ASYNCHRONOUS ENHANCED SHARED SECRET PROVISIONING PROTOCOL

US 20090037737A1
Filed: 10/06/2008
Published: 02/05/2009
Est. Priority Date: 03/31/2004
Status: Active Grant

First Claim

Patent Images

1. A method for registering a first device with a second device, comprising:

deriving a commitment value at the first device from a first security value known to the first device;

communicating the commitment value from the first device to the second device;

communicating the security value from the first device to the second device; and

at the second device, attempting to derive the commitment value communicated thereto from the security value communicated thereto and terminating registration if the commitment value is not correctly derived from the security value.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An Asynchronous Enhanced Shared Secret Provisioning Protocol (ESSPP) provides a novel method and system for adding devices to a network in a secure manner. A registration process is launched by at least one of two network devices together. These two devices then automatically register with each other. When two devices running Asynchronous ESSPP detect each other, they exchange identities and establish a key that can later be used by the devices to mutually authenticate each other and generate session encryption keys. An out-of-band examination of registration signatures generated at the two devices can be performed to help ensure that there was not a man-in-the-middle attacker involved in the key exchange.

11 Citations

20 Claims

1. A method for registering a first device with a second device, comprising:
- deriving a commitment value at the first device from a first security value known to the first device;
  
  communicating the commitment value from the first device to the second device;
  
  communicating the security value from the first device to the second device; and
  
  at the second device, attempting to derive the commitment value communicated thereto from the security value communicated thereto and terminating registration if the commitment value is not correctly derived from the security value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the commitment value is a hash of the security value.
  - 3. The method of claim 1, wherein the security value is a registration nonce value.
  - 4. The method of claim 1, further comprising:
    - communicating information for use in generating a first secret from the second device to the first device over a first communication channel;
      
      generating the first secret at the first device;
      
      generating a second secret at the second device;
      
      validating first verification information related to the first secret and second verification information related to the second secret using a second communication channel; and
      
      enabling the first and second devices to use the first and second secrets upon a third party being assured that the first secret and the second secret are substantially identical based on the validation.
  - 5. The method of claim 4, wherein the first verification information has a shorter length than a length needed to provide a substantially identical level of security in a method that does not utilize a commitment value.
  - 6. The method of claim 4, wherein the first verification information is a hash value derived from the first secret and the security value.
  - 7. The method of claim 6, wherein the first verification information is a hash value derived from a catenation of the first secret with the security value.
  - 8. The method of claim 4, wherein the first device and the second device generate the first and second secrets using Diffie-Hellman key exchange.

9. A device capable of registering with a disparate device, comprising:
- an interface to a first communication channel; and
  
  means for conducting a registration process that receives a first hash of a security value from the disparate device using the first communication channel, receives the security value from the disparate device using the first communication channel, generates a second hash of the security value, and terminates registration if the first hash of the security value differs from the second hash of the security value.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The device of claim 9, wherein the security value is a registration nonce value.
  - 11. The device of claim 9, further comprising an interface to a second communication channel, wherein the means for conducting a registration process generates a secret that is to be shared with the disparate device using the first communication channel, validates verification information derived from the secret on the second communication channel, and is enabled to use the secret upon receipt of an indication that a third party is assured that the secret is shared with the disparate device.
  - 12. The device of claim 11, wherein the verification information is a hash value derived from the secret and the security value.
  - 13. The device of claim 12, wherein the verification information is a hash value derived from a catenation of the secret with the security value.
  - 14. The device of claim 11, wherein the verification information comprises a credential.

15. A computer-readable medium having stored thereon machine-executable instructions which, when executed by a machine, causes the machine to perform a method of registering with a network device comprising:
- receiving a commitment value on a first communication channel, wherein the commitment value is derived from a security value;
  
  receiving the security value on the first communication channel;
  
  attempting to derive the commitment value from the security value; and
  
  terminating registration with the network device if the commitment value is not successfully derived from the security value.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer-readable medium of claim 15, wherein the security value is a registration nonce value.
  - 17. The computer-readable medium of claim 15, wherein the commitment value is a hash of the registration value.
  - 18. The computer-readable medium of claim 15, wherein the method further comprises:
    - communicating information for use in generating a to-be-shared secret to the network device on the first communication channel;
      
      generating the to-be-shared secret;
      
      communicating verification information relating to the to-be-shared secret on a second communication channel; and
      
      utilizing the to-be-shared secret upon receipt of an indication that a third party is assured that the to-be-shared secret has been shared with the network device.
  - 19. The computer-readable medium of claim 18, wherein the verification information is derived from a hash of the to-be-shared secret.
  - 20. The computer-readable medium of claim 18, wherein the verification information is derived from a hash of the to-be-shared secret and a nonce value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Zick, Donald A.

Granted Patent

US 8,433,903 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

H04L 63/18   using different networks or...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/0869   involving random numbers or...

H04L 9/3013   involving the discrete loga...

H04L 9/321   involving a third party or ...

H04L 9/3236   using cryptographic hash fu...

H04W 12/041   Key generation or derivation

H04W 12/0431   Key distribution or pre-dis...

H04W 12/0433   Key management protocols

H04W 12/122   Counter-measures against at...

ASYNCHRONOUS ENHANCED SHARED SECRET PROVISIONING PROTOCOL

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

11 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

ASYNCHRONOUS ENHANCED SHARED SECRET PROVISIONING PROTOCOL

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links