Methods and apparatus for dynamic session key generation and rekeying in mobile IP
First Claim
1. In a server adapted for authentication, authorization, and accounting, a method of generating a shared key between a Home Agent and a Mobile Node, comprising:
- receiving a request message from a Home Agent, the request message identifying the Mobile Node;
deriving key information from a key or password associated with the Mobile Node; and
sending a reply message to the Home Agent, the reply message including the key information associated with the Mobile Node, thereby enabling the Home Agent to derive a shared key to be shared between the Mobile Node and the Home Agent from the key information.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus for providing a centralized source of session keys to be shared by a Home Agent and a Mobile Node are disclosed. In accordance with one aspect of the invention, a Mobile Node registers with a Home Agent supporting Mobile IP by sending a registration request to the Home Agent. The Home Agent sends a request message (e.g., access-request message) to a AAA server, the request message identifying the Mobile Node. The AAA server then derives key information from a key or password associated with the Mobile Node. The AAA server then sends a reply message (e.g., access-reply message) to the Home Agent, the reply message including the key information associated with the Mobile Node, thereby enabling the Home Agent to derive a shared key to be shared between the Mobile Node and the Home Agent from the key information. The Home Agent derives a key from the key information, the key being a shared key between the Mobile Node and the Home Agent. A registration reply is then sent to the Mobile Node. When the Mobile Node receives a registration reply from the Home Agent, the registration reply indicates that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home Agent. The Mobile Node then derives a key to be shared between the Mobile Node and the Home Agent from key information stored at the Mobile Node. The Mobile Node may initiate “re-keying” by sending a subsequent registration request to the Home Agent.
-
Citations
53 Claims
-
1. In a server adapted for authentication, authorization, and accounting, a method of generating a shared key between a Home Agent and a Mobile Node, comprising:
-
receiving a request message from a Home Agent, the request message identifying the Mobile Node;
deriving key information from a key or password associated with the Mobile Node; and
sending a reply message to the Home Agent, the reply message including the key information associated with the Mobile Node, thereby enabling the Home Agent to derive a shared key to be shared between the Mobile Node and the Home Agent from the key information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. In a Home Agent supporting Mobile IP, a method of authenticating a Mobile Node, comprising:
-
receiving a registration request from a Mobile Node, the registration request identifying the Mobile Node;
sending a request message to a AAA server, the request message identifying the Mobile Node;
receiving a reply message from the AAA server, the reply message including key information associated with the Mobile Node;
deriving a key from the key information, the key being a shared key between the Mobile Node and the Home Agent; and
sending a registration reply to the Mobile Node. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. In a Mobile Node, a method of registering with a Home Agent supporting Mobile IP, comprising:
-
sending a registration request to the Home Agent;
receiving a registration reply from the Home Agent, the registration reply indicating that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home Agent; and
deriving a key to be shared between the Mobile Node and the Home Agent from key information stored at the Mobile Node. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. A computer-readable medium storing thereon computer readable instructions for generating a shared key between a Home Agent and a Mobile Node in a server adapted for authentication, authorization, and accounting, comprising:
-
instructions for receiving a request message from a Home Agent, the request message identifying the Mobile Node;
instructions for deriving key information from a key or password associated with the Mobile Node; and
instructions for sending a reply message to the Home Agent, the reply message including the key information associated with the Mobile Node, thereby enabling the Home Agent to derive a shared key to be shared between the Mobile Node and the Home Agent from the key information.
-
-
46. A server adapted for authentication, authorization, and accounting, the server being adapted for generating a shared key between a Home Agent and a Mobile Node, comprising:
-
a processor; and
a memory, at least one of the processor and the memory being adapted for;
receiving a request message from a Home Agent, the request message identifying the Mobile Node;
deriving key information from a key or password associated with the Mobile Node; and
sending a reply message to the Home Agent, the reply message including the key information associated with the Mobile Node, thereby enabling the Home Agent to derive a shared key to be shared between the Mobile Node and the Home Agent from the key information.
-
-
47. A server adapted for authentication, authorization, and accounting, the server being adapted for generating a shared key between a Home Agent and a Mobile Node, comprising:
-
means for receiving a request message from a Home Agent, the request message identifying the Mobile Node;
means for deriving key information from a key or password associated with the Mobile Node; and
means for sending a reply message to the Home Agent, the reply message including the key information associated with the Mobile Node, thereby enabling the Home Agent to derive a shared key to be shared between the Mobile Node and the Home Agent from the key information.
-
-
48. A computer-readable medium storing thereon computer-readable instructions for authenticating a Mobile Node in a Home Agent supporting Mobile IP, comprising:
-
instructions for receiving a registration request from a Mobile Node, the registration request identifying the Mobile Node;
instructions for sending a request message to a AAA server, the request message identifying the Mobile Node;
instructions for receiving a reply message from the AAA server, the reply message including key information associated with the Mobile Node;
instructions for deriving a key from the key information, the key being a shared key between the Mobile Node and the Home Agent; and
instructions for sending a registration reply to the Mobile Node.
-
-
49. A Home Agent supporting Mobile IP, the Home Agent being adapted for authenticating a Mobile Node, comprising:
-
a processor; and
a memory, at least one of the processor and the memory being adapted for;
receiving a registration request from a Mobile Node, the registration request identifying the Mobile Node;
sending a request message to a AAA server, the request message identifying the Mobile Node;
receiving a reply message from the AAA server, the reply message including key information associated with the Mobile Node;
deriving a key from the key information, the key being a shared key between the Mobile Node and the Home Agent; and
sending a registration reply to the Mobile Node.
-
-
50. A Home Agent supporting Mobile IP and adapted for authenticating a Mobile Node, comprising:
-
means for receiving a registration request from a Mobile Node, the registration request identifying the Mobile Node;
means for sending a request message to a AAA server, the request message identifying the Mobile Node;
means for receiving a reply message from the AAA server, the reply message including key information associated with the Mobile Node;
means for deriving a key from the key information, the key being a shared key between the Mobile Node and the Home Agent; and
means for sending a registration reply to the Mobile Node.
-
-
51. A computer-readable medium storing thereon computer-readable instructions for registering a Mobile Node with a Home Agent supporting Mobile IP, comprising:
-
instructions for sending a registration request to the Home Agent;
instructions for receiving a registration reply from the Home Agent, the registration reply indicating that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home Agent; and
instructions for deriving a key to be shared between the Mobile Node and the Home Agent from key information stored at the Mobile Node.
-
-
52. A Mobile Node adapted for registering with a Home Agent supporting Mobile IP, comprising:
-
a processor; and
a memory, at least one of the processor and the memory being adapted for;
sending a registration request to the Home Agent;
receiving a registration reply from the Home Agent, the registration reply indicating that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home Agent; and
deriving a key to be shared between the Mobile Node and the Home Agent from key information stored at the Mobile Node.
-
-
53. A Mobile Node adapted for registering with a Home Agent supporting Mobile IP, comprising:
-
means for sending a registration request to the Home Agent;
means for receiving a registration reply from the Home Agent, the registration reply indicating that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home Agent; and
means for deriving a key to be shared between the Mobile Node and the Home Agent from key information stored at the Mobile Node.
-
Specification