Mobile-ad-hoc network including node authentication features and related methods
First Claim
1. A mobile ad-hoc network comprising:
- a first node for generating an authentication request, said first node having a first public key and a first private key associated therewith; and
a second node having a second public key and a second private key associated therewith;
said first node receiving a certificate of authenticity responsive to the authentication request, the certificate of authenticity being generated by a certifying authority and comprising the second public key, the certifying authority having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key;
said first node decrypting the certificate of authenticity using the public authentication key and verifying that the second public key belongs to said second node based upon the decrypted certificate of authenticity;
said first node sending challenge data to said second node upon verification that the second public key belongs to said second node;
said second node encrypting the challenge data using the second private key and returning the encrypted challenge data back to said first node;
said first node decrypting the encrypted challenge data using the verified second public key and authenticating said second node if the decryption of the encrypted challenge data yields the original challenge data.
7 Assignments
0 Petitions
Accused Products
Abstract
A mobile ad-hoc network may include a first node having a first public key and a first private key associated therewith for generating an authentication request. The network may also include a second node having a second public key and a second private key associated therewith for receiving the authentication request and returning a certificate of authenticity including the second public key to the first node. Upon verifying that the second public key belongs to the second node, the first node may send challenge data to the second node, and the second node may encrypt the challenge data using the second private key and return the encrypted challenge data back to the first node. The first node may thus decrypt the encrypted challenge data using the verified second public key and authenticate the second node if the decryption of the encrypted challenge data yields the original challenge data.
77 Citations
42 Claims
-
1. A mobile ad-hoc network comprising:
-
a first node for generating an authentication request, said first node having a first public key and a first private key associated therewith; and
a second node having a second public key and a second private key associated therewith;
said first node receiving a certificate of authenticity responsive to the authentication request, the certificate of authenticity being generated by a certifying authority and comprising the second public key, the certifying authority having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key;
said first node decrypting the certificate of authenticity using the public authentication key and verifying that the second public key belongs to said second node based upon the decrypted certificate of authenticity;
said first node sending challenge data to said second node upon verification that the second public key belongs to said second node;
said second node encrypting the challenge data using the second private key and returning the encrypted challenge data back to said first node;
said first node decrypting the encrypted challenge data using the verified second public key and authenticating said second node if the decryption of the encrypted challenge data yields the original challenge data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A mobile ad-hoc network comprising:
-
a first node for generating an authentication request, said first node having a first public key and a first private key associated therewith; and
a second node having a second public key and a second private key associated therewith, said second node for receiving the authentication request and returning a certificate of authenticity to said first node generated by a certifying authority and comprising the second public key, the certifying authority having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key;
said first node decrypting the certificate of authenticity using the public authentication key and verifying that the second public key belongs to said second node based upon the decrypted certificate of authenticity;
said first node sending challenge data to said second node upon verification that the second public key belongs to said second node;
said second node encrypting the challenge data using the second private key and returning the encrypted challenge data back to said first node;
said first node decrypting the encrypted challenge data using the verified second public key and authenticating said second node if the decryption of the encrypted challenge data yields the original challenge data;
said first node sending a session key encrypted with the second public key to said second node upon authenticating said second node;
said first and second nodes also transferring message data therebetween using the session key. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A mobile ad-hoc network node having a first public key and a first private key associated therewith and comprising:
-
a wireless communications device; and
a controller cooperating with said wireless communication device for establishing a wireless communications link to an unauthenticated node having a second public key and a second private key associated therewith, said controller also for generating and sending an authentication request to the unauthenticated node via the wireless communications link, receiving a certificate of authenticity from the unauthenticated node via the wireless communications link, the certificate of authenticity being generated by a certifying authority and comprising the second public key, the certifying authority having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key, decrypting the certificate of authenticity using the public authentication key and verifying that the second public key belongs to the unauthenticated node based upon the decrypted certificate of authenticity, sending challenge data to the unauthenticated node via the wireless communications link upon verification that the second public key belongs to the unauthenticated node, receiving encrypted challenge data from the unauthenticated node via the wireless communications link and decrypting the encrypted challenge data using the verified second public key, and authenticating the unauthenticated node if the decryption of the encrypted challenge data yields the original challenge data. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A mobile ad-hoc network node having a public key and a private key associated therewith and comprising:
-
a wireless communications device; and
a controller for cooperating with said wireless communications device for receiving an authentication request from an authenticating node, returning a certificate of authenticity to the authenticating node based upon the authentication request, the certificate of authenticity being generated by a certifying authority and comprising the public key, receiving challenge data from the authenticating node and encrypting the challenge data using the private key, and returning the encrypted challenge data back to the authenticating node. - View Dependent Claims (28, 29, 30)
-
-
31. A node authentication method for a mobile ad-hoc network comprising a plurality of nodes, the method comprising:
-
generating an authentication request at a first node having a first public key and a first private key associated therewith to authenticate a second node having a second public key and a second private key associated therewith;
receiving a certificate of authenticity responsive to the authentication request at the first node, the certificate of authenticity being generated by a certifying authority and comprising the second public key, the certifying authority having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key;
decrypting the certificate of authenticity at the first node using the public authentication key and verifying that the second public key belongs to the second node based upon the decrypted certificate of authenticity;
sending challenge data from the first node to the second node upon verification that the second public key belongs to the second node;
encrypting the challenge data at the second node using the second private key and returning the encrypted challenge data back to the first node; and
decrypting the encrypted challenge data at the first node using the verified second public key and authenticating the second node if the decryption of the encrypted challenge data yields the original challenge data. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
Specification