Authentication method for fast handover in a wireless local area network
First Claim
1. A method for authenticating a mobile node in a wireless local area network including at least two access points for setting up wireless association between the mobile node and an authentication server for authenticating the mobile node, the method comprising the steps of:
- (a) when the mobile node associates with a first access point and performs initial authentication, receiving, by the mobile node, a first session key for secure communication from the authentication server by using a first private key generated with a secret previously shared with the authentication server, and receiving, by the first access point, the first session key from the authentication server by using a second private key previously shared with the authentication server; and
(b) when the mobile node is handed over from the first access point to a second access point and performs re-authentication, receiving, by the mobile node, a second session key for secure communication from the authentication server by using a third private key generated with authentication information generated during previous authentication and shared with the authentication server, and receiving, by the second access point, the second session key from the authentication server by using the second private key previously shared with the authentication server.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed is a method for authenticating a mobile node in a wireless local area network including at least two access points and an authentication server. When the mobile node associates with a first access point and performs initial authentication, the mobile node receives a first session key for secure communication from the authentication server by using a first private key generated with a secret previously shared with the authentication server, and the first access point receives the first session key from the authentication server by using a second private key previously shared with the authentication server. When the mobile node is handed over from the first access point to a second access point and performs re-authentication, the mobile node receives a second session key for secure communication from the authentication server by using a third private key generated with authentication information generated during previous authentication and shared with the authentication server and the second access point receives the second session key from the authentication server by using the second private key previously shared with the authentication server.
-
Citations
31 Claims
-
1. A method for authenticating a mobile node in a wireless local area network including at least two access points for setting up wireless association between the mobile node and an authentication server for authenticating the mobile node, the method comprising the steps of:
-
(a) when the mobile node associates with a first access point and performs initial authentication, receiving, by the mobile node, a first session key for secure communication from the authentication server by using a first private key generated with a secret previously shared with the authentication server, and receiving, by the first access point, the first session key from the authentication server by using a second private key previously shared with the authentication server; and
(b) when the mobile node is handed over from the first access point to a second access point and performs re-authentication, receiving, by the mobile node, a second session key for secure communication from the authentication server by using a third private key generated with authentication information generated during previous authentication and shared with the authentication server, and receiving, by the second access point, the second session key from the authentication server by using the second private key previously shared with the authentication server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for performing authentication by a mobile node in a wireless local area network including at least two access points for setting up wireless association with the mobile node and an authentication server for authenticating the mobile node, the method comprising the steps of:
-
when associating with a first access point and performing initial authentication, generating a first private key with a secret previously shared with the authentication server;
generating first authentication information to be used during next authentication request, and transmitting a first enciphered message generated by enciphering the first authentication information with the first private key to the authentication server;
upon receiving a second enciphered message from the authentication server in response to the first enciphered message, acquiring a first session key by deciphering the second enciphered message with the first private key; and
performing secure communication with the first access point by using the first session key. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for performing authentication of a mobile node by an authentication server in a wireless local area network including at least two access points for setting up wireless association with the mobile node and an authentication server for authenticating the mobile node, the method comprising the steps of:
-
when the mobile node associates with a first access point and performs initial authentication, generating a first private key with a secret previously shared with the mobile node;
upon receiving a first enciphered message from the mobile node, acquiring first authentication information to be used during next authentication by deciphering the first enciphered message with the first private key;
generating a first session key for secure communication of the mobile node;
generating a second enciphered message by enciphering the first session key and the first authentication information with the first private key, and transmitting the second enciphered message to the mobile node; and
generating a third enciphered message by enciphering the first session key and the first authentication information with a second private key previously shared with the first access point, and transmitting the third enciphered message to the first access point. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method of performing authentication of a mobile node by an access point with which the mobile node initially associates or re-associates due to handover, in a wireless local area network including the access point for setting up association with the mobile node and an authentication server for authenticating the mobile node, the method comprising the steps of:
-
when associating with the mobile node and performing authentication, receiving an enciphered message from the authentication server;
acquiring a session key for secure communication with the mobile node by deciphering the enciphered message with a private key previously shared with the authentication server; and
performing secure communication with the mobile node by using the session key. - View Dependent Claims (31)
-
Specification