the Link Reconfiguration Update Request frame, the Link Reconfiguration Request frame, the Link Reconfiguration Response frame, or the cryptographically encapsulated frame comprises the Reconfiguration Multi-Link element.
In a further possible implementation form, the Link Reconfiguration Update Request frame comprises a Control Pairwise Transient Key, CPTK, element, wherein the CPTK element comprises a first nonce field (containing an Anonce) and a second nonce field (containing a Snonce) for generating a PTK for control frames exchanged between the AP MLD and the associated non-AP MLD.
According to a second aspect a method for operating a WLAN station, i.e. an access point, AP, or a non-AP station, is provided for communicating with a further WLAN station, i.e. a non-AP station or an AP. The method according to the second aspect comprises:
cryptographically encrypting a MAC Service Data Unit, MSDU, payload, wherein the MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU, wherein the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs;
generating a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, based on the cryptographically encrypted MSDU payload (including the one or more encrypted SAs and the one or more encrypted DAs) ; and
transmitting the MPDU or A-MPDU to the further WLAN station.
The method according to the second aspect can be performed by the WLAN station according to the first aspect. Thus, further features of the method according to the second aspect result directly from the functionality of the WLAN station according to the first aspect as well as its different implementation forms described above and below.
According to a third aspect a WLAN station, i.e. an access point, AP, or a non-AP station, is provided for communicating with a further WLAN station, i.e. a non-AP station or an AP. The WLAN station is configured to receive from the further WLAN station a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, wherein the MPDU or A-MPDU is based on an encrypted MAC Service Data Unit, MSDU, payload, wherein the encrypted MSDU payload comprises an encrypted MSDU, an encrypted aggregate MSDU, A-MSDU, or an encrypted MAC Management Protocol Data Unit, MMPDU, wherein the encrypted MSDU, the encrypted A-MSDU, or the encrypted MMPDU comprises one or more encrypted source address, SA, values and one or more encrypted destination address, DA, values.
In a further possible implementation form, the MPDU or A-MPDU comprises a header, in particular a MAC header, with a plurality of address fields, wherein one of the plurality of address fields, in particular the Address 2 field, comprises a variable transmitter address, TA, i.e. a variable TA value, and wherein another one of the plurality of address fields, in particular the Address 1 field, comprises a variable receiver address, RA, i.e. a variable RA value. As used herein, a variable TA (value) and a variable RA (value) means that the TA (value) and the RA (value) may change across transmissions, as already described above.
In a further possible implementation form, one or more of the plurality of address fields of the header of the MPDU or A-MPDU, in particular the Address 3 and 4 fields thereof, comprise, i.e. indicate a basic service set identifier, BSSID, of the AP with which the further WLAN station is associated.
In a further possible implementation form, the WLAN station according to the third aspect is configured to receive a frame from the further WLAN station, wherein the frame comprises an indication of the capability of the further WLAN station to include the one or more encrypted SAs and the one or more encrypted DAs in the MPDU or A-MPDU and wherein the frame is a Beacon frame, a Probe Response frame, an Association Request frame, or a Reassociation Request frame.
In a further possible implementation form, the WLAN station according to the third aspect is configured to exchange the SA value of the WLAN station with the further WLAN station by means of a security association establishment procedure, such as a 4-way handshake procedure, a Fast Transition, FT, procedure, or a Fast Initial Link Setup, FILS, procedure.
In a further possible implementation form, the WLAN station according to the third aspect is a Multi-Link Device, MLD, with a plurality of affiliated stations for communicating via a plurality of links with the further WLAN station in the form of a further MLD with a plurality of further affiliated stations. Each affiliated station is configured to receive the MPDU or A-MPDU from a corresponding further affiliated station of the plurality of further stations affiliated with the further MLD and operating on the same link, and to derive the encrypted MSDU payload from the MPDU or A-MPDU. The MLD comprises a communication interface configured to receive from one more of the plurality of affiliated stations the encrypted MSDU payload, wherein the MLD further comprises processing circuitry configured to decrypt the encrypted MSDU payload.
In a further possible implementation form, each affiliated station is configured to extract a sequence number, SN, from the MPDU or A-MPDU and to determine, based on the SN, whether the MPDU or A-MPDU is a duplicate.
In a further possible implementation form, the processing circuitry of the MLD is further configured to extract a respective packet number, PN, from the MSDU payload and to verify, based on the extracted PN, whether the MSDU payload is a duplicate, in particular across multiple links that are setup with the further MLD prior to delivering it to the higher levels of the protocol stack.
In a further possible implementation form, the WLAN station according to the third aspect is an access point, AP, MLD wherein the AP MLD is configured to receive a Reconfiguration Multi-Link element, wherein the Reconfiguration Multi-Link element comprises a STA Info field and wherein the STA Info field of the Reconfiguration Multi-Link element further comprises an alternative affiliated non-AP station MAC address value to be used as a transmitter address, TA, in an Address 2 field or as a receiver address, RA, in an Address 1 field of one or more further frames that will be exchanged with that affiliated non-AP station for announcing or negotiating the further MAC address of the non-AP station affiliated with the non-AP MLD.
In a further possible implementation form, the STA Info field of the Reconfiguration Multi-Link element further comprises a timer field indicative of the time the alternative affiliated station MAC address takes effect. Alternatively, the timer field may be indicative of the remaining duration that the alternative affiliated station MAC address is effective.
In a further possible implementation form, the AP MLD is configured to receive a Link Reconfiguration Update Request frame, a Link Reconfiguration Request frame, a Link Reconfiguration Response frame, or a cryptographically encapsulated frame from the further MLD and wherein the Link Reconfiguration Update Request frame, the Link Reconfiguration Request frame, the Link Reconfiguration Response frame, or the cryptographically encapsulated frame comprises the Reconfiguration Multi-Link element.
In a further possible implementation form, the Link Reconfiguration Update Request frame comprises a Control Pairwise Transient Key, CPTK, element, wherein the CPTK element comprises a first nonce field (containing an ANonce) and a second nonce field (containing a SNonce) for generating a PTK for control frames exchanged between the AP MLD and the associated non-AP MLD.
