Title of Invention

SECURITY SYSTEM FOR WIRELESS LOCAL AREA NETWORK

Abstract A methofd for providing security for Wireless Networks, said method comprising encrypting additionsl header information about the packet sent from the transmitter (such as packet length) with level secret key (KEY1) befor sending them to a receiver and encrypting a second level key m([email protected]) with the first level secret key (KEY!) befor sending them to the receiver that allows for frequent changing of [email protected] and decryption of the data sent at the receiver with the knowledge of the first level secretkey. appareatus is also procided for carrying out of the method which includes a difficult-to-invert signal processing block provided between the hacker "data recording point" and the "data encryption point" at the receiver end, therby preventing "known-plaintext" attacks and a corresponding block added at the transmitter end.
Full Text FORM-2 THE PATENTS ACT, 1970
(39 of 1970)
COMPLETE
Specification
(See section 10; rule 13)
A METHOD FOR PROVIDING SECURITY FOR WIRELESS NETWORKS
TATA CONSULTANCY SERVICES LTD.
of Bombay House, 24, Sir Homi Mody Street, Mumbai 400 001, Maharashtra, India, an Indian Company


THE FOLLOWING SPECIFICATION PARTICULARLY DESCRIBES THE NATURE OF THIS INVENTION AND THE MANNER IN WHICH IT IS TO BE PERFORMED.
This invention relates to a method and apparatus for a security system for Wireless Networks.
In particular this invention relates to a novel way of enhancing Network Security by Physical Layer Parameter Encryption.
Still particularly, this invention relates to Network Security and in particular to a method for enhancing the security of Wired and Wireless Networks, specifically Wireless Local Area Networks (Wireless LANs).
The prevailing security mechanism of Wireless LANs is primarily based on encryption with a data stream (called key stream) generated from a set of keys. Some part of the keys can be distributed between transmitting and receiving parties through some secure key distribution mechanism or they can be shared as part of the data. The first type of keys does not change frequently, whereas the other type can be changed frequently. The basic encryption methodology is based on so-called "Vernam Ciphers" where the data stream generated from the keys is XOR-ed with the incoming data.
This form of security is always prone to "key reuse" and "known plaintext attack". The basic property of "Vernam Ciphers" allows the key stream to be decoded from the encrypted data if the original data is known. If the key is not changed frequently, this information can be used by hackers to first find out key stream by sending a known plaintext data and then use it to decrypt subsequent data packets. Increasing the frequency of key change is
2
suggested as possible ways of reducing security threat but obviously they are not foolproof.
The basic reason behind the easy implementation of "known plaintext attack" is the fact that the encryption is done at the Media Access Control (MAC) layer, which normally is implemented in software. A hacker with a promiscuous mode Network Interface Card (NIC) can always record the encrypted data and then analyze the recorded data to decrypt it in the aforesaid manner.
Finding out the key stream through "known plaintext attack" can also lead to other forms of hacking like "Data Forgery" attacks (replay and mimicking) and "Denial-of-Service" attacks.
Hence a need exists for denying "known plaintext attack" in order to enhance the security mechanism of Wireless LANs and other Wireless Networks.
Summary of Invention
The key for enhancing security lies in the prevention of recording the data by a hacker using promiscuous mode NIC hardware and in using encryption methodologies that can address the aforesaid weakness of "Vernam Ciphers". These issues can be addressed in the following manner.
All Wireless Physical Layer protocols use different radio configurations like encoding rates and modulation schemes to achieve different data rates. The
3
transmitter sends the information about the radio configuration to the receiver through a header at the beginning of the packet. This information is sent using a pre-determined radio configuration so that the receiver can understand this information. All the subsequent packets are demodulated and decoded in the receiver according to this information.
If this radio-related information is sent after encrypting with a secret key that is known only to valid users, a promiscuous NIC, not having the proper key, will not be able to decode or demodulate the received data properly. Hence the recorded data will be hardly of any use. However, the allowable sets of radio configurations in a particular implementation are limited in number. Thus, this scheme offers only limited protection from a hacker who can intelligently generate a possible set of keys, which can cover all the possible sets of radio configuration. Hence a second level of protection is necessary. As part of this second level protection, two options can be devised.
Firstly, a different set of useful information like packet length is also encrypted with the secret key (KEY1). This encryption with KEY1 can be done by using the standard XOR mechanism (Vernam Cipher) as it is done only in the header section of the packet and hence the hacker has little scope of deploying "known plaintext attack".
