Establishing secure peer networking in trust webs on open networks using shared secret device key
First Claim
1. A process of configuring a networked computing device for operation via a peer networking connectivity protocol in a trust web of peer devices on an open networking medium, the process comprising:
- configuring the networked computing device to accept communications in a peer networking connectivity protocol when encrypted with a device-specific symmetric encryption key unique to the networked computing device, the peer networking connectivity protocol having a re-keying command operative to configure the networked computing device with a new symmetric encryption key so as to accept communication in the peer networking connectivity protocol when encrypted with the new symmetric encryption key;
on deployment of the networked computing device on the open networking medium of an end user'"'"'s network, entering the device-specific symmetric encryption key into a user control point device running a management utility;
causing the user control point device to transmit the re-keying command of the peer networking connectivity protocol encrypted with the device-symmetric encryption key to the networked computing device, the transmitted re-keying command specifying a group symmetric encryption key of the trust web of peer devices as the new symmetric encryption key, whereby the networked computing device is configured to interoperate with the peer devices in the trust web on the end user'"'"'s network via the peer networking connectivity protocol encrypted with the group symmetric encryption key.
2 Assignments
0 Petitions
Accused Products
Abstract
A trust web keying process provides secure peer networking of computing devices on an open network. A device is initially keyed at distribution to an end user or installer with a device-specific cryptographic key, and programmed to respond only to peer networking communication secured using the device'"'"'s key. The device-specific key is manually entered into a keying device that transmits a re-keying command secured with the device-specific key to the device for re-keying the device with a group cryptographic key. The device then securely peer networks with other devices also keyed with the group cryptographic key, forming a trust web. Guest devices can be securely peer networked with the trust web devices via a trust web gateway.
-
Citations
13 Claims
-
1. A process of configuring a networked computing device for operation via a peer networking connectivity protocol in a trust web of peer devices on an open networking medium, the process comprising:
-
configuring the networked computing device to accept communications in a peer networking connectivity protocol when encrypted with a device-specific symmetric encryption key unique to the networked computing device, the peer networking connectivity protocol having a re-keying command operative to configure the networked computing device with a new symmetric encryption key so as to accept communication in the peer networking connectivity protocol when encrypted with the new symmetric encryption key;
on deployment of the networked computing device on the open networking medium of an end user'"'"'s network, entering the device-specific symmetric encryption key into a user control point device running a management utility;
causing the user control point device to transmit the re-keying command of the peer networking connectivity protocol encrypted with the device-symmetric encryption key to the networked computing device, the transmitted re-keying command specifying a group symmetric encryption key of the trust web of peer devices as the new symmetric encryption key, whereby the networked computing device is configured to interoperate with the peer devices in the trust web on the end user'"'"'s network via the peer networking connectivity protocol encrypted with the group symmetric encryption key. - View Dependent Claims (2, 3, 4, 5)
-
-
6. In a trust web of peer networked computing devices each keyed with a first group symmetric key so as to encrypt their communications in a peer networking connectivity protocol using the group symmetric key and restrict their response to any such communications received from other devices to such communications encrypted using the group symmetric key, a method of mass re-keying the peer networked computing devices to use a second group symmetric key, the method comprising:
-
transmitting a first re-key command specifying the second group symmetric key and encrypted using the first group symmetric key to at least one of the peer networked computing devices, thereby causing said at least one peer networked computing devices to be re-keyed with the second group symmetric key; and
thereafter, in response to a communication in the peer networking connectivity protocol encrypted using the first group symmetric key from another of the peer networked computing devices to said at least one peer networked computing devices, transmitting a further re-key command specifying the second group symmetric key and encrypted using the first group symmetric key from any of said at least one peer networked computing devices to said other peer networked computing device, thereby causing said other peer networked computing device to be re-keyed with the second group symmetric key.
-
-
7. A networked computing device for configuring to operate in a trust web of peer devices on an open networking medium, the peer devices communicating via an encrypted peer networking connectivity protocol using a group symmetric encryption key, the networked computing device comprising:
-
a peer networking connectivity protocol layer operating to transmit and receive communications per the peer networking connectivity protocol with peer devices;
an encryption layer operating to encrypt and decrypt the communications with peer devices;
a symmetric key configuration of the encryption layer initially configured with an initial symmetric key specific to the networked computing device; and
a re-keying command interface operative in response to a re-keying command encrypted with the symmetric key configured in the symmetric key configuration to configure the symmetric key configuration with a new symmetric key;
whereby the peer networking device is configurable upon deployment on the open networking medium to operate in the trust web of peer devices by transmitting the re-keying command specifying the group symmetric encryption key as the new symmetric key to the networked computing device. - View Dependent Claims (8, 9)
-
-
10. A group keying device for configuring peer networked computing devices to operate in a trust web on an open networking medium, the peer networked computing devices having a symmetric encryption key configuration providing a symmetric encryption key for communicating via a secure peer networking connectivity protocol, the symmetric encryption key configuration initially configured with a device-specific symmetric encryption key, the group keying device comprising:
-
means for acquiring a group symmetric encryption key for the trust web;
means for entering a device-specific symmetric encryption key for a peer networked computing device; and
means for transmitting a re-keying command to the peer networked computing device encrypted using the device-specific symmetric encryption key, the re-keying command configuring the symmetric encryption key configuration of the peer networked computing device with the group symmetric encryption key. - View Dependent Claims (11)
-
-
12. A trust web gateway device for securely peer networking a guest device keyed for secure peer networking using a device cryptographic key together with a group of trust web member devices keyed for secure peer networking using a trust web cryptographic key, the trust web gateway device comprising:
-
cryptographic key storage storing the trust web cryptographic key and the device cryptographic key;
a secure peer networking layer operating to send and receive communication in a peer networking protocol secured using the device cryptographic key and the trust web cryptographic key; and
a secure peer networking translator operating in response to receiving a first communication secured using the device cryptographic key to re-transmit the first communication secured using the trust web cryptographic key, and operating in response to receiving a second communication secured using the trust web cryptographic key to re-transmit the second communication secured using the device cryptographic key.
-
-
13. A method for securely peer networking a guest device keyed for secure peer networking using a device cryptographic key together with a group of trust web member devices each keyed for secure peer networking using a trust web cryptographic key, the method comprising:
-
providing the device cryptographic key and the trust web cryptographic key to a trust web gateway device;
upon receipt by the trust web gateway device of a communication in a peer networking protocol secured using the device cryptographic key, re-transmitting the communication secured using the trust web cryptographic key; and
upon receipt by the trust web gateway device of a communication in a peer networking protocol secured using the trust web cryptographic key, re-transmitting the communication secured using the device cryptographic key.
-
Specification