Infrastructure-less bootstrapping: trustless bootstrapping to enable mobility for mobile devices
First Claim
1. In a Home Agent, a method of supporting a session in Mobile IP, comprising:
- receiving by the Home Agent a first Mobile IP message identifying a Mobile Node from the Mobile Node, wherein the first Mobile IP message indicates to the Home Agent that the Mobile Node is requesting dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during the session, wherein the first Mobile IP message does not include the Mobile-Home authentication key and wherein the first Mobile IP message or a portion thereof is not encrypted by the Mobile-Home authentication key;
in response to the first Mobile IP message, generating by the Home Agent a Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session; and
sending by the Home Agent a second Mobile IP message identifying the Home Agent to the Mobile Node, the second Mobile IP message including a lifetime and a first token to be used by the Mobile Node for generating the Mobile-Home authentication key, the lifetime being associated with the session and the Mobile-Home authentication key such that the Mobile-Home authentication key is not valid after the session has ended or during another session, thereby enabling the Mobile Node to encrypt messages to the Home Agent during the session using the Mobile-Home authentication key.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for supporting a session in Mobile IP are disclosed. A Mobile Node sends a first Mobile IP message identifying the Mobile Node to a Home Agent, wherein the first Mobile IP message indicates to the Home Agent that the Mobile Node is requesting dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during the session. A Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node is obtained or generated by the Mobile Node and the Home Agent, where the Mobile-Home authentication key is not valid after the session has ended or during another session. The Home Agent sends a second Mobile IP message to the Mobile Node, the second Mobile IP message including a lifetime associated with the session, wherein the lifetime indicates a lifetime of the key, thereby enabling the Mobile Node to register with the Home Agent using the Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session.
-
Citations
42 Claims
-
1. In a Home Agent, a method of supporting a session in Mobile IP, comprising:
-
receiving by the Home Agent a first Mobile IP message identifying a Mobile Node from the Mobile Node, wherein the first Mobile IP message indicates to the Home Agent that the Mobile Node is requesting dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during the session, wherein the first Mobile IP message does not include the Mobile-Home authentication key and wherein the first Mobile IP message or a portion thereof is not encrypted by the Mobile-Home authentication key; in response to the first Mobile IP message, generating by the Home Agent a Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session; and sending by the Home Agent a second Mobile IP message identifying the Home Agent to the Mobile Node, the second Mobile IP message including a lifetime and a first token to be used by the Mobile Node for generating the Mobile-Home authentication key, the lifetime being associated with the session and the Mobile-Home authentication key such that the Mobile-Home authentication key is not valid after the session has ended or during another session, thereby enabling the Mobile Node to encrypt messages to the Home Agent during the session using the Mobile-Home authentication key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. In a Mobile Node, a method, comprising:
-
composing and sending by the Mobile Node a first Mobile IP message identifying the Mobile Node to a Home Agent, wherein the first Mobile IP message indicates to the Home Agent that the Mobile Node is initiating dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during a session, wherein the first Mobile IP message does not include the Mobile-Home authentication key and wherein the first Mobile IP message or a portion thereof is not encrypted by the Mobile-Home authentication key; receiving by the Mobile Node a second Mobile IP message identifying the Mobile Node from the Home Agent, the second Mobile IP message including a lifetime and a first token to be used by the Mobile Node for generating the Mobile-Home authentication key, the lifetime being associated with the session and the Mobile-Home authentication key such that the Mobile-Home authentication key is not valid after the session has ended or during another session; obtaining by the Mobile Node the first token from the second Mobile IP message; and generating by the Mobile Node the Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session using the first token. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. A non-transitory computer-readable storage medium storing thereon computer-readable instructions for supporting a session in Mobile IP in a Home Agent, comprising:
-
instructions for determining from a first Mobile IP message received from a Mobile Node and identifying the Mobile Node that the Mobile Node is requesting dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during the session, wherein the first Mobile IP message does not include the Mobile-Home authentication key and wherein the first Mobile IP message or a portion thereof is not encrypted by the Mobile-Home authentication key; instructions for in response to the first Mobile IP message, generating a Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session; and instructions for sending a second Mobile IP message identifying the Home Agent to the Mobile Node, the second Mobile IP message including a lifetime and a first token to be used by the Mobile Node for generating the Mobile-Home authentication key, the lifetime being associated with the session and the Mobile-Home authentication key such that the Mobile-Home authentication key is not valid after the session has ended or during another session, thereby enabling the Mobile Node to encrypt messages to the Home Agent during the session using the Mobile-Home authentication key.
-
-
39. A Home Agent adapted for supporting a session in Mobile IP, comprising:
-
means for receiving a first Mobile IP message identifying a Mobile Node from the Mobile Node, wherein the first Mobile IP message indicates to the Home Agent that the Mobile Node is requesting dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during the session, wherein the first Mobile IP message does not include the Mobile-Home authentication key and wherein the first Mobile IP message or a portion thereof is not encrypted by the Mobile-Home authentication key; means for in response to the first Mobile IP message, generating a Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session; and means for sending a second Mobile IP message identifying the Home Agent to the Mobile Node, the second Mobile IP message including a lifetime and a first token to be used by the Mobile Node for generating the Mobile-Home authentication key, the lifetime being associated with the session and the Mobile-Home authentication key such that the Mobile-Home authentication key is not valid after the session has ended or during another session, thereby enabling the Mobile Node to encrypt messages to the Home Agent during the session using the Mobile-Home authentication key.
-
-
40. A Home Agent adapted for supporting a session in Mobile IP, comprising:
-
a processor; and a memory, at least one of the processor and the memory being adapted for; receiving a first Mobile IP message identifying a Mobile Node from the Mobile Node, wherein the first Mobile IP message indicates to the Home Agent that the Mobile Node is requesting dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during the session, wherein the first Mobile IP message does not include the Mobile-Home authentication key and wherein the first Mobile IP message or a portion thereof is not encrypted by the Mobile-Home authentication key; in response to the first Mobile IP message, generating a Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session; and sending a second Mobile IP message identifying the Home Agent to the Mobile Node, the second Mobile IP message including a lifetime and a first token to be used by the Mobile Node for generating the Mobile-Home authentication key, the lifetime being associated with the session and the Mobile-Home authentication key such that the Mobile-Home authentication key is not valid after the session has ended or during another session, thereby enabling the Mobile Node to encrypt messages to the Home Agent during the session using the Mobile-Home authentication key.
-
-
41. An apparatus, comprising:
-
a processor; and a memory, at least one of the processor or the memory being configured for; composing and sending by a Mobile Node a first Mobile IP message identifying the Mobile Node to a Home Agent, wherein the first Mobile IP message indicates to the Home Agent that the Mobile Node is initiating dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during a session, wherein the first Mobile IP message does not include the Mobile-Home authentication key and wherein the first Mobile IP message or a portion thereof is not encrypted by the Mobile-Home authentication key; receiving by the Mobile Node a second Mobile IP message identifying the Mobile Node from the Home Agent, the second Mobile IP message including a lifetime and a first token to be used by the Mobile Node for generating the Mobile-Home authentication key, the lifetime being associated with the session and the Mobile-Home authentication key such that the Mobile-Home authentication key is not valid after the session has ended or during another session; and obtaining by the Mobile Node the first token from the second Mobile IP message; and generating by the Mobile Node the Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session using the first token.
-
-
42. A non-transitory computer-readable medium storing thereon computer-readable instructions for performing a method, comprising:
-
composing and sending by a Mobile Node a first Mobile IP message identifying the Mobile Node to a Home Agent, wherein the first Mobile IP message indicates to the Home Agent that the Mobile Node is initiating dynamic configuration of a Mobile-Home authentication key to be shared between the Mobile Node and the Home Agent during a session, wherein the first Mobile IP message does not include the Mobile-Home authentication key and wherein the first Mobile IP message or a portion thereof is not encrypted by the Mobile-Home authentication key; receiving by the Mobile Node a second Mobile IP message identifying the Mobile Node from the Home Agent, the second Mobile IP message including a lifetime and a first token to be used by the Mobile Node for generating the Mobile-Home authentication key, the lifetime being associated with the session and the Mobile-Home authentication key such that the Mobile-Home authentication key is not valid after the session has ended or during another session; and obtaining by the Mobile Node the first token from the second Mobile IP message; and generating by the Mobile Node the Mobile-Home authentication key to be shared between the Home Agent and the Mobile Node during the session using the first token.
-
Specification