Physical layer protocol data unit transmission and reception method and communication apparatus
By embedding protection information in control frames using association identifiers and integrity codes within PPDU user fields, the method safeguards control frames from attacks, ensuring only compatible devices process the information, thus maintaining communication integrity.
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Applications
- Current Assignee / Owner
- HUAWEI TECH CO LTD
- Filing Date
- 2024-04-17
- Publication Date
- 2026-06-22
AI Technical Summary
Existing methods fail to effectively protect control frames from attacks, such as impersonation by attackers sending trigger frames that cause STAs to consume power and occupy the air interface, due to the lack of defined mechanisms for carrying protection information.
Incorporating protection information within physical layer protocol data units (PPDUs) using control frames, specifically through user information fields, including association identifiers and integrity codes like Key IDs, packet numbers, and message integrity codes (MICs), to differentiate and verify the authenticity of control frames.
This approach effectively prevents forgery and replay attacks on control frames by ensuring only supported devices receive and process the protection information, maintaining the integrity of the communication process.
Smart Images

Figure 2026520109000001_ABST
Abstract
Description
Technical Field
[0001] [Cross-reference to Related Applications] This application claims the priority of Chinese Patent Application No. 202310469546.0, titled "PHYSICAL LAYER PROTOCOL DATA UNIT SENDING AND RECEIVING METHOD AND COMMUNICATION APPARATUS", filed with the China National Intellectual Property Administration on April 21, 2023, the entire content of which is incorporated herein by reference.
[0002] [Technical Field] This application relates to the field of communications, and more specifically, to a method for sending and receiving physical layer protocol data units and a communication apparatus.
Background Art
[0003] In recent years, control frames have become increasingly important in data communication. For example, control frames may be used to schedule uplink data transmission. As a result, the types of attacks on control frames are increasing. For example, an attacker may impersonate an access point (AP), send a Basic Trigger frame, and cause a station (STA) to send data and reports for a long time, occupy the air interface, and consume power. Therefore, using a control frame to carry information for protecting the control frame can prevent attacks on the control frame. However, how to carry the corresponding protection information to protect the control frame has not yet been determined.
Summary of the Invention
[0004] Embodiments of this application provide a method for sending and receiving physical layer protocol data units and a communication apparatus for specifying a control frame protection mechanism, which can effectively prevent attacks on control frames.
[0005] According to a first aspect, a method for transmitting physical layer protocol data units is provided. This method may be performed by a first device, or by a chip or circuitry located in the first device. This is not limited to the present application.
[0006] The method may include the steps of generating a physical layer protocol data unit (PPDU), the PPDU comprising a control frame, the control frame comprising N first user information fields, the association identifier in the first user information field indicating that the first user information field carries first information, the first information comprising information for protecting the control frame, where N is an integer of 1 or more, and transmitting the PPDU.
[0007] In the technical solution, a first user information field within the control frame carries control frame protection information, preventing the control frame from being attacked. According to this control frame protection mechanism, a receiver device supporting control frame protection may determine, based on the association identifier within the first user information field, that the first user information field carries control frame protection information, while a receiver device not supporting control frame protection considers the first user information field to be a user information field that is not transmitted to the receiver device but is transmitted to other devices. Therefore, reception of control frames by devices not supporting control frame protection remains unaffected.
[0008] According to a second embodiment, a method for receiving physical layer protocol data units is provided. This method may be performed by a second device, or by a chip or circuit configured in the second device. This is not limited to the present application.
[0009] The method may include the steps of receiving a physical layer protocol data unit (PPDU), the PPDU containing a control frame, the control frame containing N first user information fields, the association identifier in the first user information fields indicating that the first user information fields carry first information, the first information containing information for protecting the control frame, where N is an integer greater than or equal to 1, and parsing the PPDU.
[0010] For the beneficial effects of the second embodiment, please refer to the description in the first embodiment. Further details will not be described again in this specification.
[0011] In some implementations of the first or second embodiment, the first information includes at least one of a key identifier, a packet number PN, and a message integrity code MIC.
[0012] In some implementations of the second embodiment, the control frame carries an MIC, and the method further includes the steps of determining a local MIC and determining that the control frame is not forged when it is determined that the local MIC matches the MIC carried in the control frame.
[0013] In some implementations of the second embodiment, the control frame carries a PN, and the method further includes the step of determining that no replay attack has occurred in the control frame when it is determined that the PN carried in the control frame is greater than a previously received PN.
[0014] In some implementations of the first or second embodiment, one of the N association identifiers in the N first user information fields is a predefined value.
[0015] In some implementations of the first or second embodiment, a common field in the control frame carries second information, and the second information indicates that the control frame carries first information.
[0016] In some implementations of the first or second embodiment, a common field in the control frame carries third information, which indicates the location of at least one of the N first user information fields.
[0017] In some implementations of the first or second embodiment, at least one of the common fields or frame check sequence (FCS) fields in the control frame carries fourth information, the fourth information includes information for protecting the control frame.
[0018] In the technical solution, the FCS field carries control frame protection information, reducing the overhead of carrying protection information in the control frame. Furthermore, control frame transmission errors caused by poor channel quality and MIC errors caused by forgery are also taken into consideration.
[0019] In some implementations of the first or second embodiment, the frame check sequence FCS field in the control frame carries a first exclusive OR result at a first position, the first exclusive OR result being the exclusive OR result of the corresponding cyclic redundancy code CRC at the first position of the FCS field and fifth information, the fifth information containing information for protecting the control frame, and the number of bits in the bit value corresponding to the CRC at the first position of the FCS field is the same as the number of bits in the bit value corresponding to the fifth information.
[0020] In the technical solution, the FCS field carries control frame protection information, reducing the overhead of carrying protection information in the control frame. Furthermore, control frame transmission errors caused by poor channel quality and MIC errors caused by forgery are also taken into consideration.
[0021] In some implementations of the first or second embodiment, the duration from the end of the last of the N first user information fields to the end of the control frame is greater than or equal to the minimum trigger frame processing time of the first type of device, and the first type of device is a device capable of interpreting association identifiers in the first user information fields.
[0022] A third aspect provides a method for transmitting physical layer protocol data units. This method may be performed by a first device, or by a chip or circuitry located in the first device. This is not limited to the present application.
[0023] The method may include the steps of generating a physical layer protocol data unit (PPDU), the PPDU comprising a control wrapper frame, the control wrapper frame comprising first information and a control frame, the first information comprising information for protecting the control frame, and transmitting the PPDU.
[0024] In the technical solution, existing or newly defined control wrapper frames are used to carry control frame protection information to prevent the control frame from being attacked. This control frame protection mechanism is applicable to any control frame. Since the protection mechanism does not require modification or redefinition of the control frame, it is particularly applicable to control frames with a fixed frame structure.
[0025] A fourth aspect provides a method for receiving a physical layer protocol data unit. This method may be performed by a second device, or by a chip or circuit configured in the second device. This is not limited to the present application.
[0026] The method may include the step of receiving a physical layer protocol data unit (PPDU), where the PPDU includes a control wrapper frame, the control wrapper frame includes first information and a control frame, and the first information includes information for protecting the control frame, and the step of parsing the PPDU.
[0027] For the beneficial effects of the fourth aspect, refer to the description of the third aspect. Details are not described again in this specification.
[0028] In the implementation manners of the third aspect or the fourth aspect, the first information includes at least one of a key identifier, a packet number (PN), and a message integrity code (MIC).
[0029] In some implementation manners of the third aspect, the control wrapper frame carries the MIC, and the method further includes the step of determining a local MIC and the step of considering that the control frame is not forged when it is determined that the local MIC matches the MIC carried in the control frame.
[0030] In some implementation manners of the third aspect, the control wrapper frame carries the PN, and the method further includes the step of considering that no replay attack has occurred in the control frame when it is determined that the PN carried in the control frame is larger than the previously received PN.
[0031] In the implementation manners of the third aspect or the fourth aspect, the first information is carried in a high-throughput control field.
[0032] In the implementation manners of the third aspect or the fourth aspect, the first information is carried in a control frame protection information field.
[0033] In the implementation of the third or fourth embodiment, the control wrapper frame is a trigger frame, the trigger type field in the common information field of the trigger frame carries a first value, the first value indicating that the control wrapper frame includes a control frame protection information field and a transport frame field, the first value is one of 8 to 15, and the control frame is transported in the transport frame field.
[0034] According to a fifth aspect, a method for transmitting physical layer protocol data units is provided. This method may be performed by a first device, or by a chip or circuit located in the first device. This is not limited to the present application.
[0035] The method may include the steps of generating a physical layer protocol data unit (PPDU), the PPDU comprising an aggregated media access control protocol data unit (A-MPDU), the A-MPDU comprising a first media access control protocol data unit (MPDU) and a second MPDU, the first MPDU carrying a control frame, and the second MPDU carrying first information, the first information including information for protecting the control frame; and transmitting the PPDU.
[0036] In the technical solution, an A-MPDU is used, which aggregates multiple MPDUs. One MPDU (frame) in the A-MPDU carries the control frame, while other MPDUs in the A-MPDU carry the first information. In other words, the control frame is protected across frames by using the A-MPDU. This control frame protection mechanism is applicable to any control frame. This protection mechanism is particularly applicable to control frames whose frame format cannot be changed, as it does not require modification or redefinition of the control frame.
[0037] According to a sixth aspect, a method for receiving a physical layer protocol data unit is provided. This method may be performed by a second device, or by a chip or circuit configured in the second device. This is not limited to the present application.
[0038] The method may include the steps of receiving a physical layer protocol data unit PPDU, the PPDU comprising an aggregated medium access control protocol data unit A-MPDU, the A-MPDU comprising a first medium access control protocol data unit MPDU and a second MPDU, the first MPDU carrying a control frame and the second MPDU carrying first information, the first information including information for protecting the control frame, and parsing the PPDU.
[0039] For the beneficial effects of the sixth aspect, please refer to the description of the fifth aspect. Further details will not be provided herein.
[0040] In the implementation of the fifth or sixth embodiment, the first information includes at least one of a key identifier, a packet number PN, and a message integrity code MIC.
[0041] In some implementations of the sixth embodiment, a second MPDU carries an MIC, the method further comprising the steps of determining a local MIC and determining that the control frame is not forged when it is determined that the local MIC matches the MIC carried in the control frame.
[0042] In some implementations of the sixth embodiment, the second MPDU carries a PN, the method further includes the step of determining that no replay attack has occurred in the control frame when it is determined that the PN carried in the control frame is greater than a previously received PN.
[0043] According to the seventh aspect, a communication device is provided. The communication device includes a processing unit configured to generate a physical layer protocol data unit (PPDU), the PPDU comprising a control frame, the control frame comprising N first user information fields, the association identifier in the first user information field indicating that the first user information field carries first information, the first information comprising information for protecting the control frame, where N is an integer of 1 or more, and a communication unit configured to transmit the PPDU.
[0044] According to the eighth aspect, a communication device is provided. The communication device includes a communication unit configured to receive a physical layer protocol data unit (PPDU), the PPDU comprising a control frame, the control frame comprising N first user information fields, the association identifier in the first user information field indicating that the first user information field carries first information, the first information comprising information for protecting the control frame, where N is an integer of 1 or more, and a processing unit configured to parse the PPDU.
[0045] In some implementations of the seventh or eighth embodiment, the first information includes at least one of a key identifier, a packet number PN, and a message integrity code MIC.
[0046] In some implementations of the eighth aspect, the control frame carries the MIC, and the processing unit is further configured to determine the local MIC. The processing unit is further configured to determine that the local MIC matches the MIC carried in the control frame. The processing unit is further configured to assume that the control frame is not forged.
[0047] In some implementations of the eighth aspect, the control frame carries a PN, and the processing unit is further configured to determine that the PN carried in the control frame is greater than a previously received PN. The processing unit is further configured to determine that no replay attack has occurred within the control frame.
[0048] In some implementations of the seventh or eighth aspect, one of the N association identifiers in the N first user information fields is a predefined value.
[0049] In some implementations of the seventh or eighth aspect, a common field in the control frame carries second information, and the second information indicates that the control frame carries first information.
[0050] In some implementations of the seventh or eighth embodiment, a common field in the control frame carries third information, the third information indicating the location of at least one of the N first user information fields.
[0051] In some implementations of the seventh or eighth embodiment, at least one of the common fields or frame check sequence (FCS) fields in the control frame carries fourth information, the fourth information includes information for protecting the control frame.
[0052] In some implementations of the seventh or eighth aspect, the frame check sequence FCS field in the control frame carries a first exclusive OR result at a first position, the first exclusive OR result being the exclusive OR result of the corresponding cyclic redundancy code CRC at the first position of the FCS field and fifth information, the fifth information containing information for protecting the control frame, and the number of bits in the bit value corresponding to the CRC at the first position of the FCS field is the same as the number of bits in the bit value corresponding to the fifth information.
[0053] In some implementations of the seventh or eighth embodiment, the duration from the end of the last of the N first user information fields to the end of the control frame is greater than or equal to the minimum trigger frame processing time of the first type of device, and the first type of device is a device capable of interpreting association identifiers in the first user information fields.
[0054] According to the ninth aspect, a communication device is provided. The communication device includes a processing unit configured to generate a physical layer protocol data unit (PPDU), the PPDU comprising a control wrapper frame, the control wrapper frame comprising first information and a control frame, the first information comprising information for protecting the control frame, and a communication unit configured to transmit the PPDU.
[0055] According to a tenth aspect, a communication device is provided. The communication device includes a communication unit configured to receive a physical layer protocol data unit (PPDU), the PPDU comprising a control wrapper frame, the control wrapper frame comprising first information and a control frame, the first information comprising information for protecting the control frame, and a processing unit configured to parse the PPDU.
[0056] In the implementation of the ninth or tenth embodiment, the first information includes at least one of a key identifier, a packet number PN, and a message integrity code MIC.
[0057] In some implementations of the ninth embodiment, a control wrapper frame carries an MIC, and a processing unit is further configured to determine a local MIC. The processing unit is further configured to determine that the local MIC matches the MIC carried in the control frame. The processing unit is further configured to determine that the control frame is not forged.
[0058] In some implementations of the ninth embodiment, a control wrapper frame carries a PN, and the processing unit is further configured to determine that the PN carried in the control frame is greater than a previously received PN. The processing unit is further configured to determine that no replay attack has occurred within the control frame.
[0059] In the implementation of the ninth or tenth embodiment, the first information is transported in a high-throughput control field.
[0060] In the implementation of the ninth or tenth embodiment, the first information is transported in a control frame protection information field.
[0061] In the implementation of the ninth or tenth embodiment, the control wrapper frame is a trigger frame, the trigger type field in the common information field of the trigger frame carries a first value, the first value indicating that the control wrapper frame includes a control frame protection information field and a transport frame field, the first value is one of 8 to 15, and the control frame is transported in the transport frame field.
[0062] According to the eleventh aspect, a communication device is provided. The communication device includes a processing unit configured to generate a physical layer protocol data unit PPDU, the PPDU comprising an aggregate medium access control protocol data unit A-MPDU, the A-MPDU comprising a first medium access control protocol data unit MPDU and a second MPDU, the first MPDU carrying a control frame, and the second MPDU carrying first information, the first information comprising information for protecting the control frame; and a communication unit configured to transmit the PPDU.
[0063] According to a twelfth aspect, a communication device is provided. The communication device includes a communication unit configured to receive a physical layer protocol data unit PPDU, the PPDU comprising an aggregate medium access control protocol data unit A-MPDU, the A-MPDU comprising a first medium access control protocol data unit MPDU and a second MPDU, the first MPDU carrying a control frame, and the second MPDU carrying first information, the first information comprising information for protecting the control frame; and a processing unit configured to parse the PPDU.
[0064] In the implementation of the 11th or 12th embodiment, the first information includes at least one of a key identifier, a packet number PN, and a message integrity code MIC.
[0065] In some implementations of the twelfth embodiment, a second MPDU carries the MIC, and a processing unit is further configured to determine the local MIC. The processing unit is further configured to determine that the local MIC matches the MIC carried in the control frame. The processing unit is further configured to determine that the control frame is not forged.
[0066] In some implementations of the twelfth embodiment, the second MPDU carries the PN, and the processing unit is further configured to determine that the PN carried in the control frame is greater than the PN previously received. The processing unit is further configured to determine that no replay attack has occurred within the control frame.
[0067] According to the 13th aspect, a communication device is provided, including a processor. The processor may be coupled to memory and configured to execute instructions in memory to implement a method according to the first, third, or fifth aspect, and any one of the possible implementations of the first, third, or fifth aspect. Optionally, the device further includes memory. Optionally, the device further includes a communication interface, and the processor is coupled to the communication interface.
[0068] In this implementation, the device is the first device. When the device is the first device, the communication interface may be a transceiver or an input / output interface.
[0069] In other implementations, the device is a chip located on the first device. When the device is a chip located on the first device, the communication interface may be an input / output interface.
[0070] According to the 14th aspect, a communication device is provided, including a processor. The processor may be coupled to memory and configured to execute instructions in memory to implement a method according to the second, fourth, or sixth aspect, and any one of the possible implementations of the second, fourth, or sixth aspect. Optionally, the device further includes memory. Optionally, the device further includes a communication interface, and the processor is coupled to the communication interface.
[0071] In this implementation, the device in question is the second device. When the device in question is the second device, the communication interface may be a transceiver or an input / output interface.
[0072] In other implementations, the device is a chip located on the second device. When the device is a chip located on the second device, the communication interface may be an input / output interface.
[0073] According to the 15th aspect, a computer-readable storage medium is provided. The computer-readable storage medium stores computer instructions. When the computer instructions are executed by the device, the device becomes capable of implementing a method in any one of the first to sixth aspects and any possible implementations of the first to sixth aspects.
[0074] According to the sixteenth aspect, a computer program product including instructions is provided. The computer program product includes a computer program. When the computer program is executed by a device, the device becomes capable of implementing a method provided in the first to sixth aspects and any one of the possible implementations of the first to sixth aspects.
[0075] According to the 17th aspect, a communication system is provided. The communication system includes the first device and the second device described above. The first device is configured to perform a method according to the first, third, or fifth aspect, or any one of the possible implementations of the first, third, or fifth aspect, and the second device is configured to perform a method according to the second, fourth, or sixth aspect, or any one of the possible implementations of the second, fourth, or sixth aspect. [Brief explanation of the drawing]
[0076] [Figure 1] This is a diagram of the network architecture of a wireless local area network to which embodiments of this application are applicable. [Figure 2] This is a diagram of a communication device according to an embodiment of this application. [Figure 3] This is a diagram of a physical layer protocol data unit transmission and reception method according to an embodiment of this application. [Figure 4] This diagram shows how the AP sends a trigger frame to trigger multi-user uplink transmission. [Figure 5] This is a diagram of the frame structure of an 802.11 trigger frame. [Figure 6] This is a diagram of the trigger frame protection mechanism according to this application. [Figure 7] This is a diagram of another trigger frame protection mechanism according to this application. [Figure 8] This is a diagram of the NDPA frame protection mechanism according to this application. [Figure 9]This is a diagram of another physical layer protocol data unit transmission and reception method according to an embodiment of this application. [Figure 10] This is a diagram showing the frame structure of a control wrapper frame in an existing standard. [Figure 11] This is a diagram of the frame structure of a new control wrapper frame according to this application. [Figure 12] This is a diagram showing the frame structure of the trigger-based control wrapper frame according to this application. [Figure 13] This is a diagram of yet another physical layer protocol data unit transmission and reception method according to an embodiment of this application. [Figure 14] This is a diagram illustrating the case in which A-MPDU can transport first information. [Figure 15] This is a block diagram of a communication device 200 according to an embodiment of this application. [Figure 16] This is a block diagram of a communication device 300 according to an embodiment of this application. [Modes for carrying out the invention]
[0077] The technical solutions of the embodiments in this application are described below with reference to the accompanying drawings. Clearly, the embodiments described are a part of, but not all, of the embodiments in this application. All other embodiments obtained by those skilled in the art based on the embodiments in this application without creative effort shall fall within the scope of protection of this application.
[0078] In embodiments of this application, terms such as “example” or “for example” indicate that an example, illustration, or explanation is being given. No embodiment or design described as “example” in this application should be described as being preferable to or having more advantages than other embodiments or design designs. More precisely, the term “example” is used to present a concept in a particular manner.
[0079] The service scenarios described in embodiments of this application are intended to more clearly illustrate the technical solutions in embodiments of this application, but do not constitute a limitation on the technical solutions provided in embodiments of this application. Those skilled in the art will know that, as new service scenarios arise, the technical solutions provided in embodiments of this application may also be applicable to similar technical problems.
[0080] It should be noted that the term "field" in this application may generally refer to a part of information, and may also be called "field," "field," etc. Furthermore, the names of the fields in this application are merely examples, and other names may be used in a particular mode of implementation. This is not particularly limited in this application.
[0081] It should be understood that the “embodiments” referred to throughout this specification mean that certain features, structures, or characteristics related to these embodiments are included in at least one embodiment of this application. Therefore, embodiments in the entire specification do not necessarily represent the same embodiment. Furthermore, these particular features, structures, or characteristics may be combined in one or more embodiments by using any suitable method.
[0082] It should be further understood that ordinal numbers such as "First" and "Second" in the embodiments of this application are for distinguishing multiple objects and are not intended to limit the size, content, order, chronological order, priority, importance, etc. of the multiple objects. For example, the first piece of information and the second piece of information do not indicate differences in the amount of information, content, priority, importance, etc.
[0083] In this application, both "when" and "in the case" mean that the network element performs the corresponding processing in the desired situation, but do not constitute a time limit, do not require the network element to have a decision action during implementation, and do not imply any other limitations.
[0084] In embodiments of this application, “B corresponding to A” indicates that B is associated with A, and it should be further understood that B may be determined based on A. However, determining B based on A does not mean that B is determined solely based on A. B may, alternatively, be determined based on A and / or other information.
[0085] In this application, “at least one” means one or more, and “multiple” means two or more. The term “and / or” describes an association relationship to describe related objects and indicates that three relationships may exist. For example, A and / or B may mean that only A exists, both A and B exist, or only B exists, and A and B may be singular or plural. The letter “ / ” generally indicates an “or” relationship between related objects. “At least one of the following items (parts)” or a similar expression means any combination of these items, including either a singular item (part) or a combination of multiple items (parts). For example, at least one item (part) of a, b or c may mean a, b, c, a and b, a and c, b and c, or a, b and c, and a, b and c may be singular or plural.
[0086] The technical solutions provided in embodiments of this application are applicable to wireless local area network (WLAN) scenarios. For example, IEEE 802.11a / b / g standards, 802.11n standards, 802.11ac standards, 802.11ax standards and next-generation Wi-Fi protocols such as 802.11be, Wi-Fi 7, 802.11ad, 802.11ay, 802.11bf or 802.11be, or IEEE 802.11 related standards such as Wi-Fi 8 are supported. The technical solutions provided in embodiments of this application may also be applied to ultra-wideband (UWB) based wireless personal area network systems, such as the 802.15 series standards, or to sensing systems, such as the 802.11bf series standards. The 802.11n standard is called high throughput (HT), the 802.11ac standard is called very high throughput (VHT), the 802.11ax standard is called high efficiency (HE), and 802.11be is called extremely high throughput (EHT). Standards prior to HT, such as 802.11a / b / g, are collectively referred to as non-HT (non-high throughput). Currently, next-generation standards beyond IEEE 802.11be are also being researched and are called ultra-high reliability (UHR).
[0087] While embodiments of this application are primarily described using examples in which WLAN networks, particularly networks to which the IEEE 802.11 system standard applies, those skilled in the art will readily understand that various aspects of embodiments of this application may be extended to other networks using various standards or protocols, such as high-performance radio local area networks (HIPERLAN), wireless wide area networks (WWAN), wireless personal area networks (WPAN), or other known or future-developed networks. Therefore, regardless of the coverage area used and the wireless access protocol used, various aspects provided in embodiments of this application are applicable to any suitable wireless network. For example, embodiments of this application are further applicable to wireless local area network systems such as Internet of Things (IoT) networks or vehicle-to-X (V2X) networks. Clearly, embodiments of this application are further applicable to other possible communication systems, such as long-term evolution (LTE) systems, LTE frequency division duplex (FDD) systems, LTE time division duplex (TDD) systems, universal mobile telecommunications systems (UMTS), worldwide interoperability for microwave access (WiMAX) communication systems, 5th generation (5G) communication systems, and future 6th generation (6G) communication systems.
[0088] The communication systems applicable to this application are merely illustrative examples and are not limited to those applicable to this application. This is all described once in this specification, and further details will not be described again below.
[0089] A WLAN may include multiple basic service sets (BSS). Network nodes within a BSS are stations (STAs) and access points (APs). Each BSS may include one AP and multiple STAs associated with that AP.
[0090] The AP in embodiments of this application may also be called a wireless access point, hotspot, etc. An AP is an access point for mobile users to access a wired network and is primarily deployed inside homes, buildings, and campuses, with a typical coverage radius of tens to hundreds of meters. Obviously, an AP may be deployed outdoors as an alternative. An AP acts as a bridge connecting a wired network and a wireless network. The main function of an AP is to connect wireless network clients to each other and then connect the wireless network to Ethernet. For example, an AP may be a device that supports the 802.11ax protocol and a device that supports the next-generation Wi-Fi protocol of 802.11ax. Furthermore, an AP may be a device that supports one or more WLAN standards, such as the 802.11 series protocols or subsequent versions such as the next-generation 802.11be, e.g., Wi-Fi 8 and UHR.
[0091] In embodiments of this application, STA may be a wireless communication chip, a wireless sensor, or a wireless communication terminal, for example, a mobile phone supporting Wi-Fi communication functionality, a tablet computer supporting Wi-Fi communication functionality, a set-top box supporting Wi-Fi communication functionality, a smart TV supporting Wi-Fi communication functionality, a smart wearable device supporting Wi-Fi communication functionality, an in-vehicle communication device supporting Wi-Fi communication functionality, or a computer supporting Wi-Fi communication functionality. For example, STA may be a device supporting the 802.11ax standard and a device supporting the next-generation Wi-Fi protocol of 802.11ax. Furthermore, STA may be a device supporting one or more WLAN standards, such as the 802.11 series protocols or subsequent versions such as the next-generation of 802.11be, for example, Wi-Fi 8 and UHR.
[0092] In embodiments of this application, in exemplary structures, the STA or AP includes a hardware layer, an operating system layer operating on the hardware layer, and an application layer operating on the operating system layer. The hardware layer includes hardware such as a central processing unit (CPU), a memory management unit (MMU), and memory (also called main memory). The operating system is one or more computer operating systems that implement service processing through processes, for example, a Linux operating system, a Unix operating system, an Android operating system, an iOS operating system, or a Windows operating system. The application layer includes applications such as a browser, an address book, document processing software, and instant messaging software. The specific structure of the execution entity of the method provided in embodiments of this application is not uniquely limited in the above examples, provided that a program recording the code of the method provided in embodiments of this application can be executed to perform communication according to the method provided in embodiments of this application. For example, the method provided in embodiments of this application may be executed by an STA, an AP, or a functional module located within the STA or AP that can call and execute a program.
[0093] Furthermore, aspects or features of this application may be realized as methods, apparatus or products using standard programming and / or engineering techniques. As used in this application, the term “product” covers a computer program accessible from any computer-readable component, carrier or medium. For example, computer-readable medium may include, but is not limited to, magnetic storage components (e.g., hard disks, floppy disks or magnetic tapes), optical discs (e.g., compact discs (CDs), digital versatile discs (DVDs)), smart cards and flash memory components (e.g., erasable programmable read-only memory (EPROM), cards, sticks or key drives). Furthermore, the various storage media described herein may represent one or more devices and / or other machine-readable media configured to store information. The term “machine-readable medium” may include, but is not limited to, wireless channels and various other media capable of storing, containing and / or carrying instructions and / or data.
