USRE49876EActiveUtilityPatentIndex 58
Secure configuration of a headless networking device
Est. expiryMar 1, 2033(~6.7 yrs left)· nominal 20-yr term from priority
Inventors:HARKINS DANIEL N
G06F 9/4411G09C 5/00H04L 9/006H04L 63/0428H04L 63/061H04L 63/08H04L 63/18H04L 9/0841H04W 12/77
58
PatentIndex Score
0
Cited by
17
References
71
Claims
Abstract
The secure configuration of a headless networking device is described. A label associated with the headless networking device is scanned and a public key is determined. scanning a label associated with a networking device. A configuration process is initiated for the networking device using the public key associated with the networking device that was determined based on the scanned label.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A non-transitory computer-readable medium comprising instructions which, when executed by one or more hardware processors, cause the one or more hardware processors to:
determine a public key associated with a networking device using an external label associated with the networking device; authenticate the networking device based upon a determination as to whether the networking device possesses a private key analog to the public key associated with the networking device; and initiate a configuration process for the networking device after the networking device is authenticated, wherein the configuration process facilitates access by the networking device to a secure network, and wherein the configuration process includes sending a domain parameter to provide configuration information for the configuration process and an address for a domain name server to the networking device.
2. The non-transitory computer-readable medium of claim 1 , wherein to authenticate the networking device, the instructions are further to cause the one or more hardware processors to:
generate a shared secret using the public key associated with the networking device and send the shared secret to the networking device; encrypt a first information with the shared secret and send the encrypted first information to the networking device; and receive a second information from the networking device that indicates that the networking device possesses the private key analog to the public key associated with the networking device.
3. The non-transitory computer-readable medium of claim 2 , wherein to authenticate the networking device, the instructions are further to cause the one or more hardware processors to integrity protect the encrypted first information prior to sending the encrypted first information to the networking device.
4. The non-transitory computer-readable medium of claim 2 , wherein the instructions are further to cause the one or more hardware processors to send assurance to the networking device before initiating the configuration process by encrypting a third information with the shared secret and sending the encrypted third information to the networking device.
5. The non-transitory computer-readable medium of claim 2 , wherein to authenticate the networking device, the instructions are further to cause the one or more hardware processors to receive an indication from the networking device possessing the shared secret that the networking device possesses the private key analog to the public key associated with the network device.
6. The non-transitory computer-readable medium of claim 2 , wherein to generate the shared secret, the instructions are further to cause the one or more hardware processors to perform a static ephemeral Diffie-Hellman key exchange.
7. The non-transitory computer-readable medium of claim 2 , wherein to encrypt the first information, the instructions are further to cause the one or more hardware processors to wrap a first nonce in the shared secret.
8. The non-transitory computer-readable medians of claim 7 , wherein to receive the second information, the instructions are further to cause the one or more hardware processors to receive two encrypted nonces and wherein to determine that the networking device possesses the shared secret, the instructions are further to cause the one or more hardware processors to determine whether the encryption of the two nonces is valid.
9. The non-transitory computer-readable medium of claim 8 , wherein to receive the second information, the instructions are further to cause the one or more hardware processors to receive two nonces encrypted with the shared secret from the networking device, and decrypt and verify the two nonces.
10. An apparatus comprising:
one or more hardware processors; a memory on which is stored instructions that are to cause the one or more hardware processors to:
determine a public key associated with a networking device using an external label associated with the networking device;
authenticate the networking device based upon a determination as to whether the networking device possesses a private key analog to the public key associated with the networking device; and
initiate a configuration process for the networking device after the networking device has been authenticated, wherein the configuration process facilitates access by the networking device to a secure network, and wherein the configuration process includes sending a domain parameter to provide configuration information for the configuration process and an address for a domain name server to the networking device.
11. The apparatus of claim 10 , wherein to authenticate the networking device, the instructions are further to cause the one or more hardware processors to:
generate a shared secret using the public key associated with the networking device and send the shared secret to the networking device; encrypt a first information with the shared secret and send the encrypted first information to the networking device; and receive a second information from the networking device that indicates that the networking device possesses the private key analog to the public key associated with the net device.
12. The apparatus of claim 11 , wherein to authenticate the networking device, the instructions are further to cause the one or more hardware processors to integrity protect the encrypted first information prior to sending the encrypted first information to the networking device.
13. The apparatus of claim 11 , wherein the instructions are further to cause the one or more hardware processors to send assurance to the networking device before initiating the configuration process by encrypting a third information with the shared secret and sending the encrypted third information to the networking device wherein the networking device does not accept configuration unless the networking device can decrypt the third information using the shared secret.
14. The apparatus of claim 11 , wherein to authenticate the networking device, the instructions are further to cause the one or more hardware processors to receive an indication from the networking device possessing the shared secret that the networking device possesses the private key analog to the public key determined associated with the networking device.
15. The apparatus of claim 11 , wherein to generate the a shared secret, the instructions are further to cause the one or more hardware processors to perform a static ephemeral Diffie-Hellman key exchange.
16. The apparatus of claim 11 , wherein to encrypt the first information, the instructions are further to cause the one or more hardware processors to wrap a first nonce in the shared secret.
17. The apparatus of claim 16 , wherein to receive the second information, the instructions are further to cause the one or more hardware processors to receive two encrypted nonces and wherein to determine that the networking device possesses the shared secret, the instructions are further to cause the one or more hardware processors to determine whether the encryption of the two nonces is valid.
18. The apparatus of claim 17 , wherein to receive the second information, the instructions are further to cause the one or more hardware processors to receive two nonces encrypted with the shared secret from the networking device, and decrypt and verify the two nonces.
19. An apparatus comprising:
an external key label associated with a public key; an internal secure key storage to store a private key; a network interface to receive an authentication request from an external device connected to the network, the request including the public key; internal processing logic to authenticate the apparatus to the external device using the request by proving that it possesses the private key and to configure the apparatus to the network after authenticating, the configuring including receiving a domain parameter and a domain name server from the external device and using the received domain parameter and domain name server to configure the apparatus.
20. The apparatus of claim 19 , wherein the network interface further receives assurance from the external device, the assurance including an information encrypted with a shared secret, and wherein the processing logic configures the apparatus only if it can decrypt the information using the shared secret.
21. A method for authenticating devices, the method comprising:
obtaining, by a configuring device, a public key associated with a headless device, wherein the public key is used to initiate an authentication process for the headless device; generating, by the configuring device, a first ephemeral public key and a first ephemeral private key based on the public key associated with the headless device; transmitting, by the configuring device, the first ephemeral public key to the headless device; receiving, by the configuring device, a first encrypted message from the headless device, wherein the first encrypted message is generated by the headless device based in part on the first ephemeral public key; transmitting, by the configuring device, a second encrypted message to the headless device based on the first encrypted message, wherein the second encrypted message is encrypted with a shared secret key; and configuring, by the configuring device, the headless device by transmission of network parameters to the headless device, wherein the network parameters allow the headless device to establish secure access to a network.
22. The method of claim 21, further comprising:
generating, by the configuring device, a shared secret using a cryptographic technique based on the first ephemeral private key and the public key associated with the headless device wherein the cryptographic technique includes at least discrete logarithm cryptography.
23. The method of claim 21, wherein transmitting the first ephemeral public key to the headless device comprises:
generating, by the configuring device, a first random nonce with which to encapsulate a first message to form a first encapsulated message; and transmitting, by the configuring device, the first encapsulated message to the headless device, wherein the first encapsulated message includes the first ephemeral public key.
24. The method of claim 23, wherein the first encrypted message is generated by the headless device based in part on the first encapsulated message and the first ephemeral public key.
25. The method of claim 23, wherein the first encrypted message from the headless device comprises:
a second ephemeral public key generated by the headless device; and a concatenation of the first random nonce of the first encapsulated message and a second random nonce generated by the headless device.
26. The method of claim 25, further comprising:
validating, by the configuring device, the second ephemeral public key from the first encrypted message.
27. The method of claim 21, wherein the first encrypted message comprises a first authentication wherein the first authentication is validated and then used to determine that the headless device has been authenticated by the configuring device.
28. The method of claim 21, wherein the second encrypted message comprises a second authentication wherein the second authentication allows the headless device to determine authentication of the configuring device.
29. A configuring device comprising:
a processor; and a memory storing instructions that, when executed by the processor, cause the configuring device to:
obtain a public key associated with a headless device, wherein the public key is used to initiate an authentication process for the headless device;
generate a first ephemeral public key and a first ephemeral private key based on the public key associated with the headless device;
transmit the first ephemeral public key to the headless device;
receive a first encrypted message from the headless device, wherein the first encrypted message is generated by the headless device based in part on the first ephemeral public key;
transmit a second encrypted message to the headless device based on the first encrypted message, wherein the second encrypted message is encrypted with a shared secret key; and
configure the headless device by transmission of network parameters to the headless device, wherein the network parameters allow the headless device to establish secure access to a network.
