United States Patent [w]
Beser
US006070246A [ii] Patent Number: [45] Date of Patent:
[54] METHOD AND SYSTEM FOR SECURE CABLE MODEM INITIALIZATION
[75] Inventor: Nurettin B. Beser, Evanston, 111.
[73] Assignee: 3Com Corporation, Santa Clara, Calif.
[21] Appl. No.: 09/018,756 [22] Filed: Feb. 4, 1998
[51] Int. CI. G06F 11/00
[52] U.S. CI 713/201
[58] Field of Search 713/200, 201,
713/1; 707/203; 709/219, 217, 220; 380/23,
30
[56] References Cited
U.S. PATENT DOCUMENTS
5,014,234 5/1991 Edwards, Jr 364/900
5,138,712 8/1992 Corbin 395/700
5,623,601 4/1997 Vu 395/187.01
5,799,086 8/1998 Sudia 380/23
5,958,007 9/1999 Lee et al 709/219
Primary Examiner—Dennis M. Butler
Assistant Examiner—Omar A. Omar
Attorney, Agent, or Firm—McDonnell Boehnen Hulbert &
Berghoff; Stephen Lesavich
[57] ABSTRACT
A method and system for secure cable modem initialization in a data-over-cable system is provided using a secure protocol server. The method includes sending a unique identifier, such an Internet Protocol ("IP") address and a selected time-value, such as an approximate message send time-value, in a configuration file from a protocol server such as a Trivial File Protocol server ("TFTP"). A message integrity value is calculated using the unique identifier, the selected time-value and one or more configuration parameters in a pre-determined order with a cryptographic hashing function. The message integrity value is added to the configuration file. A cable modem receives the configuration file from the TFTP server and uses the message integrity value to authenticate the configuration file and determine if the configuration file was sent within a pre-determined period of time (e.g., 5 seconds) from the TFTP server. If not, the configuration is discarded by the cable modem. The unique identifier and selected time-value uniquely identify the configuration file for the cable modem and help prevent a rouge user from intercepting a valid cable modem configuration file and using it at a later time to initialize a rouge cable modem. The method and system provide improved security for initializing cable modems in a data-over-cable system.
22 Claims, 28 Drawing Sheets
![[merged small][graphic][merged small][merged small][merged small][merged small][merged small][merged small][merged small][subsumed][graphic][merged small]](http://www.google.de/patents?id=SjMEAAAAEBAJ&hl=de&ie=ISO-8859-1&output=text&pg=PA1&img=1&zoom=3&hl=de&q=&cds=1&sig=ACfU3U1q34rNMNhg9qtEmIlRkEdUXi982Q&edge=0&edge=stretch&ci=120,719,765,513)
