EP2030404A1 - Method and system for providing a mesh key - Google Patents
Method and system for providing a mesh keyInfo
- Publication number
- EP2030404A1 EP2030404A1 EP07729627A EP07729627A EP2030404A1 EP 2030404 A1 EP2030404 A1 EP 2030404A1 EP 07729627 A EP07729627 A EP 07729627A EP 07729627 A EP07729627 A EP 07729627A EP 2030404 A1 EP2030404 A1 EP 2030404A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- node
- key
- mesh
- authentication
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Definitions
- the invention relates to a method and a system for providing a key for encrypting messages between nodes of a mesh network.
- a wireless mesh network is a meshed network implemented, for example, in a Wireless Local Area Network (WLAN).
- WLAN Wireless Local Area Network
- a mobile node may forward data originating from another mobile node to another mobile node or transmit it to a base station.
- a mesh network or mesh network can be spanned over long distances, especially in uneven or difficult terrain.
- Mesh networks also work very reliably as each mobile node is connected to several other nodes. If a node fails, for example because of a hardware failure, its neighbor nodes look for an alternate data transmission route.
- Mesh networks or mesh networks can include fixed or mobile devices.
- Fig. 1 shows schematically a mesh network according to the prior art.
- the nodes include dedicated mesh nodes
- MN which belong to the infrastructure of the network.
- These dedicated mesh nodes may be a fixed base station BS but also a mobile station MS.
- the mesh network also includes mobile devices or mobile nodes of users.
- the mobile nodes can communicate directly with another mobile node and, directly or indirectly through other nodes, exchange data with a base station BS connected to a gateway GW of a data network.
- data packets DP are forwarded from one device or node to the next device until the destination device or the gateway GW has been reached.
- the forwarding of the data packets DP takes place by dynamic routing.
- the routes on which The data packets DP are transmitted, are calculated dynamically based on the availability of nodes and on the basis of network utilization.
- mesh networks are characterized by high network coverage, high reliability and economical use of available resources.
- the wireless transmission link is conventionally realized by a WLAN (Wireless Local Area Network) transmission link.
- WLAN networks Unlike a Wireless Personal Area Network (WPAN), WLAN networks have larger transmission powers and ranges and offer higher data transmission rates.
- FIG. 2 shows a signal diagram for illustrating an authentication process in a conventional WLAN network.
- the EAP protocol is used in WLAN to secure network access.
- Various concrete authentication methods, so-called EAP methods can be transported via the EAP protocol, eg EAP-TLS, EAP-AKA, PEAP-MSChapv2.
- a cryptographic key or session key MSK, EMSK MSK: Master-Session Key, EMSK: Extended Master Session Key
- MSK Master-Session Key
- EMSK Extended Master Session Key
- the authentication of a subscriber takes place between the subscriber (supplicant) and an authentication server (AAA server). If authentication is successful, the authentication server sends the result of the authentication and the session key MSK originating from the authentication to the authenticator, for example a WLAN access point AP.
- the communication between the access node or access point AP and the authentication server usually takes place via the radius or diameter data transmission protocol.
- the session key MSK is sent as a data attribute to the access node AP as part of an EAP Success message.
- the transmitting session key MSK is then connected via an 802.11 4-way handshake 4WHS between the subscriber and the access node according to the 802.11 IEEE standard.
- the access node AP is a trusted node, i. around a node of the network infrastructure.
- the access node is thus not an end user node in a conventional network.
- the two nodes MPA, MPB can be two mesh nodes of a mesh network.
- the end node MPA (as supplicant) first authenticates with the associated authentication server AS-B by means of the EAP data transmission protocol.
- the node MPB (Authenticator) receives a session key MSK1.
- the node MPB performs a 4-way handshake with the node MPA, using the received session key MSK1.
- the node MPB (now as supplicant) performs an authentication on the associated authentication server AS-A, and MPA (now authenticator) receives a second session key MSK2 in an EAP success message.
- the node MPA then performs a 4-way handshake with the node MPB using the second session key MSK2.
- nodes MPA, MPB may be mesh nodes that are not part of the network access infrastructure and thus manipulatable.
- an EAP authentication message can be forwarded via another mesh node MPB, which uses the received session key MSK1 for manipulation purposes.
- the mesh node MPB can use the received session key MSK for other services and pretend to the other mesh node MPA that it is, for example, a VPN (Virtual Private Network) server.
- the manipulated node MPB will behave like a VPN server of a company intranet.
- the invention provides a method for providing a mesh key, which can be used for encrypting messages between a first node and a second node of a mesh network, wherein upon authentication of the first node at an authentication server, a session key is generated, from which the first node and the authentication server or an authentication proxy server by means of a predetermined key derivation function derive the mesh key, which is transmitted to the second node.
