Providing zero trust network security without modification of network infrastructure
US-2024214377-A1 · Jun 27, 2024 · US
Authentication method and authentication system
US2016149908A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016149908-A1 |
| Application number | US-201615012913-A |
| Country | US |
| Kind code | A1 |
| Filing date | Feb 2, 2016 |
| Priority date | Feb 18, 2014 |
| Publication date | May 26, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system performs mutual authentication between a controller and a first device, creates a group key, shares the group key, and sets the first device as a reference device. The system performs mutual authentication between the controller and a second device, and shares the group key with the second device. Thereafter, the system, performs mutual authentication between the controller and the first device, updates the group key, and shares the updated group key between the controller and the first device. At a group key update timing when the group key is updated, the system performs mutual authentication between the controller and the second device, and shares the updated group key with the second device.
First claim
Opening claim text (preview).
What is claimed is: 1 . An authentication method performed in an authentication system including a controller, a first device, and a second device, the authentication method comprising: a first step comprising: performing mutual authentication between the controller and the first device, creating a group key, sharing the group key between the controller and the first device, and setting the first device as a reference device; a second step comprising: performing mutual authentication between the controller and the second device, and sharing the group key with the second device; a third step performed after the second step comprising: performing mutual authentication between the controller and the first device, updating the group key, and sharing the updated group key between the controller and the first device; and a fourth step performed at a group key update timing when the group key is updated comprising: performing mutual authentication between the controller and the second device, and sharing the updated group key with the second device. 2 . The authentication method according to claim 1 , wherein the controller, the first device, and the second device are connected to one home area network. 3 . The authentication method according to claim 1 , further comprising: transmitting, when the group key is updated, a group key update notification to the second device, wherein the group key update timing is a timing when the second device receives the group key update notification. 4 . The authentication method according to claim 1 , wherein the first step further includes setting a first session period between the controller and the first device, the second step further includes setting, between the controller and the second device, a second session period that is based on the first session period and on a period elapsed from a time point of setting the first session period, the third step is started in accordance with the first session period and the period elapsed from the time point of setting the first session period, and the group key update timing is a timing that is based on the second session period and a period elapsed from a time point of setting the second session period. 5 . The authentication method according to claim 1 , wherein the controller owns a private key and a public key certificate of the controller, the first device owns a private key and a public key certificate of the first device, the authentication method further comprises creating a first shared key and sharing the first shared key between the controller and the first device, the mutual authentication performed in the first step is public key authentication in which mutual authentication is performed by using the public key certificate owned by the controller and the public key certificate owned by the first device in accordance with a public key infrastructure, and the mutual authentication performed in the third step is shared key authentication in which mutual authentication is performed by using the first shared key. 6 . The authentication method according to claim 5 , wherein in the creating and sharing of the first shared key, the first shared key is shared through a key exchange, and the shared key authentication is challenge-response authentication in which random numbers and the first shared key are used. 7 . The authentication method according to claim 5 , wherein the second device owns a private key and a public key certificate of the second device, the authentication method further comprises creating a second shared key and sharing the second shared key between the controller and the second device, the mutual authentication performed in the second step is public key authentication in which mutual authentication is performed by using the public key certificate owned by the controller and the public key certificate owned by the second device in accordance with a public key infrastructure, and the mutual authentication performed in the fourth step is shared key authentication in which mutual authentication is performed by using the second shared key. 8 . An authentication system including a controller, a first device, and a second device, the authentication system comprising: a first mutual authenticator that performs mutual authentication between the controller and the first device, creates a group key, shares the group key between the controller and the first device, and sets the first device as a reference device; a second mutual authenticator that performs mutual authentication between the controller and the second device, and shares the group keywith the second device; a third mutual authenticator that performs mutual authentication between the controller and the first device, updates the group key, and shares the updated group key between the controller and the first device; and a fourth mutual authenticator that, at a group key update timing when the group key is updated, updates the group key, performs mutual authentication between the controller and the second device, and shares the updated group key with the second device.
Assignees
Inventors
Classifications
using time-dependent keys, e.g. periodically changing keys (cryptographic mechanisms or cryptographic arrangements for controlling usage of secret information H04L9/088) · CPC title
for group communications (cryptographic mechanisms or cryptographic arrangements for key management involving conference or group key H04L9/0833) · CPC title
for key distribution, e.g. centrally by trusted party (cryptographic mechanisms or cryptographic arrangements for key distribution involving a central third party H04L9/0819) · CPC title
for mutual authentication (network architectures or network communication protocols for achieving mutual authentication in a packet data network H04L63/0869) · CPC title
using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016149908A1 cover?
- A system performs mutual authentication between a controller and a first device, creates a group key, shares the group key, and sets the first device as a reference device. The system performs mutual authentication between the controller and a second device, and shares the group key with the second device. Thereafter, the system, performs mutual authentication between the controller and the fir…
- Who is the assignee on this patent?
- Panasonic Ip Corp America
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0869. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu May 26 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).