Key update system, key management device, communication terminal, and key information construction method for multihop network

US 20070140480A1
Filed: 12/12/2006
Published: 06/21/2007
Est. Priority Date: 12/20/2005
Status: Active Grant

First Claim

Patent Images

1. A key update system for a multihop network system comprising a key management device that manages keys using a hierarchical structure, and a plurality of communication terminals that obtain the keys, wherein the key management device constructs key information having a hierarchical structure that accords with the structure of the multihop network, and manages the key information, the key management device determining respective encryption keys for encrypting the keys based on the key information, and the communication terminals obtaining the respective keys, wherein the key management device comprises:

a key information management portion that constructs and manages the key information;

an encryption portion that encrypts the keys using the keys included in the key information; and

a transmission portion that transmits the encrypted keys encrypted by the encryption portion, and the communication terminals respectively comprising;

a receiving portion that receives the encrypted keys;

a key management portion that manages, among the keys included in the key information, the keys that need to be held and stored by any given one of the communication terminals; and

a decryption portion that decrypts the encrypted keys.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides a key update system for a multihop network system including an authentication management device that manages keys using a hierarchical structure. That device constructs key information having a hierarchical structure in accordance with the structure of the multihop network. In addition, that device determines respective encryption keys for encrypting the keys based on the key information, and the communication terminals obtain the respective keys. In this system, that device includes a key tree management portion that constructs and manages the key information; an encryption portion that encrypts the keys using the keys included in the key information; and a transmission portion that transmits the encrypted keys. Each communication terminal includes a receiving portion that receives the encrypted keys; a key management portion that manages the keys that need to be held and stored by the given communication terminal; and a decryption portion that decrypts the encrypted keys.

Citations

17 Claims

1. A key update system for a multihop network system comprising a key management device that manages keys using a hierarchical structure, and a plurality of communication terminals that obtain the keys, wherein the key management device constructs key information having a hierarchical structure that accords with the structure of the multihop network, and manages the key information, the key management device determining respective encryption keys for encrypting the keys based on the key information, and the communication terminals obtaining the respective keys, wherein the key management device comprises:
- a key information management portion that constructs and manages the key information;
  
  an encryption portion that encrypts the keys using the keys included in the key information; and
  
  a transmission portion that transmits the encrypted keys encrypted by the encryption portion, and the communication terminals respectively comprising;
  
  a receiving portion that receives the encrypted keys;
  
  a key management portion that manages, among the keys included in the key information, the keys that need to be held and stored by any given one of the communication terminals; and
  
  a decryption portion that decrypts the encrypted keys.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The key update system according to claim 1, wherein the key management device further comprises a key generation portion that generates keys.
  - 3. The key update system according to claim 1, wherein the key management device further comprises a one way value generation portion that has a one-way function.
  - 4. The key update system according to claim 1, wherein each of the communication terminals further comprises a transmission portion that transmits the encrypted keys.
  - 5. The key update system according to claim 1, wherein each of the communication terminals further comprises a key update message analysis portion that analyzes a destination of each of the encrypted keys.
  - 6. The key update system according to claim 1, wherein each of the communication terminals further comprises a key update message generation portion that generates a message for sending just the encrypted keys that have destinations among the communication terminals in the next hop or after of the multihop network.
  - 7. The key update system according to claim 1, wherein each of the communication terminals further comprises a one way value generation portion that has a one-way function.

8. A key management device that manages key information that has a hierarchical structure that accords with the structure of a multihop network, the key management device comprising:
- a key information management portion that constructs and manages the key information;
  
  an encryption portion that encrypts the keys using the keys included in the key information; and
  
  a transmission portion that transmits the encrypted keys encrypted by the encryption portion.
- View Dependent Claims (9, 10)
- - 9. The key management device according to claim 8, further comprising:
    - a key generation portion that generates keys.
  - 10. The key management device according to claim 8, further comprising:
    - a one way value generation portion that has a one-way function.

11. A communication terminal that obtains encrypted keys that are encrypted using keys included in key information that has a hierarchical structure that accords with the structure of a multihop network, the communication terminal comprising:
- a receiving portion that receives the encrypted keys;
  
  a key management portion that manages, among the keys included in the key information, the keys that need to be held and stored by the communication terminal; and
  
  a decryption portion that decrypts the encrypted keys.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The communication terminal according to claim 11, further comprising:
    - a transmission portion that transmits the encrypted keys.
  - 13. The communication terminal according to claim 11, further comprising:
    - a key update message analysis portion that analyzes the destination of each of the encrypted keys.
  - 14. The communication terminal according to any one of claims 11 to 13, further comprising:
    - a key update message generation portion that generates a message for sending just the encrypted keys that have destinations among the communication terminals in the next hop or after of the multihop network.
  - 15. The communication terminal according to claim 11, further comprising:
    - a one way value generation portion that has a one-way function.

16. A key information construction method comprising:
- grouping, from among communication terminals in a multihop network that have terminal devices functioning as parents, those communication terminals that have the same terminal device functioning as a parent; and
  
  constructing key information having a hierarchical structure.
- View Dependent Claims (17)
- - 17. The key information construction method according to claim 16, further comprising:
    - establishing, in the case that any given one of the communication terminals does not share a parent terminal with any other one of the communication terminals, a new group that has the given communication terminal as an initial member; and
      
      constructing new key information that has a hierarchical structure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
OKI Electric Industry Company Limited
Original Assignee
OKI Electric Industry Company Limited
Inventors
Yao, Taketsugu

Granted Patent

US 8,205,085 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/30
CPC Class Codes

H04L 63/065   for group communications cr...

H04L 9/0822   using key encryption key

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

Key update system, key management device, communication terminal, and key information construction method for multihop network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Key update system, key management device, communication terminal, and key information construction method for multihop network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links