Secure telemetric link
First Claim
Patent Images
1. In a telecommunications network having at least first and second nodes in communication with each other, a method of making secure at least one communication between the at least first and second nodes during a communication session, comprising the steps of:
- assigning to each node a device key unique to each node within the network;
assigning to the network a network key;
establishing a communication session between the at least first and second nodes;
providing the first node with an arbitrary number;
providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery;
securing a first communication with the second node'"'"'s device key and the arbitrary number;
transmitting the first communication to the second node;
decrypting at the second node the first communication using the second node'"'"'s device key and the arbitrary number;
upon verifying at the second node that the first communication was secured with the second node'"'"'s device key and the arbitrary number, providing the first node with the network key; and
securing a second communication among the at least first and second nodes using the network key.
1 Assignment
0 Petitions
Accused Products
Abstract
A communications protocol is used to provide data privacy, message integrity, message freshness, and user authentication to telemetric traffic, such as to and from implantable medical devices in a body area network. In certain embodiments, encryption, message integrity, and message freshness are provided through use of token-like nonces and ephemeral session-keys derived from device identification numbers and pseudorandom numbers.
-
Citations
20 Claims
-
1. In a telecommunications network having at least first and second nodes in communication with each other, a method of making secure at least one communication between the at least first and second nodes during a communication session, comprising the steps of:
-
assigning to each node a device key unique to each node within the network; assigning to the network a network key; establishing a communication session between the at least first and second nodes; providing the first node with an arbitrary number; providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery; securing a first communication with the second node'"'"'s device key and the arbitrary number; transmitting the first communication to the second node; decrypting at the second node the first communication using the second node'"'"'s device key and the arbitrary number; upon verifying at the second node that the first communication was secured with the second node'"'"'s device key and the arbitrary number, providing the first node with the network key; and securing a second communication among the at least first and second nodes using the network key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A secure wireless network comprising at least two nodes, wherein at least one of the at least two nodes comprises a programmable processor and a computer-readable storage element, wherein the computer-readable storage element contains instructions for causing the programmable processor to perform a method of arbitrary number generation, comprising the steps of:
-
generating a first intermediate number as a function of both a reference key and a nonce; generating a second intermediate number as a function of the first intermediate number, an initialization number, and the reference key; generating an arbitrary number as a function of the first intermediate number, the second intermediate number, and the reference key; and securing with the arbitrary number a communication to be transmitted between the at least two nodes. - View Dependent Claims (13, 14, 15)
-
-
16. A telecommunications network comprising:
-
at least first and second nodes in communication with each other; means for assigning to each node a device key unique to each node within the network; means for assigning to the network a network key; means for establishing a communication session between the at least first and second nodes; means for providing the first node with an arbitrary number; means for providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery; means for securing a first communication with the second node'"'"'s device key and the arbitrary number; means for transmitting the first communication to the second node; means for decrypting at the second node the first communication using the second node'"'"'s device key and the arbitrary number; means for, upon verifying at the second node that the first communication was secured with the second node'"'"'s device key and the arbitrary number, providing the first node with the network key; and means for securing a second communication among the at least first and second nodes using the network key. - View Dependent Claims (17, 18, 19, 20)
-
Specification