Method and system for deriving an encryption key using joint randomness not shared by others

US 8,280,046 B2
Filed: 12/23/2005
Issued: 10/02/2012
Est. Priority Date: 09/12/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method for deriving an encryption key for securing wireless communications the method comprising:

a wireless transmit/receive unit (WRTU) obtaining an association to an access point (AP);

the WTRU determining a secret that complies with a supported authentication;

the WTRU generating a channel impulse response (CIR) estimate based upon a signal received from the AP;

the WTRU correcting errors in the CIR estimate and generating parity bits by performing error correction coding on the CIR estimate;

the WTRU multiplexing the parity bits with a synchronization code to generate a multiplexed bit stream;

the WTRU transmitting the multiplexed bit stream to the AP;

the WTRU generating joint-randomness-not-shared-with-others (JRNSO) bits from the corrected CIR estimate;

the WTRU deriving a pairwise master key (PMK) using the secret and the JRNSO bits; and

the WTRU deriving a pairwise transient key (PTK) using the PMK and the JRNSO bits.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is related to a method and system for deriving an encryption key using joint randomness not shared by others (JRNSO). Communicating entities generate JRNSO bits from a channel impulse response (CIR) estimate and the JRNSO bits are used in generation of an encryption key. The authentication type may be IEEE 802.1x or a pre-shared key system. In an IEEE 802.1x system, a master key, a pairwise master key or a pairwise transient key may be generated using the JRNSO bits. The encryption key may be generated by using a Diffie-Hellman key derivation algorithm.

90 Citations

View as Search Results

19 Claims

1. A method for deriving an encryption key for securing wireless communications the method comprising:
- a wireless transmit/receive unit (WRTU) obtaining an association to an access point (AP);
  
  the WTRU determining a secret that complies with a supported authentication;
  
  the WTRU generating a channel impulse response (CIR) estimate based upon a signal received from the AP;
  
  the WTRU correcting errors in the CIR estimate and generating parity bits by performing error correction coding on the CIR estimate;
  
  the WTRU multiplexing the parity bits with a synchronization code to generate a multiplexed bit stream;
  
  the WTRU transmitting the multiplexed bit stream to the AP;
  
  the WTRU generating joint-randomness-not-shared-with-others (JRNSO) bits from the corrected CIR estimate;
  
  the WTRU deriving a pairwise master key (PMK) using the secret and the JRNSO bits; and
  
  the WTRU deriving a pairwise transient key (PTK) using the PMK and the JRNSO bits.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - receiving a group key from the AP, wherein the group key is derived from one of the PMK and the PTK.
  - 3. The method of claim 1, wherein the determining a secret includes:
    - on a condition that the supported authentication type is not based on a pre-shared key (PSK), authenticating with an authentication server and reporting the secret to the authentication server; and
      
      on a condition that the supported authentication type is based on a PSK, setting the PSK as one of the secret, the master key, and the PMK.
  - 4. The method of claim 3, further comprising receiving a group key from the AP, wherein the group key is derived from one of the PMK and the PTK.
  - 5. The method of claim 1, further comprising generating other JRNSO bits for updating an encryption key, whereby a new encryption key is generated by using the new JRNSO bits and the encryption key is one of the secret, the master key, the PMK, and the PTK.
  - 6. The method of claim 1, further comprising reporting a portion of an encryption key to the AP to confirm the encryption key, wherein the encryption key is one of the secret, the master key, the PMK, and the PTK.
  - 7. The method of claim 1 wherein the determining the secret includes determining a second pairwise master key (PMK) by:
    - on a condition that the supported authentication type is not a pre-shared key (PSK) type;
      
      authenticating with an authentication server,reporting a master secret to the authentication server, andderiving the second PMK from the master secret;
      
      on a condition that the supported authentication type is PSK, using a pre-shared key (PSK) as the second PMK; and
      
      using the second PMK as the secret.
  - 8. The method of claim 7, further comprisingreceiving a group key from the AP, wherein the group key is derived from one of the second PMK and the PTK.

