MESH NETWORK WITH PERSONAL PRE-SHARED KEYS
First Claim
1. An electronic device, comprising:
- an interface circuit configured to communicate with other electronic devices, wherein a path to a root electronic device in the other electronic devices, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point, wherein the electronic device is configured to;
receive a pre-shared key (PSK) from a controller;
establish encrypted communication with a first electronic device in the other electronic devices using the PSK; and
exchange a first personal pre-shared key (PPSK) with the first electronic device, wherein the first PPSK is associated with the electronic device and the first electronic device; and
wherein the electronic device is configured to establish encrypted communication with the first electronic device using the first PPSK when a subsequent attempt to establish encrypted communication with the first electronic device using the PSK fails.
9 Assignments
0 Petitions
Accused Products
Abstract
A mesh network with a network-wide pre-shared key (PSK) that can be updated is described. The PSK can be used to establish secure communication between arbitrary electronic devices in the mesh network. In order to prevent electronic devices from being inadvertently ‘stranded,’ i.e., unable to securely communicate with other electronic devices in the mesh network when the PSK is updated, pairs of electronic devices in the mesh network establish personal PSKs (PPSKs). In particular, after securely associating with each other, a given pair of electronic devices may have used the current PSK to authenticate and encrypt their communication. Then, the given pair of electronic devices may define a PPSK, e.g., by exchanging one or more random numbers. If a subsequent attempt at establishing secure or encrypted communication between the given pair of electronic devices fails, these electronic devices may use the PPSK as a backup to establish the encrypted communication.
-
Citations
20 Claims
-
1. An electronic device, comprising:
an interface circuit configured to communicate with other electronic devices, wherein a path to a root electronic device in the other electronic devices, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point, wherein the electronic device is configured to; receive a pre-shared key (PSK) from a controller; establish encrypted communication with a first electronic device in the other electronic devices using the PSK; and exchange a first personal pre-shared key (PPSK) with the first electronic device, wherein the first PPSK is associated with the electronic device and the first electronic device; and wherein the electronic device is configured to establish encrypted communication with the first electronic device using the first PPSK when a subsequent attempt to establish encrypted communication with the first electronic device using the PSK fails. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A computer-program product for use in conjunction with an electronic device, the computer-program product comprising a non-transitory computer-readable storage medium and a computer-program mechanism embedded therein to exchange a personal pre-shared key (PPSK), the computer-program mechanism including:
-
instructions for receiving a pre-shared key (PSK) from a controller; instructions for establishing encrypted communication with a first electronic device in other electronic devices using the PSK, wherein a path to a root electronic device in the other electronic devices, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point; instructions for exchanging a first PPSK with the first electronic device, wherein the first PPSK is associated with the electronic device and the first electronic device; and instructions for establishing encrypted communication with the first electronic device using the first PPSK when a subsequent attempt to establish encrypted communication with the first electronic device using the PSK fails. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method for exchanging a personal pre-shared key (PPSK), wherein the method comprises:
-
receiving a pre-shared key (PSK); establishing encrypted communication with a first electronic device in other electronic devices using the PSK, wherein a path to a root electronic device in the other electronic, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point; exchanging a first PPSK with the first electronic device, wherein the first PPSK is associated with the electronic device and the first electronic device; and when a subsequent attempt to establish encrypted communication with the first electronic device using the PSK fails, establishing encrypted communication with the first electronic device using the first PPSK.
-
-
16. An electronic device, comprising:
an interface circuit configured to communicate with other electronic devices, wherein a path to a root electronic device, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point, and wherein the electronic device is configured to; attempt to re-establish encrypted communication with an upstream electronic device in the other electronic devices using a pre-shared key (PSK); and when the attempt to re-establish the encrypted communication with the upstream electronic device fails, re-establish encrypted communication with the upstream electronic device in the other electronic devices using a predefined personal PSK between the electronic device and the upstream electronic device. - View Dependent Claims (17, 18)
-
19. A computer-program product for use in conjunction with an electronic device, the computer-program product comprising a non-transitory computer-readable storage medium and a computer-program mechanism embedded therein to re-establish encrypted communication, the computer-program mechanism including:
-
instructions for attempting to re-establish encrypted communication with an upstream electronic device in other electronic devices using a pre-shared key (PSK), wherein a path to a root electronic device in the other electronic devices, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point; and instructions for re-establishing encrypted communication with the upstream electronic device in the other electronic devices using a predefined personal pre-shared key (PPSK) between the electronic device and the upstream electronic device when the attempt to re-establish the encrypted communication with the upstream electronic device fails.
-
-
20. A method for re-establishing encrypted communication, wherein the method comprises:
-
attempting to re-establish encrypted communication with an upstream electronic device in other electronic devices using a pre-shared key (PSK), wherein a path to a root electronic device in the other electronic devices, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point; and re-establishing encrypted communication with the upstream electronic device in the other electronic devices using a predefined personal pre-shared key (PPSK) between the electronic device and the upstream electronic device when the attempt to re-establish the encrypted communication with the upstream electronic device fails.
-
Specification