WO2004084458A3 - Wlan session management techniques with secure rekeying and logoff - Google Patents

Wlan session management techniques with secure rekeying and logoff Download PDF

Info

Publication number
WO2004084458A3
WO2004084458A3 PCT/US2004/007403 US2004007403W WO2004084458A3 WO 2004084458 A3 WO2004084458 A3 WO 2004084458A3 US 2004007403 W US2004007403 W US 2004007403W WO 2004084458 A3 WO2004084458 A3 WO 2004084458A3
Authority
WO
WIPO (PCT)
Prior art keywords
secure
logoff
session key
session management
management techniques
Prior art date
Application number
PCT/US2004/007403
Other languages
French (fr)
Other versions
WO2004084458A2 (en
Inventor
Junbiao Zhang
Saurabh Mathur
Sachin Mody
Original Assignee
Thomson Licensing Sa
Junbiao Zhang
Saurabh Mathur
Sachin Mody
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thomson Licensing Sa, Junbiao Zhang, Saurabh Mathur, Sachin Mody filed Critical Thomson Licensing Sa
Priority to US10/549,408 priority Critical patent/US20060179305A1/en
Priority to MXPA05009804A priority patent/MXPA05009804A/en
Priority to JP2006507069A priority patent/JP2006520571A/en
Priority to EP04719770A priority patent/EP1606899A4/en
Publication of WO2004084458A2 publication Critical patent/WO2004084458A2/en
Publication of WO2004084458A3 publication Critical patent/WO2004084458A3/en
Priority to US11/371,662 priority patent/US20070189537A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Abstract

The invention provides a method for improving the security of a mobile terminal in a WLAN environment by installing two shared secrets instead of one shared secret, the initial session key, on both the wireless user machine and the WLAN access point during the user authentication phase. One of the shared secrets is used as the initial session key and the other is used as a secure seed. Since the initial authentication is secure, these two keys are not known to a would be hacker. Although the initial session key may eventually be cracked by the would be hacker, the secure seed remains secure as it is not used in any insecure communication.
PCT/US2004/007403 2003-03-14 2004-03-11 Wlan session management techniques with secure rekeying and logoff WO2004084458A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
US10/549,408 US20060179305A1 (en) 2004-03-11 2004-03-11 WLAN session management techniques with secure rekeying and logoff
MXPA05009804A MXPA05009804A (en) 2003-03-14 2004-03-11 Wlan session management techniques with secure rekeying and logoff.
JP2006507069A JP2006520571A (en) 2003-03-14 2004-03-11 WLAN session management technology using secure key and logoff
EP04719770A EP1606899A4 (en) 2003-03-14 2004-03-11 Wlan session management techniques with secure rekeying and logoff
US11/371,662 US20070189537A1 (en) 2003-03-14 2006-03-09 WLAN session management techniques with secure rekeying and logoff

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US45454203P 2003-03-14 2003-03-14
US60/454,542 2003-03-14

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US11/371,662 Continuation US20070189537A1 (en) 2003-03-14 2006-03-09 WLAN session management techniques with secure rekeying and logoff

Publications (2)

Publication Number Publication Date
WO2004084458A2 WO2004084458A2 (en) 2004-09-30
WO2004084458A3 true WO2004084458A3 (en) 2004-11-18

Family

ID=33029889

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/007403 WO2004084458A2 (en) 2003-03-14 2004-03-11 Wlan session management techniques with secure rekeying and logoff

Country Status (7)

Country Link
EP (1) EP1606899A4 (en)
JP (2) JP2006520571A (en)
KR (2) KR20060053003A (en)
CN (2) CN1874222A (en)
MX (1) MXPA05009804A (en)
MY (1) MY135833A (en)
WO (1) WO2004084458A2 (en)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1606899A4 (en) * 2003-03-14 2011-11-02 Thomson Licensing Wlan session management techniques with secure rekeying and logoff
US7142851B2 (en) * 2003-04-28 2006-11-28 Thomson Licensing Technique for secure wireless LAN access
CN102752309A (en) * 2005-04-22 2012-10-24 汤姆森特许公司 Method for performing safety anonymous accessing on wireless local area network by mobile equipment
MX2007013117A (en) * 2005-04-22 2008-01-14 Thomson Licensing Method and apparatus for secure, anonymous wireless lan (wlan) access.
US7788703B2 (en) * 2006-04-24 2010-08-31 Ruckus Wireless, Inc. Dynamic authentication in secured wireless networks
CN101454767B (en) * 2006-04-24 2013-08-14 鲁库斯无线公司 Dynamic authentication in secured wireless networks
WO2008001906A1 (en) 2006-06-30 2008-01-03 Nikon Corporation Digital camera
MX2009011831A (en) * 2007-06-11 2010-03-04 Nxp Bv Method of authentication and electronic device for performing the authentication.
KR101016277B1 (en) * 2007-12-20 2011-02-22 건국대학교 산학협력단 Method and apparatus for sip registering and establishing sip session with enhanced security
US8756668B2 (en) 2012-02-09 2014-06-17 Ruckus Wireless, Inc. Dynamic PSK for hotspots
US10576256B2 (en) 2016-12-13 2020-03-03 Becton, Dickinson And Company Antiseptic applicator
US11689925B2 (en) * 2017-09-29 2023-06-27 Plume Design, Inc. Controlled guest access to Wi-Fi networks
US11496902B2 (en) 2017-09-29 2022-11-08 Plume Design, Inc. Access to Wi-Fi networks via two-step and two-party control
CN111404666A (en) * 2019-01-02 2020-07-10 中国移动通信有限公司研究院 Key generation method, terminal equipment and network equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6151677A (en) * 1998-10-06 2000-11-21 L-3 Communications Corporation Programmable telecommunications security module for key encryption adaptable for tokenless use
US6304658B1 (en) * 1998-01-02 2001-10-16 Cryptography Research, Inc. Leak-resistant cryptographic method and apparatus
EP1178644A2 (en) * 2000-02-11 2002-02-06 Nokia Inc. Key management methods for wireless lans

