Communicating an identity of a group shared secret to a server
First Claim
Patent Images
1. A method to be performed by a provisioning server, the method comprising:
- assigning to each of L group shared secrets {gssq} its own unique subset of Mq of N group shared secret identifying keys;
storing information from which it is determinable which unique subset of Mq of the N group shared secret identifying keys was assigned to each group shared secret gssq;
provisioning one or more client devices {j} by;
assigning to each client device j its own subset of Pj of the L group shared secrets {gssq};
providing to each client device j the Pj group shared secrets that were assigned thereto; and
for each of the Pj group shared secrets assigned to each client device j, providing to the client device j the Mq group shared secret identifying keys that were assigned to that group shared secret,wherein L, Pj, N, and Mq are positive integers, Pj is less than L, and Mq is less than N.
4 Assignments
0 Petitions
Accused Products
Abstract
An identity is communicated by a client device to a server without requiring the identity to be disclosed to eavesdroppers and without requiring the use of symmetric or asymmetric cryptography. In one example, the identity is an identity of the client device, where the identity has been assigned to the client device by the server through the provisioning of a unique subset of client-identifying keys. In another example, the identity is an identity of a group shared secret that has been provisioned by the server to the client device.
13 Citations
11 Claims
-
1. A method to be performed by a provisioning server, the method comprising:
-
assigning to each of L group shared secrets {gssq} its own unique subset of Mq of N group shared secret identifying keys; storing information from which it is determinable which unique subset of Mq of the N group shared secret identifying keys was assigned to each group shared secret gssq; provisioning one or more client devices {j} by; assigning to each client device j its own subset of Pj of the L group shared secrets {gssq}; providing to each client device j the Pj group shared secrets that were assigned thereto; and for each of the Pj group shared secrets assigned to each client device j, providing to the client device j the Mq group shared secret identifying keys that were assigned to that group shared secret, wherein L, Pj, N, and Mq are positive integers, Pj is less than L, and Mq is less than N. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A provisioning server comprising:
-
a processing device; and a computer-readable medium storing code which, when executed by the processing device, causes the provisioning server; to assign to each of L group shared secrets {gssq} its own unique subset of Mq of N group shared secret identifying keys; to store information from which it is determinable which unique subset of Mq of the N group shared secret identifying keys was assigned to each group shared secret gssq; and to provision one or more client devices {j} by; assigning to each client device j its own subset of Pj of the L group shared secrets {gssq}; providing to each client device j the Pj group shared secrets that were assigned thereto; and for each of the Pj group shared secrets assigned to each client device j, providing to the client device j the Mq group shared secret identifying keys that were assigned to that group shared secret, wherein L, Pj, N, and Mq are positive integers, Pj is less than L, and Mq is less than N. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer-readable medium storing code which, when executed by a processor of a provisioning server, causes the provisioning server:
-
to assign to each of L group shared secrets {gssq} its own unique subset of Mq of N group shared secret identifying keys; to store information from which it is determinable which unique subset of Mq of the N group shared secret identifying keys was assigned to each group shared secret gssq; and to provision one or more client devices {j} by; assigning to each client device j its own subset of Pj of the L group shared secrets {gssq}; providing to each client device j the Pj group shared secrets that were assigned thereto; and for each of the Pj group shared secrets assigned to each client device j, providing to the client device j the Mq group shared secret identifying keys that were assigned to that group shared secret, wherein L, Pj, N, and Mq are positive integers, Pj is less than L, and Mq is less than N.
-
Specification