According to a fourth aspect a method is provided for operating a WLAN station, i.e. an access point, AP, or a non-AP station for communicating with a further WLAN station, i.e. a non-AP station or an AP. The method according to the fourth aspect comprises receiving from the further WLAN station a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, wherein the MPDU or A-MPDU is based on an encrypted MAC Service Data Unit, MSDU, payload, wherein the  encrypted MSDU payload comprises an encrypted MSDU, an encrypted aggregate MSDU, A-MSDU, or an encrypted MAC Management Protocol Data Unit, MMPDU, wherein the encrypted MSDU, the encrypted A-MSDU, or the encrypted MMPDU comprises one or more encrypted source address, SA, values and one or more encrypted destination address, DA, values.
The method according to the fourth aspect can be performed by the WLAN station according to the third aspect. Thus, further features of the method according to the fourth aspect result directly from the functionality of the WLAN station according to the third aspect as well as its different implementation forms described above and below.
According to a fifth aspect a computer program product is provided, comprising program code which causes a computer or a processor to perform the method according to the second aspect or the method according to the fourth aspect, when the program code is executed by the computer or the processor.
Details of one or more embodiments are set forth in the accompanying drawings and the description below. Other features, objects, and advantages will be apparent from the description, drawings, and claims.
BRIEF DESCRIPTION OF THE DRAWINGS
In the following, embodiments of the present disclosure are described in more detail with reference to the attached figures and drawings, in which:
Fig. 1a shows a schematic diagram illustrating a WLAN station according to an embodiment in the form of an AP in communication with a plurality of further WLAN stations according to an embodiment in the form of a plurality of non-AP stations;
Fig. 1b shows a schematic diagram illustrating a WLAN station according to an embodiment in the form of an AP MLD in communication with a further WLAN station according to an embodiment in the form of a non-AP MLD;
Fig. 2 shows a schematic diagram illustrating a frame transmitted from a WLAN station according to an embodiment to one or more further WLAN stations according to an embodiment, wherein MSDU header information is included in the frame body of the frame;
Fig. 3 shows a schematic diagram illustrating a STA Info field of a Multi-link element, MLE, of a frame transmitted from a WLAN station according to an embodiment to one or more further WLAN stations according to an embodiment;
Fig. 4 shows a table illustrating the Reconfiguration Operation Type subfield encoding implemented by a WLAN station according to an embodiment and a further WLAN station according to an embodiment;
Fig. 5 shows a schematic diagram illustrating a CPTK element encoding implemented by a WLAN station according to an embodiment and a further WLAN station according to an embodiment;
Fig. 6 shows a schematic diagram illustrating the format of a Link Reconfiguration Request frame implemented by a WLAN station according to an embodiment and a further WLAN station according to an embodiment;
Fig. 7 shows a flow diagram illustrating steps of a method of operating a WLAN station according to an embodiment; and
Fig. 8 shows a flow diagram illustrating a method of operating a further WLAN station according to an embodiment.
In the following, identical reference signs refer to identical or at least functionally equivalent features.
DETAILED DESCRIPTION OF THE EMBODIMENTS
In the following description, reference is made to the accompanying figures, which form part of the disclosure, and which show, by way of illustration, specific aspects of embodiments of the present disclosure or specific aspects in which embodiments of the present disclosure may be used. It is understood that embodiments of the present disclosure may be used in other aspects and comprise structural or logical changes not depicted in the figures. The following detailed description, therefore, is not to be taken in a limiting sense, and the scope of the present disclosure is defined by the appended claims.
For instance, it is to be understood that a disclosure in connection with a described method may also hold true for a corresponding device or system configured to perform the method and vice versa. For example, if one or a plurality of specific method steps are described, a corresponding device may include one or a plurality of units, e.g. functional units, to perform the described one or plurality of method steps (e.g. one unit performing the one or plurality of steps, or a plurality of units each performing one or more of the plurality of steps) , even if such one or more units are not explicitly described or illustrated in the figures. On the other hand, for example, if a specific apparatus is described based on one or a plurality of units, e.g. functional units, a corresponding method may include one step to perform the functionality of the one or plurality of units (e.g. one step performing the functionality of the one or plurality of units, or a plurality of steps each performing the functionality of one or more of the plurality of units) , even if such one or plurality of steps are not explicitly described or illustrated in the figures. Further, it is understood that the features of the various exemplary embodiments and/or aspects described herein may be combined with each other, unless specifically noted otherwise.
Figure 1a shows a wireless communication network 100 in the form of a wireless local area network, WLAN, in accordance with the IEEE 802.11 framework of standards (also referred to as a Wi-Fi network 100) . The WLAN or Wi-Fi network 100 comprises a WLAN station 110 (also referred to as Wi-Fi station 110 herein) , which may be implemented in the form of an AP 110, and a plurality of further WLAN stations 120 (also referred to as further Wi-Fi stations 120 herein) in the form of, for instance, non-AP stations 120. As illustrated in figure 1a, by way of example, the non-AP stations 120 may comprise smartphones, laptop computers, tablet computers, desktop computers or other types of wireless devices 120. In the following several embodiments of the AP 110 as a WLAN station 110 and the non-AP stations 120 as further WLAN stations 120 will be described in more detail below. As will be appreciated, however, the non-AP stations 120 may be implemented as the WLAN station and the AP 110 as the further WLAN station as well in accordance with the following embodiments.
As further illustrated in figure 1a, the AP 110 may comprise a processing circuitry 111 and a communication interface 113, in particular a wireless communication interface 113 enabling communication in accordance with the IEEE 802.11 framework of standards over a channel 130. The processing circuitry 111 may be implemented in hardware and/or software and may comprise digital circuitry, or both analog and digital circuitry. Digital circuitry may comprise components such as application-specific integrated circuits (ASICs) , field-programmable gate arrays (FPGAs) , digital signal processors (DSPs) , or general-purpose processors. The AP 110 may further comprise a memory 115 configured to store executable program code which, when executed by the processing circuitry 111, causes the AP 110 to perform the functions and methods described herein.
