Mesh network with personal pre-shared keys

US 9,774,580 B2
Filed: 04/19/2017
Issued: 09/26/2017
Est. Priority Date: 12/31/2014
Status: Active Grant

First Claim

Patent Images

1. An electronic device, comprising:

an interface circuit configured to wirelessly communicate with one or more electronic devices, and wherein the electronic device is configured to;

provide, to an output node of the electronic device, a recovery frame for a second electronic device in an attempt to re-establish encrypted communication with the second electronic device, wherein content in the recovery frame is encrypted using a pre-shared key (PSK);

when the electronic device receives, from an input node of the electronic device, a response frame associated with the second electronic device that indicates that the attempt to re-establish the encrypted communication with the second electronic device succeeded, provide, to the output node, a data frame for the second electronic device, wherein content in the data frame is encrypted using the PSK; and

when the attempt to re-establish the encrypted communication with the second electronic device fails, provide, to the output node, a second recovery frame for the second electronic device to re-establish encrypted communication with the second electronic device, wherein content in the second recovery frame is encrypted using a predefined personal PSK between the electronic device and the second electronic device, andwherein the predefined personal PSK is associated with the electronic device and the second electronic device.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mesh network with a network-wide pre-shared key (PSK) that can be updated is described. The PSK can be used to establish secure communication between arbitrary electronic devices in the mesh network. In order to prevent electronic devices from being inadvertently ‘stranded,’ i.e., unable to securely communicate with other electronic devices in the mesh network when the PSK is updated, pairs of electronic devices in the mesh network establish personal PSKs (PPSKs). In particular, after securely associating with each other, a given pair of electronic devices may have used the current PSK to authenticate and encrypt their communication. Then, the given pair of electronic devices may define a PPSK, e.g., by exchanging one or more random numbers. If a subsequent attempt at establishing secure or encrypted communication between the given pair of electronic devices fails, these electronic devices may use the PPSK as a backup to establish the encrypted communication.

15 Citations

View as Search Results

20 Claims

1. An electronic device, comprising:
- an interface circuit configured to wirelessly communicate with one or more electronic devices, and wherein the electronic device is configured to;
  
  provide, to an output node of the electronic device, a recovery frame for a second electronic device in an attempt to re-establish encrypted communication with the second electronic device, wherein content in the recovery frame is encrypted using a pre-shared key (PSK);
  
  when the electronic device receives, from an input node of the electronic device, a response frame associated with the second electronic device that indicates that the attempt to re-establish the encrypted communication with the second electronic device succeeded, provide, to the output node, a data frame for the second electronic device, wherein content in the data frame is encrypted using the PSK; and
  
  when the attempt to re-establish the encrypted communication with the second electronic device fails, provide, to the output node, a second recovery frame for the second electronic device to re-establish encrypted communication with the second electronic device, wherein content in the second recovery frame is encrypted using a predefined personal PSK between the electronic device and the second electronic device, andwherein the predefined personal PSK is associated with the electronic device and the second electronic device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The electronic device of claim 1, wherein the attempt to re-establish the encrypted communication with the second electronic device occurs after the electronic device wakes up.
  - 3. The electronic device of claim 1, wherein the encrypted communication includes Wi-Fi Protected Access.
  - 4. The electronic device of claim 1, wherein the predefined personal PSK includes one or more random numbers.
  - 5. The electronic device of claim 1, wherein the predefined personal PSK is valid during a time interval.
  - 6. The electronic device of claim 1, wherein the electronic device is further configured to provide, to the output node, an exchange frame for a third electronic device;
    - andwherein the exchange frame includes the predefined personal PSK.
  - 7. The electronic device of claim 1, wherein, when the attempt to re-establish the encrypted communication with the second electronic device using the second recovery frame fails, the electronic device is further configured to provide, to the output node, a third recovery frame for the third electronic device to re-establish encrypted communication with the third electronic device;
    - wherein content in the third recovery frame is encrypted using another predefined personal PSK between the electronic device and the third electronic device; and
      
      wherein the other predefined personal PSK is associated with the electronic device and the third electronic device.
  - 8. The electronic device of claim 1, further comprises:
    - a processor; and
      
      memory, coupled to the processor, which stores a program module, wherein, when executed by the processor, the program module causes the electronic device to perform;
      
      the providing of the recovery frame;
      
      the providing of the data frame; and
      
      the providing of the second recovery frame.

