Abstract: Techniques are directed toward secure scrambling. An example method includes receiving, by a first communication device a physical layer protocol data unit (PPDU) frame from a second communication device. The first communication device can determine a PPDU frame type based at least in part on a preamble of the PPDU frame. The first communication device can apply a PPDU frame type-based key and a determined service field value to implement a descrambling process for a medium access control (MAC) header of the PPDU frame. The first communication device can descramble a payload based at least in part on de-obfuscating the MAC header. The first communication device selecting a scrambler seed for scrambling an acknowledgement (ACK) message. The first communication device scrambling the ACK message based on the selected scrambler seed.

Abstract: Techniques are disclosed for obfuscation in a privacy beacon. An example method includes a first communication device creating a beacon field to be included in a beacon frame. The first communication device can generate a timing synchronization field to be included in the beacon frame. The first communication device can apply an offset to the timing synchronization field of the beacon frame. The first communication device can transmit the beacon frame to a second communication device, the beacon frame comprising the offset timing synchronization field and the beacon field.

Abstract: Techniques are disclosed for obfuscation in a privacy beacon. An example method includes the first device receiving, from a second communication device, a beacon frame comprising a medium access control (MAC) header and an encrypted beacon frame field, the MAC header comprising an obfuscated timing synchronization field (TSF). The first device can select a key for de-obfuscating the TSF based at least in part on information associated with the beacon frame. The first device can de-obfuscate the TSF based at least in part on the key. The first device can decrypt the encrypted beacon frame field of the beacon frame based at least in part on information associated with the de-obfuscated TSF.

Abstract: Techniques are directed toward secure scrambling. An example method includes a first device encrypting a payload to be included in a physical layer protocol data unit (PPDU) frame. The determining a PPDU frame type based at least in part on an association with a second device. The first device can select a key based at least in part on the association with second device. The first device can encrypt a payload to be included in a physical layer protocol data unit (PPDU) frame. The first device can determine a PPDU frame type based at least in part on an association with a second communication device. The first device can obfuscate the field of the MAC header. The first device can scramble the encrypted payload using a service field value. The first device can transmit the PPDU frame to the second device.

Abstract: Techniques are provided for medium access control header obfuscation. One example method includes a first device encrypting a data payload using a first encryption algorithm. The first device can encrypt a field of a medium access control (MAC) header using a second encryption algorithm, different from the first encryption algorithm. The first device can generate a data frame comprising the encrypted MAC header field and the encrypted payload. The first device can transmit the data frame to a second communication device.

Abstract: This disclosure relates to techniques, base stations, and user equipment devices (UEs) for performing base station authentication through access stratum signaling transmissions. The UE may operate in idle mode and may receive an authentication message from a base station through the wireless interface while operating in idle mode. The UE may determine whether a signature comprised within the authentication message is valid, and the UE may continue a connection procedure with the base station based on a determination that the signature is valid. If it is determined that the signature is invalid, the UE may designate the base station as a barred base station and may perform cell re-selection. The authentication message may be one of a radio resource control (RRC) connection setup message, a special RRC message, a media access control (MAC) message, or a random access channel (RACH) message comprising a random access response (RAR) message.

Abstract: Embodiments are disclosed for station (STA) identifier opt-in. Some embodiments include a STA that can associate with an access point (AP) of a wireless network, where the STA is configured to opt-in to being identified by the AP. The STA can transmit a first message 2 (M2) of a 4-way handshake protocol during the association, where the first M2 includes a Device Identifier (ID) Key Data Encapsulation (KDE) that includes an Opt-in Control field, where a first value of the Opt-in Control field indicates the STA opts-in to being identified by the AP. The STA can receive a first message 3 (M3) of the 4-way handshake protocol including a Device ID KDE and an ID Blob, where the ID Blob corresponds to the STA. The STA can communicate with the AP, where the first value enables the AP to collect data about the STA during the communication.

