METHOD AND SYSTEM FOR DISTRIBUTING CRYPTOGRAPHIC KEYS IN A HIERARCHIZED NETWORK
First Claim
1. A method for distribution of cryptographic keys in a hierarchized network comprising at least one device responsible for a first group of devices, at least one of the devices of said first group of devices also being responsible for a second group of devices lower than said first group of devices, the method comprising the steps, at the device responsible for the higher group, of:
- a. storinga set of identifiers specific to the first group,an identifier specific to the responsible device of the first group,an identifier for each device responsible for a lower group,each identifier being unique inside the hierarchized network,b. storing storage (24) of a root cryptographic key,c. supplying a root cryptographic key to each device responsible for a lower group by derivation from the root key and from the identifier of said device responsible for the lower group by a first, nonreversible cryptographic function,d. supplying at least one transport cryptographic key to each member of said first group of devices by derivation from the root key and from an identifier belonging to the set of identifiers specific to said first group by a second, nonreversible cryptographic function.
3 Assignments
0 Petitions
Accused Products
Abstract
A method is presented for distributing cryptographic keys in a hierarchized network including at least one device in charge of a higher group of devices, wherein at least one of the devices of the group of devices is also in charge of a lower group of devices. The method includes the steps of: a) storing (20, 22) a set of identifiers particular to the higher group, of an identifier particular to the device in charge, of an identifier per device in charge of a lower group, each identifier being unique inside the hierarchized network; storing (24) a root cryptographic key; c) providing (26, 28) a root cryptographic key to each device in charge of a lower group by derivation of the root key and of the identifier of said device in charge of a lower group using a first non-reversible cryptographic function; d) providing (30, 32) at least one transport cryptographic key to each member of said higher group of devices by derivation of the root key and of an identifier belonging to the set of identifiers particular to said group using a second non-reversible cryptographic function.
-
Citations
10 Claims
-
1. A method for distribution of cryptographic keys in a hierarchized network comprising at least one device responsible for a first group of devices, at least one of the devices of said first group of devices also being responsible for a second group of devices lower than said first group of devices, the method comprising the steps, at the device responsible for the higher group, of:
-
a. storing a set of identifiers specific to the first group, an identifier specific to the responsible device of the first group, an identifier for each device responsible for a lower group, each identifier being unique inside the hierarchized network, b. storing storage (24) of a root cryptographic key, c. supplying a root cryptographic key to each device responsible for a lower group by derivation from the root key and from the identifier of said device responsible for the lower group by a first, nonreversible cryptographic function, d. supplying at least one transport cryptographic key to each member of said first group of devices by derivation from the root key and from an identifier belonging to the set of identifiers specific to said first group by a second, nonreversible cryptographic function. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for distributing cryptographic keys in a hierarchized network comprising at least one device responsible for a first group of devices, said method being applied by a device of said first group of devices also responsible for a second group of devices lower than said first group of devices, comprising the steps of:
-
a. storing an identifier that is specific to the device responsible for the first group and is unique in the hierarchized system, b. storing a root cryptographic key, derived by the device responsible for the first group from a root cryptographic key of the device responsible for the first group and from the identifier specific to said device, c. storing a set of identifiers specific to the lower group, d. generating generation of a transport cryptographic key by derivation from the root cryptographic key and from one of the identifiers of the set of identifiers specific to the lower group, e. distributing the transport cryptographic key to the devices that are members of the group. - View Dependent Claims (8)
-
-
9. A system for distributing cryptographic keys in a hierarchized network comprising at least one device responsible for a first group of devices, at least one of the devices of said group of devices also being responsible for a second group of devices lower than said first group of devices, comprising:
-
a. means for defining, for each of the first and second groups, a set of identifiers that is specific thereto, and, for each device responsible for a group, a responsible-device identifier that is specific thereto and unique in the hierarchized network. b. means for installing a root cryptographic key in the device responsible for the first group. c. first means for supplying a root cryptographic key to each device responsible for a lower group by derivation from the root key of the device responsible for the first group and from the identifier of said device responsible for the lower group by a first, nonreversible cryptographic function. d. for each group of devices, second means for supplying at least one transport cryptographic key to each member of said group of devices by derivation from the root key of the device responsible for said group and from an identifier belonging to the set of identifiers of said group by a second, nonreversible cryptographic function.
-
-
10. A device responsible for a first group of devices in a hierarchized network, comprising:
-
a. first means for storage of a root cryptographic key, b. second means for storage of an identifier that is specific to the first group of devices and is unique in the hierarchized system and of a set of identifiers specific to the first group, and of at least one identifier of a device responsible for a second group of device lower than said first group of devices, said device responsible for a lower group also belonging to said first group, c. means for generating a transport cryptographic key by derivation from the root cryptographic key and from one of the identifiers of the set of identifiers specific to the first group, d. means for distributing the transport cryptographic key to the member devices of the first group, e. means for generating a root key derived from the root cryptographic key and from the identifier of the device responsible for the lower group, f. means for distributing said derived root key to the device responsible for the lower group.
-
Specification