- the authentication server is formed by an AAA server.
- the AAA proxy server is provided in a mesh gateway node.
- the session key is formed by an MSK key (master session key).
- the key derivation function KDF is formed by a cryptographic hash function.
- the key derivative function KDF is formed by an HMAC-SHA1, HMAC-MD5, HMAC-SHA256, PRF, SHA-I, MD5 or SHA256 function.
- the mesh key is derived by means of a derivative function KDF as a function of the session key and a character string.
- the string is preferably composed of a plurality of concatenated substrings.
- a substring is formed by a network identification of the mesh network.
- a sub-string is formed by a MAC address of the second node.
- a flag indicates that the transmitted key is a mesh key.
- the authentication of the first node takes place according to an EAP protocol.
- the second node exchanges messages with the authentication server according to the radius or diameter protocol.
- the second node is provided with a mesh key derived therefrom instead of the generated session key.
- the authentication server is also used for further authentications relating to communications other than communication between the mesh nodes.
- the mesh key is preferably not usable as a session key for the other communications.
- the invention further provides a system for providing a mesh key, which can be used for encrypting messages between a first node and a second node of a mesh network, wherein an authentication of the first node is generated at an authentication server, a session key the first node and the authentication server or an authentication proxy server derive the mesh key, which is transferable to the second node, by means of a predetermined key derivation function.
- Fig. 1 shows a mesh network according to the prior art
- FIG. 2 is a diagram for explaining the authentication process in a conventional WLAN network access
- FIG. 3 shows a further diagram for explaining the authentication process in a conventional WLAN network access for two nodes of a mesh network
- FIG. 4 shows a signal diagram for explaining a first embodiment of the method according to the invention for providing a mesh key
- Fig. 5 is a further signal diagram for explaining a further embodiment of the method according to the invention for providing a mesh key.
- a mesh network 1 includes at least two nodes IA and IB which can communicate directly with each other.
- the mesh nodes IA, IB can be mobile terminals but also base stations.
- the authentication of a node IA, IB is carried out by means of an associated authentication server 2.
- the nodes IA, IB may have a common authentication server 2 or locally separate authentication servers 2A, 2B may be provided for the respective node IA, IB.
- the authentication process takes place in the embodiment illustrated in FIG. 4 via an authentication proxy server 3, which is preferably located in a gateway node GW of an access network.
- the authentication of a network node IA at the authentication server 2 is carried out by means of the EAP data protocol, wherein the network node IA an associated subscriber identity NAI to its Authen- tretesserver 2 transmits, which reads from a table a zughorigen session key MSK or is generated in the context of authentication by means of the EAP data protocol.
- the session key MSK-A for the network node IA is in the inventive method in an EAP Success-
- the authentication proxy server 3 derives from the received session key MSK-A by means of a key derivation function KDF (Key Derivation Function) a unique mesh key (mesh key A) and transmits it within an EAP success message to the second node IB.
- KDF Key Derivation Function
- an indicator flag is additionally transmitted to the second node IB, which indicates that the transmitted key is a mesh key. Subsequently, a 4-way handshake between the two nodes IA, IB using the transmitted mesh key (mesh key A). The derived mesh key is used to secure transmitted messages in the mesh network and not for other services such as VPN.
- the authentication of the second node IB in the associated authentication server 2 takes place in the same way as in the case of the first node IA.
- the authentication server 2 After transferring a subscriber identity NAI of the second node IB, the authentication server 2 reads out an associated session key MSK-B or determines it in the context of authentication by means of the EAP data protocol and transmits it to the authentication proxy server 3.
- Derivation of the Mesh key B by means of the derivation function KDF is performed by the authentication proxy server 3, which transmits the derived mesh key (mesh key B) with an appropriate display flag in an EAP success message to the other node IA transfers.
- the authentication proxy server 3 in the authentication of the first node IA, the authentication proxy server 3 is not integrated in the communication between the authenticator IB and the authentication server 2B. Therefore, in this embodiment, the authentication server 3 does not perform the mesh key derivation function. Rather, the second node IB directly receives the session key MSK-A. If the EAP Success message received from the node IB does not contain a display flag indicating that the key is a mesh key, the node IB recognizes that the derivation function KDF is yet to be performed.
- the node IB therefore derives the mesh key (mesh key A) from the received session key MSK-A by means of a predefined derivation function KDF.
- the authentication takes place, as already shown in FIG. 4, via the authentication proxy server 3.
- the derivation of the second mesh key (mesh key B) accordingly takes place by the authentication proxy Server 3.
- the authentication of both nodes IA, IB takes place directly without the help of an authentication proxy server 3, whereby the key derivation takes place in each case through the other node.