9. A wireless transmit/receive unit (WTRU) for deriving an encryption key for securing wireless communications, the system WTRU comprising:
- a memory electronically coupled to a processor;
  
  a transceiver electronically coupled to the processor;
  
  the processor configured to;
  
  report a secret to an authentication server;
  
  generate a channel impulse response (CIR) estimate of a communication received from an access point (AP);
  
  correct errors in the CIR estimate and generate parity bits by performing error correction coding on the CIR estimate;
  
  multiplex the parity bits with a synchronization code to generate a multiplexed bit stream;
  
  instruct the transceiver to transmit the multiplexed bit stream to the AP;
  
  generate joint-randomness-not-shared-with-others (JRNSO) bits from the corrected CIR estimate;
  
  derive a pairwise master key (PMK) using the secret and the JRNSO bits; and
  
  derive a pairwise transient key (PTK) using the PMK and the JRNSO bits.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The WTRU of claim 9, wherein the WTRU is configured receive a group key from the AP, wherein the group key is derived from one of the PMK and the PTK.
  - 11. The WTRU of claim 9, wherein the WTRU is configured to authenticate using IEEE 802.1x authentication.
  - 12. The WTRU of claim 9, wherein the WTRU is configured to authenticate using pre-shared key (PSK) authentication, and to use a PSK as the secret.
  - 13. The WTRU of claim 9, wherein the WTRU is configured to report a portion of the encryption key to the AP to confirm the encryption key.

14. A wireless transmit/receive unit (WTRU) for deriving an encryption key for securing wireless communications, the WTRU comprising:
- a memory operatively connected to a processor;
  
  a transceiver electronically coupled to the processor;
  
  the processor configured to;
  
  report a master secret to an authentication server;
  
  generate a channel impulse response (CIR) estimate of a communication received from an access point (AP);
  
  correct errors in the CIR estimate and generate parity bits by performing error correction coding on the CIR estimate;
  
  multiplex the parity bits with a synchronization code to generate multiplexed bit stream;
  
  instruct the transceiver to transmit the multiplexed bit stream to the AP;
  
  generate joint-randomness-not-shared-with-others (JRNSO) bits from the corrected CIR estimate;
  
  derive a pairwise master key (PMK) using the master secret and the JRNSO bits; and
  
  derive a pairwise transient key (PTK) using the PMK and the JRNSO bits.
- View Dependent Claims (15, 16, 17)
- - 15. The WTRU of claim 14, wherein the WTRU is configured to receive a group key from the AP, wherein the group key is derived from one of the PMK and the PTK.
  - 16. The WTRU of claim 14, wherein the WTRU is configured to authenticate using IEEE 802.1x authentication.
  - 17. The WTRU of claim 14, wherein the WTRU is configured to authenticate using pre-shared key (PSK) authentication, whereby the PSK is set to one of the secret, the master key, and the PMK.

18. A wireless transmit/receive unit (WTRU) for deriving an encryption key for securing wireless communications, the WTRU comprising:
- a memory operatively connected to a processor;
  
  a transceiver operatively coupled to the processor;
  
  the processor configured to;
  
  report a pre-master secret to an authentication server;
  
  generate a channel impulse response (CIR) estimate of a communication received from an access point (AP);
  
  correct errors in the CIR estimate and generate parity bits by performing error correction coding on the CIR estimate;
  
  multiplex the parity bits with a synchronization code to generate a multiplexed bit stream;
  
  instruct the transceiver to transmit the multiplexed bit stream to the AP;
  
  generate joint-randomness-not-shared-with others (JRNSO) bits from the corrected estimate;
  
  derive a master key from the pre-master secret and the JRNSO bits;
  
  derive a pairwise master key (PMK) using the master key and the JRNSO bits; and
  
  derive a pairwise transient key (PTK) using the PMK and the JRNSO bits.
- View Dependent Claims (19)
- - 19. The WTRU of claim 18, wherein the WTRU is configured to receive a group key from the AP, wherein the group key is derived from one of the PMK and the PTK.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Interdigital Technology Corporation (InterDigital, Inc.)
Original Assignee
Interdigital Technology Corporation (InterDigital, Inc.)
Inventors
Rudolf, Marian, Mukherjee, Rajat Pritam
Primary Examiner(s)
Zee, Edward
Assistant Examiner(s)
Paliwal, Yogesh

Application Number

US11/318,381
Publication Number

US 20070058808A1
Time in Patent Office

2,475 Days
Field of Search

380/44
US Class Current

380/44
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 2463/061   applying further key deriva...

H04L 63/065   for group communications cr...

H04L 63/0892   by using authentication-aut...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/0875   based on channel impulse re...

H04L 9/0891   Revocation or update of sec...

H04L 9/12   Transmitting and receiving ...

H04W 12/06   Authentication

H04W 12/50   Secure pairing of devices

H04W 12/79   Radio fingerprint

Method and system for deriving an encryption key using joint randomness not shared by others

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

90 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for deriving an encryption key using joint randomness not shared by others

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

90 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links