[0094] Figure 1 is a diagram of a network architecture of a wireless local area network to which embodiments of this application are applicable. As shown in Figure 1, one AP may be associated with one or more STAs, that is, one AP may communicate with one or more STAs. As shown in Figure 1, the network architecture of the wireless local area network may further include multiple APs, and different APs may communicate with each other. For example, as shown in Figure 1, the drawing shows AP#1, AP#2, and STA11 and STA12 associated with AP#1. Data transmission may be performed between AP#1 and STA11 or STA12, data transmission may be performed between STA11 and STA12, and AP#1 and AP#2 may also communicate with each other.
[0095] Figure 1 is merely an example, and it should be understood that the network architecture of the wireless local area network to which this application applies should not be limited. For example, the network architecture may include more APs, and each AP may be associated with more STAs. This is not limited to the embodiments of this application.
[0096] Figure 2 is a diagram of a communication device according to an embodiment of this application. The communication device may include one or more of the following components: a processor 210, a transmitter 220, a memory 230, a receiver 240, a signal detector 250, a digital signal processor 260, and a user interface 270. It should be understood that the communication device may include only a portion of the modules shown in the drawings. For example, the communication device includes the processor 210 and the memory 230. In some possible implementations, the communication device may be an AP or an STA.
[0097] In today's society, information security is crucial. In wireless local area network transmission, STAs and APs typically need to be associated and authenticated before data transmission, and can only transmit data after obtaining the relevant keys.
[0098] In wireless local area network transmission, communication frames primarily consist of three types: data frames, management frames, and control frames. Data frames are used to carry higher-layer data. Management frames are used to carry some information for cell management. For example, management frames include beacon frames and association request frames. Control frames typically carry some short control signaling. For example, management frames include delivery acknowledgment frames and trigger frames. Currently, control frames typically carry some simple control signaling and do not attract sufficient attention, leading to greater concerns about protecting data frames and management frames. However, in recent years, control frames have become increasingly important in data communications. For example, control frames may be used to schedule uplink data transmissions. As a result, the types of attacks against control frames are increasing. For example, an attacker might impersonate an AP, send a Basic Trigger frame, cause the STA to send data and reports for an extended period, occupy the air interface, and consume power. In another example, an attacker could impersonate an AP and send a multiple user request to send (MU-RTS) trigger frame, triggering the STA to respond with a delivery acknowledgment frame and clear a buffer that should be stored. In yet another example, an attacker could impersonate an AP and send a multiple user block ack request (MU-BAR) trigger frame, triggering the STA to wake up from low-power consumption mode to high-power consumption mode and send a sendable frame accordingly. Therefore, attacks on control frames can be prevented by carrying information to protect them within the control frame. However, how to carry the corresponding protection information to protect the control frame is still unclear.
[0099] With this in mind, this application provides a method for transmitting and receiving physical layer protocol data units to specify a control frame protection mechanism that can effectively prevent attacks on control frames.
[0100] Figure 3 is a diagram of a physical layer protocol data unit transmission and reception method according to an embodiment of this application. The method includes the following steps. For example, in the method, the first device is an AP and the second device is an STA.
[0101] S310: The first device generates a physical layer protocol data unit (PPDU).
[0102] A PPDU contains a control frame, the control frame contains N first user information fields, the association identifier in the first user information field indicates that the first user information field carries first information, the first information contains information for protecting the control frame, and N is an integer greater than or equal to 1.
[0103] It should be noted that the control frame in this embodiment of the application may further include one or more first user information fields other than the N first user information fields. This is not limited to the application.
[0104] For the sake of clarity, in this embodiment of this application, all information transported within and for the protection of the control frame is referred to as Protection Information #1. Protection Information #1 provided in this embodiment of this application is not particularly limited. Any information that can be used to protect the control frame falls within the scope of Protection Information #1 provided in this embodiment of this application. The first information includes information for protecting the control frame. It can be understood that the first information includes some or all of the information within Protection Information #1.
[0105] For example, to prevent forgery and replay attacks, protection information #1 may include at least one of a Key ID, a packet number (PN), and a message integrity code (MIC). In this embodiment of the application, the field carrying the Key ID may be called the Key ID field, the field carrying the PN may be called the PN field, and the field carrying the MIC may be called the MIC field. The PN in the PN field is used to identify the protected control frame. The MIC field carries the MIC calculated based on the protected control frame. For MIC calculation, information and keys that need to be encrypted are required. The information that needs to be encrypted is a portion of the frame body of the protected control frame, as well as additional authentication data (AAD) including a frame control field and several address fields. The length of the MIC field depends on the keys obtained by the first and second devices in the authentication process. For example, in a particular algorithm, the 128 bits of information and 128 bits of key that need to be encrypted within the control frame may be output as 128 bits of information by using the encryption algorithm, and ultimately, 8 bytes (i.e., 64 bits) of the output 128 bits of information are used as the MIC. How to determine whether a forgery attack and a replay attack have occurred against the control frame based on the PN and MIC is described in detail in S330. Further details are not described herein.
[0106] The following describes in detail how the first information is transported within the first user information field of a trigger frame, using an example where the control frame is the trigger frame. Before describing how the first information is transported, the frame format of the trigger frame and the trigger-based transmission procedure are first described. Typically, the STA performs uplink data transmission after obtaining transmission permission through channel contention, for example, the channel is preempted using the enhanced distributed channel access (EDCA) method. The trigger-based scheduling uplink transmission method was introduced in the 802.11ax standard and has been inherited by 802.11be. The following describes a solution in which the AP triggers uplink multi-user transmission in the 802.11be standard, with reference to Figure 4. This solution includes the following steps.
[0107] Step 1: The AP sends a trigger frame.
[0108] Figure 5 shows the frame structure of an 802.11 trigger frame. The trigger frame includes a Common Info field and a User Info List field. For the meaning of the fields included in the Common Info field, refer to the description in the protocol. Further details will not be provided again in this specification. The User Info List field includes multiple User Info fields. Each User Info field includes an Association Identifier 12 (AID12) field, and the value of the AID12 field in the first User Info field is 2007. Some Common Info is carried after the AID12 field in the User Info field. The first User Info field is a User Info field, but it carries Common Info. Therefore, the first User Info field may be called a Special User Info field. When AID12 is associated with an STA, it should be noted that the AP does not assign the AID12 of 2007 to any STA. Therefore, when the STA receives a trigger frame with an AID12 value of 2007, there is no ambiguity. Starting with the second user information field, the AID12 field within the user information field specifically refers to the STA user. The user information field contains information that needs to be read by the referred STA user. The resource unit allocation (RU allocation) subfield and primary / secondary 160 fields within the user information field jointly indicate the location of a specific resource unit (RU) or multiple resource unit (MRU) assigned to the STA user. Furthermore, Figure 5 separately indicates the number of bits occupied by the fields contained in the common information field and the user information list field. In this specification, only examples are used for illustrative purposes. For example, the AID12 field in user information 1 corresponds to B0-B11, indicating that the AID12 field is the first 12 bits in the user information 1 field.
[0109] Step 2: The STAs (e.g., STA#1 and STA#2) receive the trigger frame and first read the common information field and the special user information field. Then, if the STA obtains the user information field that needs to be read from the trigger frame through parsing, the STA sends the respective extremely high throughput trigger-based physical layer protocol data unit (EHT TB PPDU) on the RU or MRU indicated by the resource unit allocation field in the user information field.
[0110] Step 3: After receiving an EHT TB PPDU transmitted by one or more stations, the AP responds with a multi-station block acknowledgment (M-BA) frame.
[0111] The following describes how the first information is carried within the trigger frame. In the user information list field within the trigger frame, in addition to the special user information field whose AID12 field value is 2007, other types of user information fields (i.e., the first user information field) may be added. The AID12 field value in the first user information field may be a predefined value, and this predefined value may indicate that the first user information field carries the first information.
[0112] For example, the predefined value may be one or more values from 2008-2044 or 2047-4094. The value of the AID12 field in the first user information field does not conflict with the AID12 value corresponding to an existing STA user, and it can be understood that the first user information field is considered to be the user information field of another STA user that is not sent to other STAs by other STA users. Therefore, the reception of trigger frames by STA users is unaffected.
[0113] For example, the predefined value may also be one or more values between 1 and 2006. Since the sequence of user information fields is considered in the 802.11ax standard, it can be understood that the standard suggests that user information fields assigned to a user (i.e., user information fields where the value of the AID12 field within the user information field is between 1 and 2007) must be placed before the user information list field. Thus, one or more values between 1 and 2006 may, as an alternative, be used as the value of the AID12 field in the first user information field and may not be assigned to the STA, and as a result the STA can obtain control frame protection information at the beginning of the user information list to obtain a longer trigger frame processing time. For details regarding the trigger frame processing time of the STA, see the explanation in Figure 7. Further details are not described herein.
[0114] Optionally, a trigger frame includes one first user information field, and the first user information field carries first information. As shown in Figure 6, a trigger frame includes one first user information field (i.e., user information field M in the drawing), and the first information carried in user information field M includes a key identifier, PN, and MIC. Specifically, B12 (i.e., the key identifier field) in user information field M carries the key identifier, B13-B23 (i.e., the PN fields) carry the PN, and B24-B39 (i.e., the MIC fields) carry the MIC. It should be understood that Figure 6 only shows an example of the sequence of information carried. The actual sequence of information carried is not limited in this application.
[0115] Optionally, a trigger frame includes multiple first user information fields, each carrying its own corresponding first information. As shown in Figure 7, a trigger frame includes two first user information fields (i.e., user information field M-1 and user information field #M in the drawing). The first information carried in user information field M-1 includes a key identifier and a PN, and the first information carried in user information field M includes an MIC. Specifically, in user information field M-1, B12 (i.e., the key identifier field) carries the key identifier, B13-B39 (i.e., the PN fields) carry the PN, and B12-B39 (i.e., the MIC fields) in user information field M carry the MIC. A trigger frame may further include three, four, or more first user information fields. Examples are not described one by one in this specification.
[0116] Optionally, the values of the AID12 field in multiple first user information fields may be the same or different.
[0117] Optionally, the positions of multiple first user information fields may be consecutive, discrete, or partially consecutive and partially discrete.
[0118] Optionally, the information in protection information #1 may be carried in a first user information field of the control frame, or in a common field of the control frame. The common information field in this embodiment of the application may include a common information field and / or a user information field (i.e., a special user information field) where the value of the AID12 field is 2007. For example, part of protection information #1 may be carried in one or more bits from B22, B53 and B56-B63 in the common information field. Alternatively, part of protection information #1 may be carried in one or more bits from B25-B39 in the user information field where the value of the AID12 field is 2007.
[0119] Optionally, the information in protection information #1 may also be carried in the frame check sequence (FCS) field of the control frame. It should be noted that if protection information #1 is not carried, the FCS field will carry the cyclic redundancy code (CRC). Two specific implementations are provided below.
[0120] In a possible implementation, the FCS field in the control frame carries a fourth piece of information at a first position, which includes information to protect the control frame (the fourth piece of information is the information contained in protection information #1). In this implementation, it can be understood that the CRC originally carried in the FCS field at the first position is replaced with the fourth piece of information. For example, when the FCS field does not carry protection information #1, the originally carried CRC is 10110110010001001110001111100011. If the fourth piece of information that needs to be carried in the FCS field is 110, then any three bits in the FCS field may be replaced with 110. Here, replacing the first three bits in the FCS field is used as an example. The replaced FCS field is 11010110010001001110001111100011.
[0121] In other possible implementations, the FCS field of the control frame carries a first exclusive OR result at a first position. The first exclusive OR result is the exclusive OR of the CRC carried at the first position when the FCS field does not carry protection information #1 and a fifth piece of information, the fifth piece of information contains information for protecting the control frame (the fifth piece of information is the information contained in protection information #1), and the number of bits in the bit value corresponding to the CRC at the first position of the FCS field is the same as the number of bits in the bit value corresponding to the fifth piece of information. For example, as described above, when the FCS field does not carry protection information #1, the originally carried CRC is 10110110010001001110001111100011. If the fifth piece of information that needs to be carried in the FCS field is 110, and the first position is the first three bits in the FCS field, then the exclusive OR result of the first is 011, which is the exclusive OR of 101 and 110, and the information carried in the FCS field changes from 10110110010001001110001111100011 to 01110110010001001110001111100011.
[0122] Solutions that partially replace the CRC in the FCS field or XOR the CRC in the FCS field can reduce the overhead of carrying protection information within the control frame. Furthermore, this solution also takes into account control frame transmission errors caused by poor channel quality and MIC errors caused by forgery. The reason is as follows: Since both control frame transmission errors and forged MICs can cause errors in the FCS field, both errors can be identified.
[0123] Optionally, a common field within the trigger frame carries second information, and this second information indicates that the trigger frame carries first information. For example, the second information may be carried by one of bits B22, B53, and B56-B63 within the common information field. For example, part of the protection information #1 may, alternatively, be carried by one bit B25-B39 within the user information field, where the value of the AID12 field is 2007. As shown in Figures 6 and 7, in a possible implementation, the second information is carried by B56 within the common information field. For example, the field corresponding to B56 may be called the protection field. Carrying the second information within the common field of the trigger frame helps the STA supporting trigger frame protection to pre-prepare for reading the protection information (i.e., the first information) carried in the first user information field after reading the second information.
[0124] Furthermore, to help the STA quickly locate the position of the first user information field, a third piece of information may be carried in a common field. The third piece of information indicates the position of at least one first user information field contained in the trigger frame. For example, the third piece of information may be carried in one or more bits from B22, B53 and B56-B63 in the common information field. For example, part of the protection information #1 may, as an alternative, be carried in one or more bits from B25-B39 in the user information field where the value of the AID12 field is 2007. For example, the third piece of information indicates the position of the first first user information field in the trigger frame, and all first user information fields in the trigger frame are consecutive. For example, the third piece of information may be carried in a 5-bit field, with a value of 00011, indicating that the first first user information field in the trigger frame is the third user information field in the user information list field. In another example, there is a 5-bit field, e.g., a 5-bit field 11111, indicating that the 1st to 32nd user information fields in the user information list field carry information related to protecting the trigger frame. Furthermore, if there may be a large number of first user information fields, the indication granularity may increase. For example, there may also be a 5-bit field, which may indicate that the 2nd, 4th, 6th, ..., 62nd and 64th user information fields in the user information list carry information related to protecting the trigger frame. As shown in Figures 6 and 7, in possible implementations, the third information is carried in B57-B62 in the common information field. For example, the fields corresponding to B57-B62 may be called protection information position indicator fields.
[0125] Furthermore, with respect to the trigger frame carrying the first user information field, STAs that support trigger frame protection and STAs that do not support trigger frame protection have different understandings of trigger frame processing time. As shown in Figure 7, for STA#1, which does not support trigger frame protection, for example, user information #2 is a user information field that needs to be read by STA#1. In the trigger frame parsing process, after finding STA#1's user information field, STA#1 may stop receiving subsequent user information list fields. In this case, the trigger frame processing time understood by STA#1 may be the duration from the end of user information field #2 to the end of the trigger frame. However, for STA#2, which supports trigger frame protection, in addition to reading STA#2's user information field, STA#2 may need to further read all first user information fields in the trigger frame in order to obtain the first information. The last user information field included in the trigger frame in Figure 7 is user information field #M. In this case, the trigger frame processing time understood by STA#2 is the duration from the end of user information field #M to the end of the trigger frame. Therefore, when generating trigger frames, the AP needs to appropriately set the trigger frame processing time for STAs that support trigger frame protection and the trigger frame processing time for STAs that do not support trigger frame protection, ensuring that the trigger frame processing time for STAs that support trigger frame protection and the trigger frame processing time for STAs that do not support trigger frame protection are greater than or equal to the minimum trigger frame processing time, thereby obtaining sufficient trigger frame processing time.
[0126] Optionally, existing standard PNs may be reused for the trigger frame (PN), or a separate PN, such as a trigger frame PN (TPN), may be defined for the trigger frame. This is not limited to this application.
[0127] Trigger frames are classified into broadcast trigger frames and unicast trigger frames. Optionally, for broadcast trigger frames, an existing integrity group temporal key (IGTK) or beacon integrity group temporal key (BIGTK) may be reused as the key for the broadcast trigger frame. The IGTK identifier may be 4 or 5, and the BIGTK identifier may be 6 or 7. Optionally, for broadcast trigger frames, the key for the broadcast trigger frame may be, alternatively, a separately defined trigger-based integrity group temporal key (trigger IGTK, TIGTK). Optionally, for unicast trigger frames, an existing pairwise transient key (PTK) may be reused as the key for the unicast trigger frame, or a separate trigger temporal key (TTK) may be generated. Furthermore, different keys may be further defined for uplink trigger frames and downlink trigger frames, respectively. This is not limited to this application.
[0128] In possible implementations, TTK and TIGTK may also be the control frame temporal key (CTK) and the control frame integrity group temporal key (CIGTK).
[0129] In a multi-link scenario, independent CTKs and independent CIGTKs must be defined for each link. The multi-link scenario is described below. In a multi-link scenario, there is an AP multi-link device (MLD) and an STA MLD. Multiple connections may be established between the AP MLD and the STA MLD. For example, the AP MLD contains three linked APs, AP1, AP2, and AP3. The STA MLD contains three linked STAs, STA1, STA2, and STA3. The multiple connections are Link 1 between AP1 and STA1, Link 2 between AP2 and STA2, and Link 3 between AP3 and STA3. The three links correspond to three frequency bands, 2.4GHz, 5GHz, and 6GHz, respectively. This multi-link functionality can optimize the use of spectral resources across multiple links. One CTK is bound to the medium access control (MAC) addresses at the two ends of the corresponding link, where the MAC addresses are the MAC addresses of the affiliated AP and the affiliated STA of the STA MLD, respectively. One CIGTK is bound to the MAC address of the corresponding affiliated AP.
[0130] To achieve key agreement for CIGTK and CTK, the corresponding key data encapsulation (KDE) must be defined.
[0131] For example, the KDE format for CIGTK is defined as shown in Table 1. [Table 1]
[0132] The Key ID indicates the key identifier selected by the authenticator, the Link ID indicates the link on which CIGTK is used, the control frame IGTK packet number (CIPN) carries the packet sequence number of the corresponding CIGTK, and the CIGTK carries the corresponding CIGTK.
[0133] For example, the KDE format for CTK is defined as shown in Table 2. [Table 2]
[0134] The Key ID indicates the key identifier selected by the authenticator, the Link ID indicates the link on which the CTK is used, ANonce carries the authenticator's random number, SNonce carries the supplicant's random number, and Key Info carries information related to the key used to derive the CTK.
[0135] Furthermore, for fast basic service set (BSS) transitions, the corresponding subelements of CIGTK and CTK must be defined in the fast BSS transition element (FTE).
[0136] For example, the format of CIGTK sub-elements is defined as shown in Table 3. [Table 3]
[0137] Subelement ID indicates the subelement identifier, Length indicates the length of the CIGTK subelement, Key ID indicates the key identifier selected by the authenticator, Link ID indicates the link on which the CIGTK is used, CIPN carries the packet sequence number of the corresponding CIGTK, Key Length indicates the key length, i.e., the length of the CIGTK in bytes, and CIGTK carries the corresponding CIGTK.
