Search

US-20260129431-A1 - TECHNIQUES FOR AN ACCESS POINT OF A WIRELESS LOCAL AREA NETWORK (WLAN) TO PRESERVE ASSOCIATION IDENTIFIER (AID) DOMAIN SPACE

US20260129431A1US 20260129431 A1US20260129431 A1US 20260129431A1US-20260129431-A1

Abstract

An access point computes, for user devices in each group of a plurality of groups of user devices, a plurality of start times of future enhanced data privacy (EDP) epochs during which identifiers from the user devices in each group are to be rotated. Based on the plurality of start times, it is determined that transitory periods will occur at a same time for at least a threshold number of groups of the plurality of groups of user devices. The AP transmits a message to user devices in at least one group of the at least a threshold number of groups instructing the user devices to perform one or more actions to prevent the transitory periods from occurring at the same time.

Inventors

  • Domenico Ficara
  • Ugo Mario Campiglio
  • Jerome Henry
  • Javier I. CONTRERAS ALBESA

Assignees

  • CISCO TECHNOLOGY, INC.

Dates

Publication Date
20260507
Application Date
20250630

Claims (20)

  1. 1 . A method comprising: computing, by an access point (AP) and for user devices in each group of a plurality of groups of user devices, a plurality of start times of future enhanced data privacy (EDP) epochs during which identifiers for the user devices in each group are to be rotated; determining, based on the plurality of start times, that transitory periods will occur at a same time for at least a threshold number of groups of the plurality of groups of user devices, wherein the transitory periods are periods of time in which first identifiers assigned during a previous EDP epoch are accepted for received data units and second identifiers assigned during a current EDP epoch are used for data units that are transmitted; and transmitting, by the AP, a message to user devices in at least one group of the at least a threshold number of groups instructing the user devices to perform one or more actions to prevent the transitory periods from occurring at the same time.
  2. 2 . The method of claim 1 , wherein the identifiers include association identifiers (AIDs).
  3. 3 . The method of claim 1 , wherein the message includes instructions to extend an ending of a first EDP epoch to coincide with an ending of a second EDP epoch associated with a transitory period of the transitory periods to merge the first EDP epoch and the second EDP epoch.
  4. 4 . The method of claim 1 , wherein the message includes instructions to change a start time of an EDP epoch associated with a particular transitory period of the transitory periods to an earlier time or a later time.
  5. 5 . The method of claim 1 , wherein computing the plurality of start times includes computing the plurality of start times using a pseudo-random function (PRF).
  6. 6 . The method of claim 5 , wherein the instructions include instructions to recompute at least one of the plurality of start times of the future EDP epochs using the PRF, and wherein the message includes parameters for recomputing the at least one of the plurality of start times.
  7. 7 . The method of claim 1 , wherein transmitting the message includes broadcasting, by the AP, the message to the user devices in the at least one group.
  8. 8 . The method of claim 1 , wherein the message is an action frame.
  9. 9 . The method of claim 1 , wherein the message is an information element in a frame exchanged between the AP and the user devices in the at least one group.
  10. 10 . A system comprising: a communications interface; a memory storing instructions; and one or more processors, wherein the one or more processors are configured to execute the instructions to perform operations comprising: computing, for user devices in each group of a plurality of groups of user devices, a plurality of start times of future enhanced data privacy (EDP) epochs during which identifiers for the user devices in each group are to be rotated; determining, based on the plurality of start times, that transitory periods will occur at a same time for at least a threshold number of groups of the plurality of groups of user devices, wherein the transitory periods are periods of time in which first identifiers assigned during a previous EDP epoch are accepted for received data units and second identifiers assigned during a current EDP epoch are used for data units that are transmitted; and transmitting, via the communications interface, a message to user devices in at least one group of the at least a threshold number of groups instructing the user devices to perform one or more actions to prevent the transitory periods from occurring at the same time.
  11. 11 . The system of claim 10 , wherein the identifiers include association identifiers (AIDs).
  12. 12. The system of claim 10 , wherein the message includes instructions to extend an ending of a first EDP epoch to coincide with an ending of a second EDP epoch associated with a transitory period of the transitory periods to merge the first EDP epoch and the second EDP epoch.
  13. 13. The system of claim 10 , wherein the message includes instructions to change a start time of an EDP epoch associated with a particular transitory period of the transitory periods to an earlier time or a later time.
  14. 14 . The system of claim 10 , wherein the operation of computing the plurality of start times includes computing the plurality of start times using a pseudo-random function (PRF).
  15. 15. The system of claim 14 , wherein the instructions include instructions to recompute at least one of the plurality of start times of the future EDP epochs using the PRF, and wherein the message includes parameters for recomputing the at least one of the plurality of start times.
  16. 16 . The system of claim 10 , wherein the operation of transmitting the message includes broadcasting the message to the user devices in the at least one group.
  17. 17 . The system of claim 10 , wherein the message is an action frame.
  18. 18 . One or more non-transitory computer readable storage media encoded with instructions that, when executed by a processor of an access point device associated with a wireless local area network (WLAN), cause the processor to execute a method comprising: computing, for user devices in each group of a plurality of groups of user devices, a plurality of start times of future enhanced data privacy (EDP) epochs during which identifiers for the user devices in each group are to be rotated; determining, based on the plurality of start times, that transitory periods will occur at a same time for at least a threshold number of groups of the plurality of groups of user devices, wherein the transitory periods are periods of time in which first identifiers assigned during a previous EDP epoch are accepted for received data units and second identifiers assigned during a current EDP epoch are used for data units that are transmitted; and transmitting a message to user devices in at least one group of the at least a threshold number of groups instructing the user devices to perform one or more actions to prevent the transitory periods from occurring at the same time.
  19. 19 . The one or more non-transitory computer readable storage media of claim 18 , wherein the message includes instructions to extend an ending of a first EDP epoch to coincide with an ending of a second EDP epoch associated with a transitory period of the transitory periods to merge the first EDP epoch and the second EDP epoch.
  20. 20 . The one or more non-transitory computer readable storage media of claim 18 , wherein the message includes instructions to change a start time of an EDP epoch associated with a particular transitory period of the transitory periods to an earlier time or a later time.

