Discovery and authentication scheme for wireless mesh networks
First Claim
Patent Images
1. A mesh node, comprising:
- a processor that operates as a Station service for scanning different channels configured for a network, authenticating and associating with Access Point (AP) nodes and mesh nodes;
the processor also operating as an AP service for scanning, authenticating, and associating with Station nodes and mesh nodes on the same radio interface as when the processor operates as a Station service;
the processor also dynamically configuring mutually reversible authenticator and supplicant authentication services with peer nodes according to the type of discovered peer nodes and peer addresses independently of any pre-existing centralized mesh authentication infrastructure; and
generating Pairwise Master Key Identifiers (PMKIDs) for individual peer-to-peer connections with the peers according to local and peer addresses, wherein computing the PMKIDs is according to the following;
PMKID=HASH(PMK, “
PMK Name”
∥
MAX(AA|SPA)∥
MIN(AA|SPA)),where PMK is the Pairwise Master Key, AA is the Authenticator MAC Address, SPA is the Supplicant MAC Address, PMK Name is a character string for the PMK, and HASH is a hashing operation.
2 Assignments
0 Petitions
Accused Products
Abstract
Wireless network devices discover individual mesh nodes and networks of mesh nodes. An association is formed on the basis of peer-to-peer interactions at layer-1, layer-2 and/or higher layers of the Open System Interconnect (OSI) model. In particular, the system uses Beacon, Probe Request, Probe Response, Association Request, Association Response, and Disassociation frames and introduces a new Extensible Mesh Information Element (EMIE) used by mesh nodes to discover, authenticate, and associate with other peer nodes.
-
Citations
17 Claims
-
1. A mesh node, comprising:
-
a processor that operates as a Station service for scanning different channels configured for a network, authenticating and associating with Access Point (AP) nodes and mesh nodes; the processor also operating as an AP service for scanning, authenticating, and associating with Station nodes and mesh nodes on the same radio interface as when the processor operates as a Station service; the processor also dynamically configuring mutually reversible authenticator and supplicant authentication services with peer nodes according to the type of discovered peer nodes and peer addresses independently of any pre-existing centralized mesh authentication infrastructure; and generating Pairwise Master Key Identifiers (PMKIDs) for individual peer-to-peer connections with the peers according to local and peer addresses, wherein computing the PMKIDs is according to the following; PMKID=HASH(PMK, “
PMK Name”
∥
MAX(AA|SPA)∥
MIN(AA|SPA)),where PMK is the Pairwise Master Key, AA is the Authenticator MAC Address, SPA is the Supplicant MAC Address, PMK Name is a character string for the PMK, and HASH is a hashing operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for authenticating devices in a wireless network, comprising:
-
dynamically configuring mutually reversible authenticator and supplicant services with peers, wherein the authenticator and supplicant are identified according to the type of peers and peer addresses discovered in the wireless network independently of any pre-existing centralized mesh authentication infrastructure; and generating Pairwise Master Key Identifiers (PMKIDs) for individual peer-to-peer connections with the peers according to local and peer addresses, wherein computing the PMKIDs is according to the following; PMKID=HASH(PMK, “
PMK Name”
∥
MAX(AA|SPA)∥
MIN(AA|SPA)),where PMK is the Pairwise Master Key, AA is the Authenticator MAC Address, SPA is the Supplicant MAC Address, PMK Name is a character string for the PMK, and HASH is a hashing operation. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
Specification