Methods and apparatus for bootstrapping mobile-foreign and foreign-home authentication keys in mobile IP
First Claim
Patent Images
1. A Foreign Agent supporting Mobile IP and adapted for generating an authentication key to be shared between the Foreign Agent and a Home Agent, comprising:
- a processor; and
a memory, at least one of the processor or the memory being adapted for;
receiving by the Foreign Agent supporting Mobile IP a first key material generated by the Home Agent, thereby enabling the Foreign Agent to generate a Foreign-Home authentication key shared between the Foreign Agent and the Home Agent;
dynamically generating by the Foreign Agent a second key material;
transmitting by the Foreign Agent the second key material such that it is received by the Home Agent, thereby enabling the Home Agent to generate a Foreign-Home authentication key shared between the Home Agent and the Foreign Agent;
dynamically generating by the Foreign Agent the Foreign-Home authentication key shared between the Home Agent and the Foreign Agent from the first key material;
wherein dynamically generating the second key material includes computing the value of Y=(gy)mod n, wherein y is a random integer, wherein Y is the second key material, and both g and n are group parameters that are universally known to the Mobile Node, Foreign Agent, and Home Agent; and
wherein dynamically generating the Foreign-Home authentication key shared between the Home Agent and the Foreign Agent includes computing the value k=(Xy) mod n, wherein X is the first key material received from the Home Agent, wherein k is the Foreign-Home authentication key.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for dynamically generating authentication keys are disclosed. Specifically, a Mobile-Foreign authentication key is separately generated by both the Mobile Node and Foreign Agent. Similarly, a Foreign-Home authentication key is separately generated by the Foreign Agent and the Home Agent. In accordance with one embodiment, generation of the Mobile-Foreign authentication key and Foreign-Home authentication key are accomplished via the Diffie-Hellman key generation scheme.
-
Citations
23 Claims
-
1. A Foreign Agent supporting Mobile IP and adapted for generating an authentication key to be shared between the Foreign Agent and a Home Agent, comprising:
-
a processor; and a memory, at least one of the processor or the memory being adapted for; receiving by the Foreign Agent supporting Mobile IP a first key material generated by the Home Agent, thereby enabling the Foreign Agent to generate a Foreign-Home authentication key shared between the Foreign Agent and the Home Agent; dynamically generating by the Foreign Agent a second key material; transmitting by the Foreign Agent the second key material such that it is received by the Home Agent, thereby enabling the Home Agent to generate a Foreign-Home authentication key shared between the Home Agent and the Foreign Agent; dynamically generating by the Foreign Agent the Foreign-Home authentication key shared between the Home Agent and the Foreign Agent from the first key material; wherein dynamically generating the second key material includes computing the value of Y=(gy)mod n, wherein y is a random integer, wherein Y is the second key material, and both g and n are group parameters that are universally known to the Mobile Node, Foreign Agent, and Home Agent; and wherein dynamically generating the Foreign-Home authentication key shared between the Home Agent and the Foreign Agent includes computing the value k=(Xy) mod n, wherein X is the first key material received from the Home Agent, wherein k is the Foreign-Home authentication key. - View Dependent Claims (2, 3)
-
-
4. A Foreign Agent supporting Mobile IP and adapted for generating an authentication key to be shared between a Mobile Node and the Foreign Agent to which the Mobile Node has roamed, comprising:
-
a processor; and a memory, at least one of the processor or the memory being adapted for; receiving by the Foreign Agent supporting Mobile IP a first key material generated by the Mobile Node, thereby enabling the Foreign Agent to generate a Mobile-Foreign authentication key shared between the Mobile Node and the Foreign Agent; dynamically generating a second key material by the Foreign Agent; transmitting the second key material by the Foreign Agent to the Mobile Node, thereby enabling the Mobile Node to generate a Mobile-Foreign authentication key shared between the Mobile Node and the Foreign Agent; and dynamically generating the Mobile-Foreign authentication key shared between the Mobile Node and the Foreign Agent from the first key material by the Foreign Agent; wherein dynamically generating the second key material includes computing the value of Y=(gy)mod n, wherein y is a random integer, wherein Y is the second key material, and both g and n are group parameters that are universally known to the Mobile Node, Foreign Agent, and Home Agent; and wherein dynamically generating the Mobile-Foreign authentication key shared between the Mobile Node and the Foreign Agent includes computing the value k=(Xy) mod n, wherein X is the first key material received from the Mobile Node, wherein k is the Mobile-Foreign authentication key. - View Dependent Claims (5, 6)
-
-
7. A Foreign Agent supporting Mobile IP and adapted for generating a Mobile-Foreign authentication key to be shared between a Mobile Node and the Foreign Agent and a Foreign-Home authentication key to be shared between the Foreign Agent and a Home Agent, comprising:
