发明名称 Communication device and communication method
摘要 There is provided a communication device in which a network access authenticating unit executes a network access authentication process with an authentication server to establish a connection to a network, the authentication process including generation of information shared with the authentication server, a communication unit receives an authentication result message from the authentication server when succeeding in the network access authentication process, the authentication result message containing an authentication result indicating success in the network access authentication process and an encrypted network key; a key transport key generating unit generates a key transport key by use of the information generated in the network access authentication process; and a network key acquiring unit acquires a network key by decrypting the encrypted network key contained in the authentication result message with the key transport key, the communication unit encrypts data with the network key and transmits encrypted data to the network.
申请公布号 US8898454(B2) 申请公布日期 2014.11.25
申请号 US201213670827 申请日期 2012.11.07
申请人 Kabushiki Kaisha Toshiba 发明人 Tanaka Yasuyuki;Oba Yoshihiro
分类号 H04W12/04;H04L9/08;H04W12/06 主分类号 H04W12/04
代理机构 Nixon & Vanderhye P.C. 代理人 Nixon & Vanderhye P.C.
主权项 1. A computer-implemented communication device comprising: a network access authenticating unit configured to execute a network access authentication process with an authentication server in order to establish a connection to a network, the network access authentication process including generation of information shared with the authentication server; a communication unit configured to receive an authentication result message from the authentication server when succeeding in the network access authentication process, the authentication result message containing an authentication result indicating success in the network access authentication process and an encrypted network key; a key transport key generating unit configured to generate a key transport key by use of the information generated in the network access authentication process; and a network key acquiring unit configured to acquire a network key by decrypting the encrypted network key contained in the authentication result message with the key transport key, wherein the communication unit encrypts data with the network key and transmits encrypted data to the network, the communication unit executes a first session check process of transmitting a session check request message to the authentication server and receiving a session check response message containing an encrypted first network key from the authentication server, the network key acquiring unit acquires a first network key by decrypting the encrypted first network key contained in the session check response message with the key transport key, the communication unit encrypts data with the first network key, the communication unit receives encrypted data from the network, decrypts the encrypted data with the network key and, executes, when failing in decrypting the encrypted data, the first session check process, the authentication result message and the session check response message contain encrypted key identifiers of the network key and the first network key, the network key acquiring unit acquires key identifiers by decrypting the encrypted key identifiers, and manages the key identifiers in the way of being associated with the network key and the first network key, the encrypted data received by the communication unit is attached with a key identifier, and the communication unit decrypts the encrypted data by use of the network key associated with the key identifier attached to the encrypted data.
地址 Tokyo JP