Wireless sensor network key distribution

US 8,705,744 B2
Filed: 03/28/2008
Issued: 04/22/2014
Est. Priority Date: 04/05/2007
Status: Active Grant

First Claim

Patent Images

1. A system for distributing keying material to nodes in a wireless sensor network (WSN), including:

a key management box (KMB) that stores keying material for at least one sensor node in the WSN; and

a security module, in the KMB, that encrypts keying material for transmission to the at least one sensor node;

wherein the KMB transmits the encrypted keying material to the at least one sensor node and receives an acknowledgment of receipt of the keying material from the sensor node;

wherein upon activation of the KMB, a status of the at least one sensor node is indicated to be expired in a look-up table stored in the KMB; and

wherein upon receipt of the acknowledgment at the KMB, the lookup table is updated so that the status of the at least one sensor node is indicated to be current.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

When installing and maintaining a wireless sensor network in a medical or factory environment, distribution of keying material to sensor nodes (18) is performed by a key material box (KMB) (12), such as a smartcard or the like. The KMB (12) has a random seed stored to it during manufacture, and upon activation performs an authentication protocol with a sensor node (18) to be updated or installed. The KMB (12) receives node identification information, which is used in conjunction with the random seed to generate keying material for the node (18). The KMB (12) then encrypts the keying material for transmission to the node (18), and transmits over a wired or wireless communication link in a secure manner. The node (18) sends an acknowledgement message back the KMB (12), which then updates the nodes status in look-up tables stored in the KMB (12).

Citations

15 Claims

1. A system for distributing keying material to nodes in a wireless sensor network (WSN), including:
- a key management box (KMB) that stores keying material for at least one sensor node in the WSN; and
  
  a security module, in the KMB, that encrypts keying material for transmission to the at least one sensor node;
  
  wherein the KMB transmits the encrypted keying material to the at least one sensor node and receives an acknowledgment of receipt of the keying material from the sensor node;
  
  wherein upon activation of the KMB, a status of the at least one sensor node is indicated to be expired in a look-up table stored in the KMB; and
  
  wherein upon receipt of the acknowledgment at the KMB, the lookup table is updated so that the status of the at least one sensor node is indicated to be current.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The system according to claim 1, wherein the KMB is a smartcard.
  - 3. The system according to claim 1, wherein the KMB generates keying material for the at least one sensor node when the at least one sensor node is added to the WSN.
  - 4. The system according to claim 1, wherein the KMB stores status information that describes a state of the keying material of the at least one sensor node.
  - 5. The system according to claim 1, wherein the KMB and the at least one sensor node execute an authentication procedure using a secret key when the at least one sensor node needs a keying material update.
  - 6. The system according to claim 5, wherein the KMB generates new keying material for the at least one sensor node upon successful authentication of the at least one sensor node.
  - 7. The system according to claim 6, wherein the security module encrypts the new keying material, and the KMB transmits the encrypted keying material to the at least one sensor node.
  - 8. The system according to claim 1, wherein the KMB further includes a PIN-protected memory that stores at least one of secret key information, keying material, and status information, associated with the at least one sensor node.
  - 9. The system according to claim 1, wherein the KMB includes:
    - a routine for executing an authentication procedure between the KMB and the at least one sensor node;
      
      a routine for receiving node ID information from the at least one sensor node;
      
      a routine for calculating new keying material for the at least one sensor node;
      
      a routine for sending the new keying material to the at least one sensor node; and
      
      a routine for receiving an acknowledgement of receipt of the new keying material from the at least one sensor node.
  - 10. The system according to claim 1, wherein the KMB and the at least one sensor node are configured to authenticate each other using a secret key during manufacture or during initial installation.
  - 11. The system according to claim 1, wherein the KMB includes a random seed that is stored to the KMB during manufacture or activation.
  - 12. The system according to claim 11, wherein the KMB and the at least one node are coupled to a workstation and execute an authentication procedure.
  - 13. The system according to claim 12, wherein the KMB employs the random seed and node ID information to generate the keying material.
  - 14. The system according to claim 13, wherein a status of the at least one sensor node is updated in a look-up table stored in the KMB after receipt at the KMB of an acknowledgement that the at least one sensor node has received the keying material.
  - 15. The system according to claim 1, wherein the KMB receives an acknowledgement from the at least one sensor node indicating that the keying material has been received.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Koninklijke Philips Electronics N.V. (Koninklijke Philips N.V.)
Original Assignee
Koninklijke Philips N.V.
Inventors
Huebner, Axel G., Baldus, Heribert, Garcia, Oscar
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Nobahar, Abdulhakim

Application Number

US12/594,610
Publication Number

US 20100082988A1
Time in Patent Office

2,216 Days
Field of Search

726 2- 10, 726/17, 726/20, 726/21, 713/150, 713/168, 713/171, 713/176, 713182-186, 713/189, 713192-194, 380/44, 380277-279, 380/281
US Class Current

380/277
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 2463/062   applying encryption of the ...

H04L 63/062   for key distribution, e.g. ...

H04L 9/083   involving central third par...

H04L 9/0869   involving random numbers or...

H04L 9/0891   Revocation or update of sec...

H04W 12/041   Key generation or derivation

H04W 12/062   Pre-authentication

H04W 84/18   Self-organising networks, e...

Wireless sensor network key distribution

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Wireless sensor network key distribution

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links