Systems and methods for key management for wireless communications systems

摘要

A novel key management approach is provided for securing communication handoffs between and access terminal and two access points. This approach provides for securely handing off communications between an access terminal and access point without risking exposure a master key for the access terminal. Temporary master keys are derived for low latency handoffs and secure authentication between a new access point and the access terminal. In one aspect, a distributive key management scheme is provided in which a current access point generates a new security key (based on its own security key) that is used by the next access point with which an access terminal communicates. In another aspect, a centralized key management scheme is provided in which a central authenticator maintains, generates, and distributes new security keys (based on a master security key associated with the access terminal) to access points.

主权项

1. A method for secure handoff, comprising:
an access terminal securely communicating with a first access point using a first transient session key, wherein the first transient session key is generated based on a first interim master key, and wherein the first interim master key is generated based on a top-level master key and a first sequence number associated with the first access point; the access terminal associating a second sequence number with a second access point; the access terminal initiating a secure handoff from the first access point to the second access point, wherein the second sequence number is forwarded to the first access point; the access terminal generating a second interim master key based on the first interim master key and the second sequence number; the access terminal generating a second transient session key based on the second interim master key; and the access terminal securely communicating with the second access point using the second transient session key.