Kerberized handover keying

US 8,332,923 B2
Filed: 01/10/2008
Issued: 12/11/2012
Est. Priority Date: 01/19/2007
Status: Active Grant

First Claim

Patent Images

1. A method for media-independent handover key management for secure key distribution among a server, an authenticator and a mobile node employing Kerberized Handover Keying, comprising:

a) having a mobile node obtain the identity of a Key Distribution Center and a secret key shared with an Application Server during initial network access authentication to an initial network via bootstrapping Kerberos from network access authentication credentials using an EAP method, and having the mobile node transmit an Authentication Service Request (AS-REQ) to the a Key Distribution Center, and having the mobile node receive an Authentication Service Response (AS-REP) from the Key Distribution Center with a Ticket Granting Ticket (TGT);

b) prior to handover from said initial network, having the mobile node discover at least one authenticator in neighboring networks to which said mobile node may handover;

c) prior to handover from said initial network, having the mobile node transmit a Ticket Granting Service Request (TGS-REQ) to said Key Distribution Center, and having the mobile node receive a Ticket Granting Service Response (TGS-REP) from the Key Distribution Center to obtain a different ticket (T) for each of said at least one authenticator;

d) during handover to a target authenticator of said at least one authenticator, having the mobile node transmit an Application Request (AP-REQ) to the target authenticator so that the mobile node and the target authenticator act as a client and a server of Kerberos, respectively;

e) further including after said step d), having the mobile node exchange Kerberos-Safe (KRB-Safe) messages or link-layer specific messages with the target authenticator such as to establish a link-layer security association between the mobile node and the target authenticator;

f) having a node that implements the Key Distribution Center also implement or communicate with an Authentication, Authorization and Accounting (AAA) client that communicates with an AAA server for authorization purposes, and having said AAA client obtain authorization information from the AAA server using an AAA protocol and return the obtained authorization information to the Key Distribution Center;

g) having said Key Distribution Center embed the authorization information in ticket authorization data of each said different ticket for each of said at least one authenticator such that the target authenticator performs access control without Authentication, Authorization and Accounting (AAA) signaling after handover for authorization; and

h) wherein said at least one authenticator includes a plurality of authenticators and said mobile node is configured to receive per-authenticator keys for said plurality of authenticators.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A media-independent handover key management architecture is disclosed that uses Kerberos for secure key distribution among a server, an authenticator, and a mobile node. In the preferred embodiments, signaling for key distribution is based on re-keying and is decoupled from re-authentication that requires EAP (Extensible Authentication Protocol) and AAA (Authentication, Authorization and Accounting) signaling similar to initial network access authentication. In this framework, the mobile node is able to obtain master session keys required for dynamically establishing the security associations with a set of authenticators without communicating with them before handover. By separating re-key operation from re-authentication, the proposed architecture is more optimized for a proactive mode of operation. It can also be optimized for reactive mode of operation by reversing the key distribution roles between the mobile node and the target access node.

25 Citations

View as Search Results

20 Claims

1. A method for media-independent handover key management for secure key distribution among a server, an authenticator and a mobile node employing Kerberized Handover Keying, comprising:
- a) having a mobile node obtain the identity of a Key Distribution Center and a secret key shared with an Application Server during initial network access authentication to an initial network via bootstrapping Kerberos from network access authentication credentials using an EAP method, and having the mobile node transmit an Authentication Service Request (AS-REQ) to the a Key Distribution Center, and having the mobile node receive an Authentication Service Response (AS-REP) from the Key Distribution Center with a Ticket Granting Ticket (TGT);
  
  b) prior to handover from said initial network, having the mobile node discover at least one authenticator in neighboring networks to which said mobile node may handover;
  
  c) prior to handover from said initial network, having the mobile node transmit a Ticket Granting Service Request (TGS-REQ) to said Key Distribution Center, and having the mobile node receive a Ticket Granting Service Response (TGS-REP) from the Key Distribution Center to obtain a different ticket (T) for each of said at least one authenticator;
  
  d) during handover to a target authenticator of said at least one authenticator, having the mobile node transmit an Application Request (AP-REQ) to the target authenticator so that the mobile node and the target authenticator act as a client and a server of Kerberos, respectively;
  
  e) further including after said step d), having the mobile node exchange Kerberos-Safe (KRB-Safe) messages or link-layer specific messages with the target authenticator such as to establish a link-layer security association between the mobile node and the target authenticator;
  
  f) having a node that implements the Key Distribution Center also implement or communicate with an Authentication, Authorization and Accounting (AAA) client that communicates with an AAA server for authorization purposes, and having said AAA client obtain authorization information from the AAA server using an AAA protocol and return the obtained authorization information to the Key Distribution Center;
  
  g) having said Key Distribution Center embed the authorization information in ticket authorization data of each said different ticket for each of said at least one authenticator such that the target authenticator performs access control without Authentication, Authorization and Accounting (AAA) signaling after handover for authorization; and
  
