Key Configuration Method, System, and Apparatus
US-2016269176-A1 · Sep 15, 2016 · US
Method for establishing secured connection, and related device
US11343104B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11343104-B2 |
| Application number | US-201515751864-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 24, 2015 |
| Priority date | Aug 24, 2015 |
| Publication date | May 24, 2022 |
| Grant date | May 24, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present invention provides a security authentication method, a configuration method, and a related device. A first terminal receives a public key for signature of a configuration device sent by the configuration device. The first terminal receives second signature information and second type information. The first terminal determines, according to at least the second type information and the second signature information, that the first terminal is to generate key information. In this way, the first terminal establishes a security connection between the first terminal and the second terminal. This effectively prevents a terminal from tampering with its role, and therefore effectively prevents a terminal from establishing a connection to an attacker terminal with a changed role, thereby further preventing the attacker terminal from obtaining information of the terminal, to effectively ensure security of the terminal.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for establishing a secured connection, comprising: receiving, by a first device from a configuration device, a public key for signature of the configuration device; receiving, by the first device from a second device, a second signature and a role type of the second device, wherein the second signature is generated by the configuration device according to at least the role type of the second device and a private key for signature of the configuration device, and the public key for signature of the configuration device corresponds to the private key for signature of the configuration device; and generating, by the first device, a key for establishing a secured connection between the first device and the second device when conditions are met, wherein the conditions comprise: a role type of the first device matches the role type of the second device, and a verification of the second signature is successful; wherein the role type of the first device matches the role type of the second device when any one of the following is met: the role type of the second device is an access point, and the role type of the first device is a station; the role type of the second device is a station, and the role type of the first device is an access point; the role type of the second device is a Peer to Peer (P2P) client, and the role type of the first device is a P2P group owner; or the role type of the second device is a P2P group owner, and the role type of the first device is a P2P client. 2. The method according to claim 1 , further comprising: receiving, by the first device from the configuration device, a first signature, wherein the first signature is generated by the configuration device according to at least the role type of the first device and the private key for signature of the configuration device. 3. The method according to claim 1 , wherein the conditions further comprise: a net-id received from the second device is the same as a net-id of the first device. 4. The method according to claim 1 , wherein the verification of the second signature is successful comprises: the second signature matches the role type of the second device. 5. The method according to claim 2 , further comprising: sending, by the first device, the first signature to the second device. 6. The method according to claim 2 , wherein the conditions further comprise: a net-id received from the second device is the same as a net-id of the first device. 7. The method according to claim 4 , wherein the second signature matches the role type of the second device comprises: a first hash value is equal to a second hash value, wherein the first hash value is a hash value generated by the configuration device by performing a hash operation on at least the role type of the second device and is obtained by the first device by decrypting the second signature by using the public key for signature of the configuration device, and the second hash value is generated by the first device by performing the hash operation on at least the role type of the second device. 8. The method according to claim 5 , wherein the conditions further comprise: a net-id received from the second device is the same as a net-id of the first device. 9. A first device, comprising a receiver, a transmitter, and a processor connected to the receiver and the transmitter; wherein the receiver is configured to: receive, from a configuration device, a public key for signature of the configuration device; and receive, from a second device, a second signature and a role type of the second device, wherein the second signature is generated by the configuration device according to at least the role type of the second device and a private key for signature of the configuration device, and the public key for signature of the configuration device corresponds to the private key for signature of the configuration device; the processor is configured to: generate a key for establishing a secured connection between the first device and the second device when conditions are met, wherein the conditions comprise: a role type of the first device matches the role type of the second device, and a verification of the second signature is successful; wherein the role type of the first device matches the role type of the second device when any one of the following is met: the role type of the second device is an access point, and the role type of the first device is a station; the role type of the second device is a station, and the role type of the first device is an access point; the role type of the second device is a Peer to Peer (P2P) client, and the role type of the first device is a P2P group owner; or the role type of the second device is a P2P group owner, and the role type of the first device is a P2P client. 10. The first device according to claim 9 , wherein the receiver is further configured to: receive, from the configuration device, a first signature, wherein the first signature is generated by the configuration device according to at least the role type of the first device and the private key for signature of the configuration device. 11. The first device according to claim 9 , wherein the conditions further comprise: a net-id received from the second device is the same as a net-id of the first device. 12. The first device according to claim 9 , wherein the verification of the second signature is successful comprises: the second signature matches the role type of the second device. 13. The first device according to claim 10 , wherein the transmitter is configured to: send the first signature to the second device. 14. The first device according to claim 10 , wherein the conditions further comprise: a net-id received from the second device is the same as a net-id of the first device. 15. The first device according to claim 12 , wherein the second signature matches the role type of the second device comprises: a first hash value is equal to a second hash value, wherein the first hash value is a hash value generated by the configuration device by performing a hash operation on at least the role type of the second device and is obtained by the first device by decrypting the second signature by using the public key for signature of the configuration device, and the second hash value is generated by the first device by performing the hash operation on at least the role type of the second device. 16. The first device according to claim 13 , wherein the conditions further comprise: a net-id received from the second device is the same as a net-id of the first device. 17. A non-transitory computer-readable medium storing a program, wherein when executed by a first device, the program causes the first device to: receive, from a configuration device, a public key for signature of the configuration device; receive, from a second device, a second signature and a role type of the second device, wherein the second signature is generated by the configuration device according to at least the role type of the second device and a private key for signature of the configuration device, and the public key for signature of the configuration device corresponds to the private key for signature of the configuration device; and generate a key for establishing a secured connection between the first device and the second device when conditions are met, wherein the conditions comprise: a role type of the first device matches the role type of the second device, and a verification of the second signature is s
Assignees
Inventors
Classifications
including means for verifying the identity or authority of a user of the system {or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials} · CPC title
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
Connection setup · CPC title
involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics · CPC title
- H04L9/3247Primary
involving digital signatures · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11343104B2 cover?
- The present invention provides a security authentication method, a configuration method, and a related device. A first terminal receives a public key for signature of a configuration device sent by the configuration device. The first terminal receives second signature information and second type information. The first terminal determines, according to at least the second type information and th…
- Who is the assignee on this patent?
- Huawei Tech Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3247. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 24 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).