Extensible authentication protocol authentication and key agreement (EAP-AKA) optimization

US 8,245,039 B2
Filed: 07/18/2008
Issued: 08/14/2012
Est. Priority Date: 07/18/2008
Status: Active Grant

First Claim

Patent Images

1. A method for generating a temporary pseudonym identity associated with a subscriber, comprising:

generating a master pseudonym identity associated with the subscriber, wherein the master pseudonym identity is derived from a source other than a subscriber'"'"'s permanent identity;

generating a ps_mk by applying a pseudo-random number function to a server-key, wherein a timestamp is associated with the server key;

partitioning a ps_mk into a plurality of portions including at least a ps_ck portion and a ps_ik portion;

generating a ps_payload by applying a two-way encryption function to the master pseudonym identity and the ps_ck;

generating a ps_mac by applying a hashing function to a concatenation of the ps_payload and the ps_ik; and

generating a temporary pseudonym identity by concatenating the ps_mac, the timestamp, and the ps_payload.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are described for improved authentication of subscribers wishing to connect to a wireless network using the EAP-AKA protocol. Embodiments exploit the requirement that the client store and transmit the Pseudonym and Fast Re-authentication Identities upon request. By using the Fast Re-authentication Identity to store session state key information, the need for the AAA server to store and replicate the EAP-AKA key information for every session is eliminated.

Citations

16 Claims

1. A method for generating a temporary pseudonym identity associated with a subscriber, comprising:
- generating a master pseudonym identity associated with the subscriber, wherein the master pseudonym identity is derived from a source other than a subscriber'"'"'s permanent identity;
  
  generating a ps_mk by applying a pseudo-random number function to a server-key, wherein a timestamp is associated with the server key;
  
  partitioning a ps_mk into a plurality of portions including at least a ps_ck portion and a ps_ik portion;
  
  generating a ps_payload by applying a two-way encryption function to the master pseudonym identity and the ps_ck;
  
  generating a ps_mac by applying a hashing function to a concatenation of the ps_payload and the ps_ik; and
  
  generating a temporary pseudonym identity by concatenating the ps_mac, the timestamp, and the ps_payload.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the ps_ck is the first 64 bits of the ps_mk, and the ps_ik is the next 64 bits of the ps_mk.
  - 3. The method of claim 1, wherein the hashing function is the SHA-1 algorithm.
  - 4. The method of claim 1, wherein the two-way encryption function is the exclusive or (XOR) salted MD5 encryption algorithm.

5. A method for generating a fast re-authentication identity storing session state key information for use in an EAP-AKA fast re-authentication, comprising:
- generating a first digital value by applying a first hashing function to a concatenation of a server-key and a subscriber password, wherein a timestamp is associated with the server key;
  
  generating an inner_mk by applying a first pseudo-random number function to the first digital value;
  
  generating an inner_ck by extracting a first 128 bits of inner_mk;
  
  generating an inner_payload by applying a first two-way encryption function to the inner_ck and a concatenation of a master key and a counter;
  
  generating an outer_mk by applying a second pseudo-random number function to the server key;
  
  partitioning the outer_mk into a plurality of portions including at least an outer_ck portion and an outer_ik portion;
  
  generating an outer_payload by applying a second two-way encryption function to the outer_ck and a concatenation of the inner_payload and a Master Pseudo Id;
  
  generating an outer_mac by applying a second hashing function to a concatenation of the outer_payload and the outer_ik; and
  
  generating a fast re-authentication identity storing session state key information by concatenating the outer_mac, the timestamp, and the outer_payload.
- View Dependent Claims (6, 7, 8)
- - 6. The method of claim 5, wherein the outer_ck is the first 64 bits of the outer_mk, and the outer_ik is the next 64 bits of the outer_mk.
  - 7. The method of claim 5, wherein the first and second hashing functions are the SHA-1 algorithm.
  - 8. The method of claim 5, wherein the first and the second two-way encryption functions are the exclusive or (XOR) salted MD5 encryption algorithm.

9. A method for validating a pseudonym identity associated with a subscriber, comprising:
- receiving a pseudonym identity associated with the subscriber, wherein the master pseudonym identity is derived from a source other than a subscriber'"'"'s permanent identity;
  
  extracting a timestamp, a ps_payload and a rcvd_mac from the received pseudonym identity;
  
  determining a server key using a look-up table and the timestamp;
  
  generating a ps_mk by applying a pseudo-random number function to the server-key;
  
  partitioning the ps_mk into a plurality of portions including at least a ps_ck portion and a ps_ik portion;
  
  generating a ps_mac by applying a hashing function to a concatenation of the ps_payload and the ps_ik;
  
  comparing the ps_mac and the rcvd_mac; and
  
  if comparing reveals a match, determining a Master-Pseudo-Id by applying a decryption function to the ps_payload and the ps_ck.
- View Dependent Claims (10, 11, 12)
- - 10. The method of claim 9, wherein the ps_ck is the first 64 bits of the ps_mk, and the ps_ik is the next 64 bits of the ps_mk.
  - 11. The method of claim 9, wherein the hash function is the SHA-1 algorithm.
  - 12. The method of claim 9, wherein the decryption function is associated with the exclusive or (XOR) salted MD5 encryption algorithm.

13. A method for validating a fast re-authentication identity storing session state key information for a subscriber for use in an EAP-AKA fast re-authentication, comprising:
- receiving a fast re-authentication identity storing session state key information associated with the subscriber;
  
  extracting a timestamp, an outer_payload and a rcvd_mac from the received fast re-authentication identity;
  
  determining a server key using a look-up table and the timestamp;
  
  generating an outer_mk by applying a first pseudo-random number function to the server-key;
  
  partitioning the outer_mk into a plurality of portions including at least an outer_ck portion and an outer_ik portion;
  
  generating a outer_mac by applying a first hashing function to a concatenation of the outer_payload and the outer_ik;
  
  comparing the outer_mac and the rcvd_mac; and
  
  if comparing does not reveal a match, rejecting the received fast re-authentication identity and stop;
  
  if comparing does reveal a match, determining a Master-Pseudo-Id and an inner_payload by applying a first decryption function to the outer-payload using the outer_ck;
  
  retrieving a subscriber password from a subscriber database using the Master-Pseudo-Id;
  
  generating an inner_mk by applying a second pseudo-random number function to an output of applying a second hashing function to a concatenation of the server-key and the subscriber password;
  
  extracting an inner_ck, wherein the inner_ck is a first 128 bits of the inner_mk;
  
  determining a master-key (MK) from which all other key material is derived and a counter by applying a second decryption function to the inner-payload using the inner_ck; and
  
  regenerating master session key (MSK) for use in fast re-authentication using the master-key (MK) and the counter.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13, wherein the outer_ck is the first 64 bits of the outer_mk, and the outer_ik is the next 64 bits of the outer_mk.
  - 15. The method of claim 13, wherein the first and second hashing functions are the SHA-1 algorithm.
  - 16. The method of claim 13, wherein the first and second decryption algorithms are associated with the exclusive or (XOR) salted MD5 encryption algorithm.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amdocs Canadian Managed Services Inc. (Amdocs Ltd.), Amdocs Development Limited (Amdocs Ltd.)
Original Assignee
Bridgewater Systems Corp. (Amdocs Ltd.)
Inventors
Jones, D. Mark
Primary Examiner(s)
Davis, Zachary A
Assistant Examiner(s)
NASH, LASHANYA RENEE

Application Number

US12/175,825
Publication Number

US 20100017603A1
Time in Patent Office

1,488 Days
Field of Search

713/168, 713/171, 713/170, 713/178, 726/2, 726/3, 726/4, 455/410, 455/411
US Class Current

713/168
CPC Class Codes

H04L 2209/42   Anonymization, e.g. involvi...

H04L 2209/80   Wireless

H04L 9/0844   with user authentication or...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3297   involving time stamps, e.g....

Extensible authentication protocol authentication and key agreement (EAP-AKA) optimization

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Extensible authentication protocol authentication and key agreement (EAP-AKA) optimization

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links