Authentication apparatus and method for universal appliance communication controller
First Claim
Patent Images
1. An authentication method for communication between a first device and a second device over a network carrier, said authentication method comprising:
- determining whether a message from the second device is in a proper format for authentication;
encoding, in response to the message from the second device, a first authentication value upon receipt of the message, the first authentication value encoded with a first encryption key;
calculating a first cyclic redundancy check value of the message upon receipt of the message;
sending the encoded first authentication value to the second device;
decoding, in response to a reply from the second device, a second authentication value upon receipt of the reply if the reply is received within a predetermined time after sending the encoded first authentication value, the second authentication value decoded with a second encryption key;
comparing the first and second authentication values to determine the authenticity of the reply;
extracting a second cyclic redundancy check value from the reply; and
comparing the second cyclic redundancy check value from the reply against the first cyclic redundancy check value of the message.
2 Assignments
0 Petitions
Accused Products
Abstract
An authentication algorithm and apparatus for communication between a first device and a second device over a network carrier is provided. The algorithm includes encoding, in response to a message from the second device, a first authentication value upon receipt of the message; sending the encoded value to the second device; decoding, in response to a reply from the second device, a second authentication value upon receipt of the reply; and comparing the first and second authentication values to determine the authenticity of the reply.
-
Citations
13 Claims
-
1. An authentication method for communication between a first device and a second device over a network carrier, said authentication method comprising:
-
determining whether a message from the second device is in a proper format for authentication; encoding, in response to the message from the second device, a first authentication value upon receipt of the message, the first authentication value encoded with a first encryption key; calculating a first cyclic redundancy check value of the message upon receipt of the message; sending the encoded first authentication value to the second device; decoding, in response to a reply from the second device, a second authentication value upon receipt of the reply if the reply is received within a predetermined time after sending the encoded first authentication value, the second authentication value decoded with a second encryption key; comparing the first and second authentication values to determine the authenticity of the reply; extracting a second cyclic redundancy check value from the reply; and comparing the second cyclic redundancy check value from the reply against the first cyclic redundancy check value of the message. - View Dependent Claims (2)
-
-
3. An authentication method for an appliance communication controller in communication with an external host controller, said authentication method comprising:
-
determining whether a first message from the external host controller is in a proper format for authentication; encoding a first authentication counter value upon receipt of the first message from the external host controller, the first authentication counter value encoded with a first encryption key; calculating a first cyclic redundancy check value of the first message upon receipt of the first message; sending the encoded first authentication counter value to the external host controller; decoding a second authentication counter value upon receipt of a second message from the external host controller, the second authentication counter value decoded with a second encryption key; sending an authentication timeout message if the second message is not received within a predetermined time; comparing the first and second authentication counter values; ignoring the first message if the first and second authentication counter values do not match; extracting a second cyclic redundancy check value from the second message; comparing the cyclic redundancy check value from the second message against the first cyclic redundancy check value of the first message; and responding to the first message if the cyclic redundancy check value matches the stored cyclic redundancy check value. - View Dependent Claims (4, 5, 6)
-
-
7. An authentication method for an appliance communication controller in communication with an external host controller through a network carrier, said authentication method comprising:
-
determining whether a first message from the external host controller is in a proper format for authentication; maintaining an authentication counter value; calculating a first cyclic redundancy check value of the first message upon receipt of the first message from the external host controller; incrementing the authentication counter value in response to the first message from the external host controller; encoding the incremented authentication counter value with a first encryption key upon receipt of the first message from the external host controller; sending the encoded authentication counter value to the external host controller; decoding, with a second encryption key, a reply authentication counter value from the external host controller in response to the sent encoded authentication counter value if the reply authentication counter value is received within a predetermined time period; comparing the incremented and reply authentication counter values; ignoring the first message if the incremented and reply authentication counter values do not match; extracting a second cyclic redundancy check value from the reply authentication counter value; comparing the second cyclic redundancy check value from the reply authentication counter against the first cyclic redundancy check value of the first message; and responding to the first message if the second cyclic redundancy check value matches the first cyclic redundancy check value. - View Dependent Claims (8)
-
-
9. A controller comprising:
-
a processor; a memory; and a power line carrier transceiver operatively coupled to said processor, said processor programmed to determine whether a first message received by said power line carrier is in a proper format for authentication and execute a two-way authentication algorithm utilizing at least a first encryption key, a second encryption key, a first cyclic redundancy check value calculated from the first message, and a second cyclic redundancy check value extracted from a second message, to determine authenticity of messages received by said power line carrier transceiver, encode an authentication value and generate an authentication request, decode an authentication value from an authentication reply with said second encryption key, and generate an authentication timeout if the authentication reply is not received within a predetermined time. - View Dependent Claims (10)
-
-
11. An appliance communication controller comprising:
-
a processor; a memory; and a transceiver operatively coupled to said processor, said processor configured to; determine whether an incoming message is in a proper format for authentication; generate an authentication request in response to the incoming message through said transceiver and calculate a first cyclic redundancy check value of the incoming message, the authentication request comprising a first encoded authentication value encoded with a first encryption key; receive an authentication reply within a predetermined time period after generating the authentication request; decode the authentication reply received in response to the authentication request, the authentication reply comprising a second encoded authentication value decoded by an external controller with a second encryption key; and based upon the decoded reply, respond to or ignore the incoming message, said processor configured to extract a second cyclic redundancy check value from the authentication reply. - View Dependent Claims (13)
-
-
12. An appliance communication controller comprising:
-
a processor; a memory; and a power line carrier transceiver operatively coupled to said processor, said processor configured to; determine whether an incoming message is in a proper format for authentication; generate an authentication request in response to the incoming message through said power line carrier transceiver and calculate a first cyclic redundancy check value of the incoming message, said authentication request comprising a first encoded authentication counter value encoded with a first encryption key; decode an authentication reply with a second encryption key, when said authentication reply is received within a predetermined time period, said authentication reply comprising a second encoded authentication counter value; compare the first authentication counter value with the second authentication counter value; extract a second cyclic redundancy check value from said authentication replay; compare the second cyclic redundancy check value from said authentication reply against the first cyclic redundancy check value of the incoming message; and respond to the incoming message if said second cyclic redundancy check value from said authentication reply matches said first cyclic redundancy check value from the incoming message.
-
Specification