公开(公告)号：JP2002197064A

公开(公告)日：2002-07-12

申请号：JP2001323525

申请日：2001-10-22

Applicant: MOTOROLA INC

Inventor： PATZER ROBERT A ,  CHEN LIDONG

IPC: G06F21/20 ,  H04L9/32 ,  H04L29/06 ,  G06F15/00

Abstract: PROBLEM TO BE SOLVED: To provide a method for authentication between servers by a three party network protocol. SOLUTION: This method includes at least one network access server(NAS) which communicates with at lest one user on a network and also communicates with at least one remote authentication server(RAS) coupled with the network. An access request message including a user password is sent from a user to the NAS. The NAS ciphers the password with a shared secret between the NAS and the RAS. Then the NAS adds a message authentication code(MAC) used for the shared secret to the ciphered password. Then the ciphered password and the MAC are sent to the RAS. The RAS authenticates the NAS by verifying the MAC before deciphering the ciphered user password.

公开(公告)号：GB2371957B

公开(公告)日：2003-03-26

申请号：GB0125301

申请日：2001-10-22

Applicant: MOTOROLA INC

Inventor： PATZER ROBERT ,  CHEN LIDONG

IPC: G06F21/20 ,  H04L9/32 ,  H04L29/06

公开(公告)号：GB2371957A

公开(公告)日：2002-08-07

申请号：GB0125301

申请日：2001-10-22

Applicant: MOTOROLA INC

Inventor： PATZER ROBERT ,  CHEN LIDONG

IPC: G06F21/20 ,  H04L9/32 ,  H04L29/06

Abstract: A method of authentication between servers (18, 20) in a three party network protocol includes first providing a network access server (NAS) in communication with a remote authentication server (RAS) coupled to the network. An access request message including a user password is sent from the user (12) to the NAS (18). The NAS encrypts the password using a shared secret between the NAS and the RAS. The NAS subsequently tags a message authentication code (MAC) to the encrypted password, also using the shared secret, and both password and MAC are sent to the RAS. The RAS first authenticates the NAS by verifying the MAC before decrypting the password. The method allows the RAS to authenticate both the access server and the user, and thus prevents the use of illegal or imposter servers. The MAC may use an incremental SQN counter to prevent "replay" tactics.

公开(公告)号：BRPI0417840A

公开(公告)日：2007-04-27

申请号：BRPI0417840

申请日：2004-12-08

Applicant: MOTOROLA INC

Inventor： CHEN LIDONG ,  PAZHYANNUR RAJESH S

IPC: H04L9/00 ,  H04L12/28 ,  H04L12/56 ,  H04L29/06 ,  H04W12/06 ,  H04W84/12

Abstract: A system ( 100 ) for authentication in a wireless local area network (WLAN) includes a CDMA2000 authentication center ( 190 ) for authenticating CDMA2000 credentials ( 110 ), a WLAN authentication server ( 150 ) for using the CDMA2000 credentials to authenticate WLAN devices holding CDMA2000 credentials, and at least one WLAN device ( 130 ) holding CDMA2000 credentials. The WLAN server ( 150 ) performs a CDMA2000 global challenge and response ( 213 ) and a CDMA2000 unique challenge and response ( 223 ) with a WLAN device to obtain a CDMA2000 encryption key ( 233 ). The WLAN server ( 150 ) derives a master key from the CDMA2000 encryption key ( 234 ) and uses the master key to perform a WLAN challenge and response ( 237 ) with the WLAN device ( 130 ) and then derives session keys from the master key ( 240 ). The session keys protect communications between the WLAN access point ( 140 ) and the WLAN device ( 130 ).

