Senior Fitness - Exercise and Nutrition for Aging Men and Women
FREE Article Feed for your website.
Home Ownership Magazine
Party Planning Information
Article Marketing Resources
Bio-Medical Research Article Database
Informative Articles on Life, Love and Happiness
Tutorials on Business to Writing
Famous Quotes from Famous People
Song Lyric Information
New US Patent Information
Comprehensive List of Content by Category
Online Auctions and Shopping Related Articles
Article Search
Most Recent Articles
Title: Polishing silicon wafers
Patent Number: 6,736,714 Issued on 05/18/2004 to Dudovicz

Title: Method and apparatus for providing client-based network security
Patent Number: 6,738,911 Issued on 05/18/2004 to Hayes

Title: CPU cooler
Patent Number: 6,736,192 Issued on 05/18/2004 to Chang

Title: Apparatus and method for providing simultaneous local and global addressing with hardware address translation
Patent Number: 6,738,889 Issued on 05/18/2004 to Godtland,   et al.

Title: Composition for polishing semiconductor wafer, semiconductor circuit wafer, and method for producing the same
Patent Number: 6,740,589 Issued on 05/25/2004 to Shimazu,   et al.

Title: Method and system for substantially registerless processing
Patent Number: 6,738,895 Issued on 05/18/2004 to Klein

Title: Method and measuring device for measuring at least one property of moving web
Patent Number: 6,743,338 Issued on 06/01/2004 to Graeffe,   et al.

Title: Adhesiveless transfer lamination method and materials for producing electronic circuits
Patent Number: 6,743,319 Issued on 06/01/2004 to Kydd

Title: Compositions comprising undecamantanes and processes for their separation
Patent Number: 6,743,290 Issued on 06/01/2004 to Dahl,   et al.

Title: Anthracene compound and chemiluminescent composition comprising the same
Patent Number: 6,740,263 Issued on 05/25/2004 to Park,   et al.

Title: Cargo net
Patent Number: 7,195,434 Issued on 03/27/2007 to Kuo

Title: Method and apparatus of optical information recording medium, and optical information recording medium
Patent Number: 6,743,320 Issued on 06/01/2004 to Hisada,   et al.

Title: Regeneration of used supported noble metal catalysts
Patent Number: 6,740,615 Issued on 05/25/2004 to Zhou

Title: Oxide superconductor and method for producing same
Patent Number: 6,740,623 Issued on 05/25/2004 to Yamamoto,   et al.

Title: Bung for an aspiration assembly
Patent Number: 7,188,537 Issued on 03/13/2007 to Junger

Title: Substituted pyrazole derivatives condensed with six-membered heterocyclic rings
Patent Number: 6,743,798 Issued on 06/01/2004 to Straub,   et al.

Title: Resonance tunable optical filter
Patent Number: 6,738,194 Issued on 05/18/2004 to Ramirez,   et al.

Title: Knee prosthesis system
Patent Number: 6,743,258 Issued on 06/01/2004 to Keller

Title: Valve element
Patent Number: 6,739,570 Issued on 05/25/2004 to Carlsen

Title: Stacked annealing system
Patent Number: 7,194,199 Issued on 03/20/2007 to Yoo

Title: Digital data recording and reproducing apparatus
Patent Number: 6,738,944 Issued on 05/18/2004 to Kanai

Title: Alumina-based composite sintered material, wear resistant member and a method of manufacturing alumina based composite sintered material
Patent Number: 6,740,611 Issued on 05/25/2004 to Hatano

Title: Sealing mechanism of multi-chamber load-locking device
Patent Number: 6,743,329 Issued on 06/01/2004 to Kyogoku,   et al.

Title: Thermoelectric modules and a heating and cooling apparatus incorporating same
Patent Number: 6,739,138 Issued on 05/25/2004 to Saunders,   et al.

Title: Self-contained cooling system feed and bleed system
Patent Number: 6,740,231 Issued on 05/25/2004 to Bauman,   et al.

Title: High speed remote storage controller
Patent Number: 6,738,870 Issued on 05/18/2004 to Van Huben,   et al.

Title: Liquid crystal display apparatus and method for manufacturing same
Patent Number: 6,738,125 Issued on 05/18/2004 to Yamada,   et al.

Title: Method and apparatus for removing ceramic material from cast components
Patent Number: 6,739,380 Issued on 05/25/2004 to Schlienger,   et al.

Title: Perfluoroalkyl haloalkyl ethers and compositions and applications thereof
Patent Number: 6,743,262 Issued on 06/01/2004 to Behr,   et al.

Title: Electrohydraulic motor pump aggregate, attachable element and pressure limiting valve
Patent Number: 6,739,129 Issued on 05/25/2004 to Heusser,   et al.

Title: Machine control over the web
Patent Number: 6,739,078 Issued on 05/25/2004 to Morley,   et al.

Title: Coating film transfer tool
Patent Number: 6,739,369 Issued on 05/25/2004 to Watanabe

Title: Histogram equalization
Patent Number: 6,741,736 Issued on 05/25/2004 to Jaspers

Title: Plate-type heat exchanger
Patent Number: 6,739,385 Issued on 05/25/2004 to Brenner,   et al.

Title: Method of manufacturing consolidated cellulosic panels with contoured surfaces and variable basis weight
Patent Number: 6,743,318 Issued on 06/01/2004 to Vaders

Title: Thermal transfer image-receiving sheet
Patent Number: 6,740,622 Issued on 05/25/2004 to Eto,   et al.

Title: Cannula stent
Patent Number: 6,743,252 Issued on 06/01/2004 to Bates,   et al.

Title: Oriented conductive oxide electrodes on SiO2/Si and glass
Patent Number: 6,743,292 Issued on 06/01/2004 to Jia,   et al.

Title: Method and apparatus for recovering a multi-threaded process from a checkpoint
Patent Number: 6,738,926 Issued on 05/18/2004 to Mathiske,   et al.

Title: Apparatus and method for producing print
Patent Number: 6,739,368 Issued on 05/25/2004 to Shirakura,   et al.

Title: Method for continuously casting between two rolls austenitic stainless steel strips with excellent surface quality and resulting strips
Patent Number: 6,739,383 Issued on 05/25/2004 to Marchionni,   et al.

Title: Inerting method and apparatus for preventing and extinguishing fires in enclosed spaces
Patent Number: 6,739,399 Issued on 05/25/2004 to Wagner,   et al.

Title: Full slip defect management system using track identification
Patent Number: 6,738,924 Issued on 05/18/2004 to Williams,   et al.

Title: Microelectronic substrate assembly planarizing machines and methods of mechanical and chemical-mechanical planarization of microelectronic substrate assemblies
Patent Number: 6,736,708 Issued on 05/18/2004 to Carpenter

Title: Tubeless tire
Patent Number: 6,739,365 Issued on 05/25/2004 to Makino

Title: Surface deployed cement separation plug
Patent Number: 6,739,391 Issued on 05/25/2004 to McMahan

Title: Snowboard binding
Patent Number: 6,739,615 Issued on 05/25/2004 to Maravetz,   et al.

Title: Method of continuously casting electrical steel strip with controlled spray cooling
Patent Number: 6,739,384 Issued on 05/25/2004 to Schoen,   et al.

Title: System for minimizing directory information in scalable multiprocessor systems with logically independent input/output nodes
Patent Number: 6,738,868 Issued on 05/18/2004 to Gharachorloo,   et al.

Title: Method for flood paging in a telecommunications network
Patent Number: 6,738,629 Issued on 05/18/2004 to McCormick,   et al.

Title: Funnel set
Patent Number: 6,739,363 Issued on 05/25/2004 to Walter,   et al.

Title: Radio communication system
Patent Number: 6,738,640 Issued on 05/18/2004 to Baker,   et al.

Title: Method and apparatus for accumulating partial quotients in a digital processor
Patent Number: 6,732,135 Issued on 05/04/2004 to Samudrala,   et al.

Title: Enhanced T-gate structure for modulation doped field effect transistors
Patent Number: 6,740,535 Issued on 05/25/2004 to Singh,   et al.

Title: Hub chip for one or more memory modules
Patent Number: 7,191,276 Issued on 03/13/2007 to Kalms,   et al.

Title: Unidirectional verification of bus-based systems
Patent Number: 6,735,728 Issued on 05/11/2004 to Tiedemann,   et al.

Title: Clock extraction device
Patent Number: 6,735,710 Issued on 05/11/2004 to Yoshikawa

Title: Method of deciding error rate and semiconductor integrated circuit device
Patent Number: 6,735,726 Issued on 05/11/2004 to Muranaka,   et al.

Title: Flash memory device with a novel redundancy selection circuit and method of using the same
Patent Number: 6,735,727 Issued on 05/11/2004 to Lee

Title: Computerized diagnostics and failure recovery
Patent Number: 6,735,716 Issued on 05/11/2004 to Podanoffsky

Title: Processing unit and processing method
Patent Number: 6,735,714 Issued on 05/11/2004 to Yamanaka,   et al.

Title: Device for filtering fluid substances, used for a meat materials injecting machine
Patent Number: 7,182,868 Issued on 02/27/2007 to Lagares Corominas

Title: Transcriptional regulator
Patent Number: 7,189,818 Issued on 03/13/2007 to Jones

Title: Shear-enhanced systems and methods for removing waste materials and liquid from the blood
Patent Number: 7,182,867 Issued on 02/27/2007 to Moriarty,   et al.

Title: Method for the analysis of gaseous components and test kit, in particular test kit for the implementation of this method
Patent Number: 6,740,294 Issued on 05/25/2004 to Radmacher,   et al.

Title: Rolling membrane stent delivery system
Patent Number: 6,942,682 Issued on 09/13/2005 to Vrba,   et al.

Title: Cellular structure with internal limiting member and method for making the cellular structure
Patent Number: 6,740,389 Issued on 05/25/2004 to Yu

Title: Polyolefin resin composition
Patent Number: 7,189,788 Issued on 03/13/2007 to Machida,   et al.

Title: Parallel-processing apparatus and method
Patent Number: 6,735,684 Issued on 05/11/2004 to Shigematsu,   et al.

Title: Method and mechanism for transporting work
Patent Number: 6,739,031 Issued on 05/25/2004 to Shimizu

Title: Illumination engine for a projection display using a tapered light pipe
Patent Number: 6,739,726 Issued on 05/25/2004 to Li

Title: Electrically conducting organic polymer/nanoparticle composites and methods for use thereof
Patent Number: 7,189,771 Issued on 03/13/2007 to Hsu

Title: Rambus DRAM
Patent Number: 6,735,669 Issued on 05/11/2004 to Shin

Title: Logic based tagging for hyperacuity rendering of an input image with a 5.times.5 context
Patent Number: 6,741,751 Issued on 05/25/2004 to Klassen

Title: Composition containing mixture of dihydroxybutane sulfonates
Patent Number: 7,189,798 Issued on 03/13/2007 to Buchanan,   et al.

Method for providing security on a powerline-modem network Number:7,162,634 from the United States Patent and Trademark Office (PTO) owispatent

Home    Author Login    Submit Article    Article Search    Add Your Link    Edit Your Link    Contact Us    Advertising    Disclaimer

   

 
Web LinkGrinder.com

Top Breaking News
     Greek, Cypriot Leaders Resume Unification Talks in Nicosia by Nathan Morley
     Indonesia Tobacco Sales Grow, Raising Health Fears
     South Korea Allows Top Defector to Travel Overseas by VOA News

Title: Method for providing security on a powerline-modem network

Abstract: A method for creating a secure powerline modem network transmits a private key (y) individually to each of the plurality of powerline modem devices (22) to be secured in a network such that each powerline modem device receives the private key in isolation of the network. Each of the plurality of powerline modem devices store the private key. A public key (X) is computed by a master device (32) in the network to be secured. The public key is transmitted from the master device to the plurality of devices. A shared key (Y) is computed at each of the plurality of powerline devices based on the public key and the private key, and communication within the secured network is performed by employing messages encrypted based on the shared key.

Patent Number: 7,162,634 Issued on 01/09/2007 to Litwin, Jr.,   et al.

Inventors: Litwin, Jr.; Louis Robert (Plainsboro, NJ), Ramaswamy; Kumar (Plainsboro, NJ), Pugel; Michael Anthony (Noblesville, IN)
Assignee: Thomson Licensing (Boulogne, FR)
Appl. No.: 09/837,288
Filed: April 18, 2001

Current U.S. Class: 713/171 ; 380/278; 380/29; 455/402
Current International Class: H04L 9/00 (20060101)
Field of Search: 455/560,3.3,402 713/171,152 380/18,277-278,29 370/469,463,420 340/310.01,310.04,310.06,310.08,310.11 710/100

References Cited [Referenced By]
U.S. Patent Documents
4985919 January 1991 Naruse et al.
6240513 May 2001 Friedman et al.
6363449 March 2002 Sides et al.
6370396 April 2002 Meiksin et al.
6438691 August 2002 Mao

Other References

Menezes, Oorschot, Vanstone: "Handbook of Applied Cryptography" 1997, CRC Press, USA, (pp. 490, 498-499 and 528), XP000864294. cited by other.

Primary Examiner: Vu; Kim
Assistant Examiner: Truong; T. B.
Attorney, Agent or Firm: Laks; Joseph J. Levy; Robert B. Kolodka; Joseph J.
Claims


What is claimed is:

1. A method for creating a secure powerline modem network, comprising the steps of: transmitting a private key individually to each of the plurality of powerline modem devices to be secured in a network such that each powerline modem device receives the private key in isolation of the network by connecting each of the plurality of the powerline modem devices to a portable security device which transmits the private key directly to the powerline modem device in isolation from other powerline modem devices, each of the plurality of powerline modem devices store the private key; computing a public key, by a master device in the network to be secured; transmitting the public key from the master device to the plurality of devices; computing a shared key at each of the plurality of powerline devices based on the public key and the private key; computing the shared key includes the step of computing the shared key according to the following formula: Y=(g.sup.x).sup.y mod n, where Y is the shared key, g and n are numbers resident at each powerline modem device, x is the number generated at the master device and y is the private key; and communicating within the secured network by employing messages encrypted based on the shared key.

2. The method as recited in claim 1, wherein the step of computing a public key includes computing the public key, X, by the following formula: X=g.sup.x mod n, where g and n are numbers resident at each powerline modem device and x is the number generated at the master device.

3. The method as recited in claim 1, wherein the step of computing a shared key includes the step of computing the shared key according to the following formula: Y=(X).sup.x, where Y is the shared key, y is the private key and X is the public key.

4. The method as recited in claim 1, wherein the step of transmitting a secured identification number includes proving an actual connection between the portable security device and the powerline modem device exists.

5. The method as recited in claim 1, further comprising the step of transmitting data to a powerline modem device from the portable security device.

6. The method as recited in claim 5, wherein the data includes a software update for a powerline modem device.

7. The method as recited in claim 1, wherein the step of transmitting a private key includes the step of transmitting a wireless signal to each of the plurality of the powerline modem devices to transmit the private key directly to the powerline modem device in isolation from other powerline modem devices.

8. The method as recited in claim 1, wherein the step of transmitting a private key includes triggering a transfer of the identification number by an act of a user.

9. The method as recited in claim 1, further comprising the step of providing the private key such that a length of the private key scales a level of security.

10. A method for creating a secure powerline modem network, comprising the steps of: providing a security device capable of storing and transmitting a private key to a powerline modem device; connecting the security device to each powerline modem device to be secured in a network; transmitting a private key individually to each of the plurality of powerline modem devices to be secured in the network such that each powerline modem device receives the private key in isolation of the network and proving an actual connection between the security device and the powerline modem device exists, each of the plurality of powerline modem devices store the private key; computing a public key, by a master device in the network to be secured; transmitting the public key from the master device to the plurality of devices; computing a shared key at each of the plurality of powerline devices based on the public key and the private key; computing the shared key includes the step of computing the shared key according to the following formula: Y=(g.sup.x).sup.y mod n, where Y is the shared key, g and n are numbers resident at each powerline modem device, x is the number generated at the master device and y is the private key; and communicating within the secured network by employing messages encrypted based on the shared key.

11. The method as recited in claim 10, wherein the step of computing a public key includes computing the public key, X, by the following formula: X=g.sup.x mod n, where g and n are numbers resident at each powerline modem device and x is the number generated at the master device.

12. The method as recited in claim 10, wherein the step of computing a shared key includes the step of computing the shared key according to the following formula: Y=(X).sup.x, where Y is the shared key, y is the private key and X is the public key.

13. The method as recited in claim 10, wherein the step of transmitting a private key includes the step of transmitting a wireless signal to each of the plurality of the powerline modem devices to transmit the private key directly to the powerline modem device in isolation from other powerline modem devices.

14. The method as recited in claim 10, wherein the step of transmitting a private key includes triggering a transfer of the identification number by an act of a user.
Description


BACKGROUND

1. Technical Field

This disclosure relates to power-line modem networks, and more particularly, to a method which permits a user to create a secure network over a powerline when employing powerline modems.

2. Description of the Related Art

Powerline modems communicate by employing a power network as a transmission medium. Since modems in a plurality of locations share the power network, the shared powerline is a medium that permits a powerline modem in one house to "see" the powerline modems (and their data) at other locations, for example, other homes. Since the powerline is shared and is common to all homes data can be accessed freely over the powerline.

Therefore, a need exists for an apparatus and method where a user programs the same private key into all powerline modems that need to be secured. A further need exists for an apparatus and method which permits the user to program the private key into the modems without using the powerline network. This method would prevent other modems on the network from maliciously gaining access to the private key.

SUMMARY OF THE INVENTION

The present invention creates a secure powerline modem network by using a portable security device which includes a powerline modem. The security device is capable of randomly generating a number and may have the ability to let the user enter a number. This number is preferably stored in the portable security device, and the number will be a private key (y) for all of the modems on a given secured network. Each modem that needs to be secured is disconnected from the powerline modem network and then connected to the portable security device. The portable security device will provide power to the powerline modem of the device to be secured on the network, while simultaneously isolating the device's modem from the rest of the powerline modem network.

The portable security device then transmits the value of the private key to the other powerline modem device over their direct connection. Following this programming step, the powerline modem device is reconnected to the powerline network. Once all devices to be secured have been programmed in this manner, the master device on the network will transmit its public key (X). All powerline modems, both secured and unsecured, can hear this public key. Since all powerline modems that were programmed by the user's portable security device have the same private key, they are all able to compute a same shared key (Y) by mathematically combining the master's public key and their programmed private key (e.g., Y=(X).sup.y). All communication on the secured network is then encrypted using this same shared key.

A method for creating a secure powerline modem network transmits a private key individually to each of the plurality of powerline modem devices to be secured in a network such that each powerline modem device receives the private key in isolation of the network. Each of the plurality of powerline modem devices store the private key. A public key is computed by a master device in the network to be secured. The public key is transmitted from the master device to the plurality of devices. A shared key is computed at each of the plurality of powerline devices based on the public key and the private key, and communication within the secured network is performed by employing messages encrypted based on the shared key.

These and other objects, features and advantages of the present invention will become apparent from the following detailed description of illustrative embodiments thereof, which is to be read in connection with the accompanying drawings.

BRIEF DESCRIPTION OF DRAWINGS

This disclosure will present in detail the following description of preferred embodiments with reference to the following figures wherein:

FIG. 1 is a block diagram showing a security synch device (SSD) in accordance with the present invention; and

FIG. 2 is a block diagram showing a system/method for securing a powerline network in accordance with the present invention.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

The present invention provides an apparatus and method for creating a secured powerline network. In one embodiment, powerline modem networks can be secured by the use of cryptographic algorithms known as ciphers. A cipher is a reversible mathematical algorithm that modifies the original input data. The output of the cipher is the "secured" version of the data and it is known as ciphertext. Most modem ciphers require the use of a number known as a key. This key may be a very large number, and the key acts as the seed for the cipher. That is, encrypting the same data with the same cipher but with different keys results in completely different ciphertext outputs. The intended recipient of the data will have knowledge of the key and can decrypt the data to restore it to its original form. Unintended recipients will not have knowledge of the key and it will ideally take them an enormous amount of time to try and decrypt the data by trying all possible key combinations.

