Apparatus and method for encryption key generation

US 6,094,487 A
Filed: 03/04/1998
Issued: 07/25/2000
Est. Priority Date: 03/04/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method for operating an encryption system, comprising:

broadcasting a first number;

receiving an authenticating request from a first individual subscriber unit (ISU);

generating a second number based on the authenticating request and information from a database, the database containing first ISU information and second ISU information; and

transmitting the second number to a second ISU, wherein the first and the second ISUs generate a same encryption key, and the first ISU generates the encryption key based on the first number and the second ISU generates the encryption key based on the first and the second numbers.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An encryption key generation system generates encryption keys at both an originating terminal and a terminating terminal of a wireless network. A central controller generates a shared secret based on the identification information of a requesting terminal and a first number, which may be random. The central controller broadcasts the first number to all terminals. A second number is generated by the central controller incorporating the shared secret data and the terminating terminal'"'"'s identification information. The requesting terminal generates the shared secret data using the first number and predetermined algorithms and generates an encryption key based on the first number and the shared secret data. The terminating terminal decodes the shared secret data from the second number, and generates the same encryption key using the first number and the shared secret data.

122 Citations

21 Claims

1. A method for operating an encryption system, comprising:
- broadcasting a first number;
  
  receiving an authenticating request from a first individual subscriber unit (ISU);
  
  generating a second number based on the authenticating request and information from a database, the database containing first ISU information and second ISU information; and
  
  transmitting the second number to a second ISU, wherein the first and the second ISUs generate a same encryption key, and the first ISU generates the encryption key based on the first number and the second ISU generates the encryption key based on the first and the second numbers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the generating the second number step comprises:
    - obtaining a second ISU identification information from the received authentication request;
      
      retrieving first ISU information and second ISU information from the database; and
      
      combining the first and the second ISU information with the first number to form the second number.
  - 3. The method of claim 2, wherein the combining step comprises:
    - generating shared secret data (SSD) based on the first ISU information and the first number; and
      
      transforming the SSD using the second ISU information resulting in the second number.
  - 4. The method of claim 3, wherein the second number may be inverse-transformed into the SSD using the second ISU information.
  - 5. The method of claim 1, wherein the broadcasting step comprises periodically generating and broadcasting the first number.
  - 6. The method of claim 5, wherein the first number is a pseudo random number.
  - 7. The method of claim 5, wherein the broadcasting period is one of seconds, minutes, hours, days and months.
  - 8. The method of claim 1, wherein the authentication request includes information identifying the first number.
  - 9. The method of claim 8, wherein the first number is identified by a time stamp.
  - 10. The method of claim 1, the first and second ISU information including at least one of:
    - an ISU identification number;
      
      a smart card identification number; and
      
      an ISU authentication key.
  - 11. The method of claim 1, wherein the first ISU and the second ISU are the same unit.

12. An encryption system that includes at least one ISU comprising:
- a database; and
  
  a central controller coupled to the ISU and the database, wherein the central controller broadcasts a first number, receives an authentication request from a first ISU of the at least one ISU, generates a second number based on the authentication request and first ISU information and second ISU information retrieved from the database, and transmits the second number to a second ISU of the at least one ISU, the first ISU generating an encryption key based on the first number and the second ISU generating the encryption key based on the first and second numbers.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The encryption system of claim 12, wherein the first ISU and the second ISU are the same unit.
  - 14. The encryption system of claim 12, wherein the central controller obtains a second ISU identification information from the received authentication request, and combines the first and the second ISU information with the first number to form the second number.
  - 15. The encryption system of claim 12, wherein the central controller generates shared secret data (SSD) based on the first ISU information and the first number, and transforms the SSD using the second ISU information resulting in the second number.
  - 16. The encryption system of claim 15, wherein the second ISU inverse transforms the second number into the SSD.
  - 17. The encryption system of claim 12, wherein the first number is a pseudo random number.
  - 18. The encryption system of claim 12, wherein the broadcast of the first number is periodic.
  - 19. The encryption system of claim 18, wherein the broadcast period is one of seconds, minutes, hours, days and months.
  - 20. The encryption system of claim 12, wherein the authentication request includes information identifying the first number.
  - 21. The encryption system of claim 20, wherein the first number is identified by a time stamp.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Corporation (AT&T, Inc.)
Original Assignee
AT&T Corporation (AT&T, Inc.)
Inventors
Wong, Marcus, Butler, Theodore
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
Callahan, Paul E.

Application Number

US09/034,823
Time in Patent Office

874 Days
Field of Search

380/247-249, 380/259, 380/260, 380/262, 380/273, 380/270, 380/43, 380/278, 380/279, 380/283
US Class Current

380/270
CPC Class Codes

H04L 9/321   involving a third party or ...

H04L 9/3234   involving additional secure...

H04L 9/3271   using challenge-response

Apparatus and method for encryption key generation

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

122 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Apparatus and method for encryption key generation

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

122 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others