Identity and authentication in a wireless network
First Claim
Patent Images
1. A method for secure configuration of a sensor system comprising a sensor controller and a plurality of sensors, the method comprising:
- generating, by the sensor controller, an old group key shared by the plurality of sensors, wherein the old group key incorporates a plurality of network identify information of the plurality of sensors for securely transmitting digital data within the sensor system;
sending, by the sensor controller, the old group key to each of the plurality of sensors;
receiving, at the sensor controller, a join request from a new sensor to join the plurality of sensors, wherein the join request comprises a first authentication means and a first network identity information identifying the new sensor, wherein the first network identity information comprises a hash of a public key with a predetermined binary value;
truncating the hash to a number of bits desired for use within the sensor system to generate a truncated hash;
determining, by the sensor controller, whether the first network identity information provided by the new sensor is already associated with a sensor among the plurality of sensors;
generating, by the sensor controller and in response to determining that the first network identity information is already associated with the sensor among the plurality of sensors, a second network identity information for identifying the new sensor, wherein the second network identity information comprises the truncated hash of the public key incremented by a predetermined amount;
generating, by the sensor controller and in response to generating the second network identity information for identifying the new sensor, a new group key shared by the plurality of sensors and the new sensor, wherein the new group key incorporates the plurality of network identify information of the plurality of sensors and the second network identify information of the new sensor for securely transmitting the digital data within the sensor system and replaces the old group key shared by the plurality of sensors without the new sensor; and
sending, by the sensor controller;
the second network identity information and the new group key to the new sensor, wherein the second network identity information replaces the first network identity information for the new sensor; and
the new group key to each of the plurality of sensors.
2 Assignments
0 Petitions
Accused Products
Abstract
A sensor system includes a controller and sensors, the system configured to ensure unique identity for each device. Methods are provided to generate new identities for those devices having duplicate addresses, and to transmit the new identity information to those devices.
34 Citations
18 Claims
-
1. A method for secure configuration of a sensor system comprising a sensor controller and a plurality of sensors, the method comprising:
-
generating, by the sensor controller, an old group key shared by the plurality of sensors, wherein the old group key incorporates a plurality of network identify information of the plurality of sensors for securely transmitting digital data within the sensor system; sending, by the sensor controller, the old group key to each of the plurality of sensors; receiving, at the sensor controller, a join request from a new sensor to join the plurality of sensors, wherein the join request comprises a first authentication means and a first network identity information identifying the new sensor, wherein the first network identity information comprises a hash of a public key with a predetermined binary value; truncating the hash to a number of bits desired for use within the sensor system to generate a truncated hash; determining, by the sensor controller, whether the first network identity information provided by the new sensor is already associated with a sensor among the plurality of sensors; generating, by the sensor controller and in response to determining that the first network identity information is already associated with the sensor among the plurality of sensors, a second network identity information for identifying the new sensor, wherein the second network identity information comprises the truncated hash of the public key incremented by a predetermined amount; generating, by the sensor controller and in response to generating the second network identity information for identifying the new sensor, a new group key shared by the plurality of sensors and the new sensor, wherein the new group key incorporates the plurality of network identify information of the plurality of sensors and the second network identify information of the new sensor for securely transmitting the digital data within the sensor system and replaces the old group key shared by the plurality of sensors without the new sensor; and sending, by the sensor controller; the second network identity information and the new group key to the new sensor, wherein the second network identity information replaces the first network identity information for the new sensor; and the new group key to each of the plurality of sensors. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A sensor system comprising:
-
a plurality of sensors; and a sensor controller accessing a memory, wirelessly coupled to the plurality of sensors, and configured to; generate an old group key shared by the plurality of sensors, wherein the old group key incorporates a plurality of network identify information of the plurality of sensors for securely transmitting digital data within the sensor system; send the old group key to each of the plurality of sensors; receive a join request from a new sensor to join the plurality of sensors, wherein the join request comprises a first authentication means and a first network identity information identifying the new sensor, wherein the first network identity information comprises a hash of a public key with a predetermined binary value; truncate the hash to a number of bits desired for use within the sensor system to generate a truncated hash; determine whether the first network identity information provided by the new sensor is already associated with a sensor among the plurality of sensors; generate, in response to determining that the first network identity information is already associated with a sensor among the plurality of sensors, a second network identity information for identifying the new sensor, wherein the second network identity information comprises the truncated hash of the public key incremented by a predetermined amount; generate, by the sensor controller and in response to generating the second network identity information for identifying the new sensor, a new group key shared by the plurality of sensors and the new sensor, wherein the new group key incorporates the plurality of network identify information of the plurality of sensors and the second network identify information of the new sensor for securely transmitting the digital data within the sensor system and replaces the old group key shared by the plurality of sensors without the new sensor; and send; the second network identity information and the new group key to the new sensor, wherein the second network identity information replaces the first network identity information for the new sensor; and the new group key to each of the plurality of sensors. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A non-transitory storage medium having executable code stored thereon that when executed by a computer system implements a method for secure configuration of a sensor system comprising a sensor controller and a plurality of sensors, the method comprising:
-
generating, by the sensor controller, an old group key shared by the plurality of sensors, wherein the old group key incorporates a plurality of network identify information of the plurality of sensors for securely transmitting digital data within the sensor system; sending, by the sensor controller, the old group key to each of the plurality of sensors; receiving, at the sensor controller, a join request from a new sensor to join the plurality of sensors, wherein the join request comprises a first authentication means and a first network identity information identifying the new sensor, wherein the first network identity information comprises a hash of a public key with a predetermined binary value; truncating the hash to a number of bits desired for use within the sensor system to generate a truncated hash; determining whether the first network identity information provided by the new sensor is already associated with a sensor among the plurality of sensors; generating, in response to determining that the first network identity information is already associated with a sensor among the plurality of sensors, a second network identity information for identifying the new sensor, wherein the second network identity information comprises the truncated hash of the public key incremented by a predetermined amount; generating, by the sensor controller and in response to generating the second network identity information for identifying the new sensor, a new group key shared by the plurality of sensors and the new sensor, wherein the new group key incorporates the plurality of network identify information of the plurality of sensors and the second network identify information of the new sensor for securely transmitting the digital data within the sensor system and replaces the old group key shared by the plurality of sensors without the new sensor; and sending, by the sensor controller; the second network identity information and the new group key to the new sensor, wherein the second network identity information replaces the first network identity information for the new sensor; and the new group key to each of the plurality of sensors. - View Dependent Claims (15, 16, 17, 18)
-
Specification