Abstract: Methods, systems and apparatuses for performing an address change by an access point (AP) multi-link device (MLD) and non-AP MLD are described. A non-AP MLD may transmit to an AP MLD, using one or more respective transmission (TX) links in an active mode, one or more uplink frames that include one or more respective initial addresses corresponding to one or more respective reception (RX) links of the AP MLD. The non-AP MLD may then configure the one or more respective TX links to a lower power mode. The non-AP MLD may configure the one or more respective TX links with one or more respective new addresses prior to transitioning the one or more respective TX links back to the active mode. The non-AP MLD may transmit, to the AP MLD, one or more additional uplink frames that include the one or more respective new addresses.

Abstract: This Application describes mechanisms to transfer cellular service plans and associated credentials efficiently between wireless devices. Information regarding transferability of cellular services for SIMs/eSIMs to a wireless device are obtained from locally stored or remotely accessible cellular service information and/or associated mobile network operator (MNO) information. Access to network-based servers to determine transferability and/or to effect transfer can use non-cellular connections when available. Transferability information can be presented to a user to narrow selection of cellular service plans to transfer.

Abstract: Embodiments are disclosed for encrypting media access control (MAC) Header fields for Wireless LAN (WLAN) privacy enhancement. For example, a transceiver of a station (STA) or an access point (AP) can set a real time Media Access Control (MAC) header bit in a payload of an aggregated MAC Protocol Data Unit (A-MPDU) subframe to an actual value of a power management (PM) field of a MAC header of the A-MPDU subframe. The transceiver can encrypt the payload, set the PM field to an over the air (OTA) PM value, and transmit the A-MPDU subframe over the air. The OTA PM value can include all zeros, a predetermined value, or a randomized value The transceiver can also set static MAC header bits in the payload of the A-MPDU subframe to corresponding actual values of an aggregated MAC service data unit (A-MSDU) present field of the A-MPDU subframe.

Abstract: Systems, methods, and mechanisms for a privacy enhanced basic service set (BSS), including privacy enhancements for both access points and wireless stations as well as privacy enchantments for authentication, association, and discovery operations. Further, the systems, methods, and mechanisms disclosed may continue to support legacy wireless stations and are thus, backward compatible. A non-associated PE station may receive, from a PE access point, one or more discovery beacons advertising PE BSSs hosted by the PE access point and transmit, to the PE access point, a request to setup pre-association security protection. The non-associated PE station may, upon setup of pre-association security protection, transmit, to the PE access point, a protected request frame and receive, from the PE access point, a protected response that includes PE access point parameters.

Abstract: Systems, methods, and mechanisms for a privacy enhanced basic service set (BSS), including privacy enhancements for both access points and wireless stations as well as privacy enchantments for authentication, association, and discovery operations. Further, the systems, methods, and mechanisms disclosed may continue to support legacy wireless stations and are thus, backward compatible. A station may communicate with a legacy BSS of a wireless network to transition to a PE BSS of the wireless network. The station may receive, from the PE BSS of the wireless network, an encrypted beacon, wherein the encrypted beacon is decoded based on information received from the legacy BSS and perform, with the PE BSS of the wireless network, an encrypted handshake procedure to authenticate and associate with the PE BSS of the wireless network.

Abstract: Embodiments are disclosed for address changing schemes for a multi-link device in a wireless communications system. Some embodiments include a privacy enhanced (PE) access point (AP) multi-link device (MLD) that includes one or more affiliated APs operating on different links. The PE AP MLD can generate a first randomized OTA MLD address based at least on the MLD address of the PE AP MLD for a first affiliated PE AP (PE AP1). The PE AP MLD can transmit a first data transmission using the first OTA MLD address where the first data transmission includes an encrypted aggregated MAC service data unit (A-MSDU) subframe that includes the MLD address. The PE AP MLD can correlate the MLD address of the PE AP MPL with multiple addresses comprising: the first OTA MLD, a unique MLD address, and a Media Access Control (MAC) service access point (SAP) MLD address.