- a further key is derived from the session key read or generated in the authentication process by means of a predefined key derivation function KDF, the original session key being determined on the basis of the derived mesh key. Key is no longer reconstructable.
- KDF key derivation function
- the existing authentication infrastructure is used.
- the generated session key is formed by an MSK key (master session key).
- the key derivation function KDF (Key Derivation Function) is preferably a cryptographic hash function.
- the key derivation function used is preferably an HMAC-SHA1, HMAC-MD5, HMAC-SHA256, PRF, SHA-I, MD5 or SHA256 function. From the mesh key derived by means of the cryptographic key derivation function KDF, the original session key MSK can not be deduced. This prevents a mesh node from deriving the session key from the mesh key and using it for manipulation purposes.
- the actual key derivation can take place on the one hand by an authentication proxy server 3 or authentication server 2 or on the other hand by a node of the mesh network.
- the key derivation is preferably performed by an authentication proxy server 3, i. a Radius proxy server or a Diameter proxy server, which forms part of a gateway node and thus belongs to the network infrastructure.
- the key derivation of the mesh key can already be performed by the authentication server 2 itself.
- the session key MSK can be used or alternatively also an extended session key EMSK (Extended MSK). From the extended session key, the authentication key server 2 derives the mesh key.
- the authentication server 2 can transmit the session key MSK and the mesh key derived therefrom.
- the authentication proxy server 3 can then simply delete or ignore the unnecessary session key MSK.
- the mesh key is derived by means of a key derivation function KDF in dependence on the session key MSK and a string.
- the string can be composed of several substrings.
- a sign string is preferably formed by a network identification of the mesh network (mesh ID).
- Another substring is preferably formed by a MAC address of a mesh node (MAC-Auth).
- the additional key derivation according to the method of the invention substantially increases the security of the data transmission since the authenticator mesh node only receives a derived key that is only within a mesh network is usable, but not for other applications in which a separate EAP authentication is done, can be used.
Abstract
Description
Claims
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102006025691 | 2006-06-01 | ||
DE102006036109A DE102006036109B4 (en) | 2006-06-01 | 2006-08-02 | Method and system for providing a mesh key |
PCT/EP2007/055206 WO2007138060A1 (en) | 2006-06-01 | 2007-05-29 | Method and system for providing a mesh key |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2030404A1 true EP2030404A1 (en) | 2009-03-04 |
Family
ID=38477110
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP07729627A Withdrawn EP2030404A1 (en) | 2006-06-01 | 2007-05-29 | Method and system for providing a mesh key |
Country Status (5)
Country | Link |
---|---|
US (1) | US8959333B2 (en) |
EP (1) | EP2030404A1 (en) |
KR (1) | KR20090016029A (en) |
DE (1) | DE102006036109B4 (en) |
WO (1) | WO2007138060A1 (en) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102006038591B4 (en) * | 2006-08-17 | 2008-07-03 | Siemens Ag | Method and device for providing a wireless mesh network |
US20100023752A1 (en) * | 2007-12-27 | 2010-01-28 | Motorola, Inc. | Method and device for transmitting groupcast data in a wireless mesh communication network |
US9451452B2 (en) * | 2009-06-29 | 2016-09-20 | Motorola Solutions, Inc. | Method of triggering a key delivery from a mesh key distributor |
US8831224B2 (en) * | 2012-09-14 | 2014-09-09 | GM Global Technology Operations LLC | Method and apparatus for secure pairing of mobile devices with vehicles using telematics system |
US9882713B1 (en) * | 2013-01-30 | 2018-01-30 | vIPtela Inc. | Method and system for key generation, distribution and management |
US9167427B2 (en) * | 2013-03-15 | 2015-10-20 | Alcatel Lucent | Method of providing user equipment with access to a network and a network configured to provide access to the user equipment |
US9467478B1 (en) | 2013-12-18 | 2016-10-11 | vIPtela Inc. | Overlay management protocol for secure routing based on an overlay network |
GB2523444B (en) | 2014-02-25 | 2016-05-18 | Qualcomm Technologies Int Ltd | Device authentication |
US9980303B2 (en) | 2015-12-18 | 2018-05-22 | Cisco Technology, Inc. | Establishing a private network using multi-uplink capable network devices |
US10277564B2 (en) | 2016-05-04 | 2019-04-30 | Nxp Usa, Inc. | Light-weight key update mechanism with blacklisting based on secret sharing algorithm in wireless sensor networks |
US10212141B2 (en) | 2016-05-04 | 2019-02-19 | Nxp Usa, Inc. | Autonomous key update mechanism with blacklisting of compromised nodes for mesh networks |
