A method and apparatus for providing a key for secure communications is provided herein. During operation a node wishing to join a network, will authenticate with an authentication server and then derive a pairwise key (e. g. , a Pair-wise Transient Key (PTK)) used for encryption of unicast traffic. The node will also create its own group transient key (GTK) for use in encrypting multicast or broadcast traffic. Once the GTK is generated, it will be provided to an authenticator as part of an association request message.
Method And Apparatus For Performing Mutual Authentication Within A Network
Anthony J. Braskich - Palatine IL, US Stephen P. Emeott - Rolling Meadows IL, US
Assignee:
Motorola, Inc. - Schaumburg IL
International Classification:
H04L 9/32
US Classification:
713169
Abstract:
A method and apparatus for mutual authentication of a first and a second node is provided herein. During operation the first node sends a first authentication message to the second node comprising information needed for the second node to authenticate the first node and information needed by the second node for the second node to be authenticated by the first node. A second authentication message is received from the second node comprising information needed by the first node for the first node to be authenticated by the second node and information needed for the first node to authenticate the second node. Because the first and the second authentication messages comprise information needed for both the first and the second node to authenticate each other, messaging within the network is greatly reduced.
Tunneling Security Association Messages Through A Mesh Network
Anthony J. Braskich - Palatine IL, US Stephen P. Emeott - Rolling Meadows IL, US
Assignee:
Motorola, Inc. - Schaumburg IL
International Classification:
H04L 9/32 H04L 9/00
US Classification:
713168, 713153, 380270, 726 4
Abstract:
The disclosure relates to techniques and technologies for establishing a secure link between a mesh authenticator and a mesh key distributor for transporting security association messages. The secure link can allow the mesh key distributor to communicate results of an authentication process to the mesh authenticator.
Method And System For Secure Processing Of Authentication Key Material In An Ad Hoc Wireless Network
Anthony J. Braskich - Palatine IL, US Stephen P. Emeott - Rolling Meadows IL, US
Assignee:
Motorola, Inc. - Schaumburg IL
International Classification:
H04L 9/08
US Classification:
380277, 713171, 380281, 380284
Abstract:
A method and system for secure processing of authentication key material in an ad hoc wireless network enables secure distribution of the authentication key material between a mesh authenticator () and a mesh key distributor (), which may be separated by multiple wireless links. The method includes deriving a pairwise transient key for key distribution (PTK-KD) using a mesh key holder security information element (MKHSIE). A mesh authenticator pairwise master key (PMK-MA) is then requested using a first mesh encrypted key information element (MEKIE) that includes data origin information. Using the pairwise transient key for key distribution (PTK-KD), a second mesh encrypted key information element (MEKIE) is then decrypted to obtain the mesh authenticator pairwise master key (PMK-MA).
Method For Establishing Secure Associations Within A Communication Network
Anthony J. Braskich - Palatine IL, US Stephen P. Emeott - Rolling Meadows IL, US Guenael T. Strutt - Sanford FL, US
Assignee:
Motorola Solutions, Inc. - Schaumburg IL
International Classification:
H04K 1/00 H04L 29/06 H04L 1/00
US Classification:
380258, 713156
Abstract:
A method for security authentication within a wireless network is disclosed. A method within an adhoc mesh network for two devices to quickly determine roles (i. e. which is the authenticator and which is the supplicant) while establishing a security association is provided for. The invention further provides for the inclusion of cached key information in the role negotiation process and the application of role negotiation to a shortened three-way handshake.
Method And Apparatus For Establishing Security Association Between Nodes Of An Ad Hoc Wireless Network
A method and apparatus for establishing security associations between nodes of an ad hoc wireless network includes two authentication steps: an initial first contact step (authentication, authorization, and accounting (AAA)-based authentication), and a “light-weight” step that reuses key material generated during first contact. A mesh authenticator within the network provides two roles. The first role is to implement an 802. 1X port access entity (PAE), derive transient keys used for encryption with a supplicant mesh point via a four-way handshake and take care of back end communications with a key distributor. The second role is as a key distributor that implements a AAA-client and derives keys used to authenticate a mesh point during first contact or fast security association. The key distributor and the on-line authentication server can communicate to one another without these messages being transported over mesh links.
Method For Performing Authenticated Handover In A Wireless Local Area Network
Stephen Emeott - Rolling Meadows IL, US Anthony Braskich - Palatine IL, US
International Classification:
H04L 9/00 H04Q 7/00
US Classification:
370331000, 713168000
Abstract:
A wireless local area network system () supporting mobile radio telephony reduces the time to complete an authenticated handover from one access point () to another () by a mobile station () by performing some of the steps normally performed upon leaving one access point while still associated with that access point. More particularly, the mobile station causes a cryptographic key () to be preestablished () for use when handing over to a new access point. The cryptographic key is derived at the mobile station, and is also derived in the WLAN infrastructure and stored until the mobile station initiates a handover.
Stephen Emeott - Rolling Meadows IL, US Anthony Braskich - Palatine IL, US Nattavut Smavatkul - Bangbumru, TH
International Classification:
H04Q 7/00
US Classification:
370332000
Abstract:
Multi-mode link adaptation in a wireless communication network where a station calculates a current link quality, a minimum link quality, and an excess link quality based upon the current link quality and the minimum link quality to determine an operating mode that is related to the success or failure of recent transmissions from the station. If the calculated excess link margin is lower than a first threshold, the station operates in a first mode, otherwise in another mode. In any case, the station selects the link rate for a new transmission from the station based upon the selected mode.
Resumes
It Consultant At Self-Employed, Principal Staff Research Engineer At Motorola