Key generation in a communication system

US 20030235305A1
Filed: 06/20/2002
Published: 12/25/2003
Est. Priority Date: 06/20/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method for key generation in a communication system, comprising:

authenticating an access to a Wireless Local Area Network (WLAN);

generating a Master Session Key (MSK) for the access; and

sending an access accept message including the MSK.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communication system generates a Master Session Key (MSK) for accesses to a system entity that does not provide encryption to traffic. Both the home server and the user generate the same MSK. The MSK is used to generate encryption keys for traffic. In one embodiment the MSK is generated using a hashing function and information specific to the requestor. The home server determines the need to generate the MSK based on information contained in an access request message. Once generated, the MSK is provided to the system entity to enable the entity to encrypt communications.

65 Citations

24 Claims

1. A method for key generation in a communication system, comprising:
- authenticating an access to a Wireless Local Area Network (WLAN);
  
  generating a Master Session Key (MSK) for the access; and
  
  sending an access accept message including the MSK.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method as in claim 1, wherein authenticating comprises:
    - receiving a user identification;
      
      determining a challenge value; and
      
      determining the shared secret, and wherein generating an MSK comprises;
      
      hashing the user identification, the challenge value and the shared secret.
  - 3. The apparatus as in claim 2, wherein the user identification is a Network Access Identifier (NAI).
  - 4. The method as in claim 1, wherein authenticating comprises:
    - receiving a user identification;
      
      determining a challenge value; and
      
      determining a random value, and wherein generating an MSK comprises;
      
      hashing the user identification, the challenge value and the random value.
  - 5. The apparatus as in claim 4, wherein the apparatus identifier is a Network Access Identifier (NAI).

6. A method for key generation in a communication system, comprising:
- requesting authentication of an access to a Wireless Local Area Network (WLAN);
  
  receiving an access accept message including a Master Session Key (MSK) for the access; and
  
  generating at least one encryption key as a function of the MSK, wherein the at least one encryption key is used to encrypt traffic for the access.

7. An apparatus for key generation in a communication system, comprising:
- means for authenticating an access to a Wireless Local Area Network (WLAN);
  
  means for generating a Master Session Key (MSK) for the access; and
  
  means for determining an encryption key from the MSK.

8. An apparatus for key generation in a communication system, comprising:
- means for requesting authentication of an access to a Wireless Local Area Network (WLAN);
  
  means for receiving an access accept message including a Master Session Key (MSK) for the access; and
  
  means for generating at least one encryption key as a function of the MSK, wherein the at least one encryption key is used to encrypt traffic for the access.

9. An apparatus, comprising:
- a processing unit;
  
  an authentication procedure unit coupled to the processing unit, adapted to request authentication of an access to a system, and adapted to compute a response to a challenge for the authentication; and
  
  a Master Session Key (MSK) generation unit coupled to the processing unit, adapted to generate an MSK, wherein the MSK is for generating at least one encryption key to encrypt traffic for the access.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The apparatus as in claim 9, wherein the MSK is generated using an apparatus identifier, a shared secret, and the challenge.
  - 11. The apparatus as in claim 10, wherein the apparatus identifier is a Network Access Identifier (NAI).
  - 12. The apparatus as in claim 9, wherein the MSK is generated using an apparatus identifier, a shared secret, and a random number.
  - 13. The apparatus as in claim 12, wherein the apparatus identifier is a Network Access Identifier (NAI).

14. A method in a communication system, comprising:
- receiving an access request message for an access to the communication system, the access request message having a first field;
  
  determining the state of the first field; and
  
  if the state is a first value, generating a Master Session Key (MSK) for the access.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
- - 15. The method as in claim 14, further comprising:
    - sending an access accept message, wherein;
      
      if the state is the first value the access accept message includes the MSK.
  - 16. The method as in claim 15, further comprising:
    - authenticating the access.
  - 17. The method as in claim 14, wherein the first field corresponds to an attribute indicating an access to an entity of the communication system that does not support encryption.
  - 18. The method as in claim 17, wherein the entity is a Wireless Local Area Network (WLAN).
  - 19. The method as in claim 14, wherein the first field corresponds to an attribute indicating origination of the access request message
  - 20. The method as in claim 14, further comprising:
    - authenticating the access by;
      
      receiving a user identification;
      
      determining a challenge value; and
      
      determining the shared secret, and wherein generating the MSK comprises;
      
      hashing the user identification, the challenge value and the shared secret.
  - 21. The method as in claim 14, further comprising:
    - authenticating the access by;
      
      receiving a user identification;
      
      determining a challenge value; and
      
      determining a random value, and wherein generating the MSK comprises;
      
      hashing the user identification, the challenge value and the random value.

22. An infrastructure element in a communication system, comprising:
- means for receiving an access request message for an access to the communication system, the access request message having a first field;
  
  means for determining the state of the first field; and
  
  means for generating a Master Session Key (MSK) for the access if the state is a first value.

23. An access request message format for a communication system, comprising:
- a type field identifying a type of attribute information for an access to the communication system; and
  
  a value field for the attribute information, the value field comprising;
  
  a second type field identifying a type of sub-attribute information for the access; and
  
  a second value field for the sub-attribute information.
- View Dependent Claims (24)
- - 24. The access request message format as in claim 23, wherein the sub-attribute information is a Master Session Key (MSK) generation instruction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Hsu, Raymond T.

Application Number

US10/177,017
Publication Number

US 20030235305A1
Time in Patent Office

Days
Field of Search
US Class Current

380/247
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 2463/061   applying further key deriva...

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/0892   by using authentication-aut...

H04L 9/0844   with user authentication or...

H04W 12/041   Key generation or derivation

H04W 12/043   using a trusted network nod...

H04W 12/062   Pre-authentication

H04W 12/069   using certificates or pre-s...

H04W 48/08   Access restriction or acces...

H04W 74/00   Wireless channel access

H04W 84/12   WLAN [Wireless Local Area N...

Key generation in a communication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

65 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Key generation in a communication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others