Method and apparatus for authenticating a network device
First Claim
Patent Images
1. A trust centre for a wireless personal area network arranged to perform authentication of communication devices joining the wireless personal area network;
- the trust centre being operatively coupled to a security server, which is arranged to store a plurality of communication device keys associated with communication devices known to the network;
the trust centre being further arranged;
upon a new communication device joining the wireless personal area network, to request from the security server a communication device key associated with the joining communication device for a purpose of authenticating the joining communication device;
to perform mutual authentication between the trust centre and the joining communication device by sending to the joining communication device a challenge encrypted with the communication device key for the joining communication device and to receive from the joining communication device a further encrypted challenge sent in response to the encrypted challenge from the trust centre;
to generate a link key for use by an authenticated device that has performed the mutual authentication with the trust centre and for which a mutual link with another authenticated device has been requested, wherein the trust centre verifies that the request originates from a previously authenticated device, and upon verification sends a verification response to the authenticated device; and
to send the link key in encrypted form to the authenticated device.
3 Assignments
0 Petitions
Accused Products
Abstract
A trust center for a wireless personal area network is arranged to perform authentication of communication devices joining the network. The trust center is operatively coupled to a security server, which is arranged to store communication device keys. The trust center is further arranged, upon a new communication device joining the network, to request from the security server a communication device key of the joining communication device for the purpose of authenticating the joining communication device.
-
Citations
26 Claims
-
1. A trust centre for a wireless personal area network arranged to perform authentication of communication devices joining the wireless personal area network;
-
the trust centre being operatively coupled to a security server, which is arranged to store a plurality of communication device keys associated with communication devices known to the network; the trust centre being further arranged; upon a new communication device joining the wireless personal area network, to request from the security server a communication device key associated with the joining communication device for a purpose of authenticating the joining communication device; to perform mutual authentication between the trust centre and the joining communication device by sending to the joining communication device a challenge encrypted with the communication device key for the joining communication device and to receive from the joining communication device a further encrypted challenge sent in response to the encrypted challenge from the trust centre; to generate a link key for use by an authenticated device that has performed the mutual authentication with the trust centre and for which a mutual link with another authenticated device has been requested, wherein the trust centre verifies that the request originates from a previously authenticated device, and upon verification sends a verification response to the authenticated device; and to send the link key in encrypted form to the authenticated device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method of operation for use in a wireless personal area network comprising:
-
joining, by a plurality of communication devices, the wireless personal area network and requesting authentication from a trust centre of the network; requesting, by the trust centre, from a security server a communication device key associated with at least one of the plurality of joining communication devices; performing, by the trust centre and the at least one of the plurality of joining communication devices, mutual authentication by the trust centre sending to the at least one of the plurality of joining communication devices a challenge encrypted with the communication device key and receiving from the at least one of the plurality of joining communication devices a further encrypted challenge sent in response to the encrypted challenge from the trust centre; the trust centre generating a link key for use by an authenticated device that has performed the mutual authentication with the trust centre and for which a mutual link with another authenticated device has been requested, wherein the trust centre verifies that the request originates from a previously authenticated device, and upon verification sends a verification response to the authenticated device; and the trust centre sending the link key in encrypted form to the authenticated device.
-
-
23. A wireless personal area network comprising:
-
each of a plurality of communication devices joining the wireless personal area network and requesting authentication from a trust centre of the network; the trust centre requesting from a security server a device key associated with each joining device; the trust centre and each joining device performing mutual authentication by the trust centre sending to the joining device a challenge encrypted with the device key and receiving from the joining device a further encrypted challenge sent in response to the encrypted challenge from the trust centre; the trust centre generating a link key for use by an authenticated device that has performed mutual authentication with the trust centre and for which a mutual link with another authenticated device has been requested, wherein the trust centre verifies authentication and upon verification sends a verification response to the authenticated device; and the trust centre sending the link key in encrypted form to the authenticated device. - View Dependent Claims (24, 25, 26)
-
Specification