Generating a symmetric key to secure a communication link
First Claim
Patent Images
1. A method for securing a communication link between a first device and a second device, the method comprising:
- the first device generating a first symmetric key, wherein generating the first symmetric key includes the first device sending to the second device a first public key in one or more first packets over the communication link and the first device receiving from the second device a second public key in one or more second packets over the communication link, the first public key and the second public key both based on a secret shared by the first device and the second device;
the first device generating a second symmetric key, wherein generating the second symmetric key includes the first device sending to the second device a third public key in one or more third packets over the communication link and the first device receiving from the second device a fourth public key in one or more fourth packets over the communication link;
the first device creating a hash result by hashing the one or more first packets, the one or more second packets, the one or more third packets and the one or more fourth packets;
the first device generating a third symmetric key by hashing the first symmetric key, the second symmetric key and the hash result; and
one or more of the following;
the first device encrypting first data using a symmetric algorithm keyed by the third symmetric key to produce first encrypted data, and sending to the second device the first encrypted data over the communication link;
orthe first device receiving from the second device second encrypted data over the communication link, and decrypting the second encrypted data using the symmetric algorithm keyed by the third symmetric key to produce decrypted data.
4 Assignments
0 Petitions
Accused Products
Abstract
A symmetric key to be used to secure a communication link between a first device and a second device is generated as follows: a first symmetric key is generated; a second symmetric key is generated; packets communicated between the first device and the second device over communication link are hashed to create a hash result; the first symmetric key, the second symmetric key and the hash result are hashed to generate a third symmetric key to be used to secure the communication link.
58 Citations
23 Claims
-
1. A method for securing a communication link between a first device and a second device, the method comprising:
-
the first device generating a first symmetric key, wherein generating the first symmetric key includes the first device sending to the second device a first public key in one or more first packets over the communication link and the first device receiving from the second device a second public key in one or more second packets over the communication link, the first public key and the second public key both based on a secret shared by the first device and the second device; the first device generating a second symmetric key, wherein generating the second symmetric key includes the first device sending to the second device a third public key in one or more third packets over the communication link and the first device receiving from the second device a fourth public key in one or more fourth packets over the communication link; the first device creating a hash result by hashing the one or more first packets, the one or more second packets, the one or more third packets and the one or more fourth packets; the first device generating a third symmetric key by hashing the first symmetric key, the second symmetric key and the hash result; and one or more of the following; the first device encrypting first data using a symmetric algorithm keyed by the third symmetric key to produce first encrypted data, and sending to the second device the first encrypted data over the communication link;
orthe first device receiving from the second device second encrypted data over the communication link, and decrypting the second encrypted data using the symmetric algorithm keyed by the third symmetric key to produce decrypted data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A first device comprising:
-
a processor; a communication interface through which the first device is able to establish a communication link with a second device, the communication interface coupled to the processor; and a memory able to store executable code which, when executed by the processor, causes the first device to; generate a first symmetric key, wherein generating the first symmetric key includes the first device sending to the second device a first public key in one or more first packets over the communication link and the first device receiving from the second device a second public key in one or more second packets over the communication link, the first public key and the second public key both based on a secret shared by the first device and the second device; generate a second symmetric key, wherein generating the second symmetric key includes the first device sending to the second device a third public key in one or more third packets over the communication link and the first device receiving from the second device a fourth public key in one or more fourth packets over the communication link; create a hash result by hashing the one or more first packets, the one or more second packets, the one or more third packets and the one or more fourth packets; generate a third symmetric key by hashing the first symmetric key, the second symmetric key and the hash result; and one or more of the following; encrypt first data using a symmetric algorithm keyed by the third symmetric key to produce first encrypted data, and send to the second device the first encrypted data over the communication link;
orreceive from the second device second encrypted data over the communication link, and decrypt the second encrypted data using the symmetric algorithm keyed by the third symmetric key to produce decrypted data. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A non-transitory computer-readable medium having stored thereon instructions which, when executed by a first device, result in:
-
generating a first symmetric key, wherein generating the first symmetric key includes the first device sending to a second device a first public key in one or more first packets over a communication link and the first device receiving from the second device a second public key in one or more second packets over the communication link, the first public key and the second public key both based on a secret shared by the first device and the second device; generating a second symmetric key, wherein generating the second symmetric key includes the first device sending to the second device a third public key in one or more third packets over the communication link and the first device receiving from the second device a fourth public key in one or more fourth packets over the communication link; creating a hash result by hashing the one or more first packets, the one or more second packets, the one or more third packets and the one or more fourth packets; generating a third symmetric key by hashing the first symmetric key, the second symmetric key and the hash result; and one or more of the following; encrypting first data using a symmetric algorithm keyed by the third symmetric key to produce first encrypted data, and sending to the second device the first encrypted data over the communication link;
orreceiving from the second device second encrypted data over the communication link, and decrypting the second encrypted data using the symmetric algorithm keyed by the third symmetric key to produce decrypted data.
-
Specification