The level of security in the system of the present invention may be scaled based on the size of the key. Small keys make the encryption/decryption process easier, but the security is weaker. Larger keys provide more security at the expense of encryption/decryption complexity.

In many practical applications, the type of cipher being used, as well as the details of the cipher itself, is known (e.g., provided on a data sheet). The security of such a system depends on keeping the value of the key secret since anyone who obtains knowledge of the key could decrypt the data.

Setting up a secure powerline modem network provides that each modem to be secured has knowledge of an agreed-upon key. Only those modems on the secured network will have knowledge of the key and this key can be used to encrypt all data transmitted among the secure modems. By keeping the value of this key secret, a secure powerline modem network can be implemented. However, secure communication is not possible until all intended modems have knowledge of the key. Until the modems know the key value, the modems can only communicate in an unsecured mode and any data transmitted in such a mode is susceptible to unintended interception.

One difficulty in setting up a secured network is determining a method for informing all modems of the value of the key. A unique ID may be imprinted on each modem when it is manufactured. The user sets up a secure network by typing in the IDs of all modems to be secured into a computer with a powerline modem. This modem will be the master of the network and the master modem knows the IDs of all of the modems that will be on the secure network. It can then communicate with those modems to establish a key to be used for secure communications. A number of methods exist for setting up such a key, for example, a public key agreement scheme such as Diffie-Hellman may be employed.

The public key agreement technique may work as follows. The powerline modem that is the master of the network broadcasts a value known as a public key and all the modems on the network (whose IDs have been programmed into the master) will respond with their own public keys. Any modem on the network, including devices belonging to other users, can receive the public keys. The devices that the user wishes to secure will mathematically combine the public key with their own private key. The private key is stored internally in each modem and its value is kept secret. By using well-known cryptographic techniques, the combination of the public key and the private key will allow each modem to agree on a shared key that is known only by the master and the respective modem. This shared key can be used to encrypt all data transmitted between the two devices. Using the same private key for all modems immediately gives each modem on the secured network the ability to communicate securely with any other secured modem since they would all compute the same shared key.

It is cumbersome for the user to type in the ID numbers for each modem on the network. These numbers would tend to be long and it may not be possible for the user to bring the device near the computer. For example, if the modem is included in a television or stereo, the user would have to write down the ID code, and then enter it into a computer, which controls the network. This only works if there is a computer on the network. It will not work for networks that do not have data entry devices such as keyboards. For example, this technique will not work for a network including only a stereo and networked speakers or multiple phones or a television and DVD player. There is also the possibility that a hacker will eavesdrop on the network and obtain the IDs of other modems. The hacker could then use the ID of another modem in an attempt to appear as one of the modems on the secure network.

The master device would need to use a different shared key for each modem since every modem on the network would have a different private key. For the modems to be able to communicate with modems other than the master, a new shared key would need to be agreed upon by all modems on the network.

The present invention provides an apparatus which provides security for a powerline modem system. In one embodiment, the apparatus include a security synch device (SSD) which randomly generates a number or permits a user to enter a number. This number is a unique identification number which identifies a powerline modem or a plurality of powerline modem systems (e.g., modems at a same location). One or more powerline modems or powerline modem enabled devices (PMEDs) are each connected directly to the SSD which sends or assigns this number to the modem device. Each device at a single location may include the same number as other devices at that location or a single location may include multiple numbers. Using the assigned number, mathematically encrypted messages can be sent such that only modems on the same network or modems having a predetermined type can communicate with each other. The present invention also provides a plurality of ways of proving to the powerline modems that the SSD is located near the powerline modem instead of the signal coming from a malicious user's location.

