Method and apparatus for securing communication between a mobile node and a network
First Claim
1. A method of generating a message comprising the steps of:
- a device accessing a message;
the device generating a checksum of the message;
the device accessing a session key, wherein the session key is negotiated prior to the accessing by;
initiating a communication session using a protocol;
receiving a public key within a vendor specific packet of the protocol, wherein the vendor specific packet includes a field indicating that the packet includes data in a format specified by a vendor;
generating a session key from the public key; and
communicating the session key within an initial request message (RRQ) of the protocol;
the device generating an authentication code by performing a one-way hash function on the checksum using the session key; and
the device generating an output message that includes the message and the authentication code, wherein the output message is intended for a first hop IP router.
0 Assignments
0 Petitions
Accused Products
Abstract
In accordance with the teachings of the present invention, a method and apparatus is presented for securely negotiating a session key between a mobile node and a network node, such as a first hop IP router. A session key is encoded using asymmetric encryption. The encrypted session key is then communicated to the first hop IP router for later use. In accordance with another teaching of the present invention, the session key is then used by the mobile node and a first hop IP router to authenticate a message. Lastly, in accordance with the third teaching of the present invention, a standardized protocol is used to securely negotiate the session key between the mobile node and the first hop IP router.
-
Citations
14 Claims
-
1. A method of generating a message comprising the steps of:
-
a device accessing a message; the device generating a checksum of the message; the device accessing a session key, wherein the session key is negotiated prior to the accessing by; initiating a communication session using a protocol; receiving a public key within a vendor specific packet of the protocol, wherein the vendor specific packet includes a field indicating that the packet includes data in a format specified by a vendor; generating a session key from the public key; and communicating the session key within an initial request message (RRQ) of the protocol; the device generating an authentication code by performing a one-way hash function on the checksum using the session key; and the device generating an output message that includes the message and the authentication code, wherein the output message is intended for a first hop IP router. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A mobile device, comprising:
-
wireless communication circuitry for performing wireless communication; processing hardware coupled to the wireless communication circuitry, wherein the processing hardware is configured to; access a message; generate a checksum of the message; access a session key, wherein the processing hardware is configured to negotiate the session key prior to accessing the message by; initiating a communication session using a protocol; receiving a public key within a vendor specific packet of the protocol, wherein the vendor specific packet includes a field indicating that the packet includes data in a format specified by a vendor; generating a session key from the public key; and communicating the session key within an initial request message (RRQ) of the protocol; generate an authentication code by performing a one-way hash function on the checksum using the session key; generate an output message that includes the message and the authentication code; and transmit the output message via the wireless communication circuitry, wherein the output message is intended for a first hop IP router. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory, computer accessible memory medium comprising program instructions, wherein the program instructions are executable by a mobile device to:
-
access a message; generate a checksum of the message; access a session key, wherein the program instructions are executable to negotiate the session key prior to the accessing the message by; initiating a communication session using a protocol; receiving a public key within a vendor specific packet of the protocol, wherein the vendor specific packet includes a field indicating that the packet includes data in a format specified by a vendor; generating a session key from the public key; and communicating the session key within an initial request message (RRQ) of the protocol; generate an authentication code by performing a one-way hash function on the checksum using the session key; and generate an output message that includes the message and authentication code, wherein the output message is intended for a first hop IP router. - View Dependent Claims (14)
-
Specification