Security authentication and key management within an infrastructure-based wireless multi-hop network
First Claim
1. A method of security authentication and key management within an infrastructure-based wireless multi-hop network, the method comprising:
- initially authenticating a supplicant including determining one or more authenticated supplicant role attributes with an authentication server;
obtaining one or more authorization attributes from the authentication server by a top level key holder;
determining whether the authenticated supplicant role attribute is a level one key holder by the top level key holder;
initiating a four-way handshaking between the top level key holder and the supplicant with a pair-wise master key (PMK)_0 to derive a Key Distribution Key (KDK) when the authenticated supplicant role attribute is a level one key holder; and
when the authenticated supplicant role attribute is not a level one key holder;
communicating a level one pair-wise master key (PMK)_1 from the top level key holder to a level one key holder,initiating a four-way handshaking between the level one key holder and the supplicant with the level one pair-wise master key (PMK)_1 to generate a secure communication link between the supplicant and the level one key holder, andcommunicating on the secure link between the level one key holder and the supplicant.
7 Assignments
0 Petitions
Accused Products
Abstract
A system and method of security authentication and key management scheme in a multi-hop wireless network is provided herein with a hop-by-hop security model. The scheme adapts the 802.11r key hierarchy into the meshed AP network. In this approach, a top key holder (R0KH) derives and holds the top Pairwise Master Key (PMK—0) for each supplicant wireless device after the authentication process. All authenticator AP take the level one key holder (R1KH) role and receive the next level Pairwise Master Key (PMK—1) from R0KH. The link level data protection key is derived from PMK—1 via the 802.11i 4-way handshaking.
-
Citations
5 Claims
-
1. A method of security authentication and key management within an infrastructure-based wireless multi-hop network, the method comprising:
-
initially authenticating a supplicant including determining one or more authenticated supplicant role attributes with an authentication server; obtaining one or more authorization attributes from the authentication server by a top level key holder; determining whether the authenticated supplicant role attribute is a level one key holder by the top level key holder; initiating a four-way handshaking between the top level key holder and the supplicant with a pair-wise master key (PMK)_0 to derive a Key Distribution Key (KDK) when the authenticated supplicant role attribute is a level one key holder; and when the authenticated supplicant role attribute is not a level one key holder; communicating a level one pair-wise master key (PMK)_1 from the top level key holder to a level one key holder, initiating a four-way handshaking between the level one key holder and the supplicant with the level one pair-wise master key (PMK)_1 to generate a secure communication link between the supplicant and the level one key holder, and communicating on the secure link between the level one key holder and the supplicant. - View Dependent Claims (2, 3, 4, 5)
-
Specification