WO2006102565A3 - Optimized derivation of handover keys in mobile ipv6 - Google Patents
Optimized derivation of handover keys in mobile ipv6 Download PDFInfo
- Publication number
- WO2006102565A3 WO2006102565A3 PCT/US2006/010691 US2006010691W WO2006102565A3 WO 2006102565 A3 WO2006102565 A3 WO 2006102565A3 US 2006010691 W US2006010691 W US 2006010691W WO 2006102565 A3 WO2006102565 A3 WO 2006102565A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- access router
- access
- key
- access terminal
- public key
- Prior art date
Links
- 238000009795 derivation Methods 0.000 title 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0433—Key management protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/062—Pre-authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/061—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/0005—Control or signalling for completing the hand-off
- H04W36/0011—Control or signalling for completing the hand-off for data sessions of end-to-end connection
- H04W36/0019—Control or signalling for completing the hand-off for data sessions of end-to-end connection adapted for mobile IP [MIP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/0005—Control or signalling for completing the hand-off
- H04W36/0011—Control or signalling for completing the hand-off for data sessions of end-to-end connection
- H04W36/0033—Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
- H04W36/0038—Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W80/00—Wireless network protocols or protocol adaptations to wireless operation
- H04W80/04—Network layer protocols, e.g. mobile IP [Internet Protocol]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W92/00—Interfaces specially adapted for wireless communication networks
- H04W92/04—Interfaces between hierarchically different network devices
- H04W92/10—Interfaces between hierarchically different network devices between terminal device and access point, i.e. wireless air interface
Abstract
The invention consists of an optimized protocol for deriving handover keys to authenticate communication between an access terminal and an access router during a fast handoff protocol. An encryption public key generated using a private key for the access terminal and the access router is transmitted, each public key derived using the private key in an encryption algorithm. The public key for the access terminal is transmitted encapsulated in a binding update message that is received by the access router. The access router uses the received access terminal public key and its private key to generate a shared authentication key. The access router transmits its public key encapsulated in a message to the access terminal, which uses its private key and the access router public key to generate the shared authentication key. The shared authentication key is then used to authenticate communication between the access terminal and the access router. The messages transmitting the public keys are also secured using a security association for the routing links between the access terminal and the access router. The messages transmitting the keys are control messages used in the handover protocol and do not impose any additional messaging overhead to establish the authenticated communication link.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US66457805P | 2005-03-23 | 2005-03-23 | |
US60/664,578 | 2005-03-23 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2006102565A2 WO2006102565A2 (en) | 2006-09-28 |
WO2006102565A3 true WO2006102565A3 (en) | 2007-12-13 |
Family
ID=37024665
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2006/010691 WO2006102565A2 (en) | 2005-03-23 | 2006-03-23 | Optimized derivation of handover keys in mobile ipv6 |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2006102565A2 (en) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101102600B (en) * | 2007-06-29 | 2012-07-04 | 中兴通讯股份有限公司 | Secret key processing method for switching between different mobile access systems |
CN101335985B (en) * | 2007-06-29 | 2011-05-11 | 华为技术有限公司 | Method and system for safe fast switching |
CN101431753B (en) * | 2007-11-09 | 2010-11-10 | 华为技术有限公司 | Protection method and apparatus for mobile IPv6 fast switching |
US9924416B2 (en) | 2013-08-01 | 2018-03-20 | Nokia Technologies Oy | Methods, apparatuses and computer program products for fast handover |
CN105763517B (en) * | 2014-12-17 | 2019-09-13 | 联芯科技有限公司 | A kind of method and system of Router Security access and control |
US11316667B1 (en) | 2019-06-25 | 2022-04-26 | Juniper Networks, Inc. | Key exchange using pre-generated key pairs |
US11924341B2 (en) | 2021-04-27 | 2024-03-05 | Rockwell Collins, Inc. | Reliable cryptographic key update |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5930362A (en) * | 1996-10-09 | 1999-07-27 | At&T Wireless Services Inc | Generation of encryption key |
WO2001020925A2 (en) * | 1999-09-10 | 2001-03-22 | Telefonaktiebolaget Lm Ericsson (Publ) | System and method of passing encryption keys after inter-exchange handoff |
US20020118674A1 (en) * | 2001-02-23 | 2002-08-29 | Faccin Stefano M. | Key distribution mechanism for IP environment |
US20020147820A1 (en) * | 2001-04-06 | 2002-10-10 | Docomo Communications Laboratories Usa, Inc. | Method for implementing IP security in mobile IP networks |
WO2003051072A1 (en) * | 2001-12-07 | 2003-06-19 | Qualcomm, Incorporated | Apparatus and method of using a ciphering key in a hybrid communications network |
US6587680B1 (en) * | 1999-11-23 | 2003-07-01 | Nokia Corporation | Transfer of security association during a mobile terminal handover |
US20040166857A1 (en) * | 2003-02-20 | 2004-08-26 | Nec Laboratories America, Inc. | Secure candidate access router discovery method and system |
US6856800B1 (en) * | 2001-05-14 | 2005-02-15 | At&T Corp. | Fast authentication and access control system for mobile networking |
US20050055576A1 (en) * | 2003-09-04 | 2005-03-10 | Risto Mononen | Location privacy in a communication system |
EP1562340A1 (en) * | 2004-02-05 | 2005-08-10 | Siemens Aktiengesellschaft | Method and apparatus for establishing a temporary secure connection between a mobile network node and an access network node during a data transmission handover |
US7046647B2 (en) * | 2004-01-22 | 2006-05-16 | Toshiba America Research, Inc. | Mobility architecture using pre-authentication, pre-configuration and/or virtual soft-handoff |
-
2006
- 2006-03-23 WO PCT/US2006/010691 patent/WO2006102565A2/en active Application Filing
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5930362A (en) * | 1996-10-09 | 1999-07-27 | At&T Wireless Services Inc | Generation of encryption key |
WO2001020925A2 (en) * | 1999-09-10 | 2001-03-22 | Telefonaktiebolaget Lm Ericsson (Publ) | System and method of passing encryption keys after inter-exchange handoff |
US6587680B1 (en) * | 1999-11-23 | 2003-07-01 | Nokia Corporation | Transfer of security association during a mobile terminal handover |
US20020118674A1 (en) * | 2001-02-23 | 2002-08-29 | Faccin Stefano M. | Key distribution mechanism for IP environment |
US20020147820A1 (en) * | 2001-04-06 | 2002-10-10 | Docomo Communications Laboratories Usa, Inc. | Method for implementing IP security in mobile IP networks |
US6856800B1 (en) * | 2001-05-14 | 2005-02-15 | At&T Corp. | Fast authentication and access control system for mobile networking |
WO2003051072A1 (en) * | 2001-12-07 | 2003-06-19 | Qualcomm, Incorporated | Apparatus and method of using a ciphering key in a hybrid communications network |
US20040166857A1 (en) * | 2003-02-20 | 2004-08-26 | Nec Laboratories America, Inc. | Secure candidate access router discovery method and system |
US20050055576A1 (en) * | 2003-09-04 | 2005-03-10 | Risto Mononen | Location privacy in a communication system |
US7046647B2 (en) * | 2004-01-22 | 2006-05-16 | Toshiba America Research, Inc. | Mobility architecture using pre-authentication, pre-configuration and/or virtual soft-handoff |
EP1562340A1 (en) * | 2004-02-05 | 2005-08-10 | Siemens Aktiengesellschaft | Method and apparatus for establishing a temporary secure connection between a mobile network node and an access network node during a data transmission handover |
Also Published As
Publication number | Publication date |
---|---|
WO2006102565A2 (en) | 2006-09-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101331515B1 (en) | Method and appaeatus for base station self-configuration | |
US8385269B2 (en) | Enabling IPv6 mobility with sensing features for AD-HOC networks derived from long term evolution networks | |
KR101270342B1 (en) | Exchange of key material | |
US20160127903A1 (en) | Methods and systems for authentication interoperability | |
JP2019512942A (en) | Authentication mechanism for 5G technology | |
CA2650050A1 (en) | Method and system for providing cellular assisted secure communications of a plurality of ad hoc devices | |
JP5398877B2 (en) | Method and apparatus for generating a radio base station key in a cellular radio system | |
WO2006102565A3 (en) | Optimized derivation of handover keys in mobile ipv6 | |
US8959333B2 (en) | Method and system for providing a mesh key | |
AU2003255093A1 (en) | A method for the access of the mobile terminal to the wlan and for the data communication via the wireless link securely | |
KR20000017575A (en) | Method for establishing session key agreement | |
EP3210404B1 (en) | Authentication interoperability in a wireless communication system | |
Qiu et al. | Secure group mobility support for 6lowpan networks | |
CN111527762A (en) | System and method for end-to-end secure communication in a device-to-device communication network | |
CN101379801A (en) | EAP method for EAP extension (EAP-EXT) | |
KR20000062153A (en) | Efficient authentication with key update | |
WO2002068418A3 (en) | Authentication and distribution of keys in mobile ip network | |
CN101309503A (en) | Wireless switching method, base station and terminal | |
CN101552984B (en) | Base station secure accessing method of mobile communication system | |
EP3231151B1 (en) | Commissioning of devices in a network | |
CN104581715B (en) | The sensor-based system cryptographic key protection method and radio reception device of Internet of Things field | |
Taha et al. | EM 3 A: Efficient mutual multi-hop mobile authentication scheme for PMIP networks | |
JP4757723B2 (en) | Wireless terminal authentication method and wireless communication system | |
Namal et al. | Secure and multihomed vehicular femtocells | |
Southern et al. | Wireless security: securing mobile UMTS communications from interoperation of GSM |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
NENP | Non-entry into the national phase |
Ref country code: RU |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 06748619 Country of ref document: EP Kind code of ref document: A2 |