logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 7464265 B1

PDFFull Text
Date of Patent:
Dec. 09, 2008

Filed:

May. 03, 2002

Methods for iteratively deriving security keys for communications sessions

Applicants:

Arun Ayyagari, Seattle, WA (US);

Daniel R. Simon, Redmond, WA (US);

Bernard D. Aboba, Bellevue, WA (US);

Krishna Ganugapati, Redmond, WA (US);

Timothy M. Moore, Bellevue, WA (US);

Pradeep Bahl, Redmond, WA (US);

Inventors:

Arun Ayyagari, Seattle, WA (US);

Daniel R. Simon, Redmond, WA (US);

Bernard D. Aboba, Bellevue, WA (US);

Krishna Ganugapati, Redmond, WA (US);

Timothy M. Moore, Bellevue, WA (US);

Pradeep Bahl, Redmond, WA (US);

Assignee:

Microsoft Corporation, Redmond, WA (US);

Attorney:

Wolf, Greenfield & Sacks, P.C.

Primary Examiner:

Kim Yen Vu

Assistant Examiner:

Baotran N To

Int. Cl.
CPC ...
H04L 9/00 (2006.01);
U.S. Cl.
CPC ...
Abstract

Disclosed are methods for a client, having established one set of security keys, to establish a new set without having to communicate with an authentication server. When the client joins a group, master session security keys are derived and made known to the client and to the group's access server. From the master session security keys, the access server and client each derive transient session security keys, used for authentication and encryption. To change the transient session security keys, the access server creates 'liveness' information and sends it to the client. New master session security keys are derived from the liveness information and the current set of transient session security keys. From these new master session security keys are derived new transient session security keys. This process limits the amount of data sent using one set of transient session security keys and thus limits the effectiveness of any statistical attacker.

Find Patent Forward Citations

Loading…