44 results about "Pairwise key" patented technology

The present invention relates to a system and corresponding method for a secure end-to-end patient healthcare system which includes wireless medical sensors adapted to be attached to a patient's body and in communication with each other forming a body sensor network within a wireless medical sensor network including one or more body sensor networks; λ-secure keying means incorporated into each wireless medical sensor for enabling secure communications between the wireless medical sensors, and a personal security manager within the body sensor network and in communication with the wireless medical sensors within the body sensor network, the personal security manager providing secure communications with backend services and providing security relationships within the body sensor network by means of the λ-secure keying means, wherein the λ-secure keying means are such that a coalition of no more than λ compromised wireless medical sensors conceals a pairwise key between any two non-compromised wireless medical sensors and provides protection against node compromise until λ+1 wireless medical sensors have been compromised.

A pairwise key-agreement scheme is provided for creating key agreements non-interactively between pairs of nodes disposed in a hierarchy of nodes. The scheme is non-interactive so that any two nodes can agree on a shared secret key without interaction. In addition, the scheme is identity-based so that any given node only needs to know the identity of peer nodes to compute the shared secret key. All of the nodes are arranged in a hierarchy where an intermediate node in the hierarchy can derive the secret keys for each of its children from its own secret key and the identity of the child. Accordingly, the scheme is fully resilient against compromise of any number of leaves in the hierarchy and of a threshold number of nodes in the upper levels of the hierarchy. The scheme is well-suited for environments such as mobile ad-hoc networks (MANETs), which are very dynamic, have acute bandwidth-constraints and have many nodes are vulnerable to compromise.

Method for distributing a group session cryptographic key includes initiating at least one pairwise key distribution session including a root node (100) and at least one communication node (101-107). The method further includes performing at a communication node which has received the group session cryptographic key a propagated pairwise key distribution session with at least one of the communication nodes which has not previously received said group session cryptographic key. The propagated pairwise key distribution sessions are performed at each of the communication nodes which subsequently receives the group session cryptographic key until the group session cryptographic key has been securely provided to all authorized communication nodes.

A container orchestration server stores pairing keys in association with container profiles. A container orchestration agent executing on an operating system instance instantiates a new container according to a particular container profile in response to an instruction from the container orchestration server and stores the pairing key as metadata associated with the container. An enforcement module detects the instantiation of the container and obtains the corresponding pairing key from the container orchestration agent. The enforcement module transmits the pairing key to a segmentation server for validation. If the segmentation server validates the key, the segmentation server determines a label set corresponding to the container profile associated with the pairing key and generates management instructions for the container based on the label set. The management instructions, when enforced by the operating system, controls communications between the container and other workloads in accordance with a segmentation policy.

An Authentication Of Things (AOT) system includes a cloud server configured to control a cloud domain connected with a plurality of devices, a home server configured to control a home server connected with a plurality of devices, a first device corresponding to a new device, and a second device of a root user connected with the home domain while authentication is completed in the home server. In this case, the first device loads cryptographic material of the cloud server from the cloud server in a pre-deployment stage, the cryptographic material includes at least one selected from the group consisting of an identifier of the first device in the cloud server, a first private key of an ID-based cryptography system of the first device in the cloud server, a first pairwise key of the first device in the cloud server, and a counter of the first device, and if the first device is shipped to a trader, the cloud server deletes the first private key from the cloud server.

The invention concerns an authentication system with at least one application accessible by a user via a computer and for which the access is controlled by an authentication datum, comprising a main mobile device and a main token in which at least one authentication datum is recorded, the main mobile device being configured to recover the authentication datum of the main token using a pairing key,characterised in that the pairing key is segmented into a plurality of segments, a first segment being recorded on the main mobile device and at least one other additional segment being recorded on asecondary mobile device and / or a secondary token, the main mobile device being configured to recover the additional segment or segments in order to reconstitute the pairing key and to present the reconstituted pairing key to the main token.

The invention discloses a centralized control-type key management method and a centralized control-type key management server. The method comprises steps: Internet of things group members are ranked, wherein the Internet of things group members comprise an Internet of things gateway and an Internet of things terminal; an initialization seed is generated randomly; a first key chain and a second key chain are generated respectively according to a first one-way function and a second one-way function; and according to the sequence of the Internet of things group members, keys of the first key chain and the second key chain are sent to corresponding Internet of things group members sequentially. Through setting corresponding pairwise keys for communication of different Internet of things group members, the information transmission security in an Internet of things environment is thus enhanced, and the risk that the information is stolen is greatly reduced.

