Mobile-ad-hoc network including node authentication features and related methods
First Claim
1. A mobile ad-hoc network (MANET) comprising:
- a first cluster of MANET nodes comprising a first cluster leader node;
a second cluster of MANET nodes comprising a second cluster leader node;
a first MANET node from said first cluster for generating an authentication request, said first MANET node having a first public key and a first private key associated therewith; and
a second MANET node from said second cluster having a second public key and a second private key associated therewith;
said first MANET node receiving a certificate of authenticity via said first cluster leader node responsive to the authentication request, the certificate of authenticity being generated by said second cluster leader node and comprising the second public key, said second cluster leader node having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key;
said first MANET node decrypting the certificate of authenticity using the public authentication key and verifying that the second public key belongs to said second MANET node based upon the decrypted certificate of authenticity;
said first MANET node sending challenge data to said second MANET node upon verification that the second public key belongs to said second MANET node;
said second MANET node encrypting the challenge data using the second private key and returning the encrypted challenge data back to said first MANET node;
said first MANET node decrypting the encrypted challenge data using the verified second public key and authenticating said second MANET node if the decryption of the encrypted challenge data yields the original challenge data;
said first MANET node sending a session key encrypted with the second public key to said second MANET node for use with subsequent data transfers therebetween upon authenticating said second MANET node.
7 Assignments
0 Petitions
Accused Products
Abstract
A mobile ad-hoc network may include a first node having a first public key and a first private key associated therewith for generating an authentication request. The network may also include a second node having a second public key and a second private key associated therewith for receiving the authentication request and returning a certificate of authenticity including the second public key to the first node. Upon verifying that the second public key belongs to the second node, the first node may send challenge data to the second node, and the second node may encrypt the challenge data using the second private key and return the encrypted challenge data back to the first node. The first node may thus decrypt the encrypted challenge data using the verified second public key and authenticate the second node if the decryption of the encrypted challenge data yields the original challenge data.
-
Citations
31 Claims
-
1. A mobile ad-hoc network (MANET) comprising:
-
a first cluster of MANET nodes comprising a first cluster leader node; a second cluster of MANET nodes comprising a second cluster leader node; a first MANET node from said first cluster for generating an authentication request, said first MANET node having a first public key and a first private key associated therewith; and a second MANET node from said second cluster having a second public key and a second private key associated therewith; said first MANET node receiving a certificate of authenticity via said first cluster leader node responsive to the authentication request, the certificate of authenticity being generated by said second cluster leader node and comprising the second public key, said second cluster leader node having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key; said first MANET node decrypting the certificate of authenticity using the public authentication key and verifying that the second public key belongs to said second MANET node based upon the decrypted certificate of authenticity; said first MANET node sending challenge data to said second MANET node upon verification that the second public key belongs to said second MANET node; said second MANET node encrypting the challenge data using the second private key and returning the encrypted challenge data back to said first MANET node; said first MANET node decrypting the encrypted challenge data using the verified second public key and authenticating said second MANET node if the decryption of the encrypted challenge data yields the original challenge data; said first MANET node sending a session key encrypted with the second public key to said second MANET node for use with subsequent data transfers therebetween upon authenticating said second MANET node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A mobile ad-hoc network (MANET) comprising:
-
a first cluster of MANET nodes comprising a first cluster leader node; a second cluster of MANET nodes comprising a second cluster leader node; a first MANET node from said first cluster for generating an authentication request, said first MANET node having a first public key and a first private key associated therewith; and a second MANET node from said second cluster having a second public key and a second private key associated therewith, said second MANET node for receiving the authentication request and returning a certificate of authenticity to said first MANET node via said first cluster leader node generated by said second cluster leader node and comprising the second public key, the second cluster leader node having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key; said first MANET node decrypting the certificate of authenticity using the public authentication key and verifying that the second public key belongs to said second MANET node based upon the decrypted certificate of authenticity; said first MANET node sending challenge data to said second MANET node upon verification that the second public key belongs to said second MANET node; said second MANET node encrypting the challenge data using the second private key and returning the encrypted challenge data back to said first MANET node; said first MANET node decrypting the encrypted challenge data using the verified second public key and authenticating said second MANET node if the decryption of the encrypted challenge data yields the original challenge data; said first MANET node sending a session key encrypted with the second public key to said second MANET node upon authenticating said second MANET node; said first and second MANET nodes also transferring message data therebetween using the session key. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A node authentication method for a mobile ad-hoc network (MANET) comprising a plurality of MANET nodes, the method comprising:
-
forming a first cluster of MANET nodes comprising a first cluster leader node; forming a second cluster of MANET nodes comprising a second cluster leader node; generating an authentication request at a first MANET node having a first public key and a first private key associated therewith to authenticate a second MANET node having a second public key and a second private key associated therewith; receiving a certificate of authenticity via the first cluster leader node responsive to the authentication request at the first MANET node, the certificate of authenticity being generated by the second cluster leader node and comprising the second public key, the second cluster leader node having a public authentication key and a private authentication key associated therewith and generating the certificate of authenticity using the private authentication key; decrypting the certificate of authenticity at the first MANET node using the public authentication key and verifying that the second public key belongs to the second MANET node based upon the decrypted certificate of authenticity; sending challenge data from the first MANET node to the second MANET node upon verification that the second public key belongs to the second MANET node; encrypting the challenge data at the second MANET node using the second private key and returning the encrypted challenge data back to the first MANET node; decrypting the encrypted challenge data at the first MANET node using the verified second public key and authenticating the second MANET node if the decryption of the encrypted challenge data yields the original challenge data; and sending a session key encrypted with the second public key from the first MANET node to the second MANET node for use with subsequent data transfers therebetween upon authenticating the second MANET node. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification