Encryption key rekeying apparatus and method
First Claim
1. A method comprising:
- at a key management facility;
receiving an encryption key rekeying request from a non-roaming communication unit;
communicating to the non-roaming communication unit a rekeying message that includes a rekeying encryption key, wherein at least a portion of the rekeying encryption key is encrypted using an encryption scheme that is decypherable by the non-roaming communication unit;
receiving an encryption key rekeying request from a roaming communication unit;
communicating to the roaming communication unit a rekeying message that includes a rekeying encryption key, wherein at least a portion of the rekeying encryption key is encrypted as a function of an encryption scheme that is decypherable by the roaming communication unit.
2 Assignments
0 Petitions
Accused Products
Abstract
When a roaming communication unit (15) requires an updated encryption key to ensure continued secure communications with other communication units of its home system, it transmits a rekey request to a base site (16) for the system (14) in which it has a presence. The latter provides the rekey request to a key management facility (17) for that system. This key management facility, in turn, provides the rekey request to the key management facility (13) for the roaming communication unit'"'"'s home system (10). The latter then forwards a rekeying message that includes a rekeying encryption key to the roaming communication unit (15) with the second system'"'"'s key management facility (17) acting as an intermediary. In a preferred embodiment, the rekey message is encrypted using an encryption key that is presently available to the roaming communication unit but not to the second system'"'"'s key management facility. Therefore, although the latter acts as an intermediary to facilitate the rekeying process, the latter is not able to decrypt the rekeying message and thereby gain access to the encryption key or keys of the roaming communication unit'"'"'s home system.
-
Citations
17 Claims
-
1. A method comprising:
at a key management facility;
receiving an encryption key rekeying request from a non-roaming communication unit;
communicating to the non-roaming communication unit a rekeying message that includes a rekeying encryption key, wherein at least a portion of the rekeying encryption key is encrypted using an encryption scheme that is decypherable by the non-roaming communication unit;
receiving an encryption key rekeying request from a roaming communication unit;
communicating to the roaming communication unit a rekeying message that includes a rekeying encryption key, wherein at least a portion of the rekeying encryption key is encrypted as a function of an encryption scheme that is decypherable by the roaming communication unit. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A key management facility comprising:
-
at least one active home system encryption key;
a rekeying encryption key selector having a rekeying home system encryption key output;
a rekeying request processor that is operably coupled to the rekeying encryption key selector;
a wireless communication interface that is operably coupled to the at least one active home system encryption key and the rekeying request processor and wherein the wireless communication interface further couples to a wireless home communications system that supports wireless encrypted communications amongst authorized wireless non-roaming and roaming communication units using the at least one active home system encryption key;
wherein the rekeying request processor provides substantially the same rekeying home system encryption key output, in substantially the same format, in response to a rekeying request from both a non-roaming and a roaming authorized communication units. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method for rekeying wireless communication units that share a home key management facility, comprising:
-
at a roaming communication unit;
transmitting via a second key management facility a rekeying request to the home key management facility;
at the home key management facility;
receiving the rekeying request;
preparing a rekeying message, which rekeying message includes at least a rekeying encryption key, and which rekeying message is at least partially encrypted using an encryption key that is possessed by the roaming communication unit and not by the second key management facility;
transmitting at least a portion of the rekeying message to the roaming communication unit via the second key management facility;
at the roaming communication unit;
receiving the rekeying message as transmitted by the home key management facility;
decyrpting the rekeying message using the encryption key. - View Dependent Claims (15, 16, 17)
-
Specification