43 results about "Pairwise key" patented technology

Group key management techniques are applied to generating pair-wise keys for point-to-point secure communication applications. Nodes participating in a secure communication group each receive a group key and associated policy information. When a first node wishes to establish a secure point-to-point connection to a second node, the first node derives a pairwise key from the group key and policy information, for example, by hashing the group key and information identifying the two nodes. As a result, a pairwise key is generated without exchanging negotiation messages among the two nodes and without expensive asymmetric cryptographic computation approaches.

A pairwise key-agreement scheme is provided for creating key agreements non-interactively between pairs of nodes disposed in a hierarchy of nodes. The scheme is non-interactive so that any two nodes can agree on a shared secret key without interaction. In addition, the scheme is identity-based so that any given node only needs to know the identity of peer nodes to compute the shared secret key. All of the nodes are arranged in a hierarchy where an intermediate node in the hierarchy can derive the secret keys for each of its children from its own secret key and the identity of the child. Accordingly, the scheme is fully resilient against compromise of any number of leaves in the hierarchy and of a threshold number of nodes in the upper levels of the hierarchy. The scheme is well-suited for environments such as mobile ad-hoc networks (MANETs), which are very dynamic, have acute bandwidth-constraints and have many nodes are vulnerable to compromise.

Methods, apparatus, and systems are provided for distributing a key between nodes. The nodes are provided separate links for carrying messages versus keying information or material. The links for carrying messages couple the nodes to a messaging network, such as the Internet. In addition, the nodes are coupled together in a key distribution network by specialized links for carrying keying information or material. The links for keying information or material are configured to ensure the security of the keying information or material. The nodes that neighbor each other in the key distribution network establish respective pairwise keys. Once the pairwise keys are established, a set of non-neighboring nodes establish a shared key by communicating a sequence of bits through the messaging network. In order to ensure the security of the sequence of bits, the sequence of bits is encrypted based on the respective pairwise keys of neighboring nodes as it is forwarded in messages through the messaging network.

A wireless network (2, 150) for monitoring a patient includes a body sensor network (22, 24, 26, 172, 174, 176) that includes one or more wireless sensors (6, 8, 10, 12, 14, 16, 18, 20, 156, 158, 160, 162, 164, 166, 168, 170) operatively connected to the patient that collect and transfer information related to the patient's health to the wireless network (2, 150). A set-up server (4, 154) configures the one or more wireless sensors (6, 8, 10, 12, 14, 16, 18, 20, 156, 158, 160, 162, 164, 166, 168, 170) with keying material before the one or more sensors (6, 8, 10, 12, 14, 16, 18, 20, 156, 158, 160, 162, 164, 166, 168, 170) are deployed to the wireless network (2, 150). A base station (178, 180) distributes a key certificate to the one or more sensors (6, 8, 10, 12, 14, 16, 18, 20, 156, 158, 160, 162, 164, 166, 168, 170) associated with the body sensor network (22, 24, 26, 172, 174, 176), such that two sensors generate a unique pairwise key based at least in part upon the pre-distributed keying material and the key certificate distributed by the base station (178, 180).

A mesh station applying for access to a network includes a list of peer stations in messages of an authenticated key establishment protocol. A mesh key distributor derives a key delivery key and generates a top level key, and then delivers the top level key to the mesh station. Following the key establishment protocol, the mesh key distributor also creates pairwise keys for use between the mesh station and the peer stations listed in its peer list. The list of peers permits the identifier for the peer to be bound into the derived key, which helps ensure that the key used between each pair of peers is unique. Once the mesh key distributor finishes creating a key for one of the stations on the peer list, the mesh key distributor sends a message to the peer to initiate a key push.

An Authentication Of Things (AOT) system includes a cloud server configured to control a cloud domain connected with a plurality of devices, a home server configured to control a home server connected with a plurality of devices, a first device corresponding to a new device, and a second device of a root user connected with the home domain while authentication is completed in the home server. In this case, the first device loads cryptographic material of the cloud server from the cloud server in a pre-deployment stage, the cryptographic material includes at least one selected from the group consisting of an identifier of the first device in the cloud server, a first private key of an ID-based cryptography system of the first device in the cloud server, a first pairwise key of the first device in the cloud server, and a counter of the first device, and if the first device is shipped to a trader, the cloud server deletes the first private key from the cloud server.

Method for distributing a group session cryptographic key includes initiating at least one pairwise key distribution session including a root node (100) and at least one communication node (101-107). The method further includes performing at a communication node which has received the group session cryptographic key a propagated pairwise key distribution session with at least one of the communication nodes which has not previously received said group session cryptographic key. The propagated pairwise key distribution sessions are performed at each of the communication nodes which subsequently receives the group session cryptographic key until the group session cryptographic key has been securely provided to all authorized communication nodes.

The invention relates to a bridge-type-based wireless sensing network key management scheme. The bridge-type-based wireless sensing network key management scheme includes the following steps that firstly, key pre-allocation is carried out, and namely allocation information is preset onto each sensor node by a starting server before node deployment; secondly, in the clustering phase, after cluster head nodes are selected, the clustering phase begins immediately, and each sensor node is added to the corresponding nearest cluster in the clustering process; thirdly, in the neighbor node discovery phase, whether other nodes are to be recorded as neighbor nodes or not is determined by each sensor according to the included angle calculation formula; fourthly, intra-cluster matched keys are built, wherein matched keys between each sensor node and other neighbor nodes are worked out through the bridge type; fifthly, inter-cluster matched keys are built, wherein matched keys between each cluster head node and other cluster head nodes are worked out through symmetric bivariate polynomials. By means of the scheme, on the premise that a certain connection rate is guaranteed, information transfer safety and effectiveness can be guaranteed, and the memory space of a memory is well saved.

