Method and Apparatus for Securing Communication Between a Mobile Node and a Network

US 20130019097A1
Filed: 09/19/2012
Published: 01/17/2013
Est. Priority Date: 11/26/2003
Status: Active Grant

First Claim

Patent Images

1-26. -26. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with the teachings of the present invention, a method and apparatus is presented for securely negotiating a session key between a mobile node and a network node, such as a first hop IP router. A session key is encoded using asymmetric encryption. The encrypted session key is then communicated to the first hop IP router for later use. In accordance with another teaching of the present invention, the session key is then used by the mobile node and a first hop IP router to authenticate a message. Lastly, in accordance with the third teaching of the present invention, a standardized protocol is used to securely negotiate the session key between the mobile node and the first hop IP router.

Citations

49 Claims

1-26. -26. (canceled)

27. A method of authenticating a message comprising the steps of:
- a device receiving a message;
  
  the device receiving an authentication code;
  
  the device generating a first checksum of the message;
  
  the device accessing a session key;
  
  the device generating a second checksum of the message in response to the authentication code and in response to accessing the session key; and
  
  the device comparing the first checksum of the message with the second checksum of the message.
- View Dependent Claims (28, 29, 32, 33, 34, 35)
- - 28. The method of claim 27, wherein said comparing the first checksum of the message with the second checksum of the message is used to authenticate the message.
  - 29. The method of claim 27, wherein the device comprises a first hop IP router.
  - 32. The method of claim 27, wherein the authentication code is appended to the message.
  - 33. The method of claim 27, wherein the authentication code is encoded with the message.
  - 34. The method of claim 27, wherein the message and authentication code is received from a mobile node.
  - 35. The method of claim 27, wherein said generating the second checksum comprises extracting the second checksum from the authentication code using the session key.

30. (canceled)

31. A network device comprising:
- means for receiving message;
  
  means for receiving an authentication code;
  
  means for generating a first checksum of the message;
  
  means for accessing a session key;
  
  means for generating a second checksum of the message in response to the authentication code and in response to accessing the session key; and
  
  means for comparing the first checksum of the message with the second checksum of the message.

36. A network device, comprising:
- wireless communication circuitry for performing wireless communication;
  
  processing hardware coupled to the wireless communication circuitry, wherein the processing hardware is configured to;
  
  receive a message;
  
  receive an authentication code;
  
  generate a first checksum of the message;
  
  access a session key;
  
  generate a second checksum of the message in response to the authentication code and in response to accessing the session key; and
  
  compare the first checksum of the message with the second checksum of the message.
- View Dependent Claims (37, 38, 39, 40, 41, 42)
- - 37. The network device of claim 36, wherein said comparing the first checksum of the message with the second checksum of the message is used to authenticate the message.
  - 38. The network device of claim 36, wherein the network device comprises a first hop IP router.
  - 39. The network device of claim 36, wherein the authentication code is appended to the message.
  - 40. The network device of claim 36, wherein the authentication code is encoded with the message.
  - 41. The network device of claim 36, wherein the message and authentication code is received from a mobile node.
  - 42. The network device of claim 36, wherein said generating the second checksum comprises extracting the second checksum from the authentication code using the session key.

43. A non-transitory, computer accessible memory medium comprising program instructions, wherein the program instructions are executable by a network device to:
- receive a message;
  
  receive an authentication code;
  
  generate a first checksum of the message;
  
  access a session key;
  
  generate a second checksum of the message in response to the authentication code and in response to accessing the session key; and
  
  compare the first checksum of the message with the second checksum of the message.
- View Dependent Claims (44, 45, 46, 47, 48, 49)
- - 44. The non-transitory, computer accessible memory medium of claim 43, wherein said comparing the first checksum of the message with the second checksum of the message is used to authenticate the message.
  - 45. The non-transitory, computer accessible memory medium of claim 43, wherein the network device comprises a first hop IP router.
  - 46. The non-transitory, computer accessible memory medium of claim 43, wherein the authentication code is appended to the message.
  - 47. The non-transitory, computer accessible memory medium of claim 43, wherein the authentication code is encoded with the message.
  - 48. The non-transitory, computer accessible memory medium of claim 43, wherein the message and authentication code is received from a mobile node.
  - 49. The non-transitory, computer accessible memory medium of claim 43, wherein said generating the second checksum comprises extracting the second checksum from the authentication code using the session key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Chowdhury, Kuntal

Granted Patent

US 8,769,281 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

H04L 2463/062   applying encryption of the ...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/12   Applying verification of th...

H04L 9/3242   involving keyed hash functi...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/10   Integrity

H04W 12/50   Secure pairing of devices

Method and Apparatus for Securing Communication Between a Mobile Node and a Network

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

49 Claims

Specification

Solutions

Use Cases

Quick Links

Method and Apparatus for Securing Communication Between a Mobile Node and a Network

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

49 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links