GENERATING SECURITY MATERIAL
First Claim
1. A method for establishing a secure, direct, station-to-station communication between a first station and a second station in a topology comprising a central secret holder and provider that allows secure, direct, station-to-station communications and that allows secure station-to-station broadcast communications, in which the first station and the second station have previously established a security association (SA) with a topology control point (PCP), the method comprising:
- creating pair-wise unique material for the first station,wherein the pair-wise unique material is computed as a function of (i) a known shared secret associated with the PCP, (ii) a first piece of unique data associated with the first station, and (iii) a second piece of unique data associated with the second station; and
securely communicating the pair-wise unique material from the first station to the second station.
7 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method establish a secure, direct, station-to-station communication between a first station and a second station in a topology (e.g., PBSS) having a central secret holder/provider that allows secure, direct, station-to-station communications and that allows secure station-to-station broadcast communications. The first station and the second station will have previously established a security association (SA) with a topology control point (PCP). The method includes creating pair-wise unique material for the first station. The pair-wise unique material is computed as a function of (i) a known shared secret associated with the PCP, (ii) a first piece of unique data associated with the first station, and (iii) a second piece of unique data associated with the second station. The method includes securely communicating the pair-wise unique material from the first station to the second station.
-
Citations
20 Claims
-
1. A method for establishing a secure, direct, station-to-station communication between a first station and a second station in a topology comprising a central secret holder and provider that allows secure, direct, station-to-station communications and that allows secure station-to-station broadcast communications, in which the first station and the second station have previously established a security association (SA) with a topology control point (PCP), the method comprising:
-
creating pair-wise unique material for the first station, wherein the pair-wise unique material is computed as a function of (i) a known shared secret associated with the PCP, (ii) a first piece of unique data associated with the first station, and (iii) a second piece of unique data associated with the second station; and securely communicating the pair-wise unique material from the first station to the second station. - View Dependent Claims (2, 3, 4, 5, 11)
-
-
6. A method, comprising:
-
creating group-wise security material for a broadcasting member of a piconet basic service set (PBSS), wherein the broadcasting member has previously established a security association (SA) with a PBSS control point (PCP), and wherein the broadcasting member is to securely transmit a message to one or more members of the PBSS, where the message will not transit the PCP, wherein the group-wise security material is computed as a function of a known secret associated with the PCP and a piece of unique data associated with the broadcasting member; and securely communicating the group-wise security material from the broadcasting member to one or more other members of the PBSS. - View Dependent Claims (7, 8, 9, 10)
-
-
12. An apparatus for computing a pair-wise transient key for a first station (Si) and a second station (Sj) of a piconent basic service set (PBSS), Si and Sj having previously established a security association (SA) with a PBSS control point (PCP), Si and Sj to perform a secure, station-to-station communication that does not transit the PCP, the method comprising:
-
pair-wise key logic to compute the pair-wise transient key (PTK), and where, according to;
PTKij=f(GTKPCP, UniqueSI, UniqueSJ)wherein GTKPCP is a group transient key generated by the PCP, wherein UniqueSI is information unique to Si, and wherein UniqueSJ is information unique to Sj; and pair-wise communication logic to securely communicate the PTKij between Si and Sj. - View Dependent Claims (13, 14, 15, 16, 20)
-
-
17. An apparatus to compute a group-wise transient key (GTKB) for a broadcasting member SB of a piconet basic service set (PBSS), where SB has previously established a security association (SA) with a PBSS control point (PCP), and where SB is to perform a secure, station-to-station communication that does not transit the PCP, where the secure, station-to-station communication will involve one or more other members of the PBSS, comprising:
-
group-wise key logic to compute GTKB, according to;
GTKB=f(GTKPCP, UniqueSB)wherein GTKB is a group transient key generated by the PCP, and wherein UniqueSB is information unique to SB; and group-wise communication logic to securely communicate GTKB from SB to the one or more other members of the PBSS. - View Dependent Claims (18, 19)
-
Specification