Mesh network with personal pre-shared keys
First Claim
1. An electronic device, comprising:
- an interface circuit configured to communicate with other electronic devices, wherein a path to a root electronic device in the other electronic devices, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point, wherein the electronic device is configured to;
receive a pre-shared key (PSK) from a controller;
establish encrypted communication with a first electronic device in the other electronic devices using the PSK;
exchange a first personal pre-shared key (PPSK) with the first electronic device, wherein the first PPSK is associated with the electronic device and the first electronic device, and wherein exchanging the first PPSK involves one of;
providing at least a first portion of the first PPSK to the first electronic device, and receiving at least a second portion of the first PPSK to the first electronic device;
when a subsequent attempt to establish encrypted communication with the first electronic device using the PSK fails, establish encrypted communication with the first electronic device using the first PPSK; and
when the subsequent attempt to establish encrypted communication with the first electronic device using the PSK succeeds, perform encrypted communication with the first electronic device using the PSK, wherein the electronic device is an arbitrary member of a group of electronic devices that includes the electronic device and the other electronic devices.
9 Assignments
0 Petitions
Accused Products
Abstract
A mesh network with a network-wide pre-shared key (PSK) that can be updated is described. The PSK can be used to establish secure communication between arbitrary electronic devices in the mesh network. In order to prevent electronic devices from being inadvertently ‘stranded,’ i.e., unable to securely communicate with other electronic devices in the mesh network when the PSK is updated, pairs of electronic devices in the mesh network establish personal PSKs (PPSKs). In particular, after securely associating with each other, a given pair of electronic devices may have used the current PSK to authenticate and encrypt their communication. Then, the given pair of electronic devices may define a PPSK, e.g., by exchanging one or more random numbers. If a subsequent attempt at establishing secure or encrypted communication between the given pair of electronic devices fails, these electronic devices may use the PPSK as a backup to establish the encrypted communication.
18 Citations
18 Claims
-
1. An electronic device, comprising:
-
an interface circuit configured to communicate with other electronic devices, wherein a path to a root electronic device in the other electronic devices, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point, wherein the electronic device is configured to; receive a pre-shared key (PSK) from a controller; establish encrypted communication with a first electronic device in the other electronic devices using the PSK; exchange a first personal pre-shared key (PPSK) with the first electronic device, wherein the first PPSK is associated with the electronic device and the first electronic device, and wherein exchanging the first PPSK involves one of;
providing at least a first portion of the first PPSK to the first electronic device, and receiving at least a second portion of the first PPSK to the first electronic device;when a subsequent attempt to establish encrypted communication with the first electronic device using the PSK fails, establish encrypted communication with the first electronic device using the first PPSK; and when the subsequent attempt to establish encrypted communication with the first electronic device using the PSK succeeds, perform encrypted communication with the first electronic device using the PSK, wherein the electronic device is an arbitrary member of a group of electronic devices that includes the electronic device and the other electronic devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-program product for use in conjunction with an electronic device, the computer-program product comprising a non-transitory computer-readable storage medium and a program module embedded therein to exchange a personal pre-shared key (PPSK), wherein, when executed by the processor, the program module causes the electronic device to:
-
receive a pre-shared key (PSK) from a controller; establish encrypted communication with a first electronic device in other electronic devices using the PSK, wherein a path to a root electronic device in the other electronic devices, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point; exchange a first PPSK with the first electronic device, wherein the first PPSK is associated with the electronic device and the first electronic device, and wherein exchanging the first PPSK involves one of;
providing at least a first portion of the first PPSK to the first electronic device, and receiving at least a second portion of the first PPSK to the first electronic device;establish encrypted communication with the first electronic device using the first PPSK when a subsequent attempt to establish encrypted communication with the first electronic device using the PSK fails; and perform encrypted communication with the first electronic device using the PSK when the subsequent attempt to establish encrypted communication with the first electronic device using the PSK succeeds, wherein the electronic device is an arbitrary member of a group of electronic devices that includes the electronic device and the other electronic devices. - View Dependent Claims (10, 11, 12)
-
-
13. A method for exchanging a personal pre-shared key (PPSK) using an electronic device, wherein the method comprises:
-
receiving a pre-shared key (PSK); establishing encrypted communication with a first electronic device in other electronic devices using the PSK, wherein a path to a root electronic device in the other electronic, which is coupled to a network, contains at least one wireless connection that passes information from a client device to the network via an access point; exchanging a first PPSK with the first electronic device, wherein the first PPSK is associated with the electronic device and the first electronic device, and wherein exchanging the first PPSK involves one of;
providing at least a first portion of the first PPSK to the first electronic device, and receiving at least a second portion of the first PPSK to the first electronic device;when a subsequent attempt to establish encrypted communication with the first electronic device using the PSK fails, establishing encrypted communication with the first electronic device using the first PPSK; and when the subsequent attempt to establish encrypted communication with the first electronic device using the PSK succeeds, performing encrypted communication with the first electronic device using the PSK, wherein the electronic device is an arbitrary member of a group of electronic devices that includes the electronic device and the other electronic devices. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification