Search

US-12627977-B2 - Secure key management device, authentication system, wide area network and method for generating session keys

US12627977B2US 12627977 B2US12627977 B2US 12627977B2US-12627977-B2

Abstract

The present disclosure relates to a secure key management device for a wide area network comprising an end-device, a network server, an application server, and a join server. The secure key management device comprises a secure storage component for storage of secret key information, a secure interface for securely exchanging data with the join server, and at least one processing component. The processing component(s) is configured to generate and store at least one master key in the secure storage component; generate at least one root key, and provide the root key(s) to the end-device; receive a first request comprising the unique identifier of the end-device and session information; generate, based on the at least one master key and the unique identifier of the end-device and the session information comprised in the first request, at least one session key; and provide the session key(s) to the join server.

Inventors

  • Harold Roberto Martinez-Salazar
  • Arijit Kumar Bose
  • Pawel Opoczyński

Assignees

  • HITACHI ENERGY LTD

Dates

Publication Date
20260512
Application Date
20220120
Priority Date
20210308

Claims (15)

  1. 1 . A secure key management device for a long range wide area network (LoRaWAN) comprising an end-device, a network server, an application server, and a join server, the secure key management device comprising: a secure storage component for storage of secret key information; a secure interface for securely exchanging data with the join server; and at least one processing component configured to: generate and store at least one master key in the secure storage component, wherein the secure storage component is distinct and separate from the at least one processing component; generate, based on the at least one master key and a unique identifier of the end-device, at least one root key, and provide the at least one generated root key to the end-device; receive, from the join server via the secure interface, a first request comprising the unique identifier of the end-device and session information; generate, based on the at least one master key stored in the secure storage component, and the unique identifier of the end-device and the session information comprised in the first request, at least one session key; and provide the at least one session key via the secure interface to the join server; wherein a pre-registration procedure performed before the secure key management device receives the first request comprises generating and providing the at least one root key to the end-device and providing, by the secure key management device, the join server with a registration message comprising the unique identifier of the end-device.
  2. 2 . The secure key management device of claim 1 , wherein the secure key management device and join server are part of an authentication system for authenticating the end-device in the long range wide area network, wherein the authentication system further comprises: at least one processing component of the join server which is configured to: receive, from the end-device, a second request comprising address information of the end-device; provide, via the secure interface to the secure key management device, the first request based on the address information of the second request; and forward the at least one session key received via the secure interface from the secure key management device to at least one of the network server and the application server.
  3. 3 . The secure key management device of claim 2 , wherein the authentication system further comprises: a registration device, connectable to the end-device and the secure key management device during the pre-registration procedure, wherein at least one processing component of the registration device is configured to perform the following steps during the pre-registration procedure: determine the unique identifier of the end-device; provide a third request comprising the unique identifier of the end-device to the secure key management device; receive the at least one root key provided by the secure key management device; and securely store the at least one root key in the end-device.
  4. 4 . The secure key management device of claim 3 , wherein the at least one processing component of the registration device is further configured to perform the following steps during the pre-registration procedure: determine an end-device address identifier for addressing the end-device in the wide area network; and store the end-device address identifier in the end-device.
  5. 5 . The secure key management device of claim 2 , wherein the end-device is configured to send a data packet to the network server, the data packet being encrypted on a network layer and on an application layer; the network server is configured to partially decrypt the data packet on the network layer using at least one network session key received from the join server, and forward the partially decrypted data packet to the application server; and the application server is configured to decrypt the data packet on the application layer using at least one application session key received from the join server.
  6. 6 . The secure key management device of claim 1 , wherein the long range wide area network comprises a low power wireless access network domain comprising the end-device and a core network domain comprising the application server, and wherein the secure interface is configured for exchanging data with the join server outside the low power wireless access network domain and/or the wired core network domain.
  7. 7 . The secure key management device of claim 1 , wherein the secure interface is configured for exchanging data with the join server outside an address space of the LoRaWAN network, and the session information comprises at least one of a join nonce, a network ID and a device nonce.
  8. 8 . A method for generating session keys for use in a long range wide area network (LoRaWAN) comprising an end-device pre-registered with a secure key management device, a network server, an application server and a join server, the method comprising: generating, by the secure key management device, based on at least one master key and a unique identifier of the end-device, at least one root key; performing a pre-registration procedure before receiving a first request from the join server comprising providing the at least one generated root key to the end-device and providing, by the secure key management device, the join server with a registration message comprising the unique identifier of the end-device; receiving, by the secure key management device from the join server via a secure interface, the first request comprising the unique identifier of the end-device and session information; generating, by the secure key management device, based on the at least one master key previously generated by at least one processing component of the secure key management device and stored in a secure storage component of the secure key management device, and the unique identifier of the end-device and the session information comprised in the first request, at least one session key, wherein the secure storage component is distinct and separate from the at least one processing component; and providing, by the secure key management device, the generated at least one session key via the secure interface to the join server.
  9. 9 . The method of claim 8 , wherein at least one network session key and at least one application session key is generated and provided to the join server by the secure key management device.
  10. 10 . The method of claim 8 , wherein the step of generating the at least one session key comprises: generating, by the secure key management device, at least one root key of the end-device based on at least one first cryptographic function using the at least one master key stored in the secure key management device and the unique identifier of the end-device comprised in the first request; and generating, by the secure key management device, the at least one session key based on at least one second cryptographic function using the at least one generated root key and the session information comprised in the first request.
  11. 11 . The method of claim 8 , wherein the end-device is pre-registered with the secure key management device before the step of receiving the first request in the pre-registration procedure, the pre-registration procedure comprising: generating, by the secure key management device, the at least one master key and storing the at least one master key within the secure key management device; generating, by the secure key management device, based on the at least one master key and the unique identifier of the end-device provided to the secure key management device, at least one root key; and providing the at least one generated root key to the end-device.
  12. 12 . The method of claim 11 , wherein the step of generating the at least one master key is repeated after a predetermined condition; during the pre-registration procedure, version data related to the master key used for generating the at least one root key is provided to the end-device; and the first request received from the join server further comprises the version data.
  13. 13 . The method of claim 12 , further comprising: receiving, by the join server from the end-device, a second request comprising address information of the end-device; providing, by the join server via the secure interface to the secure key management device, the first request based on the address information of the second request; and forwarding the at least one session key received from the secure key management device via the secure interface to at least one of the network server and the application server.
  14. 14 . The method of claim 13 , wherein the address information of the second request comprises an end-device address identifier of the end-device, the method further comprising: during the pre-registration procedure, providing, to the join server, the end-device address identifier as the unique identifier of the end-device; mapping, by the join server, the end-device address identifier comprised in the second request to the unique identifier of the end-device; and generating, by the join server, the first request based on the mapping of the end-device address identifier to the unique identifier.
  15. 15 . A data storage device storing instructions that, when executed by at least one processing device of a networked computing device, implements the steps for generating session keys for use in a long range wide area network (LoRaWAN) including an end-device pre-registered with a secure key management device, a network server, an application server and a join server, the steps comprising: generating, by the secure key management device, based on at least one master key and a unique identifier of the end-device, at least one root key; performing a pre-registration procedure before receiving a first request from the join server comprising providing the at least one generated root key to the end-device and providing, by the secure key management device, the join server with a registration message comprising the unique identifier of the end-device; receiving, by the secure key management device from the join server via secure interface, the first request comprising the unique identifier of the end-device and session information; generating, by the secure key management device, based on the at least one master key previously generated by at least one processing component of the secure key management device and stored in a secure storage component of the secure key management device, and the unique identifier of the end-device and the session information comprised in the first request, at least one session key, wherein the secure storage component is distinct and separate from the at least one processing component; and providing, by the secure key management device, the generated at least one session key via the secure interface to the join server.

