Method and apparatus for cryptographic key establishment using an identity based symmetric keying technique

US 7,181,015 B2
Filed: 07/31/2001
Issued: 02/20/2007
Est. Priority Date: 07/31/2001
Status: Expired due to Term

First Claim

Patent Images

1. A method for establishing a cryptographic key between a first node and a second node, comprising:

sending a first message from the first node to the second node, wherein the first message requests establishing the cryptographic key;

sending a second message from the second node to a key distribution center, wherein the second message includes a first node identifier for the first node, a second node identifier for the second node, and a message authentication code created using a second node key belonging to the second node;

recreating the second node key at the key distribution center, wherein the second node key was previously created using the second node identifier and a secret key known only to the key distribution center;

verifying at the key distribution center the message authentication code in the second message using the second node key; and

if the message authentication code is verified,creating the cryptographic key at the key distribution center, andcommunicating the cryptographic key to the second node and the first node;

wherein an update of a key distribution center database of shared keys is capable of being avoided when at least one of the nodes is unfamiliar;

wherein communicating the cryptographic key to the second node and the first node includes;

encrypting a hash value and the cryptographic key using the second node key to create a first encrypted key;

recreating a first node key belonging to the first node, wherein the first node key was previously created using the secret key and the first node identifier;

encrypting the hash value and the cryptographic key using the first node key to create a second encrypted key;

sending a third message from the key distribution center to the second node, wherein the third message includes the first encrypted key and the second encrypted key;

decrypting at the second node the first encrypted key from the third message to recover the hash value and the cryptographic key;

verifying the hash value at the second node; and

if the hash value is verified at the second node,sending a fourth message to the first node from the second node, wherein the fourth message includes the second encrypted key and a key confirmation value so that the first node can confirm that the cryptographic key has been established,decrypting at the first node the second encrypted key from the fourth message to recover the hash value and the cryptographic key,verifying the hash value at the first node,establishing at the first node that the second node has the cryptographic key, andif the hash value is verified at the first node and it is established at the first node that the second node has the cryptographic key,sending a fifth message to the second node from the first node so that the second node can confirm that the cryptographic key has been established;

wherein the first message includes the first node identifier, the second node identifier, a third identifier for the key distribution center, and a first nonce, wherein a nonce is a random number selected for message confirmation purposes that has a statistically low probability of being reused;

wherein the second message includes the third identifier, the second node identifier, the first node identifier, a second nonce, the first nonce, and the message authentication code, wherein the message authentication code is created from the third identifier, the second node identifier, the first node identifier, the second nonce, and the first nonce;

wherein verifying the message authentication code includes;

creating a test message authentication code from the third identifier, the second node identifier, the first node identifier, the second nonce, and the first nonce using the second node key; and

comparing the test message authentication code with the message authentication code;

wherein the hash value is created from the second node identifier, the first node identifier, the second nonce, and the first nonce;

wherein the third message includes the second node identifier, the first node identifier, the second encrypted key, and the first encrypted key.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the present invention provides a system for establishing a shared cryptographic key between participating nodes in a network. The system operates by sending a first message from the first node to the second node requesting establishment of a shared key. The second node sends a second message containing identifiers and a message authentication code to a key distribution center (KDC). The authentication code is generated using a second node key belonging to the second node. The KDC recreates the previously created second node key using the second node identifier and a secret key known only to the key distribution center. The KDC then verifies the message authentication code using the second node key. If the message authentication code is verified, the KDC creates a shared key for the nodes to use while communicating with each other. The KDC securely communicates this shared key to the participating nodes

52 Citations

View as Search Results

13 Claims

1. A method for establishing a cryptographic key between a first node and a second node, comprising:
- sending a first message from the first node to the second node, wherein the first message requests establishing the cryptographic key;
  
  sending a second message from the second node to a key distribution center, wherein the second message includes a first node identifier for the first node, a second node identifier for the second node, and a message authentication code created using a second node key belonging to the second node;
  
  recreating the second node key at the key distribution center, wherein the second node key was previously created using the second node identifier and a secret key known only to the key distribution center;
  
  verifying at the key distribution center the message authentication code in the second message using the second node key; and
  
  if the message authentication code is verified,creating the cryptographic key at the key distribution center, andcommunicating the cryptographic key to the second node and the first node;
  
  wherein an update of a key distribution center database of shared keys is capable of being avoided when at least one of the nodes is unfamiliar;
  
  wherein communicating the cryptographic key to the second node and the first node includes;
  
  encrypting a hash value and the cryptographic key using the second node key to create a first encrypted key;
  
  recreating a first node key belonging to the first node, wherein the first node key was previously created using the secret key and the first node identifier;
  
  encrypting the hash value and the cryptographic key using the first node key to create a second encrypted key;
  
  sending a third message from the key distribution center to the second node, wherein the third message includes the first encrypted key and the second encrypted key;
  
  decrypting at the second node the first encrypted key from the third message to recover the hash value and the cryptographic key;
  