For modems having a unique identification (ID) number or key, a user enters these ID numbers into a computer with a powerline modem which is the master of the network. The computer knows that only the modems with the IDs that have been entered belong to its network, and it can encrypt its data for those modems. However, the user has to type in a number for each modem and also the network needs a personal computer to enter these numbers. Powerline modem networks may include only a stereo and speaker, or two phones, or a TV and VCR, etc., where no personal computer is present, and thus there is no way to enter these numbers into the network master modem. In addition, an unauthorized user can listen to the network to hear the IDs being broadcast and then pretend to be one of those modems by using another modem's ID.

Referring now in specific detail to the drawings in which like reference numerals identify similar or identical elements throughout the several views, and initially to FIG. 1, a security synch device (SSD) 10 is shown in accordance with one embodiment of the present invention. SSD 10 may include a box or other shape, which is preferably small in size (portable) and inexpensive. SSD 10 includes a power plug/cord 13 (to get power from the wall outlet) and a power socket 14 (to plug a powerline-modem-enabled device (PMED) into the SSD). SSD 10 includes a random number generator 12 which can generate a random number for use as a unique ID. SSD 10 may also include a keypad or other input device 16 to permit the user to enter a number for use as the unique ID. SSD 10 includes a memory device 18 for storing the ID numbers generated or entered. Memory device 18 may further include a protocol(s) 19 for communicating with PMEDs and an operating system for controlling system functions and interactions with a user. The protocols stored therein may be any protocol known in the art, for example, TCP. SSD 10 may also include other circuitry 20 such as a processor or other devices which perform other operations such as power distribution, data transfer, logic circuits etc. as will be described herein.

To create a secure network, the user will take SSD 10 around to each PMED 22 and plug or otherwise connect the PMED 22 into SSD 10 using a power plug 23 which normally is used to power device 22. Socket 14 is adapted to receive plug 23 and interface with PMED 22 in isolation from other devices. In one embodiment, a button or other mechanism 24 on the PMED 22 will be pushed to initiate a synch procedure. SSD 10 will transmit, for example, a low bit rate (so an inexpensive modem can be used in the SSD) number which may be randomly generated by SSD 10 or input by a user at input 16 to the PMED 22. The length of the number may be selected by the user to determine the level of security. The user will repeat this process for each PMED in the home or at the given location which will be permitted to share access of the same data. The synch procedure may only need to be done at the time of purchase of a PMED or when a new network is set up (say, a subnetwork in a home). Advantageously, the PMED being set up is isolated from the powerline network during this synchronization process. SSD includes a filter 28 which permits power to pass through and filters out all other frequencies (e.g., eliminates any data transfer). Thus, no other devices can hear this transaction.

Once this procedure is complete, all devices in a user's home will be loaded with the same number (or multiple numbers if subnetworks are employed). Other devices outside of the network will have a different number (or none at all). In this way, access devices with a common ID can communicate to the exclusion of other devices (for example, devices at other locations).

Referring to FIG. 2, in accordance with one embodiment, the procedure to set up a secure network is as follows. After PMED devices 22 on a network 30 negotiate, one device 32 becomes a master of the network. Assume that the number from the SSD 10 (FIG. 1) is y, a private key, and this number will be fixed for a duration on the network 30 (e.g., months or longer). The master 32 will select a number x and only the master will know this number. x can be a randomly generated private key, generated by the master. The master is also programmed with y from SSD 10. The devices will be programmed at the factory with two numbers, g and n. The master 32 will compute a public key, for example, X=g.sup.x mod n. Note that this is equivalent to exponentiation over a Galois (or finite) field of size n. Although this operation is easy to do, it is very difficult to compute x from X based on the mathematical fact that it is difficult to take logarithms over finite fields. Other computations and equations may also be employed.

