Localized network authentication and security using tamper-resistant keys
First Claim
1. A physical key for use with a computing device, the physical key comprising:
- a port connector adapted to connect to a corresponding communication port of the computing device and upon connection establish a physical interface between the computing device and the physical key externally located from the computing device, and wherein the physical key is configured to generate a cryptographic key from a token within the physical key and store the generated cryptographic key inside the token, wherein the generated cryptographic key is never exposed outside of the physical key;
a random number generator adapted to generate one or more random numbers, wherein the one or more random numbers are employed to generate a transposed version of the generated cryptographic key, and further wherein the transposed cryptographic key is employed to encrypt and/or decrypt communication across a wireless channel; and
a memory card adapted to store network keys for accessing one or more networks, wherein the network keys comprise a network send (NKS) key and a network receive (NKR) key.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a secure Wi-Fi communications method and system. In an embodiment of the invention, unique physical keys, or tokens, are installed at an access point and each client device of the network. Each key comprises a unique serial number and a common network send cryptographic key and a common network receive cryptographic key used only during the authentication phase by all components on the LAN. Each client key further includes a secret cryptographic key unique to each client device. During authentication, two random numbers are generated per communications session and are known by both sides of the wireless channel. Only the random numbers are sent across the wireless channel and in each case these numbers are encrypted. A transposed cryptographic key is derived from the unique secret cryptographic key using the random numbers generated during authentication. Thus, both sides of the wireless channel know the transposed cryptographic key without it ever being transmitted between the two.
73 Citations
3 Claims
-
1. A physical key for use with a computing device, the physical key comprising:
-
a port connector adapted to connect to a corresponding communication port of the computing device and upon connection establish a physical interface between the computing device and the physical key externally located from the computing device, and wherein the physical key is configured to generate a cryptographic key from a token within the physical key and store the generated cryptographic key inside the token, wherein the generated cryptographic key is never exposed outside of the physical key; a random number generator adapted to generate one or more random numbers, wherein the one or more random numbers are employed to generate a transposed version of the generated cryptographic key, and further wherein the transposed cryptographic key is employed to encrypt and/or decrypt communication across a wireless channel; and a memory card adapted to store network keys for accessing one or more networks, wherein the network keys comprise a network send (NKS) key and a network receive (NKR) key. - View Dependent Claims (2, 3)
-
Specification
-
- Resources
-
Current AssigneeKoolSpan, Inc.
-
Original AssigneeKoolSpan, Inc.
-
InventorsFascenda, Anthony C.
-
Primary Examiner(s)CHEN, SHIN HON
-
Application NumberUS14/299,618Publication NumberTime in Patent Office652 DaysField of SearchNoneUS Class Current1/1CPC Class CodesH04L 2209/80 Wireless network architectu...H04L 63/0428 wherein the data content is...H04L 63/061 for key exchange, e.g. in p...H04L 63/08 for authentication of entit...H04L 9/0897 involving additional device...H04L 9/3234 involving additional secure...H04L 9/3271 using challenge-responseH04W 12/04 Key management, e.g. using ...H04W 12/06 AuthenticationH04W 12/50 Secure pairing of devices