  verifying the hash value at the second node; and
  
  if the hash value is verified at the second node,sending a fourth message to the first node from the second node, wherein the fourth message includes the second encrypted key and a key confirmation value so that the first node can confirm that the cryptographic key has been established,decrypting at the first node the second encrypted key from the fourth message to recover the hash value and the cryptographic key,verifying the hash value at the first node,establishing at the first node that the second node has the cryptographic key, andif the hash value is verified at the first node and it is established at the first node that the second node has the cryptographic key,sending a fifth message to the second node from the first node so that the second node can confirm that the cryptographic key has been established;
  
  wherein the first message includes the first node identifier, the second node identifier, a third identifier for the key distribution center, and a first nonce, wherein a nonce is a random number selected for message confirmation purposes that has a statistically low probability of being reused;
  
  wherein the second message includes the third identifier, the second node identifier, the first node identifier, a second nonce, the first nonce, and the message authentication code, wherein the message authentication code is created from the third identifier, the second node identifier, the first node identifier, the second nonce, and the first nonce;
  
  wherein verifying the message authentication code includes;
  
  creating a test message authentication code from the third identifier, the second node identifier, the first node identifier, the second nonce, and the first nonce using the second node key; and
  
  comparing the test message authentication code with the message authentication code;
  
  wherein the hash value is created from the second node identifier, the first node identifier, the second nonce, and the first nonce;
  
  wherein the third message includes the second node identifier, the first node identifier, the second encrypted key, and the first encrypted key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein verifying the hash value at the second node includes:
    - creating a first test hash value from the second node identifier, the first node identifier, the second nonce, and the first nonce; and
      
      comparing the first test hash value with the hash value.
  - 3. The method of claim 2, wherein the fourth message includes the first node identifier, the second node identifier, the second nonce, the first encrypted key, and a first confirmation value, wherein the first confirmation value has been encrypted with the cryptographic key.
  - 4. The method of claim 3, wherein the first confirmation value includes the second nonce and the first nonce.
  - 5. The method of claim 4, wherein verifying the hash value at the first node includes:
    - creating a second test hash value from the second node identifier, the first node identifier, the second nonce, and the first nonce; and
      
      comparing the second test hash value with the bash value.
  - 6. The method of claim 5, wherein establishing at the first node that the second node has the cryptographic key includes:
    - decrypting the first confirmation value using the cryptographic key; and
      
      verifying that the first nonce is what was sent in the first message.
  - 7. The method of claim 6, wherein the fifth message includes:
    - the second node identifier, the first node identifier, and a second confirmation value.
  - 8. The method of claim 7, wherein creating the second confirmation value at the first node includes:
    - reordering the first nonce and the second nonce recovered by decrypting the first confirmation value to create the second confirmation value; and
      
      encrypting the second confirmation value using the cryptographic key.
  - 9. The method of claim 8, wherein confirming at the second node that the cryptographic key has been established includes:
    - decrypting the second confirmation value using the cryptographic key; and
      
      verifying that the second nonce was sent in the second message.
  - 10. The method of claim 1, further comprisingcreating the second node key, wherein the second node key is created using the secret key and the second node identifier;
    - andinstalling the second node key into the second node prior to deployment of the second node.
  - 11. The method of claim 1, further comprising:
    - creating the first node key, wherein the fast node key is created using the secret key and the first node identifier; and
      
      installing the first node key into the first node prior to deployment of the first node.

12. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for establishing a cryptographic key between a first node and a second node, the method comprising:
- sending a first message from the first node to the second node, wherein the first message requests establishing the cryptographic key;
  
  sending a second message from the second node to a key distribution center, wherein the second message includes a first node identifier for the first node, a second node identifier for the second node, and a message authentication code created using a second node key belonging to the second node;
  
  recreating the second node key at the key distribution center, wherein the second node key was previously created using the second node identifier and a secret key known only to the key distribution center;
  
  verifying at the key distribution center the message authentication code in the second message using the second node key; and
  
  if the message authentication code is verified,creating the cryptographic key at the key distribution center, andcommunicating the cryptographic key to the second node and the first node;
  
  wherein an update of a key distribution center database of shared keys is capable of being avoided when at least one of the nodes is unfamiliar;
  
  wherein communicating the cryptographic key to the second node and the first node includes;
  
  encrypting a hash value and the cryptographic key using the second node key to create a first encrypted key;
  
  recreating a first node key belonging to the first node, wherein the first node key was previously created using the secret key and the first node identifier;
  
  encrypting the hash value and the cryptographic key using the first node key to create a second encrypted key;
  
  sending a third message from the key distribution center to the second node, wherein the third message includes the first encrypted key and the second encrypted key;
  
  decrypting at the second node the first encrypted key from the third message to recover the hash value and the cryptographic key;
  
