Method and apparatus for securing communication between a mobile node and a network

US 8,296,558 B1
Filed: 11/26/2003
Issued: 10/23/2012
Est. Priority Date: 11/26/2003
Status: Active Grant

First Claim

Patent Images

1. A method of securely negotiating a session key between a mobile node and a router in a network, the method comprising:

initiating a communication session between the mobile node and the router using a protocol, including a process of registering or authenticating the mobile node within the network using the protocol;

receiving from the router a public key within a first protocol message, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key;

obtaining the session key;

generating an encrypted session key from the session key; and

during the process of registering or authenticating the mobile node, communicating the encrypted session key to the router within a second protocol message, the second protocol message having a format defined by the protocol, wherein the second protocol message is an initial request (RRQ) message including the encrypted session key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with the teachings of the present invention, a method and apparatus is presented for securely negotiating a session key between a mobile node and a network node, such as a first hop IP router. A session key is encoded using asymmetric encryption. The encrypted session key is then communicated to the first hop IP router for later use. In accordance with another teaching of the present invention, the session key is then used by the mobile node and a first hop IP router to authenticate a message. Lastly, in accordance with the third teaching of the present invention, a standardized protocol is used to securely negotiate the session key between the mobile node and the first hop IP router.

Citations

17 Claims

1. A method of securely negotiating a session key between a mobile node and a router in a network, the method comprising:
- initiating a communication session between the mobile node and the router using a protocol, including a process of registering or authenticating the mobile node within the network using the protocol;
  
  receiving from the router a public key within a first protocol message, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key;
  
  obtaining the session key;
  
  generating an encrypted session key from the session key; and
  
  during the process of registering or authenticating the mobile node, communicating the encrypted session key to the router within a second protocol message, the second protocol message having a format defined by the protocol, wherein the second protocol message is an initial request (RRQ) message including the encrypted session key.
- View Dependent Claims (2, 3, 4)
- - 2. The method as set forth in claim 1 wherein the protocol is a standardized protocol.
  - 3. The method as set forth in claim 1 wherein communicating the encrypted session key occurs during the process of registering or authenticating the mobile node in the network.
  - 4. The method as set forth in claim 1 wherein the protocol is defined as Point-to-Point protocol (PPP).

5. A method of securely negotiating a session key between a mobile node and a router in a network, the method comprising:
- communicating a public key to the mobile node within a first protocol message defined by a protocol during a process of registering or authenticating the mobile node within the network using the protocol, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key;
  
  during the process of registering or authenticating the mobile node, receiving an encrypted session key from the mobile node within a second protocol message defined by the protocol in response to communicating the public key, the encrypted session key generated from the session key, the second protocol message having a format defined by the protocol, wherein the second protocol message is an initial request (RRQ) message including the encrypted session key; and
  
  during the process of registering or authenticating the mobile node, decrypting the encrypted session key with a private key.
- View Dependent Claims (6, 7, 8)
- - 6. The method as set forth in claim 5 wherein the protocol is a standardized protocol.
  - 7. The method as set forth in claim 5 wherein communicating the encrypted session key occurs during the process of registering or authenticating the mobile node in the network.
  - 8. The method as set forth in claim 5 wherein the protocol is defined as Point-to-Point protocol (PPP).

9. A mobile node comprising:
- a processing unit communicatively coupled to a memory for storing a session key;
  
  the mobile node initiating a communication session using a defined protocol and initiating a process of registering or authenticating the mobile node within a network using the protocol;
  
  during the process of registering or authenticating the mobile node, the mobile node receiving from a router a public key within a first protocol message defined by the protocol, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key;
  
  the processing unit generating an encrypted session key from the session key; and
  
  during the process of registering or authenticating the mobile node, the mobile node communicating the encrypted session key to the router within a second protocol message defined by the protocol, the second protocol message having a format defined by the protocol, wherein the second protocol message is an initial request (RRQ) message including the encrypted session key.
- View Dependent Claims (10, 11)
- - 10. The mobile node as set forth in claim 9 wherein the mobile node communicates the encrypted session key during the process of registering or authenticating the mobile node in the network.
  - 11. The mobile node as set forth in claim 9, wherein the protocol is defined as Point-to-Point protocol (PPP).

12. A method of securely negotiating a session key between a mobile node and a router in a network, the method comprising:
- initiating a communication session between the mobile node and the router using a protocol, including a process of registering or authenticating the mobile node within the network using the protocol;
  
  receiving from the router a public key within a first protocol message, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key;
  
  obtaining the session key;
  
  generating an encrypted session key from the session key; and
  
  during the process of registering or authenticating the mobile node, communicating the encrypted session key to the router within a second protocol message, the second protocol message having a format defined by the protocol, wherein the second protocol message is a protocol vendor specific packet including the encrypted session key.
- View Dependent Claims (13, 14)
- - 13. The method as set forth in claim 12, wherein communicating the encrypted session key occurs during the process of registering or authenticating the mobile node in the network.
  - 14. The method as set forth in claim 12, wherein the protocol is defined as Point-to-Point protocol (PPP).

15. A mobile node comprising:
- a processing unit communicatively coupled to a memory for storing a session key, wherein the memory comprises program instructions executable by the processor to;
  
  initiate a communication session using a defined protocol and initiate a process of registering or authenticating the mobile node within a network using the protocol;
  
  receive from a router, during the process of registering or authenticating the mobile node, a public key within a first protocol message defined by the protocol, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key;
  
  generate an encrypted session key from the session key; and
  
  communicate the encrypted session key to the router, wherein communicating the encrypted session key is performed during the process of registering or authenticating the mobile node, wherein the encrypted session key is communicated within a second protocol message defined by the protocol, the second protocol message having a format defined by the protocol, wherein the second protocol message is a protocol vendor specific packet including the encrypted session key.
- View Dependent Claims (16, 17)
- - 16. The mobile node as set forth in claim 15, wherein the program instructions are configured to communicate the encrypted session key during the process of registering or authenticating the mobile node in the network.
  - 17. The mobile node as set forth in claim 15, wherein the protocol is defined as Point-to-Point protocol (PPP).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Chowdhury, Kuntal
Primary Examiner(s)
Armouche, Hadi

Application Number

US10/723,335
Time in Patent Office

3,254 Days
Field of Search

713/151, 713/153, 726/12, 380/277, 380/30
US Class Current

713/151
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

H04L 2463/062   applying encryption of the ...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/12   Applying verification of th...

H04L 9/3242   involving keyed hash functi...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/10   Integrity

H04W 12/50   Secure pairing of devices

Method and apparatus for securing communication between a mobile node and a network

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for securing communication between a mobile node and a network

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links