Communications security

US 20060218398A1
Filed: 03/24/2005
Published: 09/28/2006
Est. Priority Date: 03/24/2005
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a device'"'"'s access to a communications node, the method comprising:

generating by the communications node, a first value for use in derivation of a first encryption key, the first encryption key being at least partially used to authenticate the device'"'"'s access to the communications node in a first communications exchange;

modifying by the communications node, independent of the device, the first value to create a second value; and

using the second value, by the communication node, in authenticating the device'"'"'s access to the communications node in a second communications exchange.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating a device'"'"'s access to a communications node is disclosed. The method of operation includes the communications node generating a first value for use in the derivation of a first encryption key, the first encryption key being at least partially used to authenticate the device'"'"'s access to the communications node in a first communications exchange. The method of operation includes the communications node modifying the first value, independent of the device, to create a second value. The method includes the communications node using the second value in authenticating the device'"'"'s access to the communications node in a second communications exchange. Embodiments of the present invention include but are not limited to communications nodes and devices, subsystems, and systems equipped to operate in the above-described manner.

Citations

24 Claims

1. A method of authenticating a device'"'"'s access to a communications node, the method comprising:
- generating by the communications node, a first value for use in derivation of a first encryption key, the first encryption key being at least partially used to authenticate the device'"'"'s access to the communications node in a first communications exchange;
  
  modifying by the communications node, independent of the device, the first value to create a second value; and
  
  using the second value, by the communication node, in authenticating the device'"'"'s access to the communications node in a second communications exchange.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein said using of the second value comprises the communication node using the second value to derive a second encryption key, the second encryption key being at least partially used to authenticate the device'"'"'s access to the communications node in the second communications exchange.
  - 3. The method of claim 1, wherein the first value is a random or a pseudo-random value.
  - 4. The method of claim 1, wherein said modifying of the first value comprises incrementing by the communication node, independent of the device, the first value.
  - 5. The method of claim 1, wherein the first encryption key is a Pair-wise Transient Key.
  - 6. The method of claim 1, wherein the communications node is an 802.11 compliant or compatible access point.
  - 7. The method of claim 1, wherein a derivation of the first encryption key is an 802.11i Pair-wise Transient Key derivation.

8. A method of authenticating a device'"'"'s access to a communications node, the method comprising:
- the device communicating with the communications node in a first communications exchange, the device being authenticated to the communications node using a first encryption key derived from a first value generated by the communications node;
  
  modifying by the device, independent of the communications node, the first value to create a second value; and
  
  the device communicating with the communications node in a second communications exchange, using the second value, the device being authenticated to the communications node using a copy of the second value independently generated by the communications node.
- View Dependent Claims (9, 10)
- - 9. The method of claim 8, wherein said modifying of the first value comprises incrementing by the device, independent of the communications node, the first value.
  - 10. The method of claim 8, wherein the device is an 802.11 compliant or compatible station.

11. A communications node comprising:
- a transmitter; and
  
  a controller coupled to the transmitter, the controller designed to generate a first value for use in derivation of a first encryption key, the first encryption key being at least partially used to authenticate a device'"'"'s access to the communications node in a first communications exchange, the controller designed to modify, independent of the device, the first value to create a second value, the controller designed to use the second value in authenticating the device'"'"'s access to the communications node in a second communications exchange.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The communications node of claim 11, wherein the controller is designed to use the second value in the derivation of a second encryption key, the second encryption key being at least partially used to authenticate the device'"'"'s access to the communications node in the second communications exchange.
  - 13. The communications node of claim 11, wherein the first value is a random or a pseudo-random value.
  - 14. The communications node of claim 11, wherein the controller is designed to modify the first value, independent of the device, by incrementing the first value.
  - 15. The communications node of claim 11, wherein the first encryption key is a Pair-wise Transient Key.
  - 16. The communications node of claim 11, wherein the communications node is an 802.11 compliant or compatible access point.
  - 17. The communications node of claim 11, wherein the controller is designed to derive the first encryption key using an 802.11i Pair-wise Transient Key derivation.

18. A system comprising:
- one or more substantially omnidirectional antenna(e), designed to at least facilitate transmission of communication signals; and
  
  a communications node including;
  
  a transmitter, the transmitter coupled to at least one of the one or more substantially omnidirectional antenna(e), and a controller coupled to the transmitter, the controller designed to generate a first value for use in derivation of a first encryption key, the first encryption key being at least partially used to authenticate the device'"'"'s access to the communications node in a first communications exchange, the controller designed to modify, independent of the device, the first value to create a second value, the controller designed to use the second value in authenticating the device'"'"'s access to the communications node in a second communications exchange.
- View Dependent Claims (19, 20, 21)
- - 19. The system of claim 18, wherein the controller is designed to use the second value in the derivation of a second encryption key, the second encryption key being at least partially used to authenticate the device'"'"'s access to the communications node in the second communications exchange.
  - 20. The system of claim 18, wherein the communications node comprises an 802.11 compliant or compatible access point.
  - 21. The system of claim 18, wherein the communications node comprises a selected one from the group consisting of a set-top box, a game console, a digital versatile disk player, a home entertainment console, and a video display.

22. A controller readable medium comprising:
- a storage medium; and
  
  a plurality of instructions stored in the storage medium, the instructions designed to enable an apparatus to generate a first value for use in derivation of a first encryption key, the first encryption key being at least partially used to authenticate a device'"'"'s access to the apparatus in a first communications exchange, modify, independent of the device, the first value to create a second value, and use the second value in authenticating the device'"'"'s access to the apparatus in a second communications exchange.
- View Dependent Claims (23, 24)
- - 23. The controller readable medium of claim 22, wherein said use of the second value comprises using the second value to derive a second encryption key, the second encryption key being at least partially used to authenticate the device'"'"'s access to the apparatus in the second communications exchange.
  - 24. The controller readable medium of claim 22, wherein the first value is a random or a pseudo-random value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Sood, Kapil, Walker, Jesse

Granted Patent

US 7,624,271 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 2209/80   Wireless

H04L 2463/081   applying self-generating cr...

H04L 63/0823   using certificates cryptogr...

H04L 9/0844   with user authentication or...

H04L 9/3273   for mutual authentication n...

Communications security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Communications security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links