Kerberized handover keying
First Claim
1. A method for media-independent handover key management for secure key distribution among a server, an authenticator and a mobile node employing Kerberized Handover Keying, comprising:
- a) having a mobile node obtain the identity of a Key Distribution Center and a secret key shared with an Application Server during initial network access authentication to an initial network via bootstrapping Kerberos from network access authentication credentials using an EAP method, and having the mobile node transmit an Authentication Service Request (AS-REQ) to the a Key Distribution Center, and having the mobile node receive an Authentication Service Response (AS-REP) from the Key Distribution Center with a Ticket Granting Ticket (TGT);
b) prior to handover from said initial network, having the mobile node discover at least one authenticator in neighboring networks to which said mobile node may handover;
c) prior to handover from said initial network, having the mobile node transmit a Ticket Granting Service Request (TGS-REQ) to said Key Distribution Center, and having the mobile node receive a Ticket Granting Service Response (TGS-REP) from the Key Distribution Center to obtain a different ticket (T) for each of said at least one authenticator;
d) during handover to a target authenticator of said at least one authenticator, having the mobile node transmit an Application Request (AP-REQ) to the target authenticator so that the mobile node and the target authenticator act as a client and a server of Kerberos, respectively;
e) further including after said step d), having the mobile node exchange Kerberos-Safe (KRB-Safe) messages or link-layer specific messages with the target authenticator such as to establish a link-layer security association between the mobile node and the target authenticator;
f) having a node that implements the Key Distribution Center also implement or communicate with an Authentication, Authorization and Accounting (AAA) client that communicates with an AAA server for authorization purposes, and having said AAA client obtain authorization information from the AAA server using an AAA protocol and return the obtained authorization information to the Key Distribution Center;
g) having said Key Distribution Center embed the authorization information in ticket authorization data of each said different ticket for each of said at least one authenticator such that the target authenticator performs access control without Authentication, Authorization and Accounting (AAA) signaling after handover for authorization; and
h) wherein said at least one authenticator includes a plurality of authenticators and said mobile node is configured to receive per-authenticator keys for said plurality of authenticators.
3 Assignments
0 Petitions
Accused Products
Abstract
A media-independent handover key management architecture is disclosed that uses Kerberos for secure key distribution among a server, an authenticator, and a mobile node. In the preferred embodiments, signaling for key distribution is based on re-keying and is decoupled from re-authentication that requires EAP (Extensible Authentication Protocol) and AAA (Authentication, Authorization and Accounting) signaling similar to initial network access authentication. In this framework, the mobile node is able to obtain master session keys required for dynamically establishing the security associations with a set of authenticators without communicating with them before handover. By separating re-key operation from re-authentication, the proposed architecture is more optimized for a proactive mode of operation. It can also be optimized for reactive mode of operation by reversing the key distribution roles between the mobile node and the target access node.
-
Citations
20 Claims
-
1. A method for media-independent handover key management for secure key distribution among a server, an authenticator and a mobile node employing Kerberized Handover Keying, comprising:
-
a) having a mobile node obtain the identity of a Key Distribution Center and a secret key shared with an Application Server during initial network access authentication to an initial network via bootstrapping Kerberos from network access authentication credentials using an EAP method, and having the mobile node transmit an Authentication Service Request (AS-REQ) to the a Key Distribution Center, and having the mobile node receive an Authentication Service Response (AS-REP) from the Key Distribution Center with a Ticket Granting Ticket (TGT); b) prior to handover from said initial network, having the mobile node discover at least one authenticator in neighboring networks to which said mobile node may handover; c) prior to handover from said initial network, having the mobile node transmit a Ticket Granting Service Request (TGS-REQ) to said Key Distribution Center, and having the mobile node receive a Ticket Granting Service Response (TGS-REP) from the Key Distribution Center to obtain a different ticket (T) for each of said at least one authenticator; d) during handover to a target authenticator of said at least one authenticator, having the mobile node transmit an Application Request (AP-REQ) to the target authenticator so that the mobile node and the target authenticator act as a client and a server of Kerberos, respectively; e) further including after said step d), having the mobile node exchange Kerberos-Safe (KRB-Safe) messages or link-layer specific messages with the target authenticator such as to establish a link-layer security association between the mobile node and the target authenticator; f) having a node that implements the Key Distribution Center also implement or communicate with an Authentication, Authorization and Accounting (AAA) client that communicates with an AAA server for authorization purposes, and having said AAA client obtain authorization information from the AAA server using an AAA protocol and return the obtained authorization information to the Key Distribution Center; g) having said Key Distribution Center embed the authorization information in ticket authorization data of each said different ticket for each of said at least one authenticator such that the target authenticator performs access control without Authentication, Authorization and Accounting (AAA) signaling after handover for authorization; and h) wherein said at least one authenticator includes a plurality of authenticators and said mobile node is configured to receive per-authenticator keys for said plurality of authenticators. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A media-independent handover key management system for secure key distribution among a server, an authenticator and a mobile node, comprising:
-
a) a mobile node having an Extensible Authentication Protocol (EAP) peer that is configured to communicate with an EAP server, said mobile node being configured to perform EAP signaling with an initial authenticator for initial network access authentication to an initial network; b) said mobile node further having a Kerberos client or server that is configured to communicate with at least one authenticator for at least one target network that has a respective Kerberos client or server; c) said mobile node being configured to perform security signaling during handover from said initial network to said at least one target network via said at least one authenticator, including network access authentication and key management signaling to obtain master session keys from a Key Distribution Center using Kerberos to dynamically establish a security association via said at least one authenticator without re-authentication using EAP and Authentication, Authorization and Accounting (AAA) signaling, including said mobile node being configured to obtain a different per-authenticator master session key using Kerberos for dynamically establishing a security association for a respective one of said at least one authenticator in the at least one target network to which the mobile node may handover without communicating with said at least one authenticator before handover, wherein the mobile node exchanges Kerberos-Safe (KRB-Safe) messages or link-layer specific messages with the target authenticator to establish a link-layer security association between the mobile node and the target authenticator; d) a node that implements the Key Distribution Center being configured to also implement or communicate with an Authentication, Authorization and Accounting (AAA) client that communicates with an AAA server for authorization purposes, and having said AAA client obtain authorization information from the AAA server using an AAA protocol and return the obtained authorization information to the Key Distribution Center; e) said Key Distribution Center being configured to embed the authorization information in ticket authorization data of each said different ticket for each of said at least one authenticator such that the target authenticator performs access control without Authentication, Authorization and Accounting (AAA) signaling after handover for authorization; and f) wherein said at least one authenticator includes a plurality of authenticators and said mobile node is configured to receive per-authenticator keys for said plurality of authenticators. - View Dependent Claims (17, 18, 19, 20)
-
Specification