Abstract: Embodiments are disclosed for address changing schemes in a wireless communications system. Some embodiments include an access point (AP) that can establish two or more address profiles with a station (STA), establish a schedule for switching from a first address profile to a second address profile, where the first and second address profiles are of the two or more address profiles, and transmit a first data transmission using the first address profile. Some embodiments include switching from the first address profile to the second address profile based on the schedule, and transmitting a second data transmission using the second address profile. The schedule can be based on a randomized time synchronization function (TSF). The AP can establish a joint algorithm with the STA, and use the joint algorithm determine the first and the second address profiles as well as transition times for the schedule.

Abstract: Some aspects of this disclosure include apparatuses and methods for implementing address and parameter modifications for an access point (AP) and/or a station (STA). Some aspects of this disclosure relate to an electronic device. The electronic device includes a transceiver and a processor communicatively coupled to the transceiver. The processor is configured to communicate, using the transceiver, with a second electronic device that is associated with the electronic device using a first address and a first parameter of the electronic device. The processor is further configured to determine a second address and a second parameter for the electronic device, where the second address is different from the first address and the second parameter is different from the first parameter. The processor is further configured to communicate with the second electronic device using the second address and the second parameter.

Abstract: This Application describes mechanisms to transfer cellular service plans and associated credentials efficiently between wireless devices. Information regarding transferability of cellular services for SIMs/eSIMs to a wireless device are obtained from locally stored or remotely accessible cellular service information and/or associated mobile network operator (MNO) information. Access to network-based servers to determine transferability and/or to effect transfer can use non-cellular connections when available. Transferability information can be presented to a user to narrow selection of cellular service plans to transfer.

Abstract: This Application describes mechanisms to transfer cellular service plans and associated credentials efficiently between wireless devices. Information regarding transferability of cellular services for SIMs/eSIMs to a wireless device are obtained from locally stored or remotely accessible cellular service information and/or associated mobile network operator (MNO) information. Access to network-based servers to determine transferability and/or to effect transfer can use non-cellular connections when available. Transferability information can be presented to a user to narrow selection of cellular service plans to transfer.

Abstract: A device, system, and method adaptively adjusts uplink power transmission to component carriers in carrier aggregation. The method is performed at a user equipment configured with a carrier aggregation functionality including a primary component carrier (PCC) and a secondary component carrier (SCC), the UE using a first transmit power for an uplink transmission on the PCC and using a second transmit power for the uplink transmission on the SCC. The method includes determining whether a total transmit power including the first and second transmit powers for the uplink transmission exceeds a predetermined threshold. The method includes, when the total transmit power exceeds the predetermined threshold, adjusting the first transmit power based on a connectivity parameter for the PCC. The method includes adjusting the second transmit power based on the adjusting of the first transmit power.

Abstract: This disclosure relates to techniques, base stations, and user equipment devices (UEs) for performing base station authentication through access stratum signaling transmissions. The UE may operate in idle mode and may receive an authentication message from a base station through the wireless interface while operating in idle mode. The UE may determine whether a signature comprised within the authentication message is valid, and the UE may continue a connection procedure with the base station based on a determination that the signature is valid. If it is determined that the signature is invalid, the UE may designate the base station as a barred base station and may perform cell re-selection. The authentication message may be one of a radio resource control (RRC) connection setup message, a special RRC message, a media access control (MAC) message, or a random access channel (RACH) message comprising a random access response (RAR) message.

Abstract: A wireless device determines a location, identifies a mobile network operator (MNO), and/or experiences a network event. In some instances, the wireless device recognizes a base station as being operated by the MNO. Based on the location, the MNO and/or the network event, the wireless device determines a security action. The security action can include one or more of: (i) ignoring a network command associated with the network event, (ii) providing an alert notification via a user interface of the wireless device alerting a user of a security risk associated with the location, MNO, and/or network event, or (iii) ignoring communication from the base station temporarily or for an indefinite period of time. In some instances, the security action includes proceeding with normal communication with the base station at the location using network services of the MNO.