  h) wherein said at least one authenticator includes a plurality of authenticators and said mobile node is configured to receive per-authenticator keys for said plurality of authenticators.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, further including establishing a secure association between the mobile node and the target authenticator using the respective ticket (T) for that authenticator.
  - 3. The method of claim 1, further including after having the mobile node transmit an AP-REQ to the target authenticator having the target authenticator transmit an Application Response (AP-REP) message to the mobile node.
  - 4. The method of claim 1, wherein said step of having the mobile node discover at least one authenticator includes having said mobile node employ I.E.E.E. 802.21 Information Service discovery mechanisms.
  - 5. The method of claim 1, further including having the Key Distribution Center indirectly pass the authorization information to the target authenticator via the mobile node in a proactive mode.
  - 6. The method of claim 5, further including having one or more intermediate realms between a local realm and a remote realm, and the mobile node iterating the Ticket Granting Ticket procedure along an authentication path between the local and remote realms.
  - 7. The method of claim 1, further including establishing inter-realm keys for different Kerberos realms, such that said mobile node is able to obtain a Ticket Granting Ticket for a remote Kerberos realm'"'"'s ticket granting service from a local Kerberos realm.
  - 8. The method of claim 7, further including pre-establishing Kerberos cross-realm keys between plural Authentication, Authorization and Accounting (AAA) domains, such that when said mobile node moves from an initial authenticator to a target authenticator across AAA domains, the mobile node acquires a cross-realm Ticket Granting Ticket valid for a remote Key Distribution Center in a visited target AAA domain by contacting a local Key Distribution Center in a home AAA domain.
  - 9. The method of claim 7, further including having cross-realm operation within a single AAA domain, wherein there are one or more intermediate realms between a local realm and a remote realm in the same AAA domain, and the mobile node iterates the Ticket Granting Ticket procedure along the authentication path between the realms, and wherein the authentication path is constructed based on a Domain Name System (DNS) domain hierarchy to facilitate traversal of the authentication path.
  - 10. The method of claim 1, further including:
    - having said mobile node establish security associations with a set of authenticators using Kerberos prior to handover.
  - 11. The method of claim 10, further including having said mobile node include a Kerberos client that communicates with respective Kerberos servers of said authenticators.
  - 12. The method of claim 10, further including delivering a Ticket Granting Ticket to an authenticator prior to handover of the mobile node.
  - 13. The method of claim 10, further including having the authenticator not create a state for the mobile node before handover.
  - 14. The method of claim 10, wherein for said bootstrapping, an EAP server and the Key Distribution Center are implemented on the same node using a same identifier for the EAP server identity and the Key Distribution Center.
  - 15. The method of claim 1, further including assigning different key lifetimes to different ones of said plurality of authenticators depending on link-layer type such as to provide flexibility in key management for heterogeneous link-layer technologies.

16. A media-independent handover key management system for secure key distribution among a server, an authenticator and a mobile node, comprising:
- a) a mobile node having an Extensible Authentication Protocol (EAP) peer that is configured to communicate with an EAP server, said mobile node being configured to perform EAP signaling with an initial authenticator for initial network access authentication to an initial network;
  
  b) said mobile node further having a Kerberos client or server that is configured to communicate with at least one authenticator for at least one target network that has a respective Kerberos client or server;
  
  c) said mobile node being configured to perform security signaling during handover from said initial network to said at least one target network via said at least one authenticator, including network access authentication and key management signaling to obtain master session keys from a Key Distribution Center using Kerberos to dynamically establish a security association via said at least one authenticator without re-authentication using EAP and Authentication, Authorization and Accounting (AAA) signaling, including said mobile node being configured to obtain a different per-authenticator master session key using Kerberos for dynamically establishing a security association for a respective one of said at least one authenticator in the at least one target network to which the mobile node may handover without communicating with said at least one authenticator before handover, wherein the mobile node exchanges Kerberos-Safe (KRB-Safe) messages or link-layer specific messages with the target authenticator to establish a link-layer security association between the mobile node and the target authenticator;
  
  d) a node that implements the Key Distribution Center being configured to also implement or communicate with an Authentication, Authorization and Accounting (AAA) client that communicates with an AAA server for authorization purposes, and having said AAA client obtain authorization information from the AAA server using an AAA protocol and return the obtained authorization information to the Key Distribution Center;
  
  e) said Key Distribution Center being configured to embed the authorization information in ticket authorization data of each said different ticket for each of said at least one authenticator such that the target authenticator performs access control without Authentication, Authorization and Accounting (AAA) signaling after handover for authorization; and
  
  f) wherein said at least one authenticator includes a plurality of authenticators and said mobile node is configured to receive per-authenticator keys for said plurality of authenticators.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The media-independent handover key management system of claim 16, wherein said mobile node has a Kerberos client.
  - 18. The media-independent handover key management system of claim 16, wherein said mobile node is configured to proactively obtain per-authenticator keys for said plurality of authenticators.
  - 19. The media-independent handover key management system of claim 16, wherein said plurality of authenticators includes at least one access point or base station.
  - 20. The media-independent handover key management system of claim 16, further including assigning different key lifetimes to different ones of said plurality of authenticators depending on link-layer type such as to provide flexibility in key management for heterogeneous link-layer technologies.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Four Batons Wireless LLC (Two Gold Capital LLC)
Original Assignee
Telcordia Technologies Incorporated (Telefonaktiebolaget LM Ericsson), Toshiba Corporation
Inventors
Oba, Yoshihiro, Das, Subir
Primary Examiner(s)
Colin, Carl
Assistant Examiner(s)
LE, CHAU D

Application Number

US11/972,450
Publication Number

US 20080175393A1
Time in Patent Office

1,797 Days
Field of Search

380277-279, 726/10, 726/5
US Class Current

726/10
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/162   at the data link layer

H04W 12/0431   Key distribution or pre-dis...

H04W 12/0433   Key management protocols

H04W 12/062   Pre-authentication

H04W 36/005   involving radio access medi...

H04W 36/12   Reselecting a serving backb...

H04W 8/005   Discovery of network device...

Kerberized handover keying

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Kerberized handover keying

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links