US10412581B2 (en) * | 2017-02-14 | 2019-09-10 | Ford Global Technologies, Llc | Secure session communication between a mobile device and a base station |
FR3077175A1 (en) * | 2018-01-19 | 2019-07-26 | Orange | TECHNIQUE FOR DETERMINING A KEY FOR SECURING COMMUNICATION BETWEEN USER EQUIPMENT AND AN APPLICATION SERVER |
KR102536586B1 (en) | 2018-09-20 | 2023-05-26 | 삼성전자주식회사 | Electronic device using a wifi communication and method of operating the same |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050152305A1 (en) * | 2002-11-25 | 2005-07-14 | Fujitsu Limited | Apparatus, method, and medium for self-organizing multi-hop wireless access networks |
US7581100B2 (en) | 2003-09-02 | 2009-08-25 | Authernative, Inc. | Key generation method for communication session encryption and authentication system |
US20050138355A1 (en) | 2003-12-19 | 2005-06-23 | Lidong Chen | System, method and devices for authentication in a wireless local area network (WLAN) |
US7814322B2 (en) * | 2005-05-03 | 2010-10-12 | Sri International | Discovery and authentication scheme for wireless mesh networks |
EP1900170B1 (en) * | 2005-06-29 | 2017-11-15 | Telecom Italia S.p.A. | Short authentication procedure in wireless data communications networks |
US7716721B2 (en) * | 2005-10-18 | 2010-05-11 | Cisco Technology, Inc. | Method and apparatus for re-authentication of a computing device using cached state |
US7787627B2 (en) * | 2005-11-30 | 2010-08-31 | Intel Corporation | Methods and apparatus for providing a key management system for wireless communication networks |
US8347077B2 (en) * | 2006-05-04 | 2013-01-01 | Cisco Technology, Inc. | Authenticating a registration request with a mobility key provided to an authenticator |
-
2006
- 2006-08-02 DE DE102006036109A patent/DE102006036109B4/en not_active Expired - Fee Related
-
2007
- 2007-05-29 US US12/303,095 patent/US8959333B2/en not_active Expired - Fee Related
- 2007-05-29 WO PCT/EP2007/055206 patent/WO2007138060A1/en active Application Filing
- 2007-05-29 EP EP07729627A patent/EP2030404A1/en not_active Withdrawn
- 2007-05-29 KR KR1020087031840A patent/KR20090016029A/en not_active Application Discontinuation
Non-Patent Citations (1)
Title |
---|
See references of WO2007138060A1 * |
Also Published As
Publication number | Publication date |
---|---|
US8959333B2 (en) | 2015-02-17 |
KR20090016029A (en) | 2009-02-12 |
DE102006036109A1 (en) | 2007-12-06 |
US20090307483A1 (en) | 2009-12-10 |
WO2007138060A1 (en) | 2007-12-06 |
DE102006036109B4 (en) | 2008-06-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE102006036109B4 (en) | Method and system for providing a mesh key | |
EP2052487B1 (en) | Method and arrangement for providing a wireless mesh network | |
DE102006038591B4 (en) | Method and device for providing a wireless mesh network | |
EP1529374B2 (en) | Method and system for gsm authentication during wlan roaming | |
EP2052517B1 (en) | Method and system for providing an access specific key | |
DE102006004868B4 (en) | Method and server for providing a mobility key | |
EP1943856B1 (en) | Method and server for providing a mobile key | |
EP2025120B1 (en) | Method and system for providing a mobile ip key | |
DE102005027232A1 (en) | Method and arrangement for the secure transmission of data in a multi-hop communication system | |
EP1683324B1 (en) | Method for safeguarding data transmission between a first terminal and a first network and between a second terminal and a second network | |
DE102007003492B4 (en) | Method and device for providing a wireless mesh network | |
DE102010011656B4 (en) | Method and device for cryptographically securing a data transmission between network nodes | |
CH694678A5 (en) | Method for automatic roaming between heterogeneous wireless local area networks carries out identification and transfer functions without user intervention | |
WO2023245318A1 (en) | Devices and methods for policy communication in a wireless local area network | |
DE10358987A1 (en) | Method for securing the data traffic between a first terminal and a first network and a second terminal and a second network | |
CN101496375A (en) | Method and system for providing a Mesh key | |
WO2008074620A2 (en) | Method and server for providing a special-purpose key | |
DE102009019864A1 (en) | Method of sharing wireless access points to a communication network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20090105 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC MT NL PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA HR MK RS |
|
DAX | Request for extension of the european patent (deleted) | ||
RBV | Designated contracting states (corrected) |
Designated state(s): DE ES FR GB IT |
|
17Q | First examination report despatched |
Effective date: 20130823 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: NOKIA SOLUTIONS AND NETWORKS GMBH & CO. KG |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20151201 |