US 11,909,872 B2
Set up and distribution of post-quantum secure pre-shared keys using extendible authentication protocol
Amjad Inamdar, Karnataka (IN); Lionel Florit, Greenbrae, CA (US); Eric Voit, Bethesda, MD (US); Sujal Sheth, Gujarat (IN); and Chennakesava Reddy Gaddam, Karnataka (IN)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Nov. 10, 2022, as Appl. No. 18/054,219.
Application 18/054,219 is a continuation of application No. 17/377,303, filed on Jul. 15, 2021.
Claims priority of application No. 202141019312 (IN), filed on Apr. 27, 2021.
Prior Publication US 2023/0071333 A1, Mar. 9, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/08 (2006.01); H04L 9/30 (2006.01)
CPC H04L 9/0852 (2013.01) [H04L 9/0827 (2013.01); H04L 9/0869 (2013.01); H04L 9/304 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
receiving requests for a COMMON-SEED and a quantum-safe public key from a peer and an extendible authentication protocol (EAP) authenticator;
encrypting the COMMON-SEED using the quantum-safe public key of the peer and the quantum-safe public key of the EAP authenticator;
sending the encrypted COMMON-SEED to the peer along with a request for a Postquantum Preshared Keys ID (PPKID) from the peer to complete authentication of the peer;
receiving the PPK_ID from the peer, wherein the PPK ID is from a key pair obtained from a first Synchronizing Key Server (SKS) server in electrical communication with the peer based upon the encrypted COMMON-SEED;
sending the encrypted COMMON-SEED and PPK_ID to the EAP authenticator; and
establishing a quantum-resistant secure channel between the peer and the EAP authenticator, wherein a message of EAP success is delivered from the EAP authenticator to the peer when the peer and the EAP authenticator share the same COMMON-SEED and the same PPK-ID.