Secure Telemetric Link
First Claim
1. In a telecommunications network having at least first and second nodes in communication with each other, a method of making secure at least one communication between the at least first and second nodes during a communication session, comprising the steps of:
- assigning to each node a device key unique to each node within the network;
assigning to the network a network key;
establishing a communication session between the at least first and second nodes;
providing the first node with an arbitrary number;
providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery;
securing a first communication with the second node'"'"'s device key and the arbitrary number;
transmitting the first communication to the second node;
decrypting at the second node the first communication using the second node'"'"'s device key and the arbitrary number;
upon verifying at the second node that the first communication was secured with the second node'"'"'s device key and the arbitrary number, providing the first node with the network key; and
securing a second communication among the at least first and second nodes using the network key.
1 Assignment
0 Petitions
Accused Products
Abstract
A communications protocol is used to provide data privacy, message integrity, message freshness, and user authentication to telemetric traffic, such as to and from implantable medical devices in a body area network. In certain embodiments, encryption, message integrity, and message freshness are provided through use of token-like nonces and ephemeral session-keys derived from device identification numbers and pseudorandom numbers.
40 Citations
13 Claims
-
1. In a telecommunications network having at least first and second nodes in communication with each other, a method of making secure at least one communication between the at least first and second nodes during a communication session, comprising the steps of:
-
assigning to each node a device key unique to each node within the network; assigning to the network a network key; establishing a communication session between the at least first and second nodes; providing the first node with an arbitrary number; providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery; securing a first communication with the second node'"'"'s device key and the arbitrary number; transmitting the first communication to the second node; decrypting at the second node the first communication using the second node'"'"'s device key and the arbitrary number; upon verifying at the second node that the first communication was secured with the second node'"'"'s device key and the arbitrary number, providing the first node with the network key; and securing a second communication among the at least first and second nodes using the network key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A secure wireless network comprising at least two nodes, wherein at least one of the at least two nodes comprises a programmable processor and a computer-readable storage element, wherein the computer-readable storage element contains instructions for causing the programmable processor to perform a method of arbitrary number generation, comprising the steps of:
-
generating a first intermediate number as a function of both a reference key and a nonce; generating a second intermediate number as a function of the first intermediate value, an initialization number, and the reference key; generating an arbitrary number as a function of the first intermediate value, the second intermediate value, and the reference key; and securing with the arbitrary number a communication to be transmitted between the at least two nodes. - View Dependent Claims (13)
-
Specification