Method for key identification using an internet security association and key management based protocol

US 8,448,235 B2
Filed: 06/30/2011
Issued: 05/21/2013
Est. Priority Date: 08/05/2010
Status: Active Grant

First Claim

Patent Images

1. A method for key identification using an Internet Security Association and Key Management Protocol (ISAKMP)-based protocol, the method comprising:

an initiating device performing;

generating a message using the ISAKMP-based protocol that includes a security parameter index (SPI) field;

identifying a key in the SPI field of the message;

sending the message to a responding device;

wherein the message comprises a Session Initiation Request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An initiating device: generates a message having an ISAKMP-based header that includes a security parameter index (SPI) field; identifies a key in the SPI field of the ISKMP-based header; and sends the message to a responding device. The responding device: receives the message; extracts the key identifier; and when a shared key is selected using the key identifier, uses the selected shared key to establish, with the initiating device, a session having a secure tunnel.

Citations

13 Claims

1. A method for key identification using an Internet Security Association and Key Management Protocol (ISAKMP)-based protocol, the method comprising:
- an initiating device performing;
  
  generating a message using the ISAKMP-based protocol that includes a security parameter index (SPI) field;
  
  identifying a key in the SPI field of the message;
  
  sending the message to a responding device;
  
  wherein the message comprises a Session Initiation Request.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the key is a shared key between the initiating and responding devices for establishing a secure tunnel using the ISAKMP-based protocol.
  - 3. The method of claim 1, wherein the ISAKMP-based protocol comprises an Internet Key Exchange (IKE) protocol.
  - 4. The method of claim 3, wherein the IKE protocol comprises IKEv1 or IKEv2.
  - 5. The method of claim 1, wherein the ISAKMP-based protocol comprises an Association of Public Safety Communications Officials International Project 25 Packet Data Security Protocol.
  - 6. The method of claim 1, wherein the SPI field comprises the first eight bytes of the message.

7. A method for key identification using an Internet Security Association and Key Management Protocol (ISAKMP)-based protocol, the method comprising:
- a responding device performing;
  
  receiving a message from an initiating device that includes a key identifier that identifies a key;
  
  extracting the key identifier, and attempting to select a shared key using the key identifier, wherein the shared key is for establishing a security session between the initiating and responding devices using the ISAKMP-based protocol;
  
  when the message includes an ISAKMP-based header having a security parameter index (SPI) field that includes the key identifier, and the shared key is identified and selected using the key identifier, using the selected shared key to establish the security session with the initiating device;
  
  when the key identifier fails to identify the shared key, using a default key to establish the security session with the initiating device.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein the ISAKMP-based header comprises an Internet Key Exchange (IKE) protocol header.
  - 9. The method of claim 8, wherein the IKE protocol header comprises an IKEv1 header or an IKEv2 header.
  - 10. The method of claim 7, wherein the message comprises a Session Initiation Request.
  - 11. The method of claim 7, wherein the ISAKMP-based header comprises an Association of Public Safety Communications Officials International Project 25 Packet Data Security Protocol header.
  - 12. The method of claim 7, wherein the SPI field comprises the first eight bytes of the message.

13. A method for key identification using an Internet Security Association and Key Management Protocol (ISAKMP)-based protocol, the method comprising:
- a responding device performing;
  
  receiving a message from an initiating device that includes a key identifier that identifies a key;
  
  extracting the key identifier, and attempting to select a shared key using the key identifier, wherein the shared key is for establishing a security session between the initiating and responding devices using the ISAKMP-based protocol;
  
  when the message includes an ISAKMP-based header having a security parameter index (SPI) field that includes the key identifier, and the shared key is identified and selected using the key identifier, using the selected shared key to establish the security session with the initiating device;
  
  wherein the message comprises a Session Initiation Request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Motorola Solutions, Inc.
Original Assignee
Motorola Solutions, Inc.
Inventors
Langham, Timothy M., Senese, Thomas J.
Primary Examiner(s)
LEMMA, SAMSON B

Application Number

US13/173,020
Publication Number

US 20120036363A1
Time in Patent Office

691 Days
Field of Search

713/168, 713/171, 726/14, 726/15
US Class Current

726/14
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/164   at the network layer

H04L 9/0838   Key agreement, i.e. key est...

Method for key identification using an internet security association and key management based protocol

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method for key identification using an internet security association and key management based protocol

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links