In this example, the master 32 sends X out over the powerline network 30, and all devices (the user's 22 and devices 34 outside the network) can "hear" X. The master 32 also requests that each modem on the network respond with their unique ID number after encrypting the request message (and all others that follow) with a shared key, for example, Y=(g.sup.x).sup.y mod n=(X).sup.y mod n. The modems for devices 22 will have received X=g.sup.x from the master 32, and they know y from the SSD 10. In FIG. 2, y is downloaded to devices 22 as described above with reference to FIG. 1, connections between SSD 10 and devices 22 are illustratively shown to indicate the origin of y. The master 32 will be able to decrypt the message since x is chosen by master 32 and the master 32 knows y from the SSD 10. Any messages sent by the other modems (devices 34) from a different network will not know y, and the master 32 will realize that the devices 34 are not on the same network. Thus, a network of PMEDs is secured without mistakenly including (or allowing a hacker to insert) other modems.

Other embodiments may include simpler or more complex security schemes. For example, after each device 22 is assigned a private key y. Master 32 generates a public key X and sends X to devices 22. A shared key Y is computed based on X and y at each device. (for example Y=(X).sup.y). Y is then employed for encrypted communications within the secured network.

Referring again to FIG. 1, instead of pushing a mechanical mechanism 24 to initiate synch (which needs a small button to be added to the PMED or SSD), there are other methods for initiating the synch process. The goal is for the PMED to be sure that the random number y is really coming from its owner's SSD 10, and not an unauthorized user's SSD or modem. Button 24 provides a way to prove that the SSD 10 is directly connected to the PMED (and not connected via the powerline from an unauthorized user's location). Making a user perform an overt act, e.g., to push a button on the PMED is one way of ensuring that the PMED is set up properly. A direct connection between SSD 10 and the device 22 may include a wireless radio frequency or infrared link. Instead of plug 23 and sockets 14, antennae are employed.

In another embodiment, a relay 40 may be provided in SSD 10. In this alternate embodiment, since the PMED will be receiving its power from the SSD 10, the SSD 10 can initiate a shutdown sequence of the PMED to prove that it is actually connected to the PMED. The PMED would then load the random number after the SSD turns power back on.

SSD 10 controls relay 40, which may be used to switch off the PMED and then switch the PMED back on. This proves to the PMED that the PMED is connected directly to SSD 10 and is not being connected to an unauthorized user.

SSD 10 may be employed for other uses as well. For example, SSD 10 may be employed to directly connect to a powerline modem enabled device using a full bandwidth of the modem (instead of sharing bandwidth with other devices on the powerline network). In addition, using the full bandwidth avoids impairments on a main powerline network. These advantages may be employed to, for example, quickly download audio, video, computer programs or other data onto a device. In one embodiment, software in a device 22 may be updated (e.g., user programs or device drivers) by downloading data or programs from memory 18 onto a device 22.

Having described preferred embodiments for methods which provide security on a powerline-modem network (which are intended to be illustrative and not limiting), it is noted that modifications and variations can be made by persons skilled in the art in light of the above teachings. It is therefore to be understood that changes may be made in the particular embodiments of the invention disclosed which are within the scope and spirit of the invention as outlined by the appended claims. Having thus described the invention with the details and particularity required by the patent laws, what is claimed and desired protected by Letters Patent is set forth in the appended claims.

*


Free Web Sudoku Puzzles.
Solve with your browser.
  4       5      
1   8 2   6      
              1 8
  2 7   4        
  5   9   8   4  
        5   2 6  
2 8              
      1   3 4   7
      5       9  
What is it?



Add Your Site · Terms Of Service · Privacy Policy


DISCLAIMER
Linkgrinder is a free service that searches the Internet and indexes all files found so that you may search quickly and easily for shared files. These files are created and made available individually by users whose identity we are not aware of and who we have no control over. In essence we function like a search engine tool; these files ARE NOT STORED OR SERVED BY OUR NETWORK. We are not responsible for any materials obtained by using our service. We do not monitor any of the contents of these files. These files may contain viruses, illegal materials, materials inappropriate for minors, offensive files and the like. BY USING OUR SERVICE, YOU ASSUME FULL RESPONSIBILITY FOR DOWNLOADING THESE MATERIALS AND WILL INDEMNIFY US FOR ANY DAMAGES THAT MAY BE INCURRED.

For More Specific Information VIEW OUR TERMS OF SERVICE.

Thank you and Enjoy!