| US 7,464,265 B2 | ||
| Methods for iteratively deriving security keys for communications sessions | ||
| Arun Ayyagari, Seattle, Wash. (US); Daniel R. Simon, Redmond, Wash. (US); Bernard D. Aboba, Bellevue, Wash. (US); Krishna Ganugapati, Redmond, Wash. (US); Timothy M. Moore, Bellevue, Wash. (US); and Pradeep Bahl, Redmond, Wash. (US) | ||
| Assigned to Microsoft Corporation, Redmond, Wash. (US) | ||
| Filed on May 03, 2002, as Appl. No. 10/138,868. | ||
| Prior Publication US 2003/0208677 A1, Nov. 06, 2003 | ||
| Int. Cl. H04L 9/00 (2006.01) | ||
| U.S. Cl. 713—168 [713/155; 713/179; 380/44; 380/46; 380/268; 380/277; 380/284; 726/2] | 39 Claims |
| 1. In a computing environment with an access client and an access server being members of a network group, a method for the
access client to communicate with the access server the method comprising:
communicating with an authentication server via the access server to authenticate the access client to the authentication
server and establish a master security key known to the access client and the authentication server;
deriving, using at least one first function, a first transient session security key based on the master security key and first
liveness information;
communicating with the access server using the first transient session security key;
after communicating with the access server using the first transient session security key, deriving, using at least one second
function, a second transient session security key based on the first transient session security key and second liveness information,
the second transient session security key being derived without re-authenticating the access client to the authentication
server; and
communicating with the access server using the second transient session security key.
|