WO2005006629A3 - Terminal authentication in a wireless network - Google Patents

Terminal authentication in a wireless network Download PDF

Info

Publication number
WO2005006629A3
WO2005006629A3 PCT/US2004/015809 US2004015809W WO2005006629A3 WO 2005006629 A3 WO2005006629 A3 WO 2005006629A3 US 2004015809 W US2004015809 W US 2004015809W WO 2005006629 A3 WO2005006629 A3 WO 2005006629A3
Authority
WO
WIPO (PCT)
Prior art keywords
user terminal
access point
private key
wireless network
terminal authentication
Prior art date
Application number
PCT/US2004/015809
Other languages
French (fr)
Other versions
WO2005006629A2 (en
Inventor
Branislav N Meandzija
Mithat Can Dogan
Marc H Goldburg
Christopher R Uhlik
Original Assignee
Arraycomm Inc
Branislav N Meandzija
Mithat Can Dogan
Marc H Goldburg
Christopher R Uhlik
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Arraycomm Inc, Branislav N Meandzija, Mithat Can Dogan, Marc H Goldburg, Christopher R Uhlik filed Critical Arraycomm Inc
Publication of WO2005006629A2 publication Critical patent/WO2005006629A2/en
Publication of WO2005006629A3 publication Critical patent/WO2005006629A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Abstract

A user terminal can be authenticated by an access point based on one message. In one embodiment, the present invention includes the access point receiving a message (FIGURE 2, 216) containing a shared secret encrypted (210) with an access point public key, a user terminal certificate (208), and an authenticator string (206) demonstrating possession by the user terminal of a user terminal private key. The access point can decrypt the shared secret (210) using the private key of the access point paired with its private key. The access point can then authenticate the user terminal (224) by checking the authenticator string (206) using a user terminal public key included in the user terminal certificate (208) to verify possession of the user terminal private key by the user terminal.
PCT/US2004/015809 2003-06-24 2004-05-18 Terminal authentication in a wireless network WO2005006629A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/603,424 2003-06-24
US10/603,424 US7499548B2 (en) 2003-06-24 2003-06-24 Terminal authentication in a wireless network

Publications (2)

Publication Number Publication Date
WO2005006629A2 WO2005006629A2 (en) 2005-01-20
WO2005006629A3 true WO2005006629A3 (en) 2006-03-30

Family

ID=33539730

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/015809 WO2005006629A2 (en) 2003-06-24 2004-05-18 Terminal authentication in a wireless network

Country Status (2)

Country Link
US (1) US7499548B2 (en)
WO (1) WO2005006629A2 (en)

Families Citing this family (47)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7570764B2 (en) * 2001-10-10 2009-08-04 Nortel Networks Limited Sequence number calculation and authentication in a communications system
GB2393073A (en) * 2002-09-10 2004-03-17 Hewlett Packard Co Certification scheme for hotspot services
US7574731B2 (en) * 2002-10-08 2009-08-11 Koolspan, Inc. Self-managed network access using localized access management
US7853788B2 (en) * 2002-10-08 2010-12-14 Koolspan, Inc. Localized network authentication and security using tamper-resistant keys
US7325134B2 (en) 2002-10-08 2008-01-29 Koolspan, Inc. Localized network authentication and security using tamper-resistant keys
US7325133B2 (en) * 2003-10-07 2008-01-29 Koolspan, Inc. Mass subscriber management
WO2005038608A2 (en) * 2003-10-15 2005-04-28 Koolspan, Inc. Mass subscriber management
US7532723B2 (en) * 2003-11-24 2009-05-12 Interdigital Technology Corporation Tokens/keys for wireless communications
WO2005057507A2 (en) * 2003-12-02 2005-06-23 Koolspan, Inc Remote secure authorization
US7929409B2 (en) * 2004-01-13 2011-04-19 Interdigital Technology Corporation Orthogonal frequency division multiplexing (OFDM) method and apparatus for protecting and authenticating wirelessly transmitted digital information
US11451275B2 (en) 2004-04-02 2022-09-20 Rearden, Llc System and method for distributed antenna wireless communications
US11394436B2 (en) 2004-04-02 2022-07-19 Rearden, Llc System and method for distributed antenna wireless communications
US10985811B2 (en) 2004-04-02 2021-04-20 Rearden, Llc System and method for distributed antenna wireless communications
US20060072761A1 (en) * 2004-09-30 2006-04-06 Bruce Johnson Access point that wirelessly provides an encryption key to an authenticated wireless station
US20060116109A1 (en) * 2004-11-30 2006-06-01 Lortz Victor B Pre-authenticated message delivery for wireless local area networks
JP4770227B2 (en) * 2005-03-28 2011-09-14 株式会社日立製作所 SIP message encryption method and encrypted SIP communication system
KR100759168B1 (en) 2005-11-16 2007-09-14 엘지노텔 주식회사 Mobile communication system having a safety key generating function and controlling method therefore
US7882545B2 (en) 2005-12-14 2011-02-01 Intel Corporation Secure wireless network
US8676219B2 (en) * 2007-04-13 2014-03-18 Hart Communication Foundation Combined wired and wireless communications with field devices in a process control environment
US7907735B2 (en) 2007-06-15 2011-03-15 Koolspan, Inc. System and method of creating and sending broadcast and multicast data
CN101159639B (en) 2007-11-08 2010-05-12 西安西电捷通无线网络通信有限公司 One-way access authentication method
FR2930391B1 (en) * 2008-04-21 2010-04-16 Etsem Ltd AUTHENTICATION TERMINAL OF A USER.
US20090274302A1 (en) * 2008-04-30 2009-11-05 Mediatek Inc. Method for deriving traffic encryption key
EP2272203A4 (en) * 2008-04-30 2015-08-26 Mediatek Inc Method for deriving traffic encryption key
US8510560B1 (en) 2008-08-20 2013-08-13 Marvell International Ltd. Efficient key establishment for wireless networks
WO2010033497A1 (en) 2008-09-18 2010-03-25 Marvell World Trade Ltd. Preloading applications onto memory at least partially during boot up
US9280778B2 (en) * 2008-12-15 2016-03-08 Qualcomm Incorporated Location logging and location and time based filtering
CN101483525A (en) 2009-01-22 2009-07-15 中兴通讯股份有限公司 Implementing method for authentication center
US8868907B2 (en) 2009-03-18 2014-10-21 University Of Louisville Research Foundation, Inc. Device, method, and system for processing communications for secure operation of industrial control system field devices
US20110045101A1 (en) * 2009-05-06 2011-02-24 E.I. Du Pont De Nemours And Company Fungicidal substituted azoles
US8565081B1 (en) 2011-02-23 2013-10-22 Google Inc. Rate adaptation in a communication system
US8955078B2 (en) * 2011-06-30 2015-02-10 Cable Television Laboratories, Inc. Zero sign-on authentication
US8675717B1 (en) 2012-04-16 2014-03-18 Google Inc. Rate selection in a communication system
US9357385B2 (en) 2012-08-20 2016-05-31 Qualcomm Incorporated Configuration of a new enrollee device for use in a communication network
US11190947B2 (en) 2014-04-16 2021-11-30 Rearden, Llc Systems and methods for concurrent spectrum usage within actively used spectrum
US10194346B2 (en) 2012-11-26 2019-01-29 Rearden, Llc Systems and methods for exploiting inter-cell multiplexing gain in wireless cellular systems via distributed input distributed output technology
US9363249B2 (en) 2013-03-06 2016-06-07 Marvell World Trade Ltd. Secure simple enrollment
US10164698B2 (en) 2013-03-12 2018-12-25 Rearden, Llc Systems and methods for exploiting inter-cell multiplexing gain in wireless cellular systems via distributed input distributed output technology
US10154025B2 (en) 2013-03-15 2018-12-11 Qualcomm Incorporated Seamless device configuration in a communication network
RU2767777C2 (en) 2013-03-15 2022-03-21 Риарден, Ллк Systems and methods of radio frequency calibration using the principle of reciprocity of channels in wireless communication with distributed input - distributed output
US9736801B1 (en) 2013-05-20 2017-08-15 Marvell International Ltd. Methods and apparatus for synchronizing devices in a wireless data communication system
US9521635B1 (en) 2013-05-21 2016-12-13 Marvell International Ltd. Methods and apparatus for selecting a device to perform shared functionality in a deterministic and fair manner in a wireless data communication system
US11290162B2 (en) 2014-04-16 2022-03-29 Rearden, Llc Systems and methods for mitigating interference within actively used spectrum
EP3427435A1 (en) 2016-03-08 2019-01-16 Marvell World Trade Ltd. Methods and apparatus for secure device authentication
CN106332085B (en) * 2016-09-08 2020-06-12 珠海全志科技股份有限公司 Configuration method of WIFI network of Internet of things, Internet of things terminal and routing terminal
WO2019010669A1 (en) * 2017-07-13 2019-01-17 深圳市汇顶科技股份有限公司 Method, apparatus and system for identity validity verification
KR102411604B1 (en) 2018-03-22 2022-06-21 삼성전자주식회사 Access point and method for connecting communication with external device thereof

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6028933A (en) * 1997-04-17 2000-02-22 Lucent Technologies Inc. Encrypting method and apparatus enabling multiple access for multiple services and multiple transmission modes over a broadband communication network
US20020076054A1 (en) * 2000-12-14 2002-06-20 The Furukawa Electric Co., Ltd. Session shared key sharing method, wireless terminal authentication method, wireless terminal, and base station device
US6529487B1 (en) * 1999-07-09 2003-03-04 Qualcomm Incorporated Method and apparatus for securely transmitting distributed RAND for use in mobile station authentication
US20030110376A1 (en) * 1997-10-14 2003-06-12 Michael J. Wiener Method and system for providing updated encryption key pairs and digital signature key pairs in a public key system

