Abstract: Strong authentication of packets sent between nodes of different clusters in a two-tier ad hoc network is provided by the cluster heads. Each cluster head authenticates nodes that enter the cluster. Thereafter, when a sending node requests a session from its cluster head with a receiving node in another cluster, the cluster head negotiates a session secret key (SSK) with the corresponding cluster head of the receiving node. Further, the cluster head provides authentication tags for the sending node to use with each packet. Each authentication tag is time-stamped, digitally signed by the cluster head, encrypted with the SSK, and includes indicators of message integrity, including a sequence number and TCP header field of checksum. The sending node further calculates a check result from a number of the authentication tags, encrypted with the SSK, so that the receiving node can authenticate the number of packets.

Abstract: An apparatus and method for ensuring data integrity of unauthenticated code is provided. With the apparatus and method, a hash value of unauthenticated code is embedded in associated automatically authenticated code. When the automatically authenticated code is downloaded and executed, the automatically authenticated code may require that the unauthenticated code also be downloaded for proper execution of the automatically authenticated code on a particular client device. The unauthenticated code can be downloaded and its integrity verified by generating a hash value of the unauthenticated code and comparing the generated hash value to a hash value embedded in the automatically authenticated code. If there is a match, the unauthenticated code is verified. If there is not a match, the unauthenticated code has been corrupted during transmission and is not verified. As a result, the unauthenticated code is not used by the client device.