公开(公告)号：WO2005065132B1

公开(公告)日：2007-11-01

申请号：PCT/US2004041075

申请日：2004-12-08

Applicant: MOTOROLA INC ,  CHEN LIDONG ,  PAZHYANNUR RAJESH S

Inventor： CHEN LIDONG ,  PAZHYANNUR RAJESH S

IPC: H04L9/00 ,  H04L12/28 ,  H04L12/56 ,  H04L29/06 ,  H04W12/06 ,  H04W84/12

CPC classification number: H04L63/08 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/162 ,  H04L2463/061 ,  H04W12/04 ,  H04W12/06 ,  H04W84/12

Abstract: A system (100) for authentication in a wireless local area network (WLAN) includes a CDMA2000 authentication center (190) for authenticating CDMA2000 credentials (110), a WLAN authentication server (150) for using the CDMA2000 credentials to authenticate WLAN devices holding CDMA2000 credentials, and at least one WLAN device (130) holding CDMA2000 credentials. The WLAN server (150) performs a CDMA2000 global challenge and response (213) and a CDMA2000 unique challenge and response (223) with a WLAN device to obtain a CDMA2000 encryption key (233). The WLAN server (150) derives a master key from the CDMA2000 encryption key (234) and uses the master key to perform a WLAN challenge and response (237) with the WLAN device (130) and then derives session keys from the master key (240). The session keys protect communications between the WLAN access point (140) and the WLAN device (130).

Abstract translation: 一种用于在无线局域网（WLAN）中认证的系统（100）包括用于认证CDMA2000凭证的CDMA2000认证中心（190），用于使用CDMA2000凭证来认证保持CDMA2000的WLAN设备的WLAN认证服务器（150） 凭证以及保存CDMA2000凭证的至少一个WLAN设备（130）。 WLAN服务器（150）通过WLAN设备执行CDMA2000全局质询和响应（213）和CDMA2000唯一的挑战和响应（223）以获得CDMA2000加密密钥（233）。 WLAN服务器（150）从CDMA2000加密密钥（234）导出主密钥，并使用主密钥与WLAN设备（130）执行WLAN质询和响应（237），然后从主密钥（ 240）。 会话密钥保护WLAN接入点（140）和WLAN设备（130）之间的通信。

公开(公告)号：WO2005065132A3

公开(公告)日：2007-09-13

申请号：PCT/US2004041075

申请日：2004-12-08

Applicant: MOTOROLA INC ,  CHEN LIDONG ,  PAZHYANNUR RAJESH S

Inventor： CHEN LIDONG ,  PAZHYANNUR RAJESH S

IPC: H04L9/00 ,  H04L12/28 ,  H04L12/56 ,  H04L29/06 ,  H04W12/06 ,  H04W84/12

CPC classification number: H04L63/08 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/162 ,  H04L2463/061 ,  H04W12/04 ,  H04W12/06 ,  H04W84/12

Abstract: A system (100) for authentication in a wireless local area network (WLAN) includes a CDMA2000 authentication center (190) for authenticating CDMA2000 credentials (110), a WLAN authentication server (150) for using the CDMA2000 credentials to authenticate WLAN devices holding CDMA2000 credentials, and at least one WLAN device (130) holding CDMA2000 credentials. The WLAN server (150) performs a CDMA2000 global challenge and response (213) and a CDMA2000 unique challenge and response (223) with a WLAN device to obtain a CDMA2000 encryption key (233). The WLAN server (150) derives a master key from the CDMA2000 encryption key (234) and uses the master key to perform a WLAN challenge and response (237) with the WLAN device (130) and then derives session keys from the master key (240). The session keys protect communications between the WLAN access point (140) and the WLAN device (130).

Abstract translation: 用于无线局域网（WLAN）中的认证的系统（100）包括用于认证CDMA2000证书（110）的CDMA2000认证中心（190），用于使用CDMA2000证书来认证持有CDMA2000的WLAN设备的WLAN认证服务器（150） 证书，以及保存CDMA2000证书的至少一个WLAN设备（130）。 WLAN服务器（150）与WLAN设备执行CDMA2000全球质询和响应（213）和CDMA2000唯一质询和响应（223）以获得CDMA2000加密密钥（233）。 WLAN服务器（150）从CDMA2000加密密钥（234）中导出主密钥并使用主密钥来与WLAN设备（130）执行WLAN询问和响应（237），然后从主密钥中导出会话密钥（ 240）。 会话密钥保护WLAN接入点（140）和WLAN设备（130）之间的通信。