Likewise, as indicated in figure 1a, the non-AP station (s) 120 may comprise a processing circuitry 121 and a communication interface 123, in particular a wireless communication interface 123 enabling a communication in accordance with the IEEE 802.11 framework of standards over the channel 130. The processing circuitry 121 may be implemented in hardware and/or software and may comprise digital circuitry, or both analog and digital circuitry. Digital circuitry may comprise components such as application-specific integrated circuits (ASICs) , field-programmable gate arrays (FPGAs) , digital signal processors (DSPs) , or general-purpose processors. The non-AP station (s) 120 may further comprise a memory 125 configured to store executable program code which, when executed by the processing circuitry 121, causes the non-AP station (s) 120 to perform the functions and methods described herein.
According to a further embodiment illustrated in figure 1b, within the wireless communication network 100, the WLAN station may be implemented as an AP Multi-Link Device, AP MLD, 110 or a non-AP MLD 120 (and likewise the further WLAN station may be implemented as a non-AP MLD 120 or an AP MLD 110) . As illustrated in figure 1b, the AP MLD 110 comprises a plurality of affiliated access points, APs, 114a-c communicating via a plurality of setup links 130a, b (for instance a 2.4 GHz link 130a and a 5 GHz link 130b) with a plurality of the corresponding non-AP stations 124a, b affiliated with the non-AP MLD 120 in an IEEE 802.11 based WLAN 100 using a Multi-Link Operation, MLO, mode. For the most part, data and most management traffic may be exchanged directly between the MLDs 110, 120 through one or more of the affiliated APs 114a, b. Control traffic, however, is usually exchanged between the affiliated non-AP STAs 124a, b and the affiliated APs 114a, b on a given link 130a or 130b. In the MLO mode communications between the two MLDs 110, 120 may use either one of the independently operating radio links 130a, b.
As will be appreciated, MLO at the MAC layer together with a multi-link device (MLD) , such as the AP MLD 110 and the non-AP MLD 120, has been introduced in IEEE 802.11be. MLO provides requirements for MLDs to maintain multiple WLAN connections across multiple links. A multiple link operation may also include a single radio STA that is able to multiplex between different frequency bands providing multiple logical WLAN connections. It allows traffic to flow on multiple links and provides a performance gain of using multiple channels. As already described above, each link, such as the links 130a, b shown in figure 1b, may be established during an ML setup procedure between the AP MLD 110 and the non-AP MLD 120.
In an embodiment, the MLDs 110, 120 may each comprise processing circuitry 111, 121, for instance, one or more processors or CPUs for processing data as well as implementing a respective Upper MAC Layer 111, 121. The processing circuitry 111, 121 may be implemented in hardware and/or software and may comprise digital circuitry, or both analog and digital circuitry. Digital circuitry may comprise components such as application-specific integrated circuits (ASICs) , field-programmable gate arrays (FPGAs) , digital signal processors (DSPs) , or general-purpose processors. The MLDs 110, 120 may further each comprise a memory configured to store executable program code which, when executed by the processing circuitry 111, 121, causes the respective MLD 110, 120 to perform the functions and methods described herein.
Before describing detailed embodiments of the WLAN station implemented, for instance, as the AP 110 of figure 1a or the AP MLD 110 of figure 1b and the further WLAN station implemented, for instance, as the non-AP station (s) 120 of figure 1a or the non-AP MLD 110 of figure 1b, in the following some technical background as well as terminology will be introduced making use of one or more of the following abbreviations and/or acronyms:
AAD              Additional Authentication Data
A-MPDU           Aggregate MPDU
A-MSDU           Aggregate MSDU
AP               Access Point
BA               Block Acknowledgement
BSS             Basic Service Set
CCMP            Counter Mode Cipher Block Chaining Message Authentication Code Protocol
DS              Distribution System
EHT             Extremely High Throughput
FCS             Forward Correction Sequence
FN              Fragment Number
GCMP            Galois Counter Mode Protocol
LCP             Link Control Protection
LLC             Logical Link Control
MAC             Medium Access Control
ML              Multi-Link
MLD             Multi-Link Device
MLE             Multi-Link Element
MLO             Multi-Link Operation
MMPDU           MAC Management Protocol Data Unit
MPDU            MAC Protocol Data Unit
MSDU            MAC Service Data Unit
MU              Multi User
NC              Non-Co-located
PII             Personally Identifiable Information
PN              Packet Number
RSNA            Robust Security Network Association
SN              Sequence Number
STA             Station
TID             Traffic Identifier
WLAN            Wireless Local Area Network
UHR             Ultra High Reliability
As used herein, an access point (AP) is a wireless station (STA) that provides access to other networks. An AP can support many connected non-AP STAs and deliver data to associated non-AP STAs. APs use control information to control traffic flow over the wireless medium among all associated non-AP STAs within a BSS.
As used herein, there are three main types of frames communicated between WLAN STAs, namely data, management, and control frames. Data traffic is exchanged between two or more stations (STAs) in a WLAN to facilitate communication, one of which is typically an AP. The data frames are either generated by the two or more STAs and/or by an external network. This traffic is delivered in a secured manner over the WLAN when the AP and the corresponding non-AP STAs negotiate a cryptographic encapsulation method and keys to encrypt the data traffic. Management traffic is exchanged between the AP and one or more non-AP STAs in a BSS to establish and maintain state of data communications. Security can be negotiated to encrypt or sign management traffic. Control traffic is exchanged between the AP and the non-AP STAs in a BSS to control the flow of the data frame exchange.
As defined in the IEEE 802.11 framework of standards and as used herein, a MAC Service Data Unit, MSDU, refers to data information that is exchanged with the logical link control (LLC) to higher protocol layers, or to a bridge port.
A MAC Protocol Data Unit, MPDU, takes the MSDU (or a part thereof) and maps the information to an 802.11 Data frame by including header information such as address information, a sequence number (SN) , QoS information, and FCS, as well as  the data payload itself. If secure communication is negotiated between peer MACs, the MPDU is cryptographically encapsulated. A cryptographically encapsulated MPDU also includes a packet number (PN) that is used to perform replay detection for the received data and during the operation of data encryption/decryption.
Another form of payload of the MPDU is an MMPDU (MAC Management Protocol Data Unit) which is transported in one or more management frames. The MMPDU occupies a position in the management plane similar to that of the MSDU in the data plane. In WLAN network communications, data can be aggregated using either MSDUs or MPDUs.
When MSDU aggregation is negotiated, several MSDUs with the same destination address (DA) are grouped into a single A-MSDU (aggregate-MSDU) . The A-MSDU is used to form the payload of an MPDU.
When MPDU aggregation is used MAC peers establish a block ack (acknowledgement) agreement to communicate A-MPDUs (aggregated MPDUs) . A-MPDU consist of several MPDUs that are transmitted as a single PHY protocol data unit (PPDU) . Block acknowledgement (BA) is used to communicate the status of the transmission of data frames within A-MPDUs.
IEEE 802.11be has introduced a multi-link device (MLD) , such as the AP MLD 110 and the non-AP MLD 120 illustrated in figure 1b. The MLDs 110, 120 communicate over multiple WLAN radio links 130a, b that have been setup between the AP MLD 110 and its associated non-AP MLD 120. The ML setup allows traffic to flow on multiple setup links and provides a performance gain of using multiple channels. The AP MLD 110 has one or more affiliated APs 114a-c, where each affiliated AP 114a-c is operating on a different channel 130a, b. Similarly, the non-AP MLD 120 has one or more affiliated non-AP STAs 124a, b, where each affiliated non-AP STA 124a, b is operating on a different setup link 130a, b.
In figure 1b, the AP MLD 110 has 3 different links. The non-AP MLD 120 has been associated with the AP MLD 110 by setting up 2 links 130a, b with the AP MLD 110, on which the frames are exchanged between the AP MLD 110 and the non-AP MLD 130.
A Multi-Link Element (MLE) allows providing information corresponding to links of an MLD other than the link (s) used for transmitting the frame in which the MLE is contained. There are several variants of MLEs (e.g. Basic and Reconfiguration MLEs) that have been defined in the IEEE 802.11 framework of standards. The MLE is included mainly in Beacon, Probe Response, Authentication, Association Request and Association Response frames when exchanged between MLDs. A Multi-Link Control field differentiates the different Types of MLEs. A Common Info field carries information that is common to all the links. A Link Info field carries information specific to each link (e.g. affiliated APs and STAs) . During the process of MLD discovery, the Link Info field is not included within the Basic MLE, as described in the 802.11be amendment, section 35.3.4.4.
A Link Reconfiguration Request frame is used by a non-AP MLD to request the addition or deletion of links to its ML setup.
As will be described in more detail below, a WLAN station implemented, for instance, as the AP 110 of figure 1a or the AP MLD 110 of figure 1b is configured to cryptographically encrypt a MAC Service Data Unit, MSDU, payload, which may be provided by a higher layer of the protocol stack of the AP or AP MLD 110. As used herein and already mentioned above, an MSDU payload may be or comprise an MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU, wherein the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs. In other words, the cryptographically encrypted, i.e. encapsulated MSDU payload generated by the AP or AP MLD 110 (being the WLAN transmitter station 110 for a current transmission) includes the one or more encrypted SAs and the one or more encrypted DAs. The AP 110 or AP MLD 110 is further configured to generate a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, based on the cryptographically encrypted MSDU  payload, including the one or more encrypted SAs and the one or more encrypted DAs. An exemplary MPDU or A-MPDU 200 is illustrated in figure 2, which will be described in more detail further below. The AP 110 or any of the APs 114a, b affiliated with the AP MLD 110 is further configured to transmit the MPDU 200 or A-MPDU to one or more further WLAN stations, such as the non-AP stations 120 of figure 1a or the corresponding stations 124a, b affiliated with the non-AP MLD 120 of figure 1b. In an embodiment, the WLAN station is configured to transmit the MPDU 200 or A-MPDU to the one or more further WLAN stations in the form of a PPDU.
In an embodiment, the operations described above may be performed by the WLAN station, such as the AP 110 of figure 1a or the AP MLD 110 of figure 1b, after agreeing to use this procedure (as part of privacy negotiations) with the further WLAN station (s) , such as the non-AP stations 120 of figure 1a or the non-AP MLD 120 of figure 1b. Figure 2 shows that in addition to including the SA (s) 212 and DA (s) 211 the WLAN station may further include other information (e.g. 802.1Q indicator 213) as part of the encrypted payload 210 of the MPDU 200 transmitted from the WLAN station to the further WLAN station (s) , i.e. the associated peer WLAN station (s) .
Under further reference to figure 2, in an embodiment the MPDU 200 (which, as already described above, may be part of an A-MPDU) comprises a header with a plurality of address fields 203a-d, wherein one of the plurality of address fields, in particular the Address 2 field 203b, comprises a variable transmitter address, TA, value and wherein another one of the plurality of address fields 203a-d, in particular the Address 1 field 203a, comprises a variable receiver address, RA, value. As used herein, a variable TA (value) and a variable RA (value) means that the TA (value) and the RA (value) may change, for instance, across transmissions. In an embodiment, the WLAN station may use, for instance, random addresses for TA and RA to preserve privacy of data communications, when transmitting frames over the wireless medium. Moreover, one or more of the plurality of address fields 203a-d, in particular the Address 3 and 4 fields 203c, 203d, of the MDPU 200 may comprise a basic service set identifier, BSSID. The frame shown in figure 2 may further comprise fields: Frame Control 201, Duration 202, Sequence Control 204, QoS Control 205, HT Control 206 and FCS 220.
In an embodiment, the WLAN station (as well as the further WLAN station (s) ) may be configured to advertise the ability to provide privacy by (optionally) including “MSDU encapsulation” as a capability. For instance, the WLAN station may include in a Beacon frame, a Probe Response frame, an Association Request frame, or a Reassociation Request frame an indication of the capability of the WLAN station to include the one or more encrypted, i.e. cryptographically encapsulated SAs and the one or more encrypted, i.e. cryptographically encapsulated DAs in the MPDU 200 or A-MPDU. The indication may be included in a new Boolean field in an existing 802.11 element, such as the Extended Capability element, the RSNXE, or a newly defined privacy element. In an embodiment, a WLAN station may discover that a peer WLAN station supports “MSDU encapsulation” privacy mechanisms through active or passive scanning. When a WLAN non-AP station initiates a connection to a peer WLAN AP, it may include the “MSDU encapsulation” capability in (Re) Association Request frames. When a WLAN AP receives an (Re) Association Request frame that includes the “MSDU encapsulation” capability along with privacy parameters and completes the negotiation of privacy protection, it may include the “MSDU encapsulation” capability in the (Re) Association Response frame.
To preserve privacy, the MAC address used to identify the WLAN station on the LAN should be protected over the wireless medium. To this end, according to an embodiment the MAC address used by a WLAN station on the LAN may be communicated as part of security negotiation. This could be done by including the MAC address in the MAC address KDE in the 4-way handshake, FILS Authentication, or FT Authentication. As will be appreciated, for MLO, the MLD address is already included in the 4-way handshake procedure. The LAN MAC address may replace the MLD address in the 4-way handshake procedure.
In addition to the MSDU encapsulation described above, i.e. including the MSDU header information in the payload of the MSDU 200, according to an embodiment the WLAN station and the further WLAN station (s) may be implemented to implement the following transmitting (TX) and receiving (RX) processing stages:
1. (TX) Assign a packet number, PN, and encapsulate the MSDU Payload.
2. (TX) Assign a sequence number, SN, to the MSDU Payload.
3. (TX) Generate an MPDU 200 or A-MPDU using the MSDU Payload.
4. (TX) Transmit the MPDU 200 or A-MPDU.
5. (RX) Receive and acknowledge receipt status of the MPDU 200 or A-MPDU.
6. (RX) Perform duplicate detection and reassembly of the MSDU Payload.
7. (RX) Decapsulate the MSDU Payload and perform replay detection.
In the third processing stage, the WLAN station and the further WLAN station maintain RA and TA addresses that are different from what is used over the DS and the network. As already described above in figure 2, the SA 212 and DA 211 addresses, and optionally other MSDU header information (e.g. an 802.1Q subfield 213 and Type subfield 214) together with the data payload 215, are included as part of the frame body 210 of the data frame 200. In an embodiment, the WLAN station is configured to include an Ethernet frame header as part of the payload, as illustrated in figure 2.
As already described above, in an embodiment, the Address 3 and 4 fields 203c, d of the 802.11 frame header may be set to the BSSID of the affiliated AP link. After the reception operation is completed successfully, the contents of the frame body are sent through the DS to the LAN, external network, or higher layer protocol stack. As an example, in the embodiment shown in figure 2, the Frame Body subfield 210 of the IEEE 802.11 frame 200, carries an IEEE 802.3 Ethernet frame.
As already described above in the context of figure 1b, in an embodiment the WLAN station is implemented as an AP MLD 110 or a non-AP MLD 120 and the further WLAN station is implemented as a non-AP MLD 120 or an AP MLD 110. In an embodiment described in more detail in the following the WLAN station is implemented as the non-AP MLD 120 of figure 1b and configured to update the link MAC Address in a way described in the following. In order to preserve privacy, the non-AP MLD 120 may be configured to announce or negotiate a new MAC Address corresponding to a link after association with the AP MLD 110. In an embodiment, this new MAC Address corresponds to either the Address field 1 203a or the Address field 2 203b, as described above in the context of figure 2. More specifically, in an embodiment, a STA Info field 300 of a Reconfiguration ML element may comprise a further STA MAC Address subfield 306, as illustrated in figure 3. The conventional “STA MAC Address” subfield 302 becomes the old MAC address. An Update Timer subfield 307 may be added to indicate the time this new MAC address corresponding to a link will take effect. Alternatively, the Update Timer subfield 307 may be indicative of the remaining duration that the alternative affiliated station MAC address is effective. This allows the AP MLD 110 (i.e. the further WLAN station for this embodiment) to have time to prepare this change especially when the buffer has some encrypted packets (with the old MAC address if the Control frame and MPDU Header protection is considered) to be transmitted. It is possible to change this link MAC address on a periodic basis. The frame shown in figure 3 may further comprise fields: STA Info Length 301, AP Removal Timer 303, Operation Parameters 304 and NSTR Indication Bitmap 305.
The corresponding Reconfiguration Operation Type may be set to Operation Parameter Update (i.e. value 1) or a newly defined value (e.g. Link MAC Address Update) , as illustrated by the table shown in figure 4. There are several options to exchange these values, such as exchanging Multi-link Operation Update Request/Response frame with the AP MLD 110, exchanging Link Reconfiguration Request/Response frame with the AP MLD 110, and/or exchange a new protected frame (encrypted by a PTK) to announce the link MAC address update.
For MPDU Header protection and/or control frame protection, the non-AP MLD 120 may also be configured to update the corresponding Control PTK, CPTK. In an embodiment, Link Reconfiguration Update Request/Response frames (that utilize the Reconfiguration MLE) may be used to update the link MAC address and the corresponding CPTK. The non-AP MLD 120 and the AP MLD 110 may exchange an ANonce and SNonce for the corresponding CPTK. In an embodiment, a CPTK element 500 as illustrated in figure 5, or a key derivation key, KDK, may be included as an additional element 606 within the Link Reconfiguration Notify/Request/Response frames, as shown in figure 6 for the Link Reconfiguration Request. Alternatively, the CPTK element may be added to the Common Info field of the Reconfiguration MLE (for the Link Reconfiguration Notify and Request frames) , or the Basic MLE (for the Link Reconfiguration Response frame) . The non-AP MLD 120 generates and sends the SNonce 505 in the Link Reconfiguration request and the AP MLD 110 generates and sends the ANonce 504 in the Link Reconfiguration response. The frame shown in figure 5 may further comprise fields: Element ID 501, Length 502 and Link ID 503. The frame shown in figure 6 may further comprise fields: Category 601, Protected EHT Action 602, Dialog Token 603, Reconfiguration MLE 604 and OCI element 605.
Figure 7 shows a flow diagram illustrating steps of a method 700 for operating a WLAN station in the transmission path, such as the AP 110 or the non-AP station 120 of figure 1a, for communicating with a further associated WLAN station, such as the non-AP station 120 or the AP 110 of figure 1a. Alternatively the method 700 also illustrates the operation of a WLAN station in the transmission path, such as the AP MLD 110 or the non-AP MLD 120 of figure 1b, for communicating with the further WLAN station, such as the non-AP MLD 120 or the AP MLD 110 of figure 1b. The method 700 illustrated in figure 7 comprises a step 701 of encrypting a MAC Service Data Unit, MSDU, payload, wherein the MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU. As already described above, the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs. Moreover, the method 700 comprises a step 703 of generating, based on the encrypted MSDU payload, a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU. The method 700 further comprises a step 705 of transmitting the MPDU or A-MPDU to the further WLAN receiver station 120.
As the method 700 can be implemented by the WLAN station 110 in a transmission operation, further features of the method 700 result directly from the functionality of the WLAN transmitter station 110 as well as its different embodiments described above and below.
Figure 8 shows a flow diagram illustrating a method 800 for operating a WLAN station, such as the non-AP station 120 or the AP 110 of figure 1a, for communicating with a peer associated WLAN station, such as the AP 110 or the non-AP station 120 of figure 1a. Alternatively the method 800 also illustrates the operation of a WLAN station, such as the AP MLD 110 or the non-AP MLD 120 of figure 1b, for communicating with a further WLAN station, such as the non-AP MLD 120 or the AP MLD 110 of figure 1b. The method 800 illustrated in figure 8 comprises a step 801 of receiving from the further WLAN station 110; 120 a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, wherein the MPDU or A-MPDU is based on an encrypted MAC Service Data Unit, MSDU, payload. As already described above, the encrypted MSDU payload comprises an encrypted MSDU, an encrypted aggregate MSDU, A-MSDU, or an encrypted MAC Management Protocol Data Unit, MMPDU, wherein the encrypted MSDU, the encrypted A-MSDU, or the encrypted MMPDU comprises one or more encrypted source address values, SAs, and one or more encrypted destination address values, DAs.
As the method 800 can be implemented by the WLAN station 120, further features of the method 800 result directly from the functionality of the WLAN station 120 as well as its different embodiments described above and below.
As will be appreciated, according to embodiments disclosed herein a WLAN station may advertise its ability to provide privacy by (optionally) including “MSDU encapsulation” as a capability. When a WLAN station initiates a connection to a peer WLAN station, it may include the “MSDU encapsulation” capability with any other privacy parameters in  (Re) Association Request frames. Moreover, according to embodiments disclosed herein the peer WLAN stations maintain RA and TA addresses that are different from what is used over the network. Figure 2 shows the SA 212 and DA 211 addresses, and optionally other MSDU header information (e.g. an 802.1Q subfield 213 and Type subfield 214) together with the data payload 215, are included as part of the frame body 210 of the data frame 200. For an MLD implementation the non-AP MLD may announce or negotiate a new MAC Address corresponding to any link after association. Figure 3 shows that an additional STA MAC Address subfield 306 may be added in the STA Info field for the Reconfiguration ML element. An Update Timer subfield 307 may be added to indicate the time this new link MAC address will take effect. Alternatively, the Update Timer field 307 may be indicative of the remaining duration that the alternative affiliated station MAC address is effective.
The person skilled in the art will understand that the "blocks" ( "units" ) of the various figures (method and apparatus) represent or describe functionalities of embodiments of the present disclosure (rather than necessarily individual "units" in hardware or software) and thus describe equally functions or features of apparatus embodiments as well as method embodiments (unit = step) .
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus, and method may be implemented in other manners. For example, the described embodiment of an apparatus is merely exemplary. For example, the unit division is merely logical function division and may be another division in an actual implementation. For example, a plurality of units or components may be combined or integrated into another system, or some features may be ignored or not performed. In addition, the displayed or discussed mutual couplings or direct couplings or communication connections may be implemented by using some interfaces. The indirect couplings or communication connections between the apparatuses or units may be implemented in electronic, mechanical, or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
In addition, functional units in the embodiments of the present disclosure may be integrated into one processing unit, or each of the units may exist alone physically, or two or more units are integrated into one unit.

Claims (26)

  1. A WLAN station (110; 120) for communicating with a further WLAN station (120; 110) , wherein the WLAN station (110) is configured to:
    encrypt a MAC Service Data Unit, MSDU, payload, wherein the MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU, wherein the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs;
    generate a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, (200) based on the encrypted MSDU payload; and
    transmit the MPDU or A-MPDU (200) to the further WLAN station (120; 110) .
  2. The WLAN station (110; 120) of claim 1, wherein the MPDU or A-MPDU (200) comprises a header with a plurality of address fields (203a-d) , wherein one of the plurality of address fields (203a-d) comprises a variable transmitter address, TA, value and wherein another one of the plurality of address fields (203a-d) comprises a variable receiver address, RA, value.
  3. The WLAN station (110; 120) of claim 2, wherein one or more of the plurality of address fields (203a-d) comprise a basic service set identifier, BSSID, of the AP with which the WLAN station (110; 120) is associated.
  4. The WLAN station (110; 120) of any one of the preceding claims, wherein the WLAN station (110; 120) is configured to transmit a frame to the further WLAN station (120; 110) , wherein the frame comprises an indication of the capability of the WLAN station (110; 120) to include the one or more encrypted SAs and the one or more encrypted DAs in the MPDU or A-MPDU (200) and wherein the frame is a Beacon frame, a Probe Response frame, an Association Request frame, or a Reassociation Request frame.
  5. The WLAN station (110; 120) of any one of the preceding claims, wherein the WLAN station (110; 120) is configured to exchange its SA with the further WLAN station (120; 110) by means of a security association establishment procedure.
  6. The WLAN station (110; 120) of any one of the preceding claims, wherein the WLAN station (110; 120) is a Multi-Link Device, MLD, (110; 120) with a plurality of affiliated stations (114a-c; 124a, b) for communicating via a plurality of links (130a, b) with the further WLAN station (120; 110) in the form of a further MLD (120; 110) with a plurality of further affiliated stations (124a, b; 114a-c) , wherein the MLD (110; 120) comprises processing circuitry (111; 121) configured to encrypt the MSDU payload;
    wherein the MLD (110; 120) further comprises a communication interface configured to distribute the encrypted MSDU payload to one or more of the plurality of affiliated stations (114a-c; 124a, b) ;
    wherein each of the one or more affiliated stations (114a-c; 124a, b) is configured to generate the MPDU or A-MPDU (200) based on the encrypted MSDU payload and to transmit the MPDU or A-MPDU (200) to a corresponding further affiliated station of the plurality of further stations (124a, b; 114a-c) affiliated with the further MLD (120; 110) that is operating on the same link.