9. A non-transitory computer-readable storage medium for use in conjunction with an electronic device, the computer-readable storage medium storing a program module, wherein, when executed by the electronic device, the program module causes the electronic device to perform one or more operations comprising:
- providing, to an output node of the electronic device, a recovery frame for a second electronic device in an attempt to re-establish encrypted wireless communication with the second electronic device, wherein content in the recovery frame is encrypted using a pre-shared key (PSK);
  
  when the electronic device receives, from an input node of the electronic device, a response frame associated with the second electronic device that indicates that the attempt to re-establish the encrypted communication with the second electronic device succeeded, providing, to the output node, a data frame for the second electronic device, wherein content in the data frame is encrypted using the PSK; and
  
  when the attempt to re-establish the encrypted communication with the second electronic device fails, providing, to the output node, a second recovery frame for the second electronic device to re-establish wireless encrypted communication with the second electronic device, wherein content in the second recovery frame is encrypted using a predefined personal PSK between the electronic device and the second electronic device, andwherein the predefined personal PSK is associated with the electronic device and the second electronic device.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The computer-readable storage medium of claim 9, wherein the attempt to re-establish the encrypted communication with the second electronic device occurs after the electronic device wakes up.
  - 11. The computer-readable storage medium of claim 9, wherein the encrypted communication includes Wi-Fi Protected Access.
  - 12. The computer-readable storage medium of claim 9, wherein the predefined personal PSK includes one or more random numbers.
  - 13. The computer-readable storage medium of claim 9, wherein the predefined personal PSK is valid during a time interval.
  - 14. The computer-readable storage medium of claim 9, wherein the one or more operations comprise providing, to the output node, an exchange frame for a third electronic device;
    - andwherein the exchange frame includes the predefined personal PSK.
  - 15. The computer-readable storage medium of claim 9, wherein the one or more operations comprise, when the attempt to re-establish the encrypted communication with the second electronic device using the second recovery frame fails, providing, to the output node, a third recovery frame for the third electronic device to re-establish encrypted communication with the third electronic device;
    - wherein content in the third recovery frame is encrypted using another predefined personal PSK between the electronic device and the third electronic device; and
      
      wherein the other predefined personal PSK is associated with the electronic device and the third electronic device.

16. A method for re-establishing encrypted communication, wherein the method comprises:
- by an electronic device;
  
  providing, to an output node of the electronic device, a recovery frame fora second electronic device in an attempt to re-establish encrypted wireless communication with the second electronic device, wherein content in the recovery frame is encrypted using a pre-shared key (PSK);
  
  providing, to the output node, a data frame for the second electronic device when the electronic device receives, from an input node of the electronic device, a response frame associated with the second electronic device that indicates that the attempt to re-establish the encrypted communication with the second electronic device succeeded, wherein content in the data frame is encrypted using the PSK; and
  
  providing, to the output node, a second recovery frame for the second electronic device to re-establish wireless encrypted communication with the second electronic device when the attempt to re-establish the encrypted communication with the second electronic device fails, wherein content in the second recovery frame is encrypted using a predefined personal PSK between the electronic device and the second electronic device, andwherein the predefined personal PSK is associated with the electronic device and the second electronic device.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, wherein the attempt to re-establish the encrypted communication with the second electronic device occurs after the electronic device wakes up.
  - 18. The method of claim 16, wherein the encrypted communication includes Wi-Fi Protected Access.
  - 19. The method of claim 16, wherein the predefined personal PSK is valid during a time interval.
  - 20. The method of claim 16, wherein the method further comprises providing, to the output node, an exchange frame for a third electronic device;
    - andwherein the exchange frame includes the predefined personal PSK.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ruckus IP Holdings LLC
Original Assignee
Ruckus Wireless, Inc. (CommScope Holding Company, Inc.)
Inventors
Lin, Ta-Chien
Primary Examiner(s)
Shayanfar, Ali

Application Number

US15/490,901
Publication Number

US 20170223528A1
Time in Patent Office

160 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/068   using time-dependent keys, ...

H04W 12/02   Protecting privacy or anony...

H04W 12/04   Key management, e.g. using ...

H04W 12/61   Time-dependent

H04W 84/12   WLAN [Wireless Local Area N...

Mesh network with personal pre-shared keys

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Mesh network with personal pre-shared keys

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links