WO2016091574A1 - Échange de messages sécurisé dans un réseau - Google Patents
Échange de messages sécurisé dans un réseau Download PDFInfo
- Publication number
- WO2016091574A1 WO2016091574A1 PCT/EP2015/077399 EP2015077399W WO2016091574A1 WO 2016091574 A1 WO2016091574 A1 WO 2016091574A1 EP 2015077399 W EP2015077399 W EP 2015077399W WO 2016091574 A1 WO2016091574 A1 WO 2016091574A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- node
- key
- identity
- network
- mesh network
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0847—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/50—Secure pairing of devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0464—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/71—Hardware identity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Un appareil d'un premier nœud permet un échange sécurisé de messages. Une unité d'authentification de réseau (902) permet l'exécution d'une procédure d'authentification avec un serveur en vue d'obtenir un accès au réseau maillé, l'unité d'authentification de réseau étant configurée pour recevoir une clé à travers le réseau en provenance du serveur. Une unité d'authentification de poste (903) permet l'exécution d'une procédure d'authentification avec un second nœud dans le réseau maillé, l'unité d'authentification de poste étant configurée de manière à recevoir une identité du second nœud à travers le réseau maillé, et à générer une clé basée sur l'identité par paire entre le premier nœud et le second nœud, sur la base du matériau de clé basée sur l'identité préalablement partagé et de l'identité du second nœud. Un générateur de clé combinée (904) permet de générer une clé combinée par combinaison de la clé à travers le réseau avec la clé basée sur l'identité par paire.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP15801734.3A EP3231207A1 (fr) | 2014-12-08 | 2015-11-24 | Échange de messages sécurisé dans un réseau |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP14196712 | 2014-12-08 | ||
EP14196712.5 | 2014-12-08 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2016091574A1 true WO2016091574A1 (fr) | 2016-06-16 |
Family
ID=52011078
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2015/077399 WO2016091574A1 (fr) | 2014-12-08 | 2015-11-24 | Échange de messages sécurisé dans un réseau |
Country Status (2)
Country | Link |
---|---|
EP (1) | EP3231207A1 (fr) |
WO (1) | WO2016091574A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20230247056A1 (en) * | 2022-02-03 | 2023-08-03 | Uab 360 It | Enabling a secure mesh network |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009026049A2 (fr) * | 2007-08-21 | 2009-02-26 | Motorola, Inc. | Appareil et procédé pour authentifier un dispositif réseau |
WO2009031110A2 (fr) * | 2007-09-07 | 2009-03-12 | Philips Intellectual Property & Standards Gmbh | Réseau et procédé d'établissement d'un réseau sécurisé |
WO2009090616A2 (fr) * | 2008-01-18 | 2009-07-23 | Koninklijke Philips Electronics, N.V. | Système et procédé de communication sans fil permettant une révocation automatique de noeud et de clé |
-
2015
- 2015-11-24 EP EP15801734.3A patent/EP3231207A1/fr not_active Withdrawn
- 2015-11-24 WO PCT/EP2015/077399 patent/WO2016091574A1/fr active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009026049A2 (fr) * | 2007-08-21 | 2009-02-26 | Motorola, Inc. | Appareil et procédé pour authentifier un dispositif réseau |
WO2009031110A2 (fr) * | 2007-09-07 | 2009-03-12 | Philips Intellectual Property & Standards Gmbh | Réseau et procédé d'établissement d'un réseau sécurisé |
WO2009090616A2 (fr) * | 2008-01-18 | 2009-07-23 | Koninklijke Philips Electronics, N.V. | Système et procédé de communication sans fil permettant une révocation automatique de noeud et de clé |
Non-Patent Citations (6)
Title |
---|
KUMAR S ET AL: "DTLS Relay for Constrained Environments; draft-kumar-dice-dtls-relay-02.txt", DTLS RELAY FOR CONSTRAINED ENVIRONMENTS; DRAFT-KUMAR-DICE-DTLS-RELAY-02.TXT, INTERNET ENGINEERING TASK FORCE, IETF; STANDARDWORKINGDRAFT, INTERNET SOCIETY (ISOC) 4, RUE DES FALAISES CH- 1205 GENEVA, SWITZERLAND, 20 October 2014 (2014-10-20), pages 1 - 13, XP015102296 * |
OSCAR GARCIA-MORCHON: "HIMMO: allowing any pair of devices in the Internet of Things to instantaneously communicate in a secure way", 19 November 2014 (2014-11-19), XP055194082, Retrieved from the Internet <URL:http://www.bc-security.nl/_Resources/Persistent/1b2f121f5d83715604a1f296c51b1738da88980e/Oscar Garcia Morchon.pdf> [retrieved on 20150608] * |
SHUSHAN ZHAO ET AL: "A Survey of Applications of Identity-Based Cryptography in Mobile Ad-Hoc Networks", IEEE COMMUNICATIONS SURVEYS, IEEE, NEW YORK, NY, US, vol. 14, no. 2, 1 April 2012 (2012-04-01), pages 380 - 400, XP011443386, ISSN: 1553-877X, DOI: 10.1109/SURV.2011.020211.00045 * |
SON THANH NGUYEN ET AL: "ZigBee Security Using Identity-Based Cryptography", 11 July 2007, AUTONOMIC AND TRUSTED COMPUTING; [LECTURE NOTES IN COMPUTER SCIENCE], SPRINGER BERLIN HEIDELBERG, BERLIN, HEIDELBERG, PAGE(S) 3 - 12, ISBN: 978-3-540-73546-5, XP019096570 * |
WEI CHEN ET AL: "An Identity-Based Authentication Protocol for Clustered ZigBee Network", 18 August 2010, ADVANCED INTELLIGENT COMPUTING THEORIES AND APPLICATIONS. WITH ASPECTS OF ARTIFICIAL INTELLIGENCE, SPRINGER BERLIN HEIDELBERG, BERLIN, HEIDELBERG, PAGE(S) 503 - 510, ISBN: 978-3-642-14931-3, XP019148326 * |
ZIGBEE ALLIANCE: "ZIGBEE Specification", INTERNET CITATION, 27 June 2005 (2005-06-27), XP002466088, Retrieved from the Internet <URL:http://www.nd.edu/ mhaenggi/ee67011/zigbee.pdf> [retrieved on 20060630] * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20230247056A1 (en) * | 2022-02-03 | 2023-08-03 | Uab 360 It | Enabling a secure mesh network |
Also Published As
Publication number | Publication date |
---|---|
EP3231207A1 (fr) | 2017-10-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6508688B2 (ja) | エンドツーエンドサービス層認証 | |
JP6903006B2 (ja) | 次世代セルラーネットワークのためのユーザプレーンセキュリティ | |
US8561200B2 (en) | Method and system for controlling access to communication networks, related network and computer program therefor | |
EP3231151B1 (fr) | Mise en service de dispositifs dans un réseau | |
US8254581B2 (en) | Lightweight key distribution and management method for sensor networks | |
US8122249B2 (en) | Method and arrangement for providing a wireless mesh network | |
US8001381B2 (en) | Method and system for mutual authentication of nodes in a wireless communication network | |
US8374582B2 (en) | Access method and system for cellular mobile communication network | |
Degefa et al. | Performance and security enhanced authentication and key agreement protocol for SAE/LTE network | |
WO2008021855A2 (fr) | Gestion de clé de réseau ad-hoc | |
KR20060097572A (ko) | 무선 휴대 인터넷 시스템의 인증 방법 및 관련 키 생성방법 | |
JP2009538096A (ja) | 基地局ルータにおける耐タンパ性モジュールの認証 | |
JP2024507208A (ja) | セルラネットワークを動作させるための方法 | |
EP3231207A1 (fr) | Échange de messages sécurisé dans un réseau | |
Rengaraju et al. | Design of distributed security architecture for multihop WiMAX networks | |
Southern et al. | Wireless security: securing mobile UMTS communications from interoperation of GSM | |
US20060123475A1 (en) | Apparatus and method for traversing gateway device using a plurality of batons | |
Egners et al. | Multi-operator wireless mesh networks secured by an all-encompassing security architecture | |
Modares et al. | Protection of binding update message in Mobile IPv6 | |
Kambourakis et al. | Support of subscribers’ certificates in a hybrid WLAN-3G environment | |
DeCarlo et al. | Distributed trust relationship and polynomial key generation for IEEE 802.16 m networks | |
Paul et al. | A survey on wireless security | |
CN116918300A (zh) | 用于操作蜂窝网络的方法 | |
KR20220107431A (ko) | 하드웨어 보안 모듈을 이용한 인증 서버와 디바이스 간의 상호 인증 방법 및 이를 이용한 장치 | |
Watanabe et al. | A secure coverage area expansion scheme for public wireless LAN services |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15801734 Country of ref document: EP Kind code of ref document: A1 |
|
REEP | Request for entry into the european phase |
Ref document number: 2015801734 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |