Method and apparatus for securing communication between a mobile node and a network
First Claim
1. A method of securely negotiating a session key between a mobile node and a router in a network, the method comprising:
- initiating a communication session between the mobile node and the router using a protocol, including a process of registering or authenticating the mobile node within the network using the protocol;
receiving from the router a public key within a first protocol message, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key;
obtaining the session key;
generating an encrypted session key from the session key; and
during the process of registering or authenticating the mobile node, communicating the encrypted session key to the router within a second protocol message, the second protocol message having a format defined by the protocol, wherein the second protocol message is an initial request (RRQ) message including the encrypted session key.
3 Assignments
0 Petitions
Accused Products
Abstract
In accordance with the teachings of the present invention, a method and apparatus is presented for securely negotiating a session key between a mobile node and a network node, such as a first hop IP router. A session key is encoded using asymmetric encryption. The encrypted session key is then communicated to the first hop IP router for later use. In accordance with another teaching of the present invention, the session key is then used by the mobile node and a first hop IP router to authenticate a message. Lastly, in accordance with the third teaching of the present invention, a standardized protocol is used to securely negotiate the session key between the mobile node and the first hop IP router.
-
Citations
17 Claims
-
1. A method of securely negotiating a session key between a mobile node and a router in a network, the method comprising:
-
initiating a communication session between the mobile node and the router using a protocol, including a process of registering or authenticating the mobile node within the network using the protocol; receiving from the router a public key within a first protocol message, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key; obtaining the session key; generating an encrypted session key from the session key; and during the process of registering or authenticating the mobile node, communicating the encrypted session key to the router within a second protocol message, the second protocol message having a format defined by the protocol, wherein the second protocol message is an initial request (RRQ) message including the encrypted session key. - View Dependent Claims (2, 3, 4)
-
-
5. A method of securely negotiating a session key between a mobile node and a router in a network, the method comprising:
-
communicating a public key to the mobile node within a first protocol message defined by a protocol during a process of registering or authenticating the mobile node within the network using the protocol, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key; during the process of registering or authenticating the mobile node, receiving an encrypted session key from the mobile node within a second protocol message defined by the protocol in response to communicating the public key, the encrypted session key generated from the session key, the second protocol message having a format defined by the protocol, wherein the second protocol message is an initial request (RRQ) message including the encrypted session key; and during the process of registering or authenticating the mobile node, decrypting the encrypted session key with a private key. - View Dependent Claims (6, 7, 8)
-
-
9. A mobile node comprising:
-
a processing unit communicatively coupled to a memory for storing a session key; the mobile node initiating a communication session using a defined protocol and initiating a process of registering or authenticating the mobile node within a network using the protocol; during the process of registering or authenticating the mobile node, the mobile node receiving from a router a public key within a first protocol message defined by the protocol, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key; the processing unit generating an encrypted session key from the session key; and during the process of registering or authenticating the mobile node, the mobile node communicating the encrypted session key to the router within a second protocol message defined by the protocol, the second protocol message having a format defined by the protocol, wherein the second protocol message is an initial request (RRQ) message including the encrypted session key. - View Dependent Claims (10, 11)
-
-
12. A method of securely negotiating a session key between a mobile node and a router in a network, the method comprising:
-
initiating a communication session between the mobile node and the router using a protocol, including a process of registering or authenticating the mobile node within the network using the protocol; receiving from the router a public key within a first protocol message, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key; obtaining the session key; generating an encrypted session key from the session key; and during the process of registering or authenticating the mobile node, communicating the encrypted session key to the router within a second protocol message, the second protocol message having a format defined by the protocol, wherein the second protocol message is a protocol vendor specific packet including the encrypted session key. - View Dependent Claims (13, 14)
-
-
15. A mobile node comprising:
a processing unit communicatively coupled to a memory for storing a session key, wherein the memory comprises program instructions executable by the processor to; initiate a communication session using a defined protocol and initiate a process of registering or authenticating the mobile node within a network using the protocol; receive from a router, during the process of registering or authenticating the mobile node, a public key within a first protocol message defined by the protocol, the first protocol message having a format defined by the protocol, wherein the first protocol message is a protocol vendor specific packet including the public key; generate an encrypted session key from the session key; and communicate the encrypted session key to the router, wherein communicating the encrypted session key is performed during the process of registering or authenticating the mobile node, wherein the encrypted session key is communicated within a second protocol message defined by the protocol, the second protocol message having a format defined by the protocol, wherein the second protocol message is a protocol vendor specific packet including the encrypted session key. - View Dependent Claims (16, 17)
Specification