Architecture for supporting secure communication network setup in a wireless local area network (WLAN)

US 8,589,687 B2
Filed: 08/18/2005
Issued: 11/19/2013
Est. Priority Date: 08/18/2004
Status: Active Grant

First Claim

Patent Images

1. A method for enabling communication of information in a secure communication system, the method comprising:

generating at least one encrypted configuration message within a configurator timing window when at least one configuration start signal is asserted, wherein the configurator timing window opens at a time corresponding to a beginning of a time during which a client station is permitted to be configured by a configurator; and

transferring said generated at least one encrypted configuration message to the client station to enable secure communication between a configurator station and said client station.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a communication network, an architecture for supporting secure communication network setup in a wireless local area network (WLAN) is provided. The architecture may be utilized in a configurator station or in a client station for establishing a secure communication setup between the client station and the corresponding WLAN. The architecture may comprise an input interface that may be configured by a user to interface with the user'"'"'s hardware or software configuration buttons. The architecture may also comprise a finite state machine (FSM), a packet processor, and a Diffie-Hellman (DH) generator. The input interface, the FSM, the packet processor, and the DH generator may be associated with the secure communication setup process. The architecture may also comprise interfaces to communicate with a wireless driver and/or an Ethernet driver, and interfaces to communicate with persistent storage, such as non-volatile ready access memory (NVRAM).

Citations

30 Claims

1. A method for enabling communication of information in a secure communication system, the method comprising:
- generating at least one encrypted configuration message within a configurator timing window when at least one configuration start signal is asserted, wherein the configurator timing window opens at a time corresponding to a beginning of a time during which a client station is permitted to be configured by a configurator; and
  
  transferring said generated at least one encrypted configuration message to the client station to enable secure communication between a configurator station and said client station.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method according to claim 1, comprising generating at least one control signal in a finite state machine when said at least one configuration start signal has been asserted.
  - 3. The method according to claim 1, comprising generating by a packet processor:
    - at least one beacon message for establishing a secure wireless communication between said configurator station and said client station; and
      
      said at least one encrypted configuration message.
  - 4. The method according to claim 3, comprising transferring said generatedat least one beacon message to a network driver for broadcasting.
  - 5. The method according to claim 1, comprising receiving a hello message from said client station in a packet processor.
  - 6. The method according to claim 1, comprising receiving a random number in a Diffie-Hellman (DH) generator.
  - 7. The method according to claim 6, comprising generating a first key in said DH generator based on said received random number.
  - 8. The method according to claim 7, comprising generating a private key in said DH generator based on said first key and a second key received from said client station.
  - 9. The method according to claim 8, comprising generating said at least one encrypted configuration message based on said generated private key.
  - 10. The method according to claim 1, comprising retrieving said configuration information from a persistent storage device via a finite state machine.

11. A computer readable storage device having stored thereon, a computer program having at least one code for enabling communication of information in a secure communication system, the at least one code section being executable by a computer for causing the computer to perform steps comprising:
- generating at least one encrypted configuration message within a configurator timing window when at least one configuration start signal is asserted, wherein the configurator timing window opens at a time corresponding to a beginning of a time during which a client station is permitted to be configured by a configurator; and
  
  transferring said generated at least one encrypted configuration message to a client station to enable secure communication between a configurator station and said client station.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The computer readable storage device according to claim 11, wherein said at least one code section comprises code for generating at least one control signal in a finite state machine when said at least one configuration start signal has been asserted.
  - 13. The computer readable storage device according to claim 11, wherein said at least one code section comprises code for generating by a packet processor:
    - at least one beacon message in a packet processor for establishing secure wireless communication between said configurator station and said client station; and
      
      said at least one encrypted configuration message.
  - 14. The computer readable storage device according to claim 13, wherein said at least one code section comprises code for transferring said generated at least one beacon message to a network driver for broadcasting.
  - 15. The computer readable storage device according to claim 11, wherein said at least one code section comprises code for receiving a hello message from said client station in a packet processor.
  - 16. The computer readable storage device according to claim 11, wherein said at least one code section comprises code for receiving a random number in a Diffie-Hellman (DH) generator.
  - 17. The computer readable storage device according to claim 16, wherein said at least one code section comprises code for generating a first key in said DH generator based on said received random number.
  - 18. The computer readable storage device according to claim 17, wherein said at least one code section comprises code for generating a private key in said DH generator based on said first key and a second key received from said client station.
  - 19. The computer readable storage device according to claim 18, wherein said at least one code section comprises code for generating said at least one encrypted configuration message based on said generated private key.
  - 20. The computer readable storage device according to claim 11, wherein said at least one code section comprises code for retrieving said configuration information from a persistent storage device via a finite state machine.

21. A system for enabling communication of information in a secure communication system, the system comprising:
- a configurator station that is operable to generate at least one encrypted configuration message in a packet processor within a configurator timing window when at least one configuration start signal is asserted, wherein the configurator timing window opens at a time corresponding to a beginning of a time during which a client station is permitted to be configured by a configurator; and
  
  said configurator station is operable to transfer said generated at least one encrypted configuration message to a client station to enable secure communication between said configurator station and said client station;
  
  wherein said configurator station is a configurator device.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The system according to claim 21, wherein said configurator station is operable to generate at least one control signal in a finite state machine when said at least one configuration start signal has been asserted.
  - 23. The system according to claim 21, wherein said configurator station is operable to generate at least one beacon message in said packet processor for establishing a secure wireless communication between said configurator station and said client station.
  - 24. The system according to claim 23, wherein said configurator station is operable to transfer said generated at least one beacon message to a network driver for broadcasting.
  - 25. The system according to claim 21, wherein said configurator station is operable to receive a hello message from said client station in said packet processor.
  - 26. The system according to claim 21, wherein said configurator station is operable to generate a random number.
  - 27. The system according to claim 26, wherein said configurator station is operable to generate a first key in a Diffie-Hellman (DH) generator based on said generated random number.
  - 28. The system according to claim 27, wherein said configurator station is operable to generate a private key in said DH generator based on said first key and a second key received from said client station.
  - 29. The system according to claim 28, wherein said configurator station is operable to generate said at least one encrypted configuration message based on said generated private key.
  - 30. The system according to claim 21, wherein said configurator station is operable to retrieve said configuration information from a persistent storage device via a finite state machine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Carter, Edward, Thawani, Manoj, Deb, Manas
Primary Examiner(s)
Gergiso, Techane

Application Number

US11/208,275
Publication Number

US 20060041750A1
Time in Patent Office

3,015 Days
Field of Search

713/170, 380/239, 455/410, 455/411
US Class Current

713/170
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 9/0841   involving Diffie-Hellman or...

H04W 12/037   of the control plane, e.g. ...

Architecture for supporting secure communication network setup in a wireless local area network (WLAN)

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Architecture for supporting secure communication network setup in a wireless local area network (WLAN)

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links