Light-weight key update mechanism with blacklisting based on secret sharing algorithm in wireless sensor networks

US 10,277,564 B2
Filed: 10/19/2016
Issued: 04/30/2019
Est. Priority Date: 05/04/2016
Status: Active Grant

First Claim

Patent Images

1. A device configured to manage network keys in a network having a plurality of nodes, the device comprising:

a memory; and

a processor configured to determine N nodes to blacklist, wherein N is an integer, extract, for each of the N nodes to blacklist, a respective abscissa from an Abscissa-node Address Table (AAT), blacklist the determined N nodes, select a polynomial function from a plurality of polynomial functions of degree K, wherein the plurality of polynomial functions define a plurality of secret network keys, generate K-N random abscissa values, wherein none of the K-N random abscissa values are found in the AAT, calculate K-N polynomial function values for the K-N random abscissa values, calculate N polynomial function values for N node abscissa values respectively associated with the N blacklisted nodes, and transmit a message to nodes in the network including an indication of the selected polynomial function, the K-N random abscissa values, the N node abscissa values respectively associated with the N blacklisted nodes, the K-N calculated polynomial function values, and the N calculated polynomial function values.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments include a network manager for managing network keys in a network having a plurality of nodes, the device including: a memory; and a processor configured to: determine N nodes to blacklist, wherein N is an integer; select a polynomial function from a plurality of polynomial functions of degree K and wherein the polynomial functions define plurality of secret network keys; generate K-N random abscissa values, wherein none of the random abscissa values are not found in a list of node abscissa values; calculate K-N polynomial function values for the K-N random abscissa values; calculate N polynomial function values for N node abscissa values associated with the N blacklisted nodes; transmit a message to nodes in the network including an indication of the selected polynomial function, the K-N random abscissa values, the N node abscissa values associated with the N blacklisted nodes, the K-N calculated polynomial function values, and the N calculated polynomial function values.

17 Citations

16 Claims

1. A device configured to manage network keys in a network having a plurality of nodes, the device comprising:
- a memory; and
  
  a processor configured to determine N nodes to blacklist, wherein N is an integer, extract, for each of the N nodes to blacklist, a respective abscissa from an Abscissa-node Address Table (AAT), blacklist the determined N nodes, select a polynomial function from a plurality of polynomial functions of degree K, wherein the plurality of polynomial functions define a plurality of secret network keys, generate K-N random abscissa values, wherein none of the K-N random abscissa values are found in the AAT, calculate K-N polynomial function values for the K-N random abscissa values, calculate N polynomial function values for N node abscissa values respectively associated with the N blacklisted nodes, and transmit a message to nodes in the network including an indication of the selected polynomial function, the K-N random abscissa values, the N node abscissa values respectively associated with the N blacklisted nodes, the K-N calculated polynomial function values, and the N calculated polynomial function values.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The device of claim 1, wherein the processor is further configured to provision a new node including:
    - selecting a new node abscissa value, wherein a new node abscissa value is not found in the AAT;
      
      calculating a plurality of new polynomial function values by evaluating the plurality of polynomial functions at the new abscissa value; and
      
      sending the new abscissa value and the plurality of new polynomial functions values to the new node.
  - 3. The device of claim 1, wherein the processor is further configured to sign and authenticate the transmitted message.
  - 4. The device of claim 1, wherein the plurality of polynomial functions are part of a secret sharing method.
  - 5. The device of claim 4, wherein the secret sharing method is Shamir'"'"'s secret sharing method.
  - 6. The device of claim 1, wherein zero degree coefficients of the plurality of polynomial functions respectively correspond to the plurality of secret network keys.
  - 7. The device of claim 1, wherein N equals 0 indicates that no nodes are blacklisted.
  - 8. The device of claim 1, wherein the processor is further configured to:
    - receive a message including an indication of a selected polynomial function from a plurality of polynomial functions, K abscissa values, and K selected polynomial function values, wherein the selected polynomial function has a degree of K and wherein the selected polynomial function defines a current secret network key, determine coefficients of the selected polynomial function based upon the K abscissa values, the K selected polynomial function values, and a node abscissa value; and
      
      determine the current secret network key based upon the determined coefficients.
  - 9. The device of claim 8, wherein zero degree coefficients of the plurality of polynomial functions respectively correspond to the plurality of secret network keys.
  - 10. The device of claim 8, wherein the processor is further configured to determine whether the received message is authentic.
  - 11. The device of claim 8, wherein the processor is further configured to drop the received message when the selected polynomial function has been previously used.
  - 12. The device of claim 8, wherein the processor is further configured to store an indication that the selected polynomial function has been previously used.
  - 13. The device of claim 8, wherein the processor is further configured to drop the received message when the coefficients of the selected polynomial function cannot be determined.
  - 14. The device of claim 8, wherein the plurality of polynomial functions are part of a secret sharing method.
  - 15. The device of claim 14, wherein the secret sharing method is Shamir'"'"'s secret sharing method.
  - 16. The device of claim 8, wherein determining the current secret network key based upon the determined coefficients includes evaluating the selected polynomial function for an input of 0.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP USA, Inc. (NXP Semiconductors NV)
Original Assignee
NXP USA, Inc. (NXP Semiconductors NV)
Inventors
Frincu, Andrei Catalin, Alexandru, Georgel Bogdan
Primary Examiner(s)
Abyaneh, Ali S

Application Number

US15/297,356
Publication Number

US 20170324715A1
Time in Patent Office

923 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

H04L 67/10   in which an application is ...

H04L 67/12   specially adapted for propr...

H04L 9/0838   Key agreement, i.e. key est...

H04L 9/085   Secret sharing or secret sp...

H04L 9/3093   involving Lattices or polyn...

H04W 12/04   Key management, e.g. using ...

Light-weight key update mechanism with blacklisting based on secret sharing algorithm in wireless sensor networks

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

17 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Light-weight key update mechanism with blacklisting based on secret sharing algorithm in wireless sensor networks

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links