The invention provides a Bluetooth pairing method and device for a mobile phone and a payment terminal, and belongs to the technical field of communication. The Bluetooth pairing method for the mobile phone and the payment terminal comprises the following steps that: the mobile phone establishes a physical connection with the payment terminal; the mobile phone transmits data request information to the payment terminal; the payment terminal returns data response information carrying equipment identification information; the mobile phone initiates a pairing request according to the equipment identification information; the mobile phone generates first pairing key information, and the payment terminal generates second pairing key information; the payment terminal transmits the second pairing key information to the mobile phone, and the second pairing key information is displayed on the mobile phone; and the mobile phone confirms whether the first pairing key information is consistent with the second pairing key information or not, and if so, finishing pairing. Through adoption of the Bluetooth pairing method and device, input operations and information display of the payment terminal without input equipment or any display screen can be implemented on the mobile phone, so that the security of a pairing process is enhanced, and the defect that the payment terminal can only passively select a Just Works pairing mode is overcome.

Method for securing control words within a decoder in charge of descrambling digital content protected by these control words, comprising the following steps: for each descrambling unit of this decoder, loading in a directory a pairing key referenced by an identifier associating said key to a descrambling unit; receiving at least one encrypted control word referenced by an indication allowing to identify the descrambling unit for which it is intended; decrypting the control word by using a first key shared with a security module; identifying in the directory the pairing key whose identifier corresponds to the indication of destination associated to the control word; encrypting this control word by using this pairing key; and storing in a register the control word in a chronological and referenced way.

The invention discloses a bilinear key pre-distribution method which faces the safety of the mobile ad hoc network. The method comprises the following steps: firstly, supposing the number of the nodes in the ad hoc network as n, during the key pre-distribution course, generating a n*n secure matrix N in a Galois field GF(q) by a base station, wherein, the matrix element Nij is a subset of ZP<*>, i is equal to or more than 1 and j is equal to or less than n; distributing the information of the element in Row i to the No. i node for storage and personal holding, wherein, i is equal to or more than 1 and is equal to or less than n; providing a public key that is equal to the node under identification cipher system for each point Pi in the mapping area G1of each node i by the basestation, and obtaining the public key by the other nodes in the network; after the fishing of the key pre-distribution, realizing an agreement and pair-wise key of the node i and node j. The invention provides a bilinear key pre-distribution method which faces the safety of the mobile ad hoc network, which has small key scale, high safety strength, fast speed, high efficiency, strong anti-acquisition performance of nodes and good connectivity of the key.

A mesh station applying for access to a network includes a list of peer stations in messages of an authenticated key establishment protocol. A mesh key distributor derives a key delivery key and generates a top level key, and then delivers the top level key to the mesh station. Following the key establishment protocol, the mesh key distributor also creates pairwise keys for use between the mesh station and the peer stations listed in its peer list. The list of peers permits the identifier for the peer to be bound into the derived key, which helps ensure that the key used between each pair of peers is unique. Once the mesh key distributor finishes creating a key for one of the stations on the peer list, the mesh key distributor sends a message to the peer to initiate a key push.

The present invention relates to a bridge-based wireless sensor network key management scheme, including some steps: 1. Key pre-distribution: before node deployment, the configuration information is preset to each sensor node by the startup server; 2. Clustering Phase: After the cluster head node is selected, the clustering phase starts immediately. In the process of clustering, each sensor node joins the cluster closest to itself; 3. Neighbor node discovery stage: each sensor node decides whether to record other nodes as its neighbor nodes through the angle calculation formula; 4. Within the cluster Establishment of pairing key: In this process, each sensor node calculates the pairing key between it and its neighbor nodes through bridge; 5. Establishment of inter-cluster pairing key: In this process, each cluster head node passes symmetric The bivariate polynomial calculates its pairing key with other cluster head nodes. The present invention can ensure the safety and effectiveness of information transmission under the condition of ensuring a certain connection rate, and saves the amount of memory storage.