Method and apparatus for securing communication between a mobile node and a network

摘要

In accordance with the teachings of the present invention, a method and apparatus is presented for securely negotiating a session key between a mobile node and a network node, such as a first hop IP router. A session key is encoded using asymmetric encryption. The encrypted session key is then communicated to the first hop IP router for later use. In accordance with another teaching of the present invention, the session key is then used by the mobile node and a first hop IP router to authenticate a message. Lastly, in accordance with the third teaching of the present invention, a standardized protocol is used to securely negotiate the session key between the mobile node and the first hop IP router.

主权项

1. A method of authenticating a message comprising the steps of:
a device receiving a message wherein the device comprises a first hop IP router; the device receiving an authentication code for the message; the device generating a first checksum of the message; the device accessing a session key, wherein the session key is negotiated prior to the accessing by:
initiating a communication session using a protocol;sending a public key within a vendor specific packet of the protocol, wherein the vendor specific packet includes a field indicating that the packet includes data in a format specified by a vendor;receiving an encrypted session key within an initial request message (RRQ) of the protocol, wherein the encrypted session key is generated from the public key; anddecrypting the encrypted session key to generate the session key; the device extracting a second checksum of the message from the authentication code using the session key; and the device comparing the first checksum of the message with the second checksum of the message.