  verifying the hash value at the second node andif the hash value is verified at the second node,sending a fourth message to the first node from the second node, wherein the fourth message includes the second encrypted key,decrypting at the first node the second encrypted key from the fourth message to recover the hash value and the cryptographic key,verifying the hash value at the first node,establishing at the first node that the second node has the cryptographic key, andif the hash value is verified at the first node and it is established at the first node that the second node has the cryptographic key,sending a fifth message to the second node from the first node so that the second node can confirm that the cryptographic key has been established;
  
  wherein the first message includes the first node identifier, the second node identifier, a third identifier for the key distribution center, and a first nonce, wherein a nonce is a random number selected for message confirmation purposes that has a statistically low probability of being reused;
  
  wherein the second message includes the third identifier, the second node identifier, the first node identifier, a second nonce, the first nonce, and the message authentication code, wherein the message authentication code is created from the third identifier, the second node identifier, the first node identifier, the second nonce, and the first nonce;
  
  wherein verifying the message authentication code includes;
  
  creating a test message authentication code from the third identifier, the second node identifier, the first node identifier, the second nonce, and the first nonce using the second node key; and
  
  comparing the test message authentication code with the message authentication code;
  
  wherein the hash value is created from the second node identifier, the first node identifier, the second nonce, and the first nonce;
  
  wherein the third message includes the second node identifier, the first node identifier, the second encrypted key, and the first encrypted key.

13. An apparatus that facilitates establishing a cryptographic key between a first node and a second node, comprising:
- a first sending mechanism that is configured to send a first message from the first node to the second node, wherein the first message requests establishing the cryptographic key;
  
  a second sending mechanism that is configured to send a second message from the second node to a key distribution center, wherein the second message includes a first node identifier for the first node, a second node identifier for the second node, and a message authentication code created using a second node key belonging to the second node;
  
  a key recreating mechanism that is configured to recreate the second node key at the key distribution center, wherein the second node key was previously created using the second node identifier and a secret key known only to the key distribution center;
  
  a first verifying mechanism at the key distribution center that is configured to verify the message authentication code in the second message using the second node key;
  
  a creating mechanism that is configured to create the cryptographic key at the key distribution center;
  
  a communicating mechanism that is configured to communicate the cryptographic key to the second node and the first node;
  
  an encrypting mechanism that is configured to encrypt a hash value and the cryptographic key using the second node key to create a first encrypted key;
  
  the key recreating mechanism that is further configured to recreate a first node key belonging to the first node, wherein the first node key was previously created using the secret key and the first node identifier;
  
  the encrypting mechanism that is further configured to encrypt the hash value and the cryptographic key using the first node key to create a second encrypted key;
  
  a third sending mechanism that is configured to send a third message from the key distribution center to the second node, wherein the third message includes the first encrypted key and the second encrypted key;
  
  a first decrypting mechanism at the second node that is configured to decrypt the first encrypted key from the third message to recover the hash value and the cryptographic key;
  
  a second verifying mechanism at the second node that is configured to verify the hash value; and
  
  the second sending mechanism that is further configured to send a fourth message to the first node from the second node, wherein the fourth message includes the second encrypted key,a second decrypting mechanism at the first node that is configured to decrypt the second encrypted key from the fourth message to recover the hash value and the cryptographic key,a third verifying mechanism at the first node that is configured to verify the hash value,an establishing mechanism at the first node that is configured to establish that the second node has the cryptographic key, andthe first sending mechanism that is further configured to send a fifth message to the second node from the first node so that the second node can confirm that the cryptographic key has been established;
  
  wherein an update of a key distribution center database of shared keys is capable of being avoided when at least one of the nodes is unfamiliar;
  
  wherein the first message includes the first node identifier, the second node identifier, a third identifier for the key distribution center, and a first nonce, wherein a nonce is a random number selected for message confirmation purposes that has a statistically low probability of being reused;
  
  wherein the second message includes the third identifier, the second node identifier, the first node identifier, a second nonce, the first nonce, and the message authentication code, wherein the message authentication code is created from the third identifier, the second node identifier, the first node identifier, the second nonce, and the first nonce;
  
  wherein verifying the message authentication code includes;
  
  creating a test message authentication code from the third identifier, thesecond node identifier, the first node identifier, the second nonce, and the first nonce using the second node key; and
  
  comparing the test message authentication code with the message authentication code;
  
  wherein the hash value is created from the second node identifier, the first node identifier, the second nonce, and the first nonce;
  
  wherein the third message includes the second node identifier, the first node identifier, the second encrypted key, and the first encrypted key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Matt, Brian J.
Primary Examiner(s)
Moise; Emmanuel L.
Assistant Examiner(s)
Davis; Zachary A.

Application Number

US09/921,231
Publication Number

US 20030026433A1
Time in Patent Office

2,030 Days
Field of Search

380/278, 380/277, 380/279, 380/281, 380/44, 380/28
US Class Current

380/279
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 9/083   involving central third par...

H04L 9/0844   with user authentication or...

H04L 9/0866   involving user or device id...

Method and apparatus for cryptographic key establishment using an identity based symmetric keying technique

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for cryptographic key establishment using an identity based symmetric keying technique

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links