Authentication of 6LoWPAN Nodes Using EAP-GPSK
First Claim
Patent Images
1. A system, comprising:
- at least one processor; and
instructions when executed by the at least one processor promote exchanging extensible authentication protocol (EAP) messages for authentication by sending a plurality of data packets formatted in accordance with an IEEE 802.15.4 standard, wherein EAP messages are encapsulated within a data field of the IEEE 802.15.4 standard data packet and wherein the encapsulated EAP message comprises an EAP header and a data portion.
1 Assignment
0 Petitions
Accused Products
Abstract
A system is provided that includes at least one processor and instructions that when executed by the processor promote exchanging extensible authentication protocol (EAP) messages for authentication by sending a plurality of data packets formatted in accordance with an IEEE 802.15.4 standard. The EAP messages are encapsulated within a data field of the IEEE 802.15.4 standard data packet and wherein the encapsulated EAP message comprises an EAP header and a data portion.
54 Citations
20 Claims
-
1. A system, comprising:
-
at least one processor; and instructions when executed by the at least one processor promote exchanging extensible authentication protocol (EAP) messages for authentication by sending a plurality of data packets formatted in accordance with an IEEE 802.15.4 standard, wherein EAP messages are encapsulated within a data field of the IEEE 802.15.4 standard data packet and wherein the encapsulated EAP message comprises an EAP header and a data portion. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of authenticating a wireless device, comprising:
-
configuring an authentication server and the wireless device with a pre-shared key (PSK); sending a first extensible authentication protocol (EAP) request message encapsulated in an IEEE 802.15.4 packet, the first EAP request message comprising an EAP header and a data portion comprising an identity of the authentication server and a server random nonce; determining a plurality of keys based on the PSK, the identity of the authentication server, and the server random nonce; determining a first message integrity code (MIC) based on the identity of the authentication server, the server random nonce, and one of the plurality of keys determined based on the PSK; sending a first EAP response message encapsulated in an IEEE 802.1 packet, the first EAP response message comprising an EAP header and a data portion comprising a client random nonce, a selected cipher suite identity, and the first message integrity code (MIC); determining a second MIC based on the identity of the authentication server, the server random nonce, and one of the plurality of keys determined based on the PSK; and determining that the wireless device passes authentication based in part on comparing the second MIC with the first MIC contained in the first EAP response message. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method of generating a message encryption key and a message authentication key, comprising:
-
sending a first extensible authentication protocol (EAP) key message encapsulated in an IEEE 802.15.4 packet, the first EAP key message comprising an EAP header and a data portion comprising an initiator random nonce and an initiator identity; deriving a plurality of keys based on the initiator random nonce; sending a second EAP key message encapsulated in an IEEE 802.15.4 packet, the second EAP key message comprising an EAP header and a data portion comprising a responder random nonce and a first message integrity code (MIC) based on the initiator random nonce, the responder random nonce, and the keys derived based on the initiator random nonce; sending a third EAP key message encapsulated in an IEEE 802.15.4 packet, the third EAP key message comprising an EAP header and a data portion containing a second MIC; and deriving the encryption key and the message authentication key based on a temporal key (TK), wherein the temporal key is one of the plurality of keys derived based on the initiator random nonce. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification