METHOD AND APPARATUS FOR PROVIDING BOOTSTRAPPING PROCEDURES IN A COMMUNICATION NETWORK
First Claim
1. A method comprising:
- generating a message for authenticating communication with a network element configured to perform bootstrapping;
setting a password field of the message to a function of a secret key; and
specifying key establishment information within a payload of the message, wherein the message is transmitted according to a transport protocol for accessing information over a data network.
1 Assignment
0 Petitions
Accused Products
Abstract
An approach is provided for performing authentication in a communication system. In one embodiment, a key is established with a terminal in a communication network according to a key agreement protocol. The agreed key is tied to an authentication procedure to provide a security association that supports reuse of the key. A master key is generated based on the agreed key. In another embodiment, digest authentication is combined with key exchange parameters (e.g., Diffie-Hellman parameters) in the payload of the digest message, in which a key (e.g., SMEKEY or MN-AAA) is utilized as a password. In yet another embodiment, an authentication algorithm (e.g., Cellular Authentication and Voice Encryption (CAVE)) is employed with a key agreement protocol with conversion functions to support bootstrapping.
17 Citations
20 Claims
-
1. A method comprising:
-
generating a message for authenticating communication with a network element configured to perform bootstrapping; setting a password field of the message to a function of a secret key; and specifying key establishment information within a payload of the message, wherein the message is transmitted according to a transport protocol for accessing information over a data network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
receiving a message from a terminal, according to a transport protocol for accessing information over a data network, requesting authentication, wherein the message includes a password field that is a function of a secret key and a payload containing key establishment information specifying parameters for determining another secret key; and generating a master key based on the secret keys. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An apparatus comprising:
an authentication module configured to generate a message for authenticating communication with a network element configured to perform bootstrapping, and to set a password field of the message to be a function of a secret key, the message having a payload that includes new key establishment information, wherein the message is transmitted according to a transport protocol for accessing information over a data network. - View Dependent Claims (15, 16, 17, 18, 19, 20)
Specification