[0138] For example, the format of CTK sub-elements is defined as shown in Table 4. [Table 4]
[0139] Subelement ID is the subelement identifier, Length indicates the length of the CTK subelement, Key ID indicates the key identifier selected by the authenticator, Link ID indicates the link on which the CTK is used, ANonce carries the authenticator's random number, SNonce carries the supplicant's random number, and Key Info carries information related to the key used to derive the CTK.
[0140] The following describes how protection information #1 is carried within an NDPA frame, using an example where the control frame is a null data packet announcement (NDPA) frame. As shown in Figure 8, the NDPA frame uses a frame structure similar to that of the trigger frame. The frame includes a sounding dialog token field (corresponding to the common information field in the trigger frame) and several station information fields (corresponding to the user information fields in the trigger frame). For the meaning of the fields in station information field 1, refer to the description in the protocol. Further details are not provided herein. It can be seen that each station information field also includes an AID12 field. Thus, the NDPA frame may also be protected by using the method described above. Figure 8 shows an example of a possible method for carrying NDPA frame protection information within an NDPA frame. As shown in Figure 8, the NDPA frame includes station information field N-1 and station information field N (corresponding to the first user information field in the trigger frame). The first information carried in station information field N-1 includes a key identifier and PN, and the first information carried in station information field N includes MIC.
[0141] It should be noted that the AID11 field in an NDPA frame is 11 bits (B0 to B10). Therefore, the maximum value of the AID11 field in the station information field for carrying NDPA frame protection information is 2047.
[0142] It should be further noted that in the station information field carrying protection information #1, B27 must be set to 1 to prevent conventional 802.11ac STAs from mistakenly considering the second of the four bytes, which include two sets of two bytes, as the station information field of a conventional 802.11ac STA. Therefore, if the carried MIC shown in Figure 8 is greater than 16 bits, for example, if the MIC is 17 bits, then B11-B26 of station information field #N may carry any 16 bits of the MIC, and a bit is further selected from B28-B31 to carry the remaining 1 bit (e.g., the most significant bit). For example, in Figure 8, B11-B26 of station information field M carry the 1st to 16th bits of the MIC, and B28 carries the 17th bit of the MIC (i.e., the most significant bit of the MIC).
[0143] S320: The first device sends a PPDU to the second device. In response, the second device receives the PPDU from the first device.
[0144] S330: The second device parses the PPDU.
[0145] After receiving the PPDU, the second device determines, based on the association identifier in the user information field within the PPDU, that the user information field carries the first user information field. The second device then determines protection information #1 based on the first information carried in the first user information field, and based on protection information #1, determines whether the control frame is under attack. If the control frame is under attack, the second device ignores the control frame. Otherwise, the second device proceeds with the subsequent processing steps based on the received control frame.
[0146] Optionally, Figure 6 is used as an example, in which the second device reads the second information in B56 within the common information field of the trigger frame of the PPDU, and the second information indicates that the trigger frame carries the first information. After reading the second information, the second device may pre-prepare to read the protection information (i.e., the first information) carried in the first user information field.
[0147] Optionally, Figure 6 is used as an example, in which the second device reads third information within B57-B62 in the common information field of the trigger frame of the PPDU, the third information indicating the location of at least one first user information field contained in the trigger frame. After reading the third information, the second device can quickly locate the location of the first user information field.
[0148] It should be understood that the second device is aware of what type of information is being carried by the first device at what location within the control frame, and how the information is being carried (e.g., whether it is carried through substitution or XOR in the FCS field). In this way, the second device can read the corresponding information at the corresponding location within the control frame.
[0149] Optionally, an example is used in which protection information #1 includes the PN and MIC to illustrate how the second device determines whether or not forgery and replay attacks against the control frame are prevented. Since the key is obtained during the authentication process between the first and second devices, an attacker cannot obtain the key and therefore cannot forge the MIC, which is recognizable by both the transmitting and receiving ends. Thus, the second device may compute the MIC locally. It should be understood that the second device determines that the key and information to be encrypted used in the local MIC are the same as those used by the MIC determined by the first device, which are carried in the control frame. In other words, the second device knows which information in the received PPDU control frame is the information needed to determine the local MIC. The second device then compares the MIC in protection information #1 with the MIC computed locally by the second device. If the MIC in protection information #1 matches the MIC computed locally by the second device, it is considered that no forgery attack has occurred. Otherwise, it is considered that a forgery attack has occurred. Furthermore, the second device identifies the PN transmitted by the transmitting end. If each received PN increases monotonically compared to previously received PNs, it is considered normal. Otherwise, a replay attack is likely to have occurred. It should be noted that the attacker cannot forge PNs, but can simply copy previously received PNs to carry out a replay attack. Forged PNs will cause a mismatch in the MIC.
[0150] In the technical solution, a first user information field within the control frame carries control frame protection information, preventing the control frame from being attacked. According to this control frame protection mechanism, a receiver device supporting control frame protection may determine, based on the association identifier within the first user information field, that the first user information field carries control frame protection information, while a receiver device not supporting control frame protection considers the first user information field to be a user information field that is not transmitted to the receiver device but is transmitted to other devices. Therefore, reception of control frames by devices not supporting control frame protection remains unaffected.
[0151] Other control frame protection mechanisms are provided below with reference to Figure 9. These protection mechanisms can also effectively prevent attacks on control frames.
[0152] Figure 9 shows another physical layer protocol data unit transmission and reception method according to an embodiment of this application. The method includes the following steps. For example, in the method, the first device is an AP and the second device is an STA.
[0153] S910: The first device generates a PPDU, which includes a control wrapper frame, the control wrapper frame includes first information and a control frame, the first information includes information for protecting the control frame.
[0154] The first information provided in this embodiment of this application is not particularly limited. Any information that can be used to protect the control frame falls within the scope of protection of the first information provided in this embodiment of this application.
[0155] For example, the first information may include at least one of a key identifier, a PN, and an MIC. In this embodiment of the application, a field carrying a key identifier may be called a key identifier field, a field carrying a PN may be called a PN field, and a field carrying an MIC may be called an MIC field.
[0156] Since the initial control frame does not carry the high-throughput control field, a control wrapper frame is introduced to help the control frame perform some functions by utilizing the high-throughput control field. Figure 10 shows the frame structure of a control wrapper frame in an existing standard. The control wrapper frame includes the high-throughput control field and the carry frame field. The following provides a specific implementation for carrying the initial information and control frame within the control wrapper frame.
[0157] In possible implementations, a high-throughput control field within the control wrapper frame may be used to help the control frame further carry the first information. In other words, the first information may be carried in the high-throughput control field. For example, the first information may be carried in a control subfield within an aggregated control information (A-control) field within the high-throughput control field. As shown in Figure 10, the aggregated control information field contains N control subfields, where N is a positive integer. The first information may be carried in the control information field within control subfield #1. Control subfield #1 contains a control identifier field and a control information field. Specifically, the value of the control identifier field may be set to one of 10 to 14, indicating that the control information field within the control subfield carries the first information. Furthermore, the carry frame field carries the control frame.
[0158] In other possible implementations, new fields may be introduced based on the existing control wrapper frame, and these new fields carry the first information. For example, as shown in Figure 11, new fields are introduced based on the existing control wrapper frame. The new field is a newly added control frame protection information field in the drawing. The new field carries the first information. Furthermore, the transport frame field transports the control frame.
[0159] It can be understood that the control wrapper frame in Figure 11 may be considered a new control wrapper frame. There are many ways to design the format of a new type of control wrapper frame. One way is to define new frame types and subtypes. However, many existing frame types and subtypes, especially those for control frames, do not exist. Therefore, this application provides a method for designing a new control wrapper frame by using an existing trigger frame. As shown in Figure 12, the trigger type field in the common information field of the trigger frame carries a first value, which indicates that the control wrapper frame includes a control frame protection information field and a carry frame field, and the first value is one of 8 to 15, and the control frame is carried in the carry frame field. It can be seen that the value of the trigger type field in the common information field of the trigger frame may be specified as the first value in order to redefine the frame format within the trigger frame. The advantage of this method is that unused frame types and subtypes are saved.
[0160] S920: The first device sends a PPDU to the second device. In response, the second device receives the PPDU from the first device.
[0161] S930: The second device parses the PPDU.
[0162] After receiving the PPDU, the second device determines whether the control frame is under attack based on the first information carried in the PPDU's control wrapper frame. If the control frame is under attack, the second device ignores it. Otherwise, the second device proceeds with the subsequent processing steps based on the received control frame. For the specific decision process, see the explanation in S330. Further details are not provided herein.
[0163] In the technical solution, existing or newly defined control wrapper frames are used to carry control frame protection information to prevent the control frame from being attacked. This control frame protection mechanism is applicable to any control frame. Since the protection mechanism does not require modification or redefinition of the control frame, it is particularly applicable to control frames with a fixed frame structure, such as block acknowledge request (BAR) frames or beamforming report poll (BFRP) frames.
[0164] The following provides further control frame protection mechanisms with reference to Figure 13. These protection mechanisms can also effectively prevent attacks on the control frame.
[0165] Figure 13 illustrates yet another physical layer protocol data unit transmission and reception method according to an embodiment of this application. The method includes the following steps: For example, in the method, the first device is an AP and the second device is an STA.
[0166] S1310: The first device generates a PPDU.
[0167] A PPDU includes an aggregated medium access control protocol data unit (A-MPDU), which includes a first medium access control protocol data unit (MPDU) and a second MPDU. The first MPDU carries the control frame, and the second MPDU carries the first information, which includes information for protecting the control frame.