  7. The WLAN station (110; 120) of claim 6, wherein the processing circuitry (111; 121) of the MLD (110; 120) is further configured to assign a packet number, PN, to the MSDU payload and wherein each of the one or more affiliated stations (114a-c; 124a, b) is configured to assign a respective sequence number, SN, to the MSDU payload.
  8. The WLAN station (110; 120) of claim 6 or 7, wherein the WLAN station (110; 120) is a non-access point, non-AP, MLD (120) and wherein the non-AP MLD (120) is configured to generate a Reconfiguration Multi-Link element, wherein the Reconfiguration Multi-Link element comprises a STA Info field and wherein the STA Info field of the Reconfiguration Multi-Link element further comprises an alternative affiliated station MAC address value to be used as a transmitter address, TA, in an Address 2 field or as a receiver address, RA, in an Address 1 field for announcing or negotiating the further MAC address of the non-AP STA affiliated with the non-AP MLD (120) .
  9. The WLAN station (110; 120) of claim 8, wherein the STA Info field of the Reconfiguration Multi-Link element further comprises a timer field indicative of the time the alternative affiliated station MAC address takes effect or indicative of the remaining duration the alternative affiliated station MAC address is effective.
  10. The WLAN station (110; 120) of claim 8 or 9, wherein the non-AP MLD (120) is configured to transmit a Link Reconfiguration Update Request frame, a Link Reconfiguration Request frame, a Link Reconfiguration Response frame, or a cryptographically encapsulated frame to the further MLD (110) and wherein the Link Reconfiguration Update Request frame, the Link Reconfiguration Request frame, the Link Reconfiguration Response frame, or the cryptographically encapsulated frame comprises the Reconfiguration Multi-Link element.
  11. The WLAN station (110; 120) of claim 10, wherein the Link Reconfiguration Update Request frame comprises a Control Pairwise Transient Key, CPTK, element and wherein the CPTK element comprises a first nonce field (504) and a second nonce field (505) for generating a PTK for control frames exchanged between the AP MLD (110) and the associated non-AP MLD (120) .
  12. A method (700) for operating a WLAN station (110; 120) for communicating with a further WLAN station (120; 110) , wherein the method (700) comprises:
    encrypting (701) a MAC Service Data Unit, MSDU, payload, wherein the MSDU payload comprises a MSDU, an aggregate MSDU, A-MSDU, or a MAC Management Protocol Data Unit, MMPDU, wherein the MSDU, the A-MSDU, or the MMPDU comprises one or more source address values, SAs, and one or more destination address values, DAs;
    generating (703) a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, (200) based on the encrypted MSDU payload; and
    transmitting (705) the MPDU or A-MPDU (200) to the further WLAN station (120; 110) .
  13. A WLAN station (120; 110) for communicating with a further WLAN station (110; 120) , wherein the WLAN station (120; 110) is configured to:
    receive from the further WLAN station (110; 120) a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, (200) , wherein the MPDU or A-MPDU (200) is based on an encrypted MAC Service Data Unit, MSDU,  payload, wherein the encrypted MSDU payload comprises an encrypted MSDU, an encrypted aggregate MSDU, A-MSDU, or an encrypted MAC Management Protocol Data Unit, MMPDU, wherein the encrypted MSDU, the encrypted A-MSDU, or the encrypted MMPDU comprises one or more encrypted source address values, SAs, and one or more encrypted destination address values, DAs.
  14. The WLAN station (120; 110) of claim 13, wherein the MPDU or A-MPDU (200) comprises a header with a plurality of address fields (203a-d) , wherein one of the plurality of address fields (203a-d) comprises a variable transmitter address, TA, value and wherein another one of the plurality of address fields (203a-d) comprises a variable receiver address, RA, value.
  15. The WLAN station (120; 110) of claim 14, wherein one or more of the plurality of address fields (203a-d) comprise a basic service set identifier, BSSID, of the AP with which the further WLAN station is associated.
  16. The WLAN station (120; 110) of any one of claims 13 to 15, wherein the WLAN station (120; 110) is configured to receive a frame from the further WLAN station (110; 120) , wherein the frame comprises an indication of the capability of the further WLAN station (120; 110) to include the one or more encrypted SAs and the one or more encrypted DAs in the MPDU or A-MPDU (200) and wherein the frame is a Beacon frame, a Probe Response frame, an Association Request frame, or a Reassociation Request frame.
  17. The WLAN station (120; 110) of any one of claims 13 to 16, wherein the WLAN station (120; 110) is configured to exchange its SA value with the further WLAN station (110; 120) by means of a security association establishment procedure.
  18. The WLAN station (120; 110) of any one of claims 13 to 17, wherein the WLAN station (120; 110) is a Multi-Link Device, MLD, (120; 110) with a plurality of affiliated stations (124a, b; 114a-c) for communicating via a plurality of links (130a, b) with the further WLAN station (110; 120) in the form of a further MLD (110; 120) with a plurality of further affiliated stations (114a-c; 124a, b) , wherein each affiliated station (124a, b; 114a-c) is configured to:
    receive the MPDU or A-MPDU (200) from a corresponding further affiliated station of the plurality of further stations (114a-c; 124a, b) affiliated with the further MLD (110) and operating on the same link; and
    derive the encrypted MSDU payload from the MPDU or A-MPDU (200) ;
    wherein the MLD (120; 110) comprises a communication interface configured to receive from one more of the plurality of affiliated stations (124a, b; 114a-c) the encrypted MSDU payload, wherein the MLD (120; 110) further comprises processing circuitry (121; 111) configured to decrypt the encrypted MSDU payload.
  19. The WLAN station (120; 110) of claim 18, wherein each affiliated station is configured to extract a sequence number, SN, from the MPDU or A-MPDU (200) and to determine, based on the SN, whether the MPDU or A-MPDU (200) is a duplicate.
  20. The WLAN station (120; 110) of claims 18 or 19, wherein the processing circuitry (121; 111) is further configured to extract a respective packet number, PN, from the MSDU payload and to verify, based on the extracted PN, whether the MSDU payload is a duplicate.
