Group admission control apparatus and methods
First Claim
1. A method for admission control for a group, said group comprising a plurality of members and having a group key used for encryption of messages, said method comprising the steps of:
- a first party to be admitted to the group;
receiving, from a group administrator, a first key, wherein said first key is an updated group key, said updated group key being sent from the administrator, to the plurality of members;
receiving, from the group administrator, a second key unique to said first party; and
verifying group membership by receiving a challenge and replying to said challenge, wherein said replying to said challenge is performed by modifying data by the use of a one-way function having said first key as an input.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention uses a group key management scheme for admission control while enabling various conventional approaches toward establishing peer-to-peer security. Various embodiments of the invention can provide peer-to-peer confidentiality and authenticity, such that other parties, such as group members, can not understand communications not intended for them. A group key may be used in combination with known unicast security protocols to establish, implicitly or explicitly, proof of group membership together with bi-lateral secure communication.
17 Citations
14 Claims
-
1. A method for admission control for a group, said group comprising a plurality of members and having a group key used for encryption of messages, said method comprising the steps of:
a first party to be admitted to the group; receiving, from a group administrator, a first key, wherein said first key is an updated group key, said updated group key being sent from the administrator, to the plurality of members; receiving, from the group administrator, a second key unique to said first party; and verifying group membership by receiving a challenge and replying to said challenge, wherein said replying to said challenge is performed by modifying data by the use of a one-way function having said first key as an input. - View Dependent Claims (2, 3)
-
4. A method for admission control for a group, said group comprising a plurality of members and having a group key used for encryption of messages, said method comprising the steps of:
enabling a first party to verify group membership to at least one of the plurality of members by; sending a first key to the first party, wherein said first key is an updated group key; sending a second key to said first party; and sending said first key to the plurality of members of said group;
whereinsaid second key is unique to said first party, wherein, said first party verifies group membership by receiving a challenge and replying to said challenge, said replying to said challenge is performed by modifying data by the use of a one-way function having said first key as an input. - View Dependent Claims (5)
-
6. An electronic device, comprising:
-
an admission control facility for controlling access to a group, said group comprising a plurality of members and having a group key used for encryption of messages, said admission control facility comprising; a receiver adapted to receive a request from a first party for admission to said group; and a sender adapted to enable said first party to verify group membership to at least one of the plurality of members by sending a first key and a second key to said first party, wherein said first key is an updated group key and is sent to said plurality of members; said second key is unique to first said party and is sent exclusively to said first party; and said first party verifies group membership by receiving a challenge and replying to said challenge, said replying to said challenge is performed by modifying data by use of a one-way function having said first key as an input. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. An electronic device holding computer-executable instructions for performing a method of admission control for a group, comprising the steps of:
enabling a first party to verify group membership to at least one of the plurality of members by; sending a first key to the first party, wherein said first key is an updated group key; sending a second key to said first party; and sending said first key to the plurality of members of said group;
whereinsaid second key is unique to said first party, wherein, said first party verifies group membership by receiving a challenge and replying to said challenge, said replying to said challenge is performed by modifying data by the use of a one-way function having said first key as an input.
Specification