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0966813A2 (en) * 1997-03-10 1999-12-29 Guy L. Fielder Bilateral authentication and encryption system
FI113119B (en) * 1997-09-15 2004-02-27 Nokia Corp A method for securing communications over telecommunications networks
JP2002077129A (en) * 2000-08-24 2002-03-15 Nissin Electric Co Ltd Method of communicating encryption
EP1606899A4 (en) * 2003-03-14 2011-11-02 Thomson Licensing Wlan session management techniques with secure rekeying and logoff

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6304658B1 (en) * 1998-01-02 2001-10-16 Cryptography Research, Inc. Leak-resistant cryptographic method and apparatus
US6151677A (en) * 1998-10-06 2000-11-21 L-3 Communications Corporation Programmable telecommunications security module for key encryption adaptable for tokenless use
EP1178644A2 (en) * 2000-02-11 2002-02-06 Nokia Inc. Key management methods for wireless lans

Also Published As

Publication number Publication date
JP2006180561A (en) 2006-07-06
EP1606899A2 (en) 2005-12-21
WO2004084458A2 (en) 2004-09-30
MY135833A (en) 2008-07-31
KR20060053003A (en) 2006-05-19
KR20050116821A (en) 2005-12-13
CN1759550A (en) 2006-04-12
CN1874222A (en) 2006-12-06
MXPA05009804A (en) 2006-05-19
JP2006520571A (en) 2006-09-07
EP1606899A4 (en) 2011-11-02

Similar Documents

Publication Publication Date Title
WO2004084458A3 (en) Wlan session management techniques with secure rekeying and logoff
WO2005006629A3 (en) Terminal authentication in a wireless network
WO2009048574A3 (en) Secure wireless communication
PL354839A1 (en) Method and apparatus for initializing secure communications among, and for exclusively pairing wireless devices
WO2005067685A3 (en) Enabling stateless server-based pre-shared secrets
MY142729A (en) Bootstrapping authentication using distinguished random challenges
WO2003032126A3 (en) Multi-factor authentication system
WO2004034213A3 (en) Localized network authentication and security using tamper-resistant keys
WO2005065132A3 (en) System, method, and devices for authentication in a wireless local area network (wlan)
WO2007040664A3 (en) Shared key encryption using long keypads
WO2005052754A3 (en) Secure network access devices with data encryption
WO2002093824A3 (en) Authentication method
WO2006119184A3 (en) Protecting one-time-passwords against man-in-the-middle attacks
WO2009026049A3 (en) Method and apparatus for authenticating a network device
CN101164315A (en) System and method for utilizing a wireless communication protocol in a communications network
WO2004051964A3 (en) Tunneled authentication protocol for preventing man-in-the-middle attacks
WO2005114897A3 (en) Pre-authentication of mobile clients by sharing a master key among secured authenticators
WO2005043281A3 (en) Method, apparatus and program for establishing encrypted communication channel between apparatuses
WO2004091176A3 (en) Ciphering between a cdma network and a gsm network
WO2016144257A3 (en) Method and system for facilitating authentication
TW200719662A (en) Login method for establishing a wireless local area network connection with a keeping-secret function and its system thereof
CA2579272A1 (en) Method and apparatus for pseudo-secret key generation to generate a response to a challenge received from service provider
JP2006180561A5 (en)
WO2005029213A3 (en) Method and system for wirelessly managing the operation of a network appliance over a limited distance
WO2008031926A3 (en) Mobile station authentication in tetra networks

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 20048063151

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2006507069

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: PA/a/2005/009804

Country of ref document: MX

Ref document number: 1020057017159

Country of ref document: KR

ENP Entry into the national phase

Ref document number: 2006179305

Country of ref document: US

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 10549408

Country of ref document: US

WWE Wipo information: entry into national phase

Ref document number: 2004719770

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1020057017159

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 2004719770

Country of ref document: EP

DPEN Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101)
WWP Wipo information: published in national office

Ref document number: 10549408

Country of ref document: US