  21. The WLAN station (120; 110) of any one of claims 18 to 20, wherein the WLAN station (120; 110) is an access point, AP, MLD (110) , wherein the AP MLD (110) is configured to receive a Reconfiguration Multi-Link element, wherein the Reconfiguration Multi-Link element comprises a STA Info field and wherein the STA Info field of the Reconfiguration Multi-Link element further comprises an alternative affiliated station MAC address value to be used as a transmitter address, TA, in an Address 2 field or as a receiver address, RA, in an Address 1 field for announcing or negotiating the further MAC address of the non-AP STA affiliated with the non-AP MLD (120) .
  22. The WLAN station (120; 110) of claim 21, wherein the STA Info field of the Reconfiguration Multi-Link element further comprises a timer field indicative of the time the alternative affiliated station MAC address takes effect or indicative of the remaining duration the alternative affiliated station MAC address is effective.
  23. The WLAN station (120; 110) of claim 21 or 22, wherein the AP MLD (110) is configured to receive a Link Reconfiguration Update Request frame, a Link Reconfiguration Request frame, a Link Reconfiguration Response frame, or a cryptographically encapsulated frame from the further MLD (120) and wherein the Link Reconfiguration Update Request frame, the Link Reconfiguration Request frame, the Link Reconfiguration Response frame, or the cryptographically encapsulated frame comprises the Reconfiguration Multi-Link element.
  24. The WLAN station (120; 110) of claim 23, wherein the Link Reconfiguration Update Request frame comprises a Control Pairwise Transient Key, CPTK, element and wherein the CPTK element comprises a first nonce field and a second nonce field for generating a PTK for control frames exchanged between the AP MLD (120; 110) and the associated non-AP MLD (110; 120) .
  25. A method (800) for operating a WLAN station (120; 110) for communicating with a further WLAN station (110; 120) , wherein the method (800) comprises:
    receiving (801) from the further WLAN station (110; 120) a MAC Protocol Data Unit, MPDU, or an aggregate MPDU, A-MPDU, (200) , wherein the MPDU or A-MPDU (200) is based on an encrypted MAC Service Data Unit, MSDU, payload, wherein the encrypted MSDU payload comprises an encrypted MSDU, an encrypted aggregate MSDU, A-MSDU, or an encrypted MAC Management Protocol Data Unit, MMPDU, wherein the encrypted MSDU, the encrypted A-MSDU, or the encrypted MMPDU comprises one or more encrypted source address values, SAs, and one or more encrypted destination address values, DAs.
  26. A computer program product comprising a computer-readable storage medium for storing program code which causes a computer or a processor to perform the method (700) of claim 12 or the method (800) of claim 25, when the program code is executed by the computer or the processor.
PCT/CN2024/091431 2024-05-07 2024-05-07 Devices and methods for privacy-preserving communication in a wlan Pending WO2025231613A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2024/091431 WO2025231613A1 (en) 2024-05-07 2024-05-07 Devices and methods for privacy-preserving communication in a wlan

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2024/091431 WO2025231613A1 (en) 2024-05-07 2024-05-07 Devices and methods for privacy-preserving communication in a wlan

Publications (1)

Publication Number Publication Date
WO2025231613A1 true WO2025231613A1 (en) 2025-11-13

Family

ID=97674092

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2024/091431 Pending WO2025231613A1 (en) 2024-05-07 2024-05-07 Devices and methods for privacy-preserving communication in a wlan

Country Status (1)

Country Link
WO (1) WO2025231613A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008070738A1 (en) * 2006-12-05 2008-06-12 Qualcomm Incorporated Enhanced management frame aggregation in a wireless network system
US10298386B1 (en) * 2009-06-26 2019-05-21 Marvell International Ltd. Method and apparatus for secure communications in networks
CN114097272A (en) * 2019-06-25 2022-02-25 华为技术有限公司 System and method for aggregating communication links
US20230085657A1 (en) * 2021-09-13 2023-03-23 Apple Inc. Address randomization schemes for multi-link devices
US20230319925A1 (en) * 2021-03-12 2023-10-05 Huawei Technologies Co., Ltd. Method and system for wlan multi-link management frame addressing

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008070738A1 (en) * 2006-12-05 2008-06-12 Qualcomm Incorporated Enhanced management frame aggregation in a wireless network system
US10298386B1 (en) * 2009-06-26 2019-05-21 Marvell International Ltd. Method and apparatus for secure communications in networks
CN114097272A (en) * 2019-06-25 2022-02-25 华为技术有限公司 System and method for aggregating communication links
US20230319925A1 (en) * 2021-03-12 2023-10-05 Huawei Technologies Co., Ltd. Method and system for wlan multi-link management frame addressing
US20230085657A1 (en) * 2021-09-13 2023-03-23 Apple Inc. Address randomization schemes for multi-link devices

Similar Documents

Publication Publication Date Title
JP5780558B2 (en) Wireless multiband security
US8924732B2 (en) Method and apparatus of cipher communication for management frame using quality of service mechanism in wireless local area network system
US9071416B2 (en) Galois/counter mode encryption in a wireless network
CN108347410B (en) Security implementation method, device and system
JP4823359B2 (en) Sending management traffic over multihop mesh networks
CN101512537B (en) Method and system for securely handling authentication keying material in an ad hoc wireless network
US8447978B2 (en) Wireless communication method using WPS
CN101933271B (en) Method and system for secure block acknowledgment (block ack) with protected MAC sequence number
CN1922824B (en) Protection of management frames in wireless LAN
US9872175B2 (en) Packet processing method, apparatus, and system
US11297496B2 (en) Encryption and decryption of management frames
CN103096303B (en) The method and apparatus of transmission packet
US12156028B2 (en) Wireless network switching method and device
US7400733B1 (en) Key refresh at the MAC layer
CN110650476B (en) Management frame encryption and decryption
WO2017219365A1 (en) Data transmission method and apparatus
EP3119118B1 (en) Handling of cellular-wireless local area network aggregation
WO2025231613A1 (en) Devices and methods for privacy-preserving communication in a wlan
CN103200191B (en) Communicator and wireless communications method
WO2025010712A1 (en) Devices and methods for secure communication in wireless local area network
US20250119458A1 (en) Devices and methods for policy communication in a wireless local area network
CN119450603A (en) A communication method and device
HK1151644B (en) Method and system for secure block acknowledgement with protected mac sequence number