Description

CROSS REFERENCE TO RELATED APPLICATIONS This application is a 35 U.S.C. § 371 national stage application of PCT International PCT/EP2022/051217 filed on Jan. 20, 2022, which claims priority to European Patent Application 21161344.3, filed on Mar. 8, 2021, the disclosures and content of which are incorporated by reference herein in their entireties. TECHNICAL FIELD The present disclosure relates to devices, systems and methods for secure session key management. BACKGROUND US 2020/0288312 A1 discloses a communication system which includes a terminal, a telecommunications network server able to provide a network service to the terminal; and an application server able to provide application services to the terminal via the network and the network server. WO 2018/148244 A1 discloses a key provisioning procedure, in which an application provider transfers a group master key to a network provider prior to device deployment. The key provisioning procedure may allow the network provider to authenticate a large number of devices in the system without the need to manage device unique keys. U.S. Ser. No. 10/880,743 B1 describes techniques for a centralized, neutral system for Internet of Things (IoT) device activation and automatic onboarding on an end-to-end basis, and for establishing secure communication between IoT devices and the IoT platforms. SUMMARY It is an object to provide improved devices, systems and methods for secure management of keys in a wide area network. According to a first aspect, a secure key management device for a wide area network comprising an end-device, a network server, an application server, and a join server is provided. The secure key management device comprises a secure storage component for storage of secret key information, a secure interface for securely exchanging data with the join server, and at least one processing component. The at least one processing component is configured to generate and store at least one master key in the secure storage component; generate, based on the at least one master key and a unique identifier of the end-device, at least one root key, and provide the at least one generated root key to the end-device; receive, from the join server via the secure interface, a first request comprising the unique identifier of the end-device and session information; generate, based on the at least one master key stored in the secure storage component, and the unique identifier of the end-device and the session information comprised in the first request, at least one session key; and provide the at least one session key via the secure interface to the join server. Storage of a master key within a secure management allows to establish a centralized, secure environment for key management and storage. Root keys and session keys can be derived from the master key on-the-fly and provided over the secure interface to a join server, thus eliminating the need to store security critical data within remote or exposed components of the wide area network, such as the join server. According to a second aspect, an authentication system for authenticating an end-device in a wide area network is provided, comprising a secure key management device according to the first aspect and a join server, connected to the secure key management device through the secure interface. At least one processing component of the join server is configured to receive, from the end-device, a second request comprising address information of the end-device; provide, via the secure interface to the secure key management device, the first request based the address information of the second request; and forward the at least one session key received via the secure interface from the secure key management device to at least one of the network server and the application server. By requesting at least one session key on-demand from the secure key management device, the join server of the authentication system can respond to queries from the wide area network in a standard compliant way without local access to a root key. According to a third aspect, a wide area network is provided, comprising an authentication system according to the second aspect, at least one end-device, at least one network server, and at least one application server. The at least one end-device is configured to send a data packet to the network server, the data packet being encrypted on a network layer and on an application layer; the at least network server is configured to decrypt the data packet on the network layer using at least one network session key received from the join server, and forward the partially decrypted data packet to the application server; and the at least application server is configured to decrypt the data packet on the application layer using at least one application session key received from the join server. The above wide area network provides a high degree of network security by hiding security critical data, such as r