[0168] The first information provided in this embodiment of this application is not particularly limited. Any information that can be used to protect the control frame falls within the scope of protection of the first information provided in this embodiment of this application.
[0169] It should be understood that A-MPDU may further include more MPDUs in addition to the first MPDU and the second MPDU. This is not limited to this application.
[0170] For example, the first information may include at least one of a key identifier, a PN, and an MIC. In this embodiment of the application, a field carrying a key identifier may be called a key identifier field, a field carrying a PN may be called a PN field, and a field carrying an MIC may be called an MIC field.
[0171] For example, the PPDU in this embodiment is one of HT PPDU, VHT PPDU, HE PPDU, EHT PPDU, and UHR PPDU.
[0172] For example, the second MPDU may transport the first information by using a single management frame, for example, using an action frame or an action frame without delivery confirmation, by transporting the first information in an information element manner. Specific implementations are not limited in this application.
[0173] Figure 14 shows a case in which an A-MPDU can carry first information according to this application. The data field of the PPDU includes an A-MPDU, and the A-MPDU includes n A-MPDU subframe fields, each A-MPDU subframe field including an MPDU delimiter field, an MPDU field, and a padding field. The MPDU field in the first A-MPDU subframe field carries first information, which includes a key identifier, PN, and MIC, and the MPDU field in the second A-MPDU subframe field carries an acknowledgment (ACK) frame (an example of a control frame).
[0174] S1320: The first device sends a PPDU to the second device. Correspondingly, the second device receives a PPDU from the first device.
[0175] S1330: The second device parses the PPDU.
[0176] After receiving the PPDU, the second device determines whether the control frame carried in the first MPDU is under attack, based on the first information carried in the second MPDU of the PPDU's A-MPDU. If the control frame is under attack, the second device ignores it. Otherwise, the second device proceeds with the subsequent processing steps based on the received control frame. For the specific decision process, see the explanation in S330. Further details are not provided herein.
[0177] In the technical solution, an A-MPDU is used, which aggregates multiple MPDUs. One MPDU (frame) in the A-MPDU carries the control frame, while other MPDUs in the A-MPDU carry the first information. In other words, the control frame is protected across frames by using the A-MPDU. This control frame protection mechanism is applicable to any control frame. This protection mechanism is particularly applicable to control frames whose frame format cannot be changed, as it does not require modification or redefinition of the control frame.
[0178] It should be understood that the sequence numbers of the processes described above do not indicate the order of execution. The order of execution of the processes should be determined based on the function and internal logic of the processes and should not be construed as any limitation to the implementation processes of the embodiments of this application.
[0179] In the embodiments of this application, unless otherwise stated or unless there is a logical inconsistency, the terminology and / or descriptions in different embodiments are consistent and may be referenced to one another, and the technical features in different embodiments may be combined on the basis of their internal logical relationships to form new embodiments.
[0180] It should be further understood that in some of the embodiments described above, devices in existing network architectures are used primarily as illustrative examples. It should be understood that the specific form of the device is not limited to the embodiments of this application. For example, all devices that can perform the same function in the future are applicable to the embodiments of this application.
[0181] In embodiments of the above method, it may be understood that the methods and operations performed by the devices (e.g., the first and second devices) may, alternatively, be performed by components of the devices (e.g., chips or circuits).
[0182] The methods provided in embodiments of this application are described in detail above with reference to Figures 1 to 14. The methods are described primarily in terms of the interaction between a first device and a second device. To realize the above functions, it may be understood that the first device and the second device include corresponding hardware structures and / or software modules for performing the functions.
[0183] Those skilled in the art will be able to recognize, in combination with the examples described in the embodiments disclosed in this specification, that the units and algorithmic steps can be implemented in this application by hardware or by a combination of hardware and computer software. Whether the functions are performed by hardware or by hardware driven by computer software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but the implementation should not be considered to exceed the scope of this application.
[0184] The communication device provided in embodiments of this application will be described in detail below with reference to Figures 15 and 16. It should be understood that the description of the device embodiments corresponds to the description of the method embodiments. Therefore, for matters not described in detail, refer to the method embodiments described above. For brevity, some details of the content will not be described again in this specification. In embodiments of this application, the first or second device may be divided into functional modules based on the example of the method described above. For example, the functional modules may be obtained through division based on corresponding functions, or two or more functions may be integrated into a single processing module. The integrated module may be implemented in hardware form, or in the form of a software functional module. It should be noted that in embodiments of this application, the module division is an example and is merely a logical functional division. Other division methods may be used in actual implementations. An example in which each functional module is obtained through division based on its respective corresponding function is used below for illustrative purposes.
[0185] The above describes in detail the communication method provided in this application. A communication device provided in this application is described below. In a possible implementation, the device is configured to implement a step or procedure corresponding to the first device in the embodiment of the above method. In another possible implementation, the device is configured to implement a step or procedure corresponding to the second device in the embodiment of the above method.
[0186] Figure 15 is a block diagram of a communication device 200 according to an embodiment of this application. As shown in Figure 15, the device 200 may include a communication unit 210 and a processing unit 220. The communication unit 210 may communicate with an external device, and the processing unit 220 is configured to process data. The communication unit 210 may also be called a communication interface or transceiver unit.
[0187] In a possible design, the apparatus 200 may implement steps or procedures performed by the first device in an embodiment of the method described above. The processing unit 220 is configured to perform processing-related operations of the first device in an embodiment of the method described above, and the communication unit 210 is configured to perform transmission-related operations of the first device in an embodiment of the method described above.
[0188] In other possible designs, the device 200 may implement steps or procedures performed by the second device in the embodiments of the method described above. The communication unit 210 is configured to perform the receive-related operations of the second device in the embodiments of the method described above, and the processing unit 220 is configured to perform the processing-related operations of the second device in the embodiments of the method described above.
[0189] It should be understood that the apparatus 200 described herein is embodied in the form of a functional unit. The term “unit” as used herein may refer to an application-specific integrated circuit (ASIC), an electronic circuit, a processor (e.g., a shared processor, a dedicated processor, or a group processor) configured to run one or more software or firmware programs, memory, merged logic circuits, and / or other suitable components that support the functions described. In an optional example, those skilled in the art will understand that the apparatus 200 may specifically be the first device in the above embodiments and configured to perform the procedures and / or steps corresponding to the first device in the above embodiments of the method, or that the apparatus 200 may specifically be the second device in the above embodiments and configured to perform the procedures and / or steps corresponding to the second device in the above embodiments of the method. To avoid repetition, further details are not described herein again.
[0190] The device 200 in the above solution has the function of realizing the corresponding step performed by the first device in the above method, or the device 200 in the above solution has the function of realizing the corresponding step performed by the second device in the above method. The function may be realized by hardware, or by hardware running the corresponding software. The hardware or software includes one or more modules corresponding to the above function. For example, the communication unit may be replaced by a transceiver (for example, the transmitting unit of the communication unit may be replaced by a transmitter, and the receiving unit of the communication unit may be replaced by a receiver), and other units such as a processing unit may be replaced by a processor to separately perform the transmit / receive operation and processing-related operation in the embodiment of the method.
[0191] Furthermore, alternatively, the communication unit may be a transceiver circuit (for example, including a receiving circuit and a transmitting circuit), and the processing unit may be a processing circuit. In this embodiment of this application, the apparatus in Figure 15 may be the first or second device in the above embodiment, or it may be a chip or chip system, such as a system on a chip (SoC). The communication unit may be an input / output circuit or a communication interface. The processing unit is a processor, microprocessor, or integrated circuit on a chip. This is not limited herein.
[0192] Figure 16 is a block diagram of a communication device 300 according to an embodiment of this application. The device 300 includes a processor 310 and a transceiver 320. The processor 310 and the transceiver 320 communicate with each other through an internal connection path, and the processor 310 is configured to execute instructions and control the transceiver 320 to transmit and / or receive signals.
[0193] Optionally, the device 300 may further include a memory 330. The memory 330 communicates with the processor 310 and the transceiver 320 through an internal connection path. The memory 330 is configured to store instructions, and the processor 310 may execute instructions stored in the memory 330. In a possible implementation, the device 300 is configured to implement the procedures and steps corresponding to the first device in the embodiment of the method described above. In another possible implementation, the device 300 is configured to implement the procedures and steps corresponding to the second device in the embodiment of the method described above.
[0194] It should be understood that the device 300 may specifically be the first or second device in the above embodiments, or a chip or a chip system. Correspondingly, the transceiver 320 may be a chip transceiver circuit. This is not limited herein. Specifically, the device 300 may be configured to perform steps and / or procedures corresponding to the first or second device in the above embodiments of the method. Optionally, the memory 330 may include read-only memory and random access memory and provide instructions and data to the processor. Part of the memory may further include non-volatile random access memory. For example, the memory may further store device type information. The processor 310 may be configured to execute instructions stored in memory, and when the processor 310 executes instructions stored in memory, the processor 310 is configured to perform steps and / or procedures corresponding to the first or second device in the embodiments of the method.
[0195] In the implementation process, the steps in the above method can be implemented by using hardware integrated logic circuits within the processor or by using instructions in software form. The steps in the methods disclosed with reference to embodiments of this application may be performed and completed directly by a hardware processor or by using a combination of hardware and software modules within the processor. The software modules may reside in mature storage media in the art, such as random access memory, flash memory, read-only memory, programmable read-only memory, electrically erasable programmable memory, or registers. The storage medium resides in memory, and the processor reads information from memory and, in combination with the processor's hardware, completes the steps in the above method. To avoid repetition, further details are not described herein.
[0196] It should be noted that the processor in the embodiments of this application may be an integrated circuit chip and has signal processing capabilities. In the implementation process, the steps in the embodiments of the method described above may be implemented by using hardware integrated logic circuits within the processor or by using instructions in the form of software. The processor may be a general-purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field-programmable gate array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component. The processor in the embodiments of this application may implement or execute the methods, steps and logic block diagrams disclosed in embodiments of this application. The general-purpose processor may be a microprocessor, or the processor may be any conventional processor, etc. The steps in the methods disclosed with reference to embodiments of this application may be executed and completed directly by a hardware decoding processor, or by using a combination of hardware and software modules within the decoding processor. The software modules may reside in mature storage media in the art, such as random access memory, flash memory, read-only memory, programmable read-only memory, electrically erasable programmable memory, or registers. The storage medium is located in memory, and the processor reads the information in memory and, in combination with the processor's hardware, completes the steps in the method described above.
[0197] It can be understood that the memory in this embodiment of this application may be volatile memory or non-volatile memory, or may include both volatile and non-volatile memory. Non-volatile memory may be read-only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), or flash memory. Volatile memory may be random access memory (RAM) used as an external cache. Many forms of RAM may be used, not as an example but as an example, such as static random access memory (static RAM, SRAM), dynamic random access memory (dynamic RAM, DRAM), synchronous dynamic random access memory (synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (double data rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (enhanced SDRAM, ESDRAM), synchronous link dynamic random access memory (synchlink DRAM, SLDRAM), and direct rambus dynamic random access memory (direct rambus RAM, DR RAM). It should be noted that the memory of the systems and methods described herein includes, but is not limited to, these memories and any other suitable types of memory.
[0198] It should be noted that when the processor is a general-purpose processor, DSP, ASIC, FPGA, or other programmable logic device, discrete gate or transistor logic device, or discrete hardware component, memory (storage module) may be integrated into the processor. It should be further noted that the memories described herein are intended to include, but are not limited to, these memories and any other suitable types of memory.
[0199] Furthermore, this application further provides a computer-readable storage medium which stores computer instructions and, when the computer instructions are executed on a computer, performs operations and / or procedures that are performed by the first or second device in the method embodiments of this application.
[0200] This application further provides a computer program product, which includes computer program code or instructions, and when the computer program code or instructions are executed on a computer, operations and / or procedures are performed by a first device or a second device in embodiments of the method of this application.
[0201] Furthermore, this application further provides a communication system, which includes the first device or the second device in the embodiments of this application.
[0202] Furthermore, it should be noted that the memories described herein are intended to include, but are not limited to, these memories and any other suitable types of memories.
[0203] Those skilled in the art will recognize, in combination with the examples described in the embodiments disclosed herein, that units and algorithmic steps may be implemented by electronic hardware or a combination of computer software and electronic hardware. Whether a function is performed by hardware or by software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementations should not be considered to exceed the scope of this application. For the purpose of convenient and concise explanation, it will be clearly understood by those skilled in the art that for detailed operating processes of the above systems, apparatus and units, refer to the corresponding processes in embodiments of the above methods. Details are again not described herein. In some embodiments provided in this application, it should be understood that the disclosed systems, apparatus and methods may be implemented in other ways. For example, the embodiments of the described apparatus are merely examples. For example, the division into units is merely a logical functional division. Other division methods may exist in actual implementations. For example, multiple units or components may be combined, or integrated into other systems, or some features may be ignored or not performed. Furthermore, the mutual coupling, direct coupling, or communication connection described or discussed may be realized by using several interfaces. Indirect coupling or communication connection between devices or units may be realized electronically, mechanically, or in other forms. Units described as separate parts may or may not be physically separate, and parts described as units may or may not be physical units, may be located in one place, or may be distributed across multiple network units. Some or all of the units may be selected on a practical basis to achieve the objectives of the solution of the embodiment. Furthermore, the functional units in the embodiments of this application may be integrated into a single processing unit, or each unit may exist physically independently, or two or more units may be integrated into a single unit.
[0204] When a function is implemented in the form of a software function unit and sold or used as an independent product, the function may be stored on a computer-readable storage medium. Based on such understanding, the technical solution of this application, or a portion of the technical solution that contributes to the prior art, may be implemented in the form of a software product. A computer software product is stored on a storage medium and includes several instructions for instructing a computer device (which may be a personal computer, server, network device, etc.) to perform all or part of the steps of the method described in embodiments of this application. The storage medium includes any medium capable of storing program code, such as a USB flash drive, removable hard disk, ROM, RAM, magnetic disk, or optical disk.
[0205] The above description is merely a specific way of realizing this application and is not intended to limit the scope of protection of this application. Any modification or substitution that is readily conceivable by a person skilled in the art within the scope of the art disclosed in this application shall fall within the scope of protection of this application. Accordingly, the scope of protection of this application shall be subject to the scope of protection of the claims.
Claims
1. A method for transmitting physical layer protocol data units, A step of generating a Physical Layer Protocol Data Unit (PPDU), wherein the PPDU includes a control frame, the control frame includes N first user information fields, the association identifier in the first user information field indicates that the first user information field carries first information, the first information includes information for protecting the control frame, and N is an integer of 1 or more, and The step of transmitting the PPDU and A method that includes this.
2. The method according to claim 1, wherein the first information includes at least one of a key identifier, a packet number (PN), or a message integrity code (MIC).
3. The method according to claim 1 or 2, wherein one of the N association identifiers in the N first user information fields is a predefined value.
4. The method according to any one of claims 1 to 3, wherein a common field in the control frame carries second information, and the second information indicates that the control frame carries the first information.
5. The method according to any one of claims 1 to 4, wherein a common field in the control frame carries third information, and the third information indicates the location of at least one of the N first user information fields.
6. The method according to any one of claims 1 to 5, wherein at least one of the common fields or frame check sequences (FCS fields) within the control frame carries fourth information, and the fourth information includes information for protecting the control frame.
7. The method according to any one of claims 1 to 6, wherein the frame check sequence (FCS) field in the control frame carries a first exclusive OR result at a first position, the first exclusive OR result is the exclusive OR result of a corresponding cyclic redundancy code (CRC) at the first position of the FCS field and a fifth piece of information, the fifth piece of information includes information for protecting the control frame, and the number of bits in the bit value corresponding to the CRC at the first position of the FCS field is the same as the number of bits in the bit value corresponding to the fifth piece of information.
8. The method according to any one of claims 1 to 7, wherein the duration from the end of the last of the N first user information fields to the end of the control frame is greater than or equal to the minimum trigger frame processing time of a first type of device, and the first type of device is a device capable of interpreting the association identifier in the first user information field.
9. A method for receiving physical layer protocol data units, Steps include receiving a Physical Layer Protocol Data Unit (PPDU), wherein the PPDU includes a control frame, the control frame includes N first user information fields, the association identifier in the first user information field indicates that the first user information field carries first information, the first information includes information for protecting the control frame, and N is an integer of 1 or more, and The steps of parsing the PPDU and A method that includes this.
10. The method according to claim 9, wherein the first information includes at least one of a key identifier, a packet number (PN), or a message integrity code (MIC).
11. The control frame transports the MIC, and the method is Steps to determine the local MIC, When it is determined that the local MIC matches the MIC carried in the control frame, the step of assuming that the control frame has not been forged. The method according to claim 10, further comprising:
12. The control frame transports the PN, and the method is The method according to claim 10 or 11, further comprising the step of determining that no replay attack has occurred in the control frame when it is determined that the PN carried in the control frame is larger than a previously received PN.
13. The method according to any one of claims 9 to 12, wherein one of the N association identifiers in the N first user information fields is a predefined value.
14. The method according to any one of claims 9 to 13, wherein a common field in the control frame carries second information, and the second information indicates that the control frame carries the first information.
15. The method according to any one of claims 9 to 14, wherein a common field in the control frame carries third information, and the third information indicates the location of at least one of the N first user information fields.
16. The method according to any one of claims 9 to 15, wherein at least one of the common fields or frame check sequence (FCS) fields in the control frame carries a fourth information, and the fourth information includes information for protecting the control frame.
17. The method according to any one of claims 9 to 16, wherein the frame check sequence (FCS) field in the control frame carries a first exclusive OR result at a first position, the first exclusive OR result is the exclusive OR result of a corresponding cyclic redundancy code (CRC) at the first position of the FCS field and a fifth piece of information, the fifth piece of information includes information for protecting the control frame, and the number of bits in the bit value corresponding to the CRC at the first position of the FCS field is the same as the number of bits in the bit value corresponding to the fifth piece of information.
18. The method according to any one of claims 9 to 17, wherein the duration from the end of the last of the N first user information fields to the end of the control frame is greater than or equal to the minimum trigger frame processing time of a first type of device, and the first type of device is a device capable of interpreting the association identifier in the first user information field.
19. A communication device, A communication device comprising a module configured to perform the method described in any one of claims 1 to 8, or a module configured to perform the method described in any one of claims 9 to 18.
20. A communication device including a processor, A communication device wherein the processor is coupled to a memory and configured to execute instructions in the memory to perform the method according to any one of claims 1 to 8, or the method according to any one of claims 9 to 18.
21. A computer-readable storage medium, A computer-readable storage medium that stores computer instructions, and when the computer instructions are executed by the device, the device becomes capable of carrying out the method according to any one of claims 1 to 8, or the device becomes capable of carrying out the method according to any one of claims 9 to 18.