30. The configuring device of claim 29, wherein the instructions, when executed, further cause the configuring device to:
generate a shared secret using a cryptographic technique based on the first ephemeral private key and the public key associated with the headless device wherein the cryptographic technique includes at least discrete logarithm cryptography.
31. The configuring device of claim 29, wherein transmitting the first ephemeral public key to the headless device comprises:
generating a first random nonce with which to encapsulate a first message to form a first encapsulated message; and transmitting the first encapsulated message to the headless device, wherein the first encapsulated message includes the first ephemeral public key.
32. The configuring device of claim 31, wherein the first encrypted message is generated by the headless device based in part on the first encapsulated message and the first ephemeral public key.
33. The configuring device of claim 31, wherein the first encrypted message from the headless device comprises:
a second ephemeral public key generated by the headless device; and a concatenation of the first random nonce of the first encapsulated message and a second random nonce generated by the headless device.
34. The configuring device of claim 33, wherein the instructions, when executed, further cause the configuring device to:
validate the second ephemeral public key from the first encrypted message.
35. The configuring device of claim 29, wherein the first encrypted message comprises a first authentication wherein the first authentication is validated and then used to determine that the headless device has been authenticated by the configuring device.
36. The configuring device of claim 29, wherein the second encrypted message comprises a second authentication wherein the second authentication allows the headless device to determine authentication of the configuring device.
37. A non-transitory storage medium of a configuring device storing instructions that, when executed by a processor of the configuring device, configure the configuring device to:
obtain a public key associated with a headless device, wherein the public key is used to initiate an authentication process for the headless device; generate a first ephemeral public key and a first ephemeral private key based on the public key associated with the headless device; transmit the first ephemeral public key to the headless device; receive a first encrypted message from the headless device, wherein the first encrypted message is generated by the headless device based in part on the first ephemeral public key; transmit a second encrypted message to the headless device based on the first encrypted message, wherein the second encrypted message is encrypted with a shared secret key; and configure the headless device by transmission of network parameters to the headless device, wherein the network parameters allow the headless device to establish secure access to a network.
38. The non-transitory storage medium of claim 37, wherein the instructions, when executed, further cause the configuring device to:
generate a shared secret using a cryptographic technique based on the first ephemeral private key and the public key associated with the headless device wherein the cryptographic technique includes at least discrete logarithm cryptography.
39. The non-transitory storage medium of claim 37, wherein transmitting the first ephemeral public key to the headless device comprises:
generating a first random nonce with which to encapsulate a first message to form a first encapsulated message; and transmitting the first encapsulated message to the headless device, wherein the first encapsulated message includes the first ephemeral public key.
40. The non-transitory storage medium of claim 39, wherein the first encrypted message is generated by the headless device based in part on the first encapsulated message and the first ephemeral public key.
41. The non-transitory storage medium of claim 39, wherein the first encrypted message from the headless device comprises:
a second ephemeral public key generated by the headless device; and a concatenation of the first random nonce of the first encapsulated message and a second random nonce generated by the headless device.
42. The non-transitory storage medium of claim 41, wherein the instructions, when executed, further cause the configuring device to:
validate the second ephemeral public key from the first encrypted message.
43. The non-transitory storage medium of claim 37, wherein the first encrypted message comprises a first authentication wherein the first authentication is validated and then used to determine that the headless device has been authenticated by the configuring device.
44. The non-transitory storage medium of claim 37, wherein the second encrypted message comprises a second authentication wherein the second authentication allows the headless device to determine authentication of the configuring device.
45. A method for authenticating devices, the method comprising:
providing, by a headless device, a public key associated with the headless device to a configuring device, wherein an authentication process is initiated after providing the public key; receiving, by the headless device, a first ephemeral public key from the configuring device, wherein the first ephemeral public key is generated by the configuring device based on the public key associated with the headless device; generating, by the headless device, a first encrypted message, wherein the first encrypted message is based in part on the first ephemeral public key; transmitting, by the headless device, the first encrypted message to the configuring device; and receiving, by the headless device, a second encrypted message from the configuring device, wherein the second encrypted message is encrypted with a shared secret key.
46. The method of claim 45, further comprising:
generating, by the headless device, a shared secret based on the first ephemeral public key and a private key associated with the headless device.
47. The method of claim 45, wherein the first encrypted message comprises a first authentication, wherein the first authentication allows the configuring device to determine authentication of the headless device.
48. The method of claim 45, the method further comprising:
receiving, by the headless device, a first encapsulated message from the configuring device, wherein the first encapsulated message comprises a first random nonce, wherein the first random nonce is generated by the configuring device.
49. The method of claim 48, wherein the first encrypted message is generated based in part on the first ephemeral public key and the first encapsulated message.