Description

CROSS REFERENCE TO RELATED APPLICATION This application claims priority to U.S. Provisional Application No. 63/717,436, filed November 7, 2024, the entirety of which is incorporated herein by reference. TECHNICAL FIELD The present disclosure relates to wireless network equipment and services. BACKGROUND Networking architectures have grown increasingly complex in communications environments, particularly in wireless networking environments. For wireless local area networks (WLANs), Institute of Electrical and Electronics Engineers (IEEE) 802.11 specifications are working toward defining mechanisms to preserve the privacy of a station (STA) by preventing eavesdroppers from tracking the station. Thus, there are new challenges and opportunities with regard to preserving the privacy of stations within WLANs. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a block diagram of a system that may be implemented to facilitate techniques for an access point of a wireless local area network (WLAN) to preserve association identifier (AID) domain space, according to an example embodiment. FIG. 2 is a diagram illustrating an example in which enhanced data privacy (EDP) epochs for EDP groups include overlapping transitory periods, according to an example embodiment. FIG. 3 is a graph illustrating simulation results for a number of groups of stations (STAs) for an AID pool, according to an example embodiment. FIG. 4 is a flow chart of a method of performing one or more actions to prevent transitory periods in a plurality of EDP groups from occurring at the same time, according to an example embodiment. FIG. 5 illustrates a hardware block diagram of a computing device configured to perform functions associated with operations discussed in connection with embodiments herein. DETAILED DESCRIPTION Overview In one embodiment, a method is provided for performing one or more actions to prevent transitory periods in a plurality of enhanced data privacy (EDP) epochs in a plurality of EPD groups from occurring at the same time. An access point (AP) computes, for user devices in each group of a plurality of groups of user devices, a plurality of start times of future enhanced data privacy (EDP) epochs during which identifiers for the user devices in each group are to be rotated. Based on the plurality of start times, it is determined that transitory periods will occur at a same time for at least a threshold number of groups of the plurality of groups of user devices. The transitory periods are periods of time in which first identifiers assigned during a previous EDP epoch are accepted for received data units and second identifiers assigned during a current EDP epoch are used for data units that are transmitted. The AP transmits a message to user devices in at least one group of the at least a threshold number of groups instructing the user devices to perform one or more actions to prevent the transitory periods from occurring at the same time. Example Embodiments Embodiments herein provide techniques that allow access points (APs) for a wireless local area network (WLAN), such as an Institute of Electrical and Electronics Engineering (IEEE) 802.11 (Wi-Fi®) WLAN, to control the association identifier (AID) domain space that may be impacted by enhanced data privacy (EDP) transitory periods overlapping across one or more EDP groups. In a wireless local area network (WLAN) or Wi-Fi network, one or more wireless APs provide wireless Radio Frequency (RF) coverage over which one or more wireless devices or stations can connect to the APs in order to connect to one or more data networks (e.g., the public Internet, an enterprise network operated by an enterprise entity (e.g., a business, institution, university, etc.)), and/or the like. Current WLAN/Wi-Fi standards, such as Institute of Electrical and Electronics Engineers (IEEE) 802.11 standards, including IEEE 802.11bi, are working steadily towards the definition of mechanisms to preserve a station’s privacy by preventing eavesdroppers from tracking the station. To prevent eavesdroppers from tracking stations, elements (e.g., identifiers) in frames exchanged between a station and the AP are anonymized. One of the elements that is anonymized is an association identifier (AID). The AID is an identifier identifying an association between an access point and a user device or station (STA) in which the AID is assigned to a user device or STA by an access point. Typically, the AID has a smaller number of bits than other identifiers associated with a STA. For example, the AID may be an 11-bit field or a 16-bit field and, when the AID is a 16-bit field, the values that may be assigned to a STA range from 1 to 2007. The AID, like other frame parameters in IEEE 802.11bi (such as Media Access Control (MAC) addresses), is changed or rotated at each of an enhanced data privacy (EDP) epoch. In other words, the AID associated with a station is changed at each EDP epoch to prevent eavesdroppers from associating