GROUP KEY MANAGEMENT RE-REGISTRATION METHOD
First Claim
1. A computer-implemented method comprising:
- at a key server;
receiving a registration request from a network element to join a group of network elements managed by the key server;
generating and storing a group member registration state comprising information identifying the network element belonging to the group of network elements;
generating a token using information from the group member registration state, wherein the token identifies the network element belonging to the group of network elements;
deleting the group member registration state for the network element at the key server;
generating an encrypted token by encrypting the token using a secret key that is local to the key server;
sending the encrypted token to the network element;
receiving a re-registration request from the network element to rejoin the group of network elements, wherein the re-registration request comprises the encrypted token;
generating a decrypted token by decrypting the encrypted token using the secret key;
using data from the decrypted token, recovering and storing the group member registration state, comprising information identifying the network element belonging to the group of network elements; and
re-registering the network element using the information from the group member registration state.
1 Assignment
0 Petitions
Accused Products
Abstract
In an embodiment, a fast group key management re-registration is described. One computer-implemented method comprises, at a key server: receiving a registration request from a network element to join a group of network elements managed by the key server; generating and storing a group member registration state comprising information identifying the network element within the group of network elements; generating a token using information from the group member registration state, wherein the token identifies the network element within the group; deleting the group member registration state for the network element at the key server; generating an encrypted token by encrypting the token using a secret key that is local to the key server; sending the encrypted token to the network element; receiving the encrypted token along with a re-registration request from the network element to re-join the group of network elements; and re-registering the network element using the encrypted token.
56 Citations
20 Claims
-
1. A computer-implemented method comprising:
at a key server; receiving a registration request from a network element to join a group of network elements managed by the key server; generating and storing a group member registration state comprising information identifying the network element belonging to the group of network elements; generating a token using information from the group member registration state, wherein the token identifies the network element belonging to the group of network elements; deleting the group member registration state for the network element at the key server; generating an encrypted token by encrypting the token using a secret key that is local to the key server; sending the encrypted token to the network element; receiving a re-registration request from the network element to rejoin the group of network elements, wherein the re-registration request comprises the encrypted token; generating a decrypted token by decrypting the encrypted token using the secret key; using data from the decrypted token, recovering and storing the group member registration state, comprising information identifying the network element belonging to the group of network elements; and re-registering the network element using the information from the group member registration state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A computer-implemented method comprising:
at a network element; sending a registration request to a key server to join a group of network elements managed by the key server; receiving a token generated by the key server, wherein the token identifies the network element belonging to the group of network elements; generating a group member registration state comprising information identifying the network element belonging to the group of network elements; storing the token in the group member registration state; and sending a re-registration request along with the token to the key server to re-join the group of network elements managed by the key server. - View Dependent Claims (10, 11, 12, 13, 14)
-
15. A computer-readable storage medium storing one or more sequences of instructions which, when executed by one or more processors, causes the one or more processors to perform:
at a key server; receiving a registration request from a network element to join a group of network elements managed by the key server; generating and storing a group member registration state comprising information identifying the network element belonging to the group of network elements; generating a token using information from the group member registration state, wherein the token identifies the network element belonging to the group of network element; deleting the group member registration state for the network element at the key server; generating an encrypted token by encrypting the token with a secret key that is local to the key server; sending the encrypted token to the network element; receiving a re-registration request from the network element to rejoin the group of network elements, wherein the re-registration request comprises the encrypted token; generating a decrypted token by decrypting the encrypted token using the secret key; using data from the decrypted token, recovering and storing the group member registration state, comprising information identifying the network element belonging to the group of network elements; and re-registering the network element using the information from the group member registration state. - View Dependent Claims (16, 17, 18, 19, 20)
Specification