Key management methods for wireless LANs
First Claim
1. A method of managing security keys in a wireless local area network having a mobile terminal, an access point and a server, the method comprising the steps of:
- obtaining first and second certificates from a certificate authority;
associating the mobile terminal with the access point;
using a certificate authority certificate, first certificate and private key with Internet Key Exchange (IKE) to generate a WLAN link level key and mutually authenticating the mobile terminal and the access point using the IKE; and
using a certificate authority certificate, second certificate and private key with Internet Key Exchange (IKE) to generate IPsec authentication, encryption and decryption keys for data packets transferred between the mobile terminal and the server.
13 Assignments
0 Petitions
Accused Products
Abstract
The security keys in the mobile terminals and access points of a wireless local area network (WLAN) are created, utilized and managed for a communication session between a mobile terminal and access point. Both the WLAN link level security protection and IP security functions of the network use the same Internet Key Exchange (IKE) key management protocol and use certificates in the same certificate hierarchy. When the mobile terminals associates with the network, it uses the IKE protocol with private keys and certificates to generate WLAN link level keys with the access point and provide mutual authentication.
183 Citations
11 Claims
-
1. A method of managing security keys in a wireless local area network having a mobile terminal, an access point and a server, the method comprising the steps of:
-
obtaining first and second certificates from a certificate authority; associating the mobile terminal with the access point; using a certificate authority certificate, first certificate and private key with Internet Key Exchange (IKE) to generate a WLAN link level key and mutually authenticating the mobile terminal and the access point using the IKE; and using a certificate authority certificate, second certificate and private key with Internet Key Exchange (IKE) to generate IPsec authentication, encryption and decryption keys for data packets transferred between the mobile terminal and the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
Specification