Secure group communications
First Claim
1. A method for providing secure communication in a system including a group management device, at least one subgroup management device, and at least one receiving device, wherein at least one subgroup management device is associated with at least receiving device, the method comprising the steps of:
- establishing a temporary secure communication path between the group management device and the at least one receiving device;
generating a key chain corresponding to the at least one receiving device, wherein the key chain includes a predetermined number of keys and having each key related to at least another key by at least one inverse of a one-way function, wherein the predetermined number of keys is agreed upon by the group management device and the at least one receiving device;
storing the generated key chain at the group management device and the at least one receiving device;
tearing down the temporary secure communication path subsequent to the storing of the generated key chain;
providing at least one key in the generated key chain to the at least one subgroup management device associated with the at least one receiving device;
using the generated key chain, authenticating the at least one subgroup management device; and
establishing another secure communication path between the group management device and the at least one subgroup management device and the at least one subgroup management device and the at least one receiving device associated with the at least one subgroup management device.
6 Assignments
0 Petitions
Accused Products
Abstract
A device for use in a system with multiple receiving units, and multiple intermediate units each configured to communicate with the device and at least some of the multiple receiving units, includes a communication module configured to send information toward and receive information from the receiving units and the intermediate units, a memory, and a processor coupled to the memory and the communication module. The processor is configured to: cause the communication module to send information toward each of the receiving units sufficient for the receiving units to obtain a key chain corresponding to that receiving unit, each key chain containing a plurality of keys, each key in each key chain being related to other keys in the respective key chains by at least one inverse of a one-way function; select a key from a key chain associated with a particular receiving unit and stored in the memory; and cause the communication module to send the selected key, and an indication of which receiving unit the selected key is associated with, toward the intermediate unit associated with the particular receiving unit.
-
Citations
39 Claims
-
1. A method for providing secure communication in a system including a group management device, at least one subgroup management device, and at least one receiving device, wherein at least one subgroup management device is associated with at least receiving device, the method comprising the steps of:
-
establishing a temporary secure communication path between the group management device and the at least one receiving device; generating a key chain corresponding to the at least one receiving device, wherein the key chain includes a predetermined number of keys and having each key related to at least another key by at least one inverse of a one-way function, wherein the predetermined number of keys is agreed upon by the group management device and the at least one receiving device; storing the generated key chain at the group management device and the at least one receiving device; tearing down the temporary secure communication path subsequent to the storing of the generated key chain; providing at least one key in the generated key chain to the at least one subgroup management device associated with the at least one receiving device; using the generated key chain, authenticating the at least one subgroup management device; and establishing another secure communication path between the group management device and the at least one subgroup management device and the at least one subgroup management device and the at least one receiving device associated with the at least one subgroup management device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer program product stored on a non-transitory computer-readable medium, for use with a computer configured to providing secure communication in a system including a group management device, at least one subgroup management device, and at least one receiving device, wherein at least one subgroup management device is associated with at least receiving device, the computer program product having computer-executable instructions for causing the computer to:
-
establish a temporary secure communication path between the group management device and the at least one receiving device; generate a key chain corresponding to the at least one receiving device, wherein the key chain includes a predetermined number of keys and having each key related to at least another key by at least one inverse of a one-way function, wherein the predetermined number of keys is agreed upon by the group management device and the at least one receiving device; store the generated key chain at the group management device and the at least one receiving device; tear down the temporary secure communication path subsequent to the storing of the generated key chain; provide at least one key in the generated key chain to the at least one subgroup management device associated with the at least one receiving device; using the generated key chain, authenticate the at least one subgroup management device; and establish another secure communication path between the group management device and the at least one subgroup management device and the at least one subgroup management device and the at least one receiving device associated with the at least one subgroup management device. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A system for providing secure communication in a system including a group management device, at least one subgroup management device, and at least one receiving device, wherein at least one subgroup management device is associated with at least receiving device, comprising:
-
a communication device configured to provide communication between the group management device, the at least one subgroup management device, and the at least one receiving device; a memory; and a processor coupled to the communication device and the memory and configured to cause the communication device to establish a temporary secure communication path between the group management device and the at least one receiving device; generate a key chain corresponding to the at least one receiving device, wherein the key chain includes a predetermined number of keys and having each key related to at least another key by at least one inverse of a one-way function, wherein the predetermined number of keys is agreed upon by the group management device and the at least one receiving device; store in memory the generated key chain at the group management device and the at least one receiving device; tear down the temporary secure communication path subsequent to the storing of the generated key chain; provide at least one key in the generated key chain to the at least one subgroup management device associated with the at least one receiving device; using the generated key chain, authenticate the at least one subgroup management device; and cause the communication device to establish another secure communication path between the group management device and the at least one subgroup management device and the at least one subgroup management device and the at least one receiving device associated with the at least one subgroup management device. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
Specification