WO2005038608A3 - Mass subscriber management - Google Patents

Mass subscriber management Download PDF

Info

Publication number
WO2005038608A3
WO2005038608A3 PCT/US2004/033933 US2004033933W WO2005038608A3 WO 2005038608 A3 WO2005038608 A3 WO 2005038608A3 US 2004033933 W US2004033933 W US 2004033933W WO 2005038608 A3 WO2005038608 A3 WO 2005038608A3
Authority
WO
WIPO (PCT)
Prior art keywords
subscriber
edge device
network edge
key
network
Prior art date
Application number
PCT/US2004/033933
Other languages
French (fr)
Other versions
WO2005038608A2 (en
Inventor
Anthony C Fascenda
Original Assignee
Koolspan Inc
Anthony C Fascenda
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koolspan Inc, Anthony C Fascenda filed Critical Koolspan Inc
Publication of WO2005038608A2 publication Critical patent/WO2005038608A2/en
Publication of WO2005038608A3 publication Critical patent/WO2005038608A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/47Security arrangements using identity modules using near field communication [NFC] or radio frequency identification [RFID] modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

An authentication and mass subscriber management technique is provided by employing a key table derived as a subset of a larger key pool, a network edge device, and authentication tokens attached on both the network edge device and on a subscriber’s computing device. The network edge device and subscriber’s computing device are provided with secure, tamper-resistant network keys for encrypting all transactions across the wired/wireless segment between supplicant (subscriber) and authenticator (network edge device ). In an embodiment of the invention, a secure, secret user key is shared between a number of subscribers based upon commonalities between serial numbers of those subscribers’ tokens. In another embodiment of the invention, a unique session key is generated for each subscriber even though multiple subscribers connected to the same network connection point might have identical pre-stored secret keys.
PCT/US2004/033933 2003-10-15 2004-10-15 Mass subscriber management WO2005038608A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US51109603P 2003-10-15 2003-10-15
US60/511,096 2003-10-15

Publications (2)

Publication Number Publication Date
WO2005038608A2 WO2005038608A2 (en) 2005-04-28
WO2005038608A3 true WO2005038608A3 (en) 2006-09-08

Family

ID=34465186

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/033933 WO2005038608A2 (en) 2003-10-15 2004-10-15 Mass subscriber management

Country Status (1)

Country Link
WO (1) WO2005038608A2 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106358184A (en) * 2016-08-31 2017-01-25 天津灵创智恒软件技术有限公司 Point-to-point identity authentication method
CN112153642B (en) * 2019-06-26 2022-02-22 天地融科技股份有限公司 Equipment authentication method in office environment, office equipment and system

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6397328B1 (en) * 1996-11-21 2002-05-28 Pitney Bowes Inc. Method for verifying the expected postage security device and an authorized host system
US20020090089A1 (en) * 2001-01-05 2002-07-11 Steven Branigan Methods and apparatus for secure wireless networking
US6591364B1 (en) * 1998-08-28 2003-07-08 Lucent Technologies Inc. Method for establishing session key agreement
US6625591B1 (en) * 2000-09-29 2003-09-23 Emc Corporation Very efficient in-memory representation of large file system directories
US20030235305A1 (en) * 2002-06-20 2003-12-25 Hsu Raymond T. Key generation in a communication system
US20040264699A1 (en) * 2003-06-24 2004-12-30 Meandzija Branislav N. Terminal authentication in a wireless network
US7024690B1 (en) * 2000-04-28 2006-04-04 3Com Corporation Protected mutual authentication over an unsecured wireless communication channel
US7028186B1 (en) * 2000-02-11 2006-04-11 Nokia, Inc. Key management methods for wireless LANs

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6397328B1 (en) * 1996-11-21 2002-05-28 Pitney Bowes Inc. Method for verifying the expected postage security device and an authorized host system
US6591364B1 (en) * 1998-08-28 2003-07-08 Lucent Technologies Inc. Method for establishing session key agreement
US7028186B1 (en) * 2000-02-11 2006-04-11 Nokia, Inc. Key management methods for wireless LANs
US7024690B1 (en) * 2000-04-28 2006-04-04 3Com Corporation Protected mutual authentication over an unsecured wireless communication channel
US6625591B1 (en) * 2000-09-29 2003-09-23 Emc Corporation Very efficient in-memory representation of large file system directories
US20020090089A1 (en) * 2001-01-05 2002-07-11 Steven Branigan Methods and apparatus for secure wireless networking
US20030235305A1 (en) * 2002-06-20 2003-12-25 Hsu Raymond T. Key generation in a communication system
US20040264699A1 (en) * 2003-06-24 2004-12-30 Meandzija Branislav N. Terminal authentication in a wireless network

Also Published As

Publication number Publication date
WO2005038608A2 (en) 2005-04-28

Similar Documents

Publication Publication Date Title
CN106101068B (en) Terminal communicating method and system
WO2002093824A3 (en) Authentication method
US8290162B2 (en) Combinational combiner cryptographic method and apparatus
WO2004034213A3 (en) Localized network authentication and security using tamper-resistant keys
US20060256961A1 (en) System and method for authentication seed distribution
WO2005006629A3 (en) Terminal authentication in a wireless network
US20080144787A1 (en) Method and device for secure phone banking
AU2001226838A1 (en) Authentication in a packet data network
WO2003015370A3 (en) Data certification method and apparatus
WO2005065132A3 (en) System, method, and devices for authentication in a wireless local area network (wlan)
CN104301115B (en) Mobile phone and Bluetooth key signature verification ciphertext communication method
TW200618572A (en) Tokens/keys for wireless communications
EP0977452A3 (en) Method for updating secret shared data in a wireless communication system
DE60310437D1 (en) SECURE COMMUNICATION
WO2007038896A3 (en) Method and devices for user authentication
JP2010514272A5 (en)
JP2010515083A5 (en)
WO2006117806A3 (en) Bilaterally generated encryption key system
TW200612712A (en) Application authentication in wireless communication networks
Li et al. A Secure Dynamic Identity Based Authentication Protocol with Smart Cards for Multi-Server Architecture.
Niu et al. A novel user authentication scheme with anonymity for wireless communications
CN100431297C (en) Method for preventing user's pin from illegal use by double verification protocol
Al-Muhtadi et al. Wearable security services
US20130061057A1 (en) Authentication method and device
CN1661954B (en) Method of generating a cryptosynchronism

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase