Scalable replay counters for network security

US 9,077,772 B2
Filed: 04/20/2012
Issued: 07/07/2015
Est. Priority Date: 04/20/2012
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

maintaining, at a processor of a computing device configured to operate as an authenticator in a communication network, a persistent authenticator epoch value that the authenticator increments each time the computing device reboots;

maintaining, at the authenticator, a persistent per-supplicant value for each supplicant of the authenticator, each per-supplicant value set to a current value of the authenticator epoch value each time the corresponding supplicant establishes a new security association with the authenticator, wherein maintaining the persistent per-supplicant value for each supplicant comprises storing each persistent per-supplicant value with a corresponding pairwise temporal key (PTK) stored during each new security association; and

transmitting at least one message from the authenticator to a particular supplicant, each message comprising a per-supplicant replay counter having a security association epoch counter and a message counter specific to the particular supplicant, wherein the security association epoch counter for each message is set as a difference between the authenticator epoch value and the per-supplicant value for the particular supplicant when the message is communicated, wherein the authenticator resets the security association epoch counter each time the corresponding supplicant establishes a new security association with the authenticator and the authenticator increments the security association epoch counter each time the authenticator reboots, and wherein the message counter is incremented for each message communicated;

wherein the authenticator increments the security association epoch counter for the particular supplicant in response to the message counter rolling over; and

wherein the authenticator must establish a new security association with the particular supplicant if the security association epoch counter rolls over.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, an authenticator in a communication network maintains a persistent authenticator epoch value that increments each time the authenticator restarts. The authenticator also maintains a persistent per-supplicant value for each supplicant of the authenticator, each per-supplicant value set to a current value of the authenticator epoch value each time the corresponding supplicant establishes a new security association with the authenticator. To communicate messages from the authenticator to a particular supplicant, each message uses a per-supplicant replay counter having a security association epoch counter and a message counter specific to the particular supplicant. In particular, the security association epoch counter for each message is set as a difference between the authenticator epoch value and the per-supplicant value for the particular supplicant when the message is communicated, while the message counter is incremented for each message communicated.

52 Citations

View as Search Results

14 Claims

1. A method, comprising:
- maintaining, at a processor of a computing device configured to operate as an authenticator in a communication network, a persistent authenticator epoch value that the authenticator increments each time the computing device reboots;
  
  maintaining, at the authenticator, a persistent per-supplicant value for each supplicant of the authenticator, each per-supplicant value set to a current value of the authenticator epoch value each time the corresponding supplicant establishes a new security association with the authenticator, wherein maintaining the persistent per-supplicant value for each supplicant comprises storing each persistent per-supplicant value with a corresponding pairwise temporal key (PTK) stored during each new security association; and
  
  transmitting at least one message from the authenticator to a particular supplicant, each message comprising a per-supplicant replay counter having a security association epoch counter and a message counter specific to the particular supplicant, wherein the security association epoch counter for each message is set as a difference between the authenticator epoch value and the per-supplicant value for the particular supplicant when the message is communicated, wherein the authenticator resets the security association epoch counter each time the corresponding supplicant establishes a new security association with the authenticator and the authenticator increments the security association epoch counter each time the authenticator reboots, and wherein the message counter is incremented for each message communicated;
  
  wherein the authenticator increments the security association epoch counter for the particular supplicant in response to the message counter rolling over; and
  
  wherein the authenticator must establish a new security association with the particular supplicant if the security association epoch counter rolls over.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as in claim 1, wherein maintaining the authenticator epoch value comprises, in response to starting the authenticator:
    - reading the persistent authenticator epoch value from a non-volatile memory;
      
      incrementing the authenticator epoch value; and
      
      storing the incremented authenticator epoch value in the non-volatile memory.
  - 3. The method as in claim 1, further comprising, in response to the authenticator being restarted:
    - incrementing the authenticator epoch value; and
      
      transmitting, by the authenticator, a next message to the particular supplicant with the security association epoch counter set to the difference between the incremented authenticator epoch value and the per-supplicant value for the particular supplicant, and the message counter reset to zero.
  - 4. The method as in claim 1, wherein the replay counter is eight bytes, and wherein the security association epoch counter is four bytes, and wherein the message counter is four bytes.
  - 5. The method as in claim 1, further comprising:
    - establishing the new security association with each supplicant using a 4-way handshake.
  - 6. The method as in claim 1, wherein there is no difference between the authenticator epoch value and the per-supplicant value for the particular supplicant in response to establishing a new security association with the particular supplicant, and wherein the security association epoch counter is set to zero when there is no difference between the authenticator epoch value and the per-supplicant value.
  - 7. The method as in claim 1, further comprising:
    - rebooting the computing device based on a watchdog reset, and, in response, incrementing the authenticator epoch value.

8. An apparatus, comprising:
- one or more network interfaces to communicate with a shared-media communication network;
  
  a processor coupled to the network interfaces and adapted to execute one or more processes;
  
  anda memory configured to store a process executable by the processor, the process, when executed by the apparatus as an authenticator, operable to;
  
  maintain a persistent authenticator epoch value that increments each time the apparatus reboots;
  
  maintain a persistent per-supplicant value for each supplicant of the authenticator, each per-supplicant value set to a current value of the authenticator epoch value each time the corresponding supplicant establishes a new security association with the authenticator, wherein maintaining the persistent per-supplicant value for each supplicant comprises storing each persistent per-supplicant value with a corresponding pairwise temporal key (PTK) stored during each new security association; and
  
  transmit at least one message to a particular supplicant, each message using comprising a per-supplicant replay counter having a security association epoch counter and a message counter specific to the particular supplicant, wherein the security association epoch counter for each message is set as a difference between the authenticator epoch value and the per-supplicant value for the particular supplicant when the message is communicated, wherein the authenticator resets the security association epoch counter each time the corresponding supplicant establishes a new security association with the authenticator and the authenticator increments the security association epoch counter each time the authenticator reboots, and wherein the message counter is incremented for each message communicated;
  
  wherein the authenticator increments the security association epoch counter for the particular supplicant in response to the message counter rolling over; and
  
  wherein the authenticator must establish a new security association with the particular supplicant if the security association epoch counter rolls over.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The apparatus as in claim 8, wherein the process when executed to maintain the authenticator epoch value is further operable to, in response to starting the authenticator:
    - read the persistent authenticator epoch value from a non-volatile memory;
      
      increment the authenticator epoch value; and
      
      store the incremented authenticator epoch value in the non-volatile memory.
  - 10. The apparatus as in claim 8, wherein the process when executed is further operable to, in response to the authenticator being restarted:
    - increment the authenticator epoch value; and
      
      transmit a next message to the particular supplicant with the security association epoch counter set to the difference between the incremented authenticator epoch value and the per-supplicant value for the particular supplicant and the message counter reset to zero.
  - 11. The apparatus as in claim 8, wherein the replay counter is eight bytes, and wherein the security association epoch counter is four bytes, and wherein the message counter is four bytes.
  - 12. The apparatus as in claim 8, wherein the apparatus is a field area router (FAR).
  - 13. The apparatus as in claim 8, wherein the process when executed is further operable to:
    - establish the new security association with each supplicant using a 4-way handshake.

14. A tangible, non-transitory, computer-readable media having software encoded thereon, the software, when executed by a processor of a computing device acting as an authenticator in a computer network, operable to:
- maintain a persistent authenticator epoch value that increments each time the computing device reboots;
  
  maintain a persistent per-supplicant value for each supplicant of the authenticator, each per-supplicant value set to a current value of the authenticator epoch value each time the corresponding supplicant establishes a new security association with the authenticator, wherein maintaining the persistent per-supplicant value for each supplicant comprises storing each persistent per-supplicant value with a corresponding pairwise temporal key (PTK) stored during each new security association; and
  
  transmit at least one message to a particular supplicant, each message using comprising a per-supplicant replay counter having a security association epoch counter and a message counter specific to the particular supplicant, wherein the security association epoch counter for each message is set as a difference between the authenticator epoch value and the per-supplicant value for the particular supplicant when the message is communicated, wherein the authenticator resets the security association epoch counter each time the corresponding supplicant establishes a new security association with the authenticator and the authenticator increments the security association epoch counter in response to the authenticator rebooting, and wherein the message counter is incremented for each message communicated;
  
  wherein the authenticator increments the security association epoch counter for the particular supplicant in response to the message counter rolling over; and
  
  wherein the authenticator must establish a new security association with the particular supplicant if the security association epoch counter rolls over.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Hui, Jonathan W., Ahuja, Anjum, Kondaka, Krishna, Hong, Wei
Primary Examiner(s)
Patel, Ashok
Assistant Examiner(s)
GRACIA, GARY S

Application Number

US13/451,897
Publication Number

US 20130283347A1
Time in Patent Office

1,173 Days
Field of Search

726/3
US Class Current

1/1
CPC Class Codes

H04L 63/0846   using time-dependent-passwo...

H04L 67/12   specially adapted for propr...

H04L 69/40   for recovering from a failu...

Scalable replay counters for network security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

52 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Scalable replay counters for network security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links