Mobile certificate distribution in a PKI
First Claim
1. A method for distributing certificates in a mobile ad hoc network (MANET), the MANET comprising an online client in communication with a certificate authority and a plurality of mobile devices, the method comprising:
- the online client sending a request to the certificate authority to provide an indication of whether a key pair of at least one of the plurality of mobile devices is valid; and
after receiving from the certificate authority an indication that the key pair is valid, the online client providing a precomputed response to at least one of the certificate authority and the at least one of the plurality of mobile devices, the precomputed response comprising a validity period of a certificate of the at least one of the plurality of the mobile devices.
4 Assignments
0 Petitions
Accused Products
Abstract
A method of providing certificate issuance and revocation checks involving mobile devices in a mobile ad-hoc network (MANET). The wireless devices communicate with each other via Bluetooth wireless technology in the MANET, with an access point (AP) to provide connectivity to the Internet. A Certificate authority (CA) distributes certificates and certification revocation lists (CRLs) to the devices via the access point (AP). Each group of devices has the name of the group associated with the certificate and signed by the CA. A device that is out of the radio range of the access point may still connect to the CA to validate a certificate or download the appropriate CRL by having all the devices participate in the MANET.
-
Citations
18 Claims
-
1. A method for distributing certificates in a mobile ad hoc network (MANET), the MANET comprising an online client in communication with a certificate authority and a plurality of mobile devices, the method comprising:
-
the online client sending a request to the certificate authority to provide an indication of whether a key pair of at least one of the plurality of mobile devices is valid; and after receiving from the certificate authority an indication that the key pair is valid, the online client providing a precomputed response to at least one of the certificate authority and the at least one of the plurality of mobile devices, the precomputed response comprising a validity period of a certificate of the at least one of the plurality of the mobile devices. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for distributing certificates in a mobile ad hoc network (MANET), the system comprising:
-
an online client in communication with a certificate authority and a plurality of mobile devices; the online client configured to send a request to the certificate authority to provide an indication of whether a key pair of at least one of the plurality of mobile devices is valid; and after receiving from the certificate authority an indication that the key pair is valid, the online client configured to provide a precomputed response to at least one of the certificate authority and the at least one of the plurality of mobile devices, the precomputed response comprising a validity period of a certificate of the at least one of the plurality of the mobile devices. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method of a mobile device determining if another mobile device is a member of an ad hoc group, the method comprising:
-
the mobile device receiving a certificate from a certificate authority in a mobile ad hoc network (MANET), the certificate including a name of the ad hoc group; the mobile device obtaining another certificate from the other mobile device; the mobile device determining if the other certificate has expired; and if the other certificate has not expired, and if the other certificate comprises the name of the ad hoc group, the mobile device using the other certificate to validate the other mobile device and to confirm that the other mobile device is a member of the ad hoc group. - View Dependent Claims (12, 13, 14)
-
-
15. A mobile device capable of communicating with another mobile device, the mobile device comprising a non-volatile memory and a processor for determining if another mobile device is a member of an ad hoc group, the processor configured to:
-
receive a certificate from a certificate authority in a mobile ad hoc network (MANET), the certificate including a name of the ad hoc group; obtain another certificate from the other mobile device; determine if the other certificate has expired; and if the other certificate has not expired, and if the other certificate comprises the name of the ad hoc group, the processor further configured to use the other certificate to validate the other mobile device and to confirm that the other mobile device is a member of the ad hoc group. - View Dependent Claims (16, 17, 18)
-
Specification