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2821306B2 (en) * 1992-03-06 1998-11-05 三菱電機株式会社 Authentication method and system between IC card and terminal
US6085320A (en) * 1996-05-15 2000-07-04 Rsa Security Inc. Client/server protocol for proving authenticity
US6009173A (en) * 1997-01-31 1999-12-28 Motorola, Inc. Encryption and decryption method and apparatus
US6282294B1 (en) * 1998-01-07 2001-08-28 Microsoft Corporation System for broadcasting to, and programming, a motor device in a protocol, device, and network independent fashion
US6886095B1 (en) * 1999-05-21 2005-04-26 International Business Machines Corporation Method and apparatus for efficiently initializing secure communications among wireless devices
US6870930B1 (en) * 1999-05-28 2005-03-22 Silicon Image, Inc. Methods and systems for TMDS encryption
US6754824B1 (en) * 1999-06-25 2004-06-22 Telefonaktiebolaget L M Ericsson (Publ) Modulated message authentication system and method
JP3585422B2 (en) * 2000-06-01 2004-11-04 シャープ株式会社 Access point device and authentication processing method thereof
US20020174335A1 (en) * 2001-03-30 2002-11-21 Junbiao Zhang IP-based AAA scheme for wireless LAN virtual operators
US20030084287A1 (en) * 2001-10-25 2003-05-01 Wang Huayan A. System and method for upper layer roaming authentication
US7363494B2 (en) * 2001-12-04 2008-04-22 Rsa Security Inc. Method and apparatus for performing enhanced time-based authentication
US6996714B1 (en) * 2001-12-14 2006-02-07 Cisco Technology, Inc. Wireless authentication protocol
US20030139180A1 (en) * 2002-01-24 2003-07-24 Mcintosh Chris P. Private cellular network with a public network interface and a wireless local area network extension
US20040010713A1 (en) * 2002-07-12 2004-01-15 Vollbrecht John R. EAP telecommunication protocol extension
DE20211064U1 (en) * 2002-07-22 2003-08-07 Minebea Co Ltd Hydrodynamic thrust bearing
US7587598B2 (en) * 2002-11-19 2009-09-08 Toshiba America Research, Inc. Interlayer fast authentication or re-authentication for network communication
US7792121B2 (en) * 2003-01-03 2010-09-07 Microsoft Corporation Frame protocol and scheduling system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6028933A (en) * 1997-04-17 2000-02-22 Lucent Technologies Inc. Encrypting method and apparatus enabling multiple access for multiple services and multiple transmission modes over a broadband communication network
US20030110376A1 (en) * 1997-10-14 2003-06-12 Michael J. Wiener Method and system for providing updated encryption key pairs and digital signature key pairs in a public key system
US6529487B1 (en) * 1999-07-09 2003-03-04 Qualcomm Incorporated Method and apparatus for securely transmitting distributed RAND for use in mobile station authentication
US20020076054A1 (en) * 2000-12-14 2002-06-20 The Furukawa Electric Co., Ltd. Session shared key sharing method, wireless terminal authentication method, wireless terminal, and base station device

Also Published As

Publication number Publication date
US7499548B2 (en) 2009-03-03
WO2005006629A2 (en) 2005-01-20
US20040264699A1 (en) 2004-12-30

Similar Documents

Publication Publication Date Title
WO2005006629A3 (en) Terminal authentication in a wireless network
CN108270571B (en) Internet of Things identity authorization system and its method based on block chain
CN103428001B (en) A kind of implicit expression strengthens convenient WEB identity authentication method
CN101212293B (en) Identity authentication method and system
US8831224B2 (en) Method and apparatus for secure pairing of mobile devices with vehicles using telematics system
ES2816324T3 (en) Method that uses a single authentication device to authenticate a user to a service provider among a plurality of service providers and device to perform said method
WO2002093824A3 (en) Authentication method
US7689211B2 (en) Secure login method for establishing a wireless local area network connection, and wireless local area network system
MY142660A (en) Certificate based authentication authorization accounting scheme for loose coupling interworking
CN101822082A (en) The technology that is used for safe laneization between UICC and the terminal
RU2004101416A (en) DEVICE CONFIGURED FOR DATA EXCHANGE AND AUTHENTICATION METHOD
MY142729A (en) Bootstrapping authentication using distinguished random challenges
CN104301115B (en) Mobile phone and Bluetooth key signature verification ciphertext communication method
AU2001226838A1 (en) Authentication in a packet data network
CA2546553A1 (en) System and method for provisioning and authenticating via a network
WO2009048574A3 (en) Secure wireless communication
SG127733A1 (en) Validation chip
WO2007121190A3 (en) Method and apparatus for binding multiple authentications
RU2011105187A (en) PROTOCOL OF LINKING THE DEVICE TO THE STATION
CN102577301A (en) Method and apparatus for trusted authentication and logon
DE602004026787D1 (en) SAFE DATA TRANSFER
RU2013140418A (en) SAFE ACCESS TO PERSONAL HEALTH RECORDS IN EMERGENCIES
WO2004091176A3 (en) Ciphering between a cdma network and a gsm network
FR2871007B1 (en) SECURE UNLOCKING OF A MOBILE TERMINAL
PL2150915T3 (en) Secure login protocol

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase