公开(公告)号：WO2009045310A3

公开(公告)日：2009-09-24

申请号：PCT/US2008011099

申请日：2008-09-25

Applicant: LUCENT TECHNOLOGIES INC ,  MORGAN TODD CARTWRIGHT ,  PATEL SARVAR ,  THOMPSON ROBIN JEFFREY

Inventor： MORGAN TODD CARTWRIGHT ,  PATEL SARVAR ,  THOMPSON ROBIN JEFFREY

IPC: H04W12/06

CPC classification number: H04W12/06 ,  H04W84/045

Abstract: The present invention provides a method involving a femtocell in communication with an Internet Protocol Multimedia Subsystem (IMS) network. In one embodiment, the femtocell operates according to code division multiple access (CDMA) standards. The method includes receiving, from the femtocell and at a first secure entity in the IMS network, first authentication information generated by the mobile unit using a first random number broadcast by the femtocell in a global challenge. The method also includes receiving, from a second secure entity in the secure network, at least one security key formed based on the global challenge and second authentication information for uniquely challenging the mobile unit. In one embodiment, the second secure entity is a CDMA-based authentication server. The method further includes providing the security key(s) to the femtocell in response to authenticating the mobile unit based upon the second authentication information.

Abstract translation: 本发明提供一种涉及与因特网协议多媒体子系统（IMS）网络通信的毫微微小区的方法。 在一个实施例中，毫微微小区根据码分多址（CDMA）标准进行操作。 该方法包括从毫微微小区和IMS网络中的第一安全实体接收移动单元使用在全球挑战中由毫微微小区广播的第一随机数生成的第一认证信息。 该方法还包括从安全网络中的第二安全实体接收基于全局挑战形成的至少一个安全密钥和用于唯一挑战移动单元的第二认证信息。 在一个实施例中，第二安全实体是基于CDMA的认证服务器。 所述方法还包括响应于基于所述第二认证信息认证所述移动单元向所述毫微微小区提供所述安全密钥。

公开(公告)号：WO2007139794A8

公开(公告)日：2009-05-22

申请号：PCT/US2007012197

申请日：2007-05-18

Applicant: LUCENT TECHNOLOGIES INC ,  PATEL SARVAR ,  SUNDARAM GANAPAHTY SUBRAMANIAN

Inventor： PATEL SARVAR ,  SUNDARAM GANAPAHTY SUBRAMANIAN

IPC: H04L9/08 ,  H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/0822 ,  H04L63/061 ,  H04L2209/60 ,  H04L2209/80 ,  H04L2463/061 ,  H04L2463/062 ,  H04W12/02 ,  H04W12/04 ,  H04W12/10 ,  H04W84/12

Abstract: Methods are provided for securely transmitting a packet between' endpoints (120,140) of a- network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two, nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p was originated by an entity having possession fo the PEK.

Abstract translation: 提供了用于在网络的'端点（120,140）之间安全地发送分组的方法。 一方面，提供了一种使用现有的逐跳安全关联来建立端对端密钥的方法。 在第二方面，提供了一种方法，其中使用分组专用加密密钥PEK来加密分组p。 使用两个节点共享的完整性密钥，在两个节点的每一个上独立地计算密钥PEK的签名。 签名从两个节点之一发送到另一个节点，与分组p相关联。 接收节点使用签名来验证分组p是由拥有PEK的实体发起的。

公开(公告)号：WO2007053302A2

公开(公告)日：2007-05-10

申请号：PCT/US2006040693

申请日：2006-10-16

Applicant: LUCENT TECHNOLOGIES INC ,  PATEL SARVAR ,  RAJKUMAR AJAY ,  SUNDARAM GANAPATHY SUBRAMANIAN

Inventor： PATEL SARVAR ,  RAJKUMAR AJAY ,  SUNDARAM GANAPATHY SUBRAMANIAN

IPC: H04L9/12

CPC classification number: H04L9/12 ,  H04L9/0662 ,  H04L63/0428 ,  H04L2209/80 ,  H04W12/02 ,  H04W80/00

Abstract: The present invention provides a method for encrypting data for transmission over a wireless link. The method includes encrypting at least one block of data, at an air-interface application layer, using an encryption algorithm that receives a cryptosynch as input. The value of the cryptosynch is based on an order of the at least one block of data relative to other blocks of data. The value of the cryptosynch is recoverable by a receiver based on the ordering of the ordering of the blocks of data. The at least one encrypted block of data is transmitted to a receiver that is operable to preserve the order of the at least one block of data relative to the other blocks of data.

Abstract translation: 本发明提供了一种用于加密数据以在无线链路上传输的方法。 该方法包括使用接收密码同步作为输入的加密算法在空中接口应用层处加密至少一个数据块。 密码子的值基于相对于其他数据块的至少一个数据块的顺序。 基于数据块排序的顺序，接收器可以恢复密码同步的值。 所述至少一个加密的数据块被发送到接收机，所述接收机可操作以相对于其他数据块保留所述至少一个数据块的顺序。

公开(公告)号：WO2006113189A2

公开(公告)日：2006-10-26

申请号：PCT/US2006013195

申请日：2006-04-10

Applicant: LUCENT TECHNOLOGIES INC ,  PATEL SARVAR

Inventor： PATEL SARVAR

IPC: H04L9/08

CPC classification number: H04L63/08 ,  H04L9/0844 ,  H04L2209/80 ,  H04L2463/081

Abstract: The present invention provides a method of key material generation for authenticating communication with at least one network application function. The method includes determining first key material in response to a bootstrapping key request and determining second key material in response to determining the first key material. The second key material corresponds to third key material, which is determined and provided to the at least one network application function in response to determining the first key material.

Abstract translation: 本发明提供了一种用于与至少一个网络应用功能认证通信的密钥材料生成方法。 该方法包括响应于自举密钥请求确定第一密钥材料，并响应于确定第一密钥材料来确定第二密钥材料。 第二密钥材料对应于第三密钥材料，其响应于确定第一密钥材料而被确定并提供给所述至少一个网络应用功能。

公开(公告)号：WO2009054901A3

公开(公告)日：2009-09-24

申请号：PCT/US2008011751

申请日：2008-10-15

Applicant: LUCENT TECHNOLOGIES INC ,  MACK KARL J ,  PATEL SARVAR ,  SAND DONNA MICHAELS ,  THOMPSON ROBIN JEFFREY ,  XIE HONG

Inventor： MACK KARL J ,  PATEL SARVAR ,  SAND DONNA MICHAELS ,  THOMPSON ROBIN JEFFREY ,  XIE HONG

IPC: H04W60/00

CPC classification number: H04W60/005 ,  H04L65/1016 ,  H04L65/1073 ,  H04W84/045

Abstract: A method for wireless communications with mobile stations located within a femtocell is described. The method includes registering a femtocell with an IMS core network to receive IMS services for one or more mobile stations located within the femtocell, and separately registering the mobile station with an application server to provide additional services to the mobile station located within the femtocell. The additional services may be CDMA services. Also, registering the femtocell with the IMS core network may include transmitting femtocell registration information that does not include information regarding the mobile station to the IMS core network to request IMS services for the mobile station.

Abstract translation: 描述了一种用于与位于毫微微小区内的移动站进行无线通信的方法。 该方法包括：向IMS核心网络注册毫微微小区以接收位于毫微微小区内的一个或多个移动台的IMS业务，以及分别向移动台登记应用服务器，以向位于毫微微小区内的移动台提供附加业务。 附加服务可以是CDMA服务。 此外，向IMS核心网络注册毫微微小区可以包括将不包括关于移动站的信息的毫微微小区注册信息发送到IMS核心网络以请求移动站的IMS服务。

公开(公告)号：WO2009045335A3

公开(公告)日：2009-09-11

申请号：PCT/US2008011183

申请日：2008-09-26

Applicant: LUCENT TECHNOLOGIES INC ,  MORGAN TODD CARTWRIGHT ,  PATEL SARVAR ,  SUNDARAM GANAPATHY SUBRAMANIAN ,  THOMPSON ROBIN JEFFREY

Inventor： MORGAN TODD CARTWRIGHT ,  PATEL SARVAR ,  SUNDARAM GANAPATHY SUBRAMANIAN ,  THOMPSON ROBIN JEFFREY

IPC: H04L29/06

CPC classification number: H04W12/08 ,  H04L63/101 ,  H04L63/1475 ,  H04W84/045

Abstract: The present invention provides a method involving a femtocell in communication with a secure network. The method includes determining whether the femtocell is authorized to provide wireless connectivity to a mobile unit based on information stored in a secure entity in the secure network. The information has been confirmed by a user of the mobile unit.

Abstract translation: 本发明提供一种涉及与安全网络通信的毫微微小区的方法。 该方法包括基于存储在安全网络中的安全实体中的信息来确定毫微微小区是否被授权向移动单元提供无线连接。 该信息已被移动单元的用户确认。

公开(公告)号：WO2009048574A3

公开(公告)日：2009-05-28

申请号：PCT/US2008011587

申请日：2008-10-08

Applicant: LUCENT TECHNOLOGIES INC ,  PATEL SARVAR

Inventor： PATEL SARVAR

IPC: H04W12/04

CPC classification number: H04W12/06 ,  H04L63/061 ,  H04L63/0869 ,  H04W12/04 ,  H04W92/10 ,  H04W92/12

Abstract: In one embodiment, the method performed by mobile equipment (100) to authenticate communication with a network (400) includes generating keys using cellular authentication and voice encryption (S610, 620), and then generating an authentication key (S630) based on these keys. The authentication key is used to generate an expected message authentication code used in authenticating the network according to authentication and key agreement security protocol.

Abstract translation: 在一个实施例中，由移动设备（100）执行的用于认证与网络（400）的通信的方法包括使用蜂窝认证和语音加密生成密钥（S610,620），然后基于这些密钥生成认证密钥（S630） 。 认证密钥用于根据认证和密钥协商安全协议生成用于认证网络的期望的消息认证码。

公开(公告)号：WO2008108828A3

公开(公告)日：2008-12-18

申请号：PCT/US2007022409

申请日：2007-10-22

Applicant: LUCENT TECHNOLOGIES INC ,  PATEL SARVAR

Inventor： PATEL SARVAR

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L9/0631 ,  H04L9/32 ,  H04L2209/80

Abstract: One example embodiment of the present invention discloses a method for processing an application packet for transmission, includes breaking the application packet into a plurality of segments, creating first pseudorandom bits, and generating partial tags based on each of the plurality of segments and portions of the first pseudorandom bits associated with each of the plurality of segments. The method further including combining the partial tags including a last partial tag associated with a last segment of the application packet to create an accumulated tag, generating an authentication tag based on the accumulated tag and second pseudorandom bits, storing the authentication tag, and transmitting the plurality of segments including the authentication tag.

Abstract translation: 本发明的一个示例性实施例公开了一种用于处理用于传输的应用分组的方法，包括将应用分组分解成多个分段，创建第一伪随机比特，并且基于多个分段中的每一个和 与多个段中的每一个相关联的第一伪随机比特。 所述方法还包括组合包括与所述应用分组的最后片段相关联的最后部分标签的所述部分标签以创建累积标签，基于所述累积标签和所述第二伪随机比特生成认证标签，存储所述认证标签，以及发送 多个段包括认证标签。

公开(公告)号：WO2007139794A3

公开(公告)日：2008-08-07

申请号：PCT/US2007012197

申请日：2007-05-18

Applicant: LUCENT TECHNOLOGIES INC ,  PATEL SARVAR ,  SUNDARAM GANAPAHTY SUBRAMANIAN

Inventor： PATEL SARVAR ,  SUNDARAM GANAPAHTY SUBRAMANIAN

IPC: H04L9/08 ,  H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/0822 ,  H04L63/061 ,  H04L2209/60 ,  H04L2209/80 ,  H04L2463/061 ,  H04L2463/062 ,  H04W12/02 ,  H04W12/04 ,  H04W12/10 ,  H04W84/12

Abstract: Methods are provided for securely transmitting a packet between' endpoints (120,140) of a- network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two, nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p was originated by an entity having possession fo the PEK.

Abstract translation: 提供了用于在网络的'端点（120,140）之间安全地发送分组的方法。 一方面，提供了一种使用现有的逐跳安全关联来建立端对端密钥的方法。 在第二方面，提供了一种方法，其中使用分组专用加密密钥PEK来加密分组p。 使用两个节点共享的完整性密钥，在两个节点的每一个上独立地计算密钥PEK的签名。 签名从两个节点之一发送到另一个节点，与分组p相关联。 接收节点使用签名来验证分组p是由拥有PEK的实体发起的。