-
a processor; and a memory, at least one of the processor or the memory being adapted for; receiving by the Foreign Agent supporting Mobile IP a first key material generated by the Mobile Node, thereby enabling the Foreign Agent to generate a Mobile-Foreign authentication key shared between the Mobile Node and the Foreign Agent; dynamically generating by the Foreign Agent a second key material; transmitting by the Foreign Agent the second key material to the Mobile Node, thereby enabling the Mobile Node to generate a Mobile-Foreign authentication key shared between the Mobile Node and the Foreign Agent; dynamically generating by the Foreign Agent the Mobile-Foreign authentication key shared between the Mobile Node and the Foreign Agent from the first key material; receiving by the Foreign Agent a third key material generated by the Home Agent, thereby enabling the Foreign Agent to generate a Foreign-Home authentication key shared between the Home Agent and the Foreign Agent; dynamically generating by the Foreign Agent a fourth key material; transmitting by the Foreign Agent the fourth key material to the Home Agent, thereby enabling the Home Agent to generate a Foreign-Home authentication key shared between the Home Agent and the Foreign Agent; and dynamically generating by the Foreign Agent the Foreign-Home authentication key shared between the Home Agent and the Foreign Agent from the third key material; wherein dynamically generating the second key material includes computing the value of Y=(gy)mod n, wherein y is a random integer, wherein Y is the second key material, and both g and n are group parameters that are universally known to the Mobile Node, Foreign Agent, and Home Agent; and wherein dynamically generating the Mobile-Foreign authentication key shared between the Mobile Node and the Foreign Agent includes computing the value k=(Xy) mod n, wherein X is the first key material received from the Mobile Node, wherein k is the Mobile-Foreign authentication key. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. In a Home Agent supporting Mobile IP, a method of performing registration of a Mobile Node visiting a Foreign Agent, comprising:
-
receiving by the Home Agent a registration request including a Foreign-Home key request extension and identifying a Mobile Node, the Foreign-Home key request extension including key material generated by the Foreign Agent and indicating a request for the Home Agent to generate a key between the Foreign Agent and the Home Agent; dynamically generating by the Home Agent a Foreign-Home authentication key shared between the Home Agent and the Foreign Agent from the key material obtained from the Foreign-Home key request extension, wherein generating the Foreign-Home authentication key shared between the Foreign Agent and the Home Agent from the key material obtained from the Foreign-Home key request extension is performed by computing the value k=(Yx) mod n, wherein Y is the key material obtained from the Foreign-Home key request extension, wherein k is the Foreign-Home authentication key; generating by the Home Agent key material to be provided in a Foreign-Home key reply extension by computing the value of X=(gx)mod n, wherein x is a random integer, wherein X is the key material generated by the Home Agent, and both g and n are group parameters that are universally known to the Mobile Node, Foreign Agent and the Home Agent; composing by the Home Agent a registration reply including a Foreign-Home key reply extension including the key material generated by the Home Agent; and sending by the Home Agent the registration reply to the Foreign Agent, the registration reply indicating success or failure of the registration of the Mobile Node with the Foreign Agent. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A Home Agent supporting Mobile IP, comprising:
-
a processor; and a memory, at least one of the processor or the memory being adapted for; receiving by the Home Agent a registration request including a Foreign-Home key request extension and identifying a Mobile Node, the Foreign-Home key request extension including key material generated by a Foreign Agent and indicating a request for the Home Agent to generate a key between the Foreign Agent and the Home Agent; dynamically generating by the Home Agent a Foreign-Home authentication key shared between the Home Agent and the Foreign Agent from the key material obtained from the Foreign-Home key request extension, wherein generating the Foreign-Home authentication key shared between the Foreign Agent and the Home Agent from the key material obtained from the Foreign-Home key request extension is performed by computing the value k=(Yx) mod n, wherein Y is the key material obtained from the Foreign-Home key request extension, wherein k is the Foreign-Home authentication key; generating by the Home Agent key material to be provided in a Foreign-Home key reply extension by computing the value of X=(gx)mod n, wherein x is a random integer, wherein X is the key material generated by the Home Agent, and both g and n are group parameters that are universally known to the Mobile Node, Foreign Agent and the Home Agent; composing by the Home Agent a registration reply including a Foreign-Home key reply extension including the key material generated by the Home Agent; and sending by the Home Agent the registration reply to the Foreign Agent, the registration reply indicating success or failure of the registration of the Mobile Node with the Foreign Agent. - View Dependent Claims (23)
-
Specification