50. The method of claim 48, wherein generating the first encrypted message further comprises:
generating, by the headless device, a second random nonce; generating, by the headless device, a second ephemeral public key based on the first ephemeral public key; and concatenating, by the headless device, the first random nonce of the first encapsulated message and the second random nonce generated by the headless device.
51. The method of claim 45, further comprising:
receiving, by the headless device, configuration information from the configuring device, wherein the configuration information comprises network parameters.
52. The method of claim 51, wherein the network parameters are used by the headless device to establish secure access to a network.
53. The method of claim 45, wherein the second encrypted message comprises a second authentication wherein the second authentication is validated and then used to determine that the configuring device has been authenticated by the headless device.
54. A headless device comprising:
a processor; and a memory storing instructions that, when executed by the processor, cause the headless device to:
provide a public key associated with the headless device to a configuring device, wherein an authentication process is initiated after providing the public key;
receive a first ephemeral public key from the configuring device, wherein the first ephemeral public key is generated by the configuring device based on the public key associated with the headless device;
generate a first encrypted message, wherein the first encrypted message is based in part on the first ephemeral public key;
transmit the first encrypted message to the configuring device; and
receive a second encrypted message from the configuring device, wherein the second encrypted message is encrypted with a shared secret key.
55. The headless device of claim 54, wherein the instructions, when executed, further cause the headless device to:
generate a shared secret based on the first ephemeral public key and a private key associated with the headless device.
56. The headless device of claim 54, wherein the first encrypted message comprises a first authentication, wherein the first authentication allows the configuring device to determine authentication of the headless device.
57. The headless device of claim 54, wherein the instructions, when executed, further cause the headless device to:
receive a first encapsulated message from the configuring device, wherein the first encapsulated message comprises a first random nonce, wherein the first random nonce is generated by the configuring device.
58. The headless device of claim 57, wherein the first encrypted message is generated based in part on the first ephemeral public key and the first encapsulated message.
59. The headless device of claim 57, wherein generating the first encrypted message further comprises:
generating a second random nonce; generating a second ephemeral public key based on the first ephemeral public key; and concatenating the first random nonce of the first encapsulated message and the second random nonce generated by the headless device.
60. The headless device of claim 54, wherein the instructions, when executed, further cause the headless device to:
receive configuration information from the configuring device, wherein the configuration information comprises network parameters.
61. The headless device of claim 60, wherein the network parameters are used by the headless device to establish secure access to a network.
62. The headless device of claim 54, wherein the second encrypted message comprises a second authentication wherein the second authentication is validated and then used to determine that the configuring device has been authenticated by the headless device.
63. A non-transitory medium of a headless device storing instructions that, when executed by a processor of the headless device, cause the headless device to:
provide a public key associated with the headless device to a configuring device, wherein an authentication process is initiated after providing the public key; receive a first ephemeral public key from the configuring device, wherein the first ephemeral public key is generated by the configuring device based on the public key associated with the headless device; generate a first encrypted message, wherein the first encrypted message is based in part on the first ephemeral public key; transmit the first encrypted message to the configuring device; and receive a second encrypted message from the configuring device, wherein the second encrypted message is encrypted with a shared secret key.
64. The non-transitory medium of claim 63, wherein the instructions, when executed, further cause the headless device to:
generate a shared secret based on the first ephemeral public key and a private key associated with the headless device.
65. The non-transitory medium of claim 63, wherein the first encrypted message comprises a first authentication, wherein the first authentication allows the configuring device to determine authentication of the headless device.
66. The non-transitory medium of claim 63, wherein the instructions, when executed, further cause the headless device to:
receive a first encapsulated message from the configuring device, wherein the first encapsulated message comprises a first random nonce, wherein the first random nonce is generated by the configuring device.
67. The non-transitory medium of claim 66, wherein the first encrypted message is generated based in part on the first ephemeral public key and the first encapsulated message.
68. The non-transitory medium of claim 66, wherein generating the first encrypted message further comprises:
generating a second random nonce; generating a second ephemeral public key based on the first ephemeral public key; and concatenating the first random nonce of the first encapsulated message and the second random nonce generated by the headless device.
69. The non-transitory medium of claim 63, wherein the instructions, when executed, further cause the headless device to:
receive configuration information from the configuring device, wherein the configuration information comprises network parameters.
70. The non-transitory medium of claim 69, wherein the network parameters are used by the headless device to establish secure access to a network.
71. The non-transitory medium of claim 63, wherein the second encrypted message comprises a second authentication wherein the second authentication is validated and then used to determine that the configuring device has been authenticated by the headless device.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.