Authentication scheme for ad hoc and sensor wireless networks
First Claim
1. A method for authenticating packet communication in an ad hoc network between a sending node of a first cluster having a first cluster head and a receiving node of a second cluster having a second cluster head, the method comprising:
- said first and second cluster heads establishing a session encryption key and communicating said session encryption key to the sending and receiving nodes; and
said sending and receiving nodes encrypting packet communication at least in part with said session encryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
Strong authentication of packets sent between nodes of different clusters in a two-tier ad hoc network is provided by the cluster heads. Each cluster head authenticates nodes that enter the cluster. Thereafter, when a sending node requests a session from its cluster head with a receiving node in another cluster, the cluster head negotiates a session secret key (SSK) with the corresponding cluster head of the receiving node. Further, the cluster head provides authentication tags for the sending node to use with each packet. Each authentication tag is time-stamped, digitally signed by the cluster head, encrypted with the SSK, and includes indicators of message integrity, including a sequence number and TCP header field of checksum. The sending node further calculates a check result from a number of the authentication tags, encrypted with the SSK, so that the receiving node can authenticate the number of packets.
-
Citations
26 Claims
-
1. A method for authenticating packet communication in an ad hoc network between a sending node of a first cluster having a first cluster head and a receiving node of a second cluster having a second cluster head, the method comprising:
-
said first and second cluster heads establishing a session encryption key and communicating said session encryption key to the sending and receiving nodes; and
said sending and receiving nodes encrypting packet communication at least in part with said session encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 25, 26)
-
-
12. An apparatus, comprising:
-
a memory; and
a program, resident in the memory, the program configured to act as a sending node of a first cluster having a first cluster head, and a receiving node of, and configured to receive a session encryption key established by said first cluster head and a second cluster having a second cluster head, and to encrypt packet communication to a receiving node of said second cluster using said session encryption key when acting as said sending node.
-
-
24. A program product, comprising:
-
a program configured to act as a selected one of the group consisting of a sending node, a first cluster head of a first cluster, and a receiving node of a second cluster having a second cluster head, and configured to receive a session encryption key established by said first cluster head and said second cluster head, and to encrypt packet communication to said receiving node using said session encryption key when acting as said sending node; and
a signal bearing media bearing the program.
-
Specification