US 12,231,884 B2
Wireless network provisioning using a pre-shared key
Edward W. Neipris, Wrentham, MA (US); Joshua David Wade, Castle Rock, CO (US); and Tyler Nesper, Aurora, CO (US)
Assigned to DISH Network L.L.C., Englewood, CO (US)
Filed by DISH Network L.L.C., Englewood, CO (US)
Filed on Mar. 29, 2022, as Appl. No. 17/707,139.
Application 17/707,139 is a continuation of application No. 17/028,401, filed on Sep. 22, 2020, granted, now 11,317,285.
Claims priority of provisional application 62/986,255, filed on Mar. 6, 2020.
Claims priority of provisional application 62/908,221, filed on Sep. 30, 2019.
Prior Publication US 2022/0322091 A1, Oct. 6, 2022
Int. Cl. H04L 29/06 (2006.01); H04W 4/50 (2018.01); H04W 12/069 (2021.01); H04W 12/106 (2021.01); H04W 84/12 (2009.01)
CPC H04W 12/069 (2021.01) [H04W 4/50 (2018.02); H04W 12/106 (2021.01); H04W 84/12 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for wireless network provisioning, the method comprising:
storing, by a cloud-based provisioning system, a plurality of wireless network access profiles, wherein each wireless network access profile of the plurality of wireless network access profiles comprises:
a pre-shared key (PSK); and
an SSID of a wireless network;
receiving, by an access point, from a wireless device, a message integrity code (MIC) and a station announcement message (SNonce), wherein the MIC and the SNonce were created by the wireless device using the PSK and the SSID;
determining, by the access point, that the MIC and the SNonce is to be transmitted to the cloud-based provisioning system to determine whether network access is to be granted;
transmitting, by the access point, the MIC, the SNonce, and an access point announcement message (ANonce) to the cloud-based provisioning system based on the determining, wherein the cloud-based provisioning system is remotely located from the access point and the access point communicates with the cloud-based provisioning system via the Internet;
receiving, by the cloud-based provisioning system, the MIC, the SNonce, and the ANonce;
calculating, by the cloud-based provisioning system, calculated MICs for multiple wireless network access profiles of the plurality of wireless network access profiles, wherein calculating is performed using:
the ANonce and the SNonce from the access point and the PSK from a wireless network access profile of the plurality of wireless network access profiles;
determining, by the cloud-based provisioning system, that a first calculated MIC for a first wireless network access profile of the multiple wireless network access profiles does not match the received MIC;
determining, by the cloud-based provisioning system, that a second calculated MIC for a second wireless network access profile of the multiple wireless network access profiles matches the received MIC;
transmitting, by the cloud-based provisioning system, a pairwise master key (PMK) for the second wireless network access profile to the access point in response to determining that the calculated MIC for the second wireless network access profile matches the received MIC;
receiving, by the access point, the PMK from the cloud-based provisioning system;
establishing, by the access point, an encrypted communication session with the wireless device using the PMK; and
granting, by the access point, network access to the wireless device based on the PMK.