A security system for a hierarchical network (10) includes L hierarchical levels each corresponding to a security domain level (16), and a plurality of local network nodes (A, B,..., Z). A keying material generator (24) generates a set (30) of correlated keying material for each network node. Each set (30) of keying material is composed of L sub-sets (32) of keying material one for each security domain level (16). A set up server (34) distributes the generated sets (30) of keying material to each network node (A, B,, Z) to enable the network nodes (A, B,, Z) to communicate with one another ata security domain of a hierarchical level k by a use of a corresponding sub-set (32) of the security keying material.

The invention provides an iOS equipment and bluetooth peripheral equipment pairing method and device, and belongs to the technical field of communication. The iOS equipment and bluetooth peripheral equipment pairing method mainly comprises the steps that iOS equipment and bluetooth peripheral equipment establish physical connection; the iOS equipment transmits data request information to the bluetooth peripheral equipment, and the bluetooth peripheral equipment returns data response information carrying equipment identification information; the iOS equipment initiates a pairing request according to the equipment identification information; the iOS equipment generates first pairing key information, and the bluetooth peripheral equipment generates second pairing key information; the bluetooth peripheral equipment transmits the second pairing key information to the iOS equipment, and the second pairing key information is displayed on the iOS equipment; and the iOS equipment confirms consistency of the first pairing key information and the second pairing key information, and pairing is completed if the first pairing key information and the second pairing key information are consistent. Input operation and display information of the bluetooth peripheral equipment without input equipment or display screen are enabled to be operated on the iOS equipment so that the security of the pairing process can be enhanced, and the bluetooth peripheral equipment is enabled not to only passively select the Just Works pairing mode.

The invention discloses a key management and identity authentication method based on a wireless sensor network, which comprises the following steps: S1, establishing a matrix M containing five-tuple information of a plurality of neighboring nodes; S2, establishing a matrix M containing five-tuple information of a plurality of neighboring nodes; S3, establishing a matrix M containing five-tuple information of the neighboring nodes. 2, judging whether that req node is included in the matrix M, if so, turning to S3, otherwise turning to S5; S3, judging whether the quintuple information of the requesting node is valid, if so, turning to S4, otherwise refusing communication; S4, the requested node and the requesting node authenticate through the key distribution center to generate a pairing key; S5, searching the relay node according to the respective communication areas of the requesting node and the requested node, and then repeating S3 to S4 between the relay node and the requesting node, and repeating S3 and S4 between the relay node and the requested node. The invention can achieve the purposes of reducing node resource storage consumption, improving forward and backward safety between nodes and resisting replay attack.

The invention relates to the technical field of security. The embodiment of the invention provides a Bluetooth pairing method supporting identity authentication, a security chip and a Bluetooth module. The Bluetooth pairing method supporting identity authentication is based on a key exchange protocol of an identification cryptographic algorithm, and comprises the following steps: acquiring an identity identifier of an opposite-end Bluetooth module; generating exchange data according to the obtained identity label and the identity label of the Bluetooth module at the home terminal; generating a negotiation key according to the exchange data; confirming that the negotiation key is successfully authenticated; using the negotiation key as a pairing key in the pairing process of the home terminal Bluetooth module and the opposite terminal Bluetooth module, wherein the step of generating the exchange data, the step of generating the negotiation key and the step of authenticating the negotiation key are all based on a key exchange protocol of the identification cryptographic algorithm. According to the embodiment provided by the invention, the security and autonomy in the Bluetooth module pairing process are improved.

The invention relates to an intellectual property consultation information management method and device, a computer and a storage medium, and the management method comprises the steps: transmitting interaction request information for information interaction to a target interaction end, so as to enable the target interaction end to transmit the same or corresponding pairing secret key to a transmitting end and a receiving end participating in information interaction at the same time; enabling the transmitting end to receive the pairing secret key sent by the target interaction end, and encrypting the consultation information to be sent according to the pairing secret key to generate encrypted information taking the pairing secret key as a decryption secret key; enabling the receiving end toreceive the pairing secret key sent by the target interaction end, and carrying out pairing decryption on the encryption information sent by the transmitting end. Through the process, the process oftransmitting and receiving by the transmitting end and the receiving end is the information verification process, and if the receiving end cannot be matched with the encrypted information transmittedby the transmitting end, the consultation information in the encrypted information cannot be acquired, so the security of the consultation information is improved.

An authentication system to authenticate at least one application accessible by a user via a computer for which access is controlled by an authentication datum includes a main mobile device and a main token in which the authentication datum is recorded. The main mobile device is configured to recover the authentication datum of the main token using a pairing key that is segmented into a plurality of segments. A first segment is recorded on the main mobile device and at least one additional segment is recorded on a secondary mobile device and/or a secondary token. The main mobile device is configured to recover the additional segment or segments in order to reconstitute the pairing key and to present the reconstituted pairing key to the main token.