Mesh network with personal pre-shared keys
First Claim
1. An electronic device, comprising:
- an interface circuit configured to wirelessly communicate with one or more electronic devices, and wherein the electronic device is configured to;
provide, to an output node of the electronic device, a recovery frame for a second electronic device in an attempt to re-establish encrypted communication with the second electronic device, wherein content in the recovery frame is encrypted using a pre-shared key (PSK);
when the electronic device receives, from an input node of the electronic device, a response frame associated with the second electronic device that indicates that the attempt to re-establish the encrypted communication with the second electronic device succeeded, provide, to the output node, a data frame for the second electronic device, wherein content in the data frame is encrypted using the PSK; and
when the attempt to re-establish the encrypted communication with the second electronic device fails, provide, to the output node, a second recovery frame for the second electronic device to re-establish encrypted communication with the second electronic device, wherein content in the second recovery frame is encrypted using a predefined personal PSK between the electronic device and the second electronic device, andwherein the predefined personal PSK is associated with the electronic device and the second electronic device.
9 Assignments
0 Petitions
Accused Products
Abstract
A mesh network with a network-wide pre-shared key (PSK) that can be updated is described. The PSK can be used to establish secure communication between arbitrary electronic devices in the mesh network. In order to prevent electronic devices from being inadvertently ‘stranded,’ i.e., unable to securely communicate with other electronic devices in the mesh network when the PSK is updated, pairs of electronic devices in the mesh network establish personal PSKs (PPSKs). In particular, after securely associating with each other, a given pair of electronic devices may have used the current PSK to authenticate and encrypt their communication. Then, the given pair of electronic devices may define a PPSK, e.g., by exchanging one or more random numbers. If a subsequent attempt at establishing secure or encrypted communication between the given pair of electronic devices fails, these electronic devices may use the PPSK as a backup to establish the encrypted communication.
15 Citations
20 Claims
-
1. An electronic device, comprising:
-
an interface circuit configured to wirelessly communicate with one or more electronic devices, and wherein the electronic device is configured to; provide, to an output node of the electronic device, a recovery frame for a second electronic device in an attempt to re-establish encrypted communication with the second electronic device, wherein content in the recovery frame is encrypted using a pre-shared key (PSK); when the electronic device receives, from an input node of the electronic device, a response frame associated with the second electronic device that indicates that the attempt to re-establish the encrypted communication with the second electronic device succeeded, provide, to the output node, a data frame for the second electronic device, wherein content in the data frame is encrypted using the PSK; and when the attempt to re-establish the encrypted communication with the second electronic device fails, provide, to the output node, a second recovery frame for the second electronic device to re-establish encrypted communication with the second electronic device, wherein content in the second recovery frame is encrypted using a predefined personal PSK between the electronic device and the second electronic device, and wherein the predefined personal PSK is associated with the electronic device and the second electronic device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable storage medium for use in conjunction with an electronic device, the computer-readable storage medium storing a program module, wherein, when executed by the electronic device, the program module causes the electronic device to perform one or more operations comprising:
-
providing, to an output node of the electronic device, a recovery frame for a second electronic device in an attempt to re-establish encrypted wireless communication with the second electronic device, wherein content in the recovery frame is encrypted using a pre-shared key (PSK); when the electronic device receives, from an input node of the electronic device, a response frame associated with the second electronic device that indicates that the attempt to re-establish the encrypted communication with the second electronic device succeeded, providing, to the output node, a data frame for the second electronic device, wherein content in the data frame is encrypted using the PSK; and when the attempt to re-establish the encrypted communication with the second electronic device fails, providing, to the output node, a second recovery frame for the second electronic device to re-establish wireless encrypted communication with the second electronic device, wherein content in the second recovery frame is encrypted using a predefined personal PSK between the electronic device and the second electronic device, and wherein the predefined personal PSK is associated with the electronic device and the second electronic device. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for re-establishing encrypted communication, wherein the method comprises:
-
by an electronic device; providing, to an output node of the electronic device, a recovery frame for a second electronic device in an attempt to re-establish encrypted wireless communication with the second electronic device, wherein content in the recovery frame is encrypted using a pre-shared key (PSK); providing, to the output node, a data frame for the second electronic device when the electronic device receives, from an input node of the electronic device, a response frame associated with the second electronic device that indicates that the attempt to re-establish the encrypted communication with the second electronic device succeeded, wherein content in the data frame is encrypted using the PSK; and providing, to the output node, a second recovery frame for the second electronic device to re-establish wireless encrypted communication with the second electronic device when the attempt to re-establish the encrypted communication with the second electronic device fails, wherein content in the second recovery frame is encrypted using a predefined personal PSK between the electronic device and the second electronic device, and wherein the predefined personal PSK is associated with the electronic device and the second electronic device. - View Dependent Claims (17, 18, 19, 20)
-
Specification