Secondly, the actual data sent subsequently can be encrypted with another time varying key (KEY2). This second key, KEY2, can be sent as part of the information, encrypted with KEY1. The novelty of the approach will be lying in the way the encryption is done with KEY2. Instead of using the
4
standard XOR technique, it is proposed that the physical layer baseband radio algorithm parameters be changed according to KEY2.
Thirdly, a novel scheme is presented by which "known-plaintext" attacks can be prevented. It takes help from the fact that if there are multiple physical layer signal processing blocks between the "data recording point" of the hacker and the "data encryption point" at the receiver, then the hacker has to perform inverse transform of all the in between signal processing blocks for successful hacking. If any of these in between signal processing blocks are difficult to invert then it poses a barrier to the hacker. Illustration is made using the example of Viterbi decoder as the block that is difficult to invert, especially in noisy scenarios.
Even though this idea is presented in the context of Wireless Networks, the concept itself is generic in nature. Most of digital communication systems -wired or wireless use similar configurations where the proposed scheme can be applied. The basis of the security enhancement lies in the facts that the hacker cannot access/modify the physical layer of the NIC without using costly custom-built PHY chipsets, that the modification of physical layer baseband radio algorithms according to KEY2 makes "known plaintext attack" very difficult and introduction of a non-invertible signal processing block between hacker "data recording point" and the "data encryption point".
Hence this scheme can potentially be applied to all such types of digital communication systems.
5
The main method of implementation of the feature of this invention is the idea that the encryption can be done at Baseband Radio level to provide better security.
This invention provides a generic scheme for encrypting the Baseband Radio Configuration / Physical layer parameter information header through a secret key (KEY1) and a second level of security over and above that provided by KEY1 using another key (KEY2) by using changing of Baseband Radio Algorithms according to another key (KEY2) as the encryption methodology instead of using the standard "Vernam Cipher" based XOR-ing method. It also introduces a generic idea of introducing a non-invertible signal processing block between hacker "data recording point" and the "data encryption point" at the receiver (with corresponding block also added at transmitter), which can completely prevent "known-plaintext" attacks.
Thus the invention involves improving the network security by encrypting the Baseband Radio Configuration / physical layer parameters header information in the transmitter with a first level secret key (KEY1) before sending them to the receiver.
According to this invention there is provided a method for providing security for Wireless Networks, said method comprising encrypting additional header information about the packet sent from the transmitter (such as packet length) with the first level secret key (KEY1) before sending them to a receiver and encrypting a second level key (KEY2) with the first level secret key (KEY1) before sending them to the receiver that allows for
6
frequent changing of KEY2 and decryption of the data sent at the receiver with the knowledge of the first level secret key.
Typically, the the encryption involves randomization / modification of Physical Layer Baseband Radio Algorithms according to KEY2 for the actual data before sending them to a receiver.
Typically, Randomization / Modification consists of using techniques such as Scrambling seeds, Interleaving patterns, Modulator Constellation Mapping and the like.
Typically, the method involves use of a difficult-to-invert signal processing block between the hacker "data recording point" and the "data encryption point" at the receiver, thereby preventing "known-plaintext" attacks and a corresponding block added at the transmitter.
Typically, the said processing block an error control coder at the receiver and an error control decoder at the transmitter ends.
Preferably, the said processing block is a Convolutional Encoder at transmitter end and a Viterbi Decoder at the receiver end.
The invention will now be described with reference to the accompanying drawings in which
Figure 1 shows how the weakness of Vernam Ciphers can be utilized in "known-plaintext attacks".
7
Figure 2 shows a block diagram of the physical layer of the typical digital communication system where the method of physical layer encryption can be employed.
Figure 3 shows how the physical layer encryption and decryption can be employed to enhance the security (shaded blocks show the new additions).
Figure 4 shows a typical physical layer communication chain, possible recording point for the hacker, conventional encryption/decryption points and proposed encryption/decryption points.
Referring to the drawings, the legends are self-explanatory.
The first level of encryption and decryption are performed using the same secret key (KEYl) that is available to all the valid users of the network.
It is assumed that the secret key (KEYl) is delivered to all valid users of the network using some secure mechanism and will be changed from time to time.
Parameters, encrypted by KEYl will be in the Physical layer Header section. They can be, but not limited to:
Error Control Coding parameters
Modulation Type
Length of the Packet
The second level encryption key (KEY2)
8

Any other header information
Parameters, defining different schemes possible for Error Control Coding can be, but not limited to:
Type of Error Control Coding (Convolutional, Reed-Solomon, Turbo
etc.)
Parameter of a particular error control coding (e.g. Rate and
Polynomial for Convolutional Code)
Parameters defining different Schemes possible for Modulation can be, but
not limited to:
Type of Modulation (BPSK, QPSK, QAM etc.) Parameter of a modulation (e.g. constellation for QPSK)
The other header information, to be encrypted, can vary depending upon the actual system used. Any information that the receiver uses for successful reception of the data packets can be encrypted. The length of data and parity check bits are some examples of other information that can be encrypted. This further enhances the security of the system.
Encryption using KEYl can be done using "Vernam Ciphers" like XOR operator. This is not prone to "known-plain-text" attack as it is done only once at the header section of the packet.
A receiver without the correct key (KEYl) has wrong information about the error control coding, modulation and packet length. Hence it cannot employ
9

the proper decoding or demodulation algorithm and also does not know the packet length. It also does not know the second level key (KEY2).
Baseband Radio Algorithms that can be randomized to enhance the encryption using KEY2 can be, but not limited to
Scrambling seed
Interleaving pattern
Puncturing pattern (or number of bits punctured)
Modulator Constellation Mapping
A receiver not having the correct KEY2 will not be able to receive the correct data as this data is encrypted using KEY2. Also the transmitter can adaptively change the KEY2 frequently to provide added level of security.
Conventionally the input data from MAC layer is encrypted with the secret key at point A. The encryption operator conventionally is a XOR. The decryption is done at A", which is accessible to hacker as a recording point and is vulnerable to "known-plaintext" attack. If the encryption is performed at the points C, D, E or F (as shown in Figure. 4) at the transmitter, it is a difficult task for a hacker to retrieve the right key. If the hacker intends to deduce the right key using "known-plaintext" attack, she/he has to reach at point C\ D", E" or F" from the recorded data by using invert transforms of these blocks.
The hacker"s difficulty to retrieve the right key arises if any of these blocks C, D", E" or F" are non-invertible. In fact, by design itself, the error control decoder block is non-invertible as it a multiple-input single-output kind of
10

system. However the proposed idea does not limit itself into Error Control Decoder only, but any functional block satisfying such non-invertibility can be employed.
It should also be noted that the proposed encryption/decryption for this non-invertibility scheme can either be the conventional XOR like Vernam Cipher methodology or the Physical layer encryption methodology described previously.
While considerable emphasis has been placed herein on structures and structural interrelationships between component parts of the preferred embodiments, it will be appreciated that many embodiments can be made and that many changes can be made in the preferred embodiments without departing from the principals of the invention. These and other changes in the preferred embodiment as well as other embodiments of the invention will be apparent to those skilled in the art from the disclosure herein, whereby it is to be distinctly understood that the foregoing descriptive matter is to be interpreted merely as illustrative of the invention and not as a limitation.
11

5) A method for providing security for Wireless Networks, as claimed in
claim 3, in which said processing block is a Convolutional Encoder,
6) A method for providing security for Wireless Networks, as claimed in
claim 3, in which the said processing block is a Viterbi Decoder.
7) Apparatus for carrying out the method as claimed in claim 1, which
includes a transmitter end and a receiver end and involves the sending of
data from a transmitter to a receiver, said apparatus consisting of a signal
processing block selected from an error control coder, a Convolutional
Encoder, a Viterbi Decoder provided between the hacker "data recording
point" and the "data encryption point" at the receiver end, thereby
preventing "known-plaintext" attacks and a corresponding block added at
the transmitter end.
8) A method for providing security for Wireless Networks as described
herein with reference to the accompanying drawings.

Documents:


Patent Number 209684
Indian Patent Application Number 629/MUM/2003
PG Journal Number 38/2007
Publication Date 21-Sep-2007
Grant Date 06-Sep-2007
Date of Filing 17-Jun-2003
Name of Patentee TATA CONSULTANCY SERVICES LTD.
Applicant Address BOMBAY HOUSE,SIR HOMI MODY STREET, MUMBAI-400 023
Inventors:
# Inventor's Name Inventor's Address
1 ARPAN PAL 81CC/15, ANUPAMA COMPLEX, PHASE II, VIP ROAD, KOLKATA-700 052
PCT International Classification Number H04L 9/00
PCT International Application Number N/A
PCT International Filing date
PCT Conventions:
# PCT Application Number Date of Convention Priority Country
1 NA