公开(公告)号：US20160366105A1

公开(公告)日：2016-12-15

申请号：US14864940

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  MATS G. AGERSTAM

IPC: H04L29/06 ,  H04L29/08 ,  H04W76/02

CPC classification number: H04L63/0428 ,  H04L63/061 ,  H04L63/065 ,  H04L67/1063 ,  H04W12/04 ,  H04W76/14 ,  H04W88/16

Abstract: In one embodiment, a method includes: receiving, in a rendezvous server (RS), a first registration message (FRM) from a first registrar of a first network domain (FND), the FRM including a first device roster of a plurality of first devices of the FND; receiving, in the RS, a second registration message (SRM) from a second registrar of a second network domain (SND), the SRM including a second device roster of a plurality of second devices of the SND; and generating a first rendezvous point (RP) based at least in part on a plurality of key management server identifiers each associated with a key management server of the FND and SND, the first RP to enable the plurality of key management servers to perform key management exchange to generate at least one group key.

Abstract translation: 在一个实施例中，一种方法包括：在会合服务器（RS）中从第一网络域（FND）的第一注册器接收第一注册消息（FRM），所述FRM包括多个第一网络的第一设备名单 FND设备; 在RS中从第二网络域（SND）的第二注册器接收第二注册消息（SRM），所述SRM包括所述SND的多个第二设备的第二设备名单; 以及至少部分地基于与所述FND和SND的密钥管理服务器相关联的多个密钥管理服务器标识符生成第一会合点（RP），所述第一RP使所述多个密钥管理服务器执行密钥管理 交换以生成至少一个组密钥。

公开(公告)号：US20160366106A1

公开(公告)日：2016-12-15

申请号：US14865576

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： NED M. SMITH ,  MATS G. AGERSTAM ,  NARASIMHAM GADIRAJU

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0428 ,  H04L63/083 ,  H04L67/1002 ,  H04W12/06

Abstract: In one embodiment, a method includes: receiving, in a first device of a first segment of a first network, a root seed from a second device; generating a pseudo-random seed tree using the root seed; according to a predetermined schedule, accessing at a first time a random number at a level of the pseudo-random seed tree associated with the first time; generating a rendezvous point record to enable communication with a third device in a second segment of the first network, the rendezvous point record including a rendezvous point name based on the random number; and encrypting and sending a message to the third device via an exchange server identified using the rendezvous point record, where the rendezvous point record does not include connection metadata and the exchange server has an anonymous network location.

Abstract translation: 在一个实施例中，一种方法包括：在第一网络的第一段的第一设备中从第二设备接收根种子; 使用根种子生成伪随机种子树; 根据预定的时间表，第一次访问与第一次相关联的伪随机种子树的级别的随机数; 生成会合点记录以使得能够与所述第一网络的第二段中的第三设备进行通信，所述会合点记录包括基于所述随机数的会合点名称; 并且通过使用会合点记录识别的交换服务器向第三设备加密和发送消息，其中会合点记录不包括连接元数据，并且交换服务器具有匿名网络位置。