Efficient key establishment for wireless networks

US 9,769,653 B1
Filed: 08/02/2013
Issued: 09/19/2017
Est. Priority Date: 08/20/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a first network station, a data packet containing intrinsic information corresponding to a second network station joining a wireless network;

deriving an encryption key using the intrinsic information corresponding to the second network station without a four-way handshake between the first and second network stations, the encryption key usable to encrypt data to be communicated between the first and second network stations through secure communication;

encrypting data using the encryption key; and

communicating, through the secure connection, the encrypted data to the second network station.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for deriving an encryption key for use between two stations in a wireless network using information intrinsic to one of the stations, without exchanging pairwise transient keys.

215 Citations

20 Claims

1. A method comprising:
- receiving, at a first network station, a data packet containing intrinsic information corresponding to a second network station joining a wireless network;
  
  deriving an encryption key using the intrinsic information corresponding to the second network station without a four-way handshake between the first and second network stations, the encryption key usable to encrypt data to be communicated between the first and second network stations through secure communication;
  
  encrypting data using the encryption key; and
  
  communicating, through the secure connection, the encrypted data to the second network station.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the encrypted data is communicated to the second network station without exchanging pairwise transient keys with the second network station.
  - 3. The method of claim 1, wherein the data packet comprises a beacon signal.
  - 4. The method of claim 1, wherein the intrinsic information comprises a media access control (MAC) address of the second network station.
  - 5. The method of claim 1, wherein the wireless network does not include a central access point.
  - 6. The method of claim 1, wherein the wireless network comprises a mesh network.
  - 7. The method of claim 1, wherein the wireless network comprises one of an independent basic service set (IBSS) network, a smesh network, or a distributed link software (DLS) network.

8. A first network station in a wireless network,the first network station configured to receive a beacon signal when a second network station joins the wireless network, the first network station comprising:
- at least a memory and a processor to implement a network adaptor, the network adapter configured to;
  
  extract information intrinsic to the second network station from the beacon signal;
  
  derive an encryption key using the information intrinsic to the second network station without a four-way handshake between the first and second network stations, the encryption key usable to encrypt data to be communicated between the first and second network stations through secure communication; and
  
  encrypt data for communication to the second network station using the encryption key.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The first network station of claim 8, wherein the information intrinsic to the second network station comprises a media access control (MAC) address of the second network station.
  - 10. The first network station of claim 8, wherein the first network station is further configured to communicate the encrypted data to the second network station without exchanging pairwise transient keys with the second network station.
  - 11. The first network station of claim 8, wherein the wireless network does not include a central access point.
  - 12. The first network station of claim 8, wherein the wireless network comprises a mesh network.
  - 13. The first network station of claim 8, wherein the wireless network comprises one of an independent basic service set (IBSS) network, a smesh network, or a distributed link software (DLS) network.

14. A method comprising:
- establishing, at a first network station, a first unique key with a second network station;
  
  receiving information corresponding to a third network station from the second network station;
  
  deriving a second unique key using the information corresponding to the third network station without a four-way handshake, the second unique key usable to encrypt data to be communicated between the first and third network stations through secure communication;
  
  encrypting data using the second unique key; and
  
  communicating, through the secure communication, the encrypted data to the third network station.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method of claim 14, wherein the information corresponding to the third network station was derived by the second network station based on prior communications between the second network station and the third network station.
  - 16. The method of claim 14, wherein the information corresponding to the third network station comprises a media access control (MAC) address of the third network station.
  - 17. The method of claim 14, wherein the first unique key is established using a four-way handshake.
  - 18. The method of claim 14, wherein the encrypted data is communicated to the third network station without a prior exchange of pairwise transient keys between the first network station and the third network station.
  - 19. The method of claim 14, wherein the wireless network comprises a mesh network.
  - 20. The method of claim 14, wherein the wireless network comprises one of an independent basic service set (IBSS) network, a smesh network, or a distributed link software (DLS) network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Marvell Asia Pte Limited (Marvell Technology Group Limited)
Original Assignee
Marvell International Limited (Marvell Technology Group Limited)
Inventors
Lambert, Paul A., Huang, Frank
Primary Examiner(s)
To, Baotran N

Application Number

US13/958,101
Time in Patent Office

1,509 Days
Field of Search

713168, 713170, 713171, 380 44, 380277, 726 4
US Class Current
CPC Class Codes

H04L 2463/061   applying further key deriva...

H04L 63/06   for supporting key manageme...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0876   based on the identity of th...

H04L 63/123   received data contents, e.g...

H04L 9/083   involving central third par...

H04L 9/0866   involving user or device id...

H04W 12/04   Key management, e.g. using ...

H04W 12/10   Integrity

H04W 12/50   Secure pairing of devices

H04W 12/71   Hardware identity

H04W 84/18   Self-organising networks, e...

Efficient key establishment for wireless networks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

215 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Efficient key establishment for wireless networks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

215 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others