公开(公告)号：US11329801B2

公开(公告)日：2022-05-10

申请号：US16733515

申请日：2020-01-03

Applicant: Apple Inc.

Inventor： Dawei Zhang ,  Fangli Xu ,  Haijing Hu ,  Huarui Liang ,  Lijia Zhang ,  Robert K. Kitchens ,  Samuel D. Post ,  Shu Guo ,  Xiangying Yang ,  Yannick L. Sierra ,  Yuqin Chen

IPC: H04L9/06 ,  H04L29/06 ,  H04W12/06 ,  H04W12/04 ,  H04L9/08

Abstract: Apparatuses, systems, and methods for generating and utilizing improved initialization vectors (IVs) when performing encryption and authentication in wireless communications. In some scenarios, a wireless communication device may generate one or more pseudorandom multi-bit values, e.g., using a respective plurality of key derivation functions (KDFs). A first portion of each value may be used as a respective key for encryption or authentication of traffic on the user plane or the control plane. A second portion of each value may be used as a nonce value in a respective IV for use with a respective key for encryption or authentication of traffic on the user plane or the control plane. In some scenarios, the nonce values may instead be generated as part of an additional pseudorandom value (e.g., by executing an additional KDF), from which all of the IVs may be drawn.

公开(公告)号：US12284719B2

公开(公告)日：2025-04-22

申请号：US17439224

申请日：2021-05-10

Applicant: Apple Inc.

Inventor： Shu Guo ,  Dawei Zhang ,  Huarui Liang ,  Haijing Hu

IPC: H04W8/18

Abstract: Apparatuses, systems, and methods for revocation and/or modification of user consent in Edge Computing (MEC). A user equipment device (UE) may determine that user consent needs to be updated. The user consent may be associated with MEC. Additionally, the UE may transmit, via an application layer of the UE, a user consent modification request to an edge application server of a network, e.g., of an edge data network. The user consent modification request may be carried in application data traffic. The user consent modification request may be indicated via an Nnef_ParameterProvision_Update service operation. The user consent modification request is indicated via an Nnef_ParameterProvision_Update service operation.

公开(公告)号：US12245308B2

公开(公告)日：2025-03-04

申请号：US17776449

申请日：2020-01-31

Applicant: Apple Inc.

Inventor： Shu Guo ,  Xiangying Yang ,  Fangli Xu ,  Yuqin Chen ,  Huarui Liang ,  Haijing Hu ,  Dawei Zhang

IPC: H04W76/00 ,  H04W12/106 ,  H04W36/00 ,  H04W72/231 ,  H04W72/30 ,  H04W76/19 ,  H04W76/30

Abstract: Embodiments are presented herein of apparatuses, systems, and methods for a user equipment device (UE) and/or cellular network to resume a connection. To resume the connection, the UE may transmit a fully protected connection resume message, e.g., which may include protection for a resume cause field.

公开(公告)号：US12143814B2

公开(公告)日：2024-11-12

申请号：US17593296

申请日：2021-05-10

Applicant: APPLE INC.

Inventor： Shu Guo ,  Dawei Zhang ,  Haijing Hu ,  Huarui Liang

IPC: H04M1/66 ,  H04W12/041 ,  H04W12/0433 ,  H04W12/06 ,  H04W60/04

Abstract: Disclosed are embodiments of a user equipment (UE) configured to communicate in a 5G network and to perform authentication between an edge enabler client (EEC) of the UE and an edge configuration server (ECS) or an edge enabler server (EES) based on an architecture for authentication and key management for applications (AKMA). The techniques include performing primary authentication with the 5G network to obtain a KAUSF; generating a KAKMA and an A-KID; providing to the EEC the KAKMA and an EEC identifier (ID) for the EEC to generate a Kedge, the KAKMA and the EEC ID being used by the EEC to compute a MACEEC; and sending to the ECS or the EES an application registration request, the application registration request including the EEC ID, the MACEEC, and the A-KID.

公开(公告)号：US12132830B2

公开(公告)日：2024-10-29

申请号：US17437798

申请日：2020-04-03

Applicant: Apple Inc.

Inventor： Shu Guo ,  Dawei Zhang ,  Fangli Xu ,  Haijing Hu ,  Huarui Liang ,  Xiangying Yang ,  Yuqin Chen

IPC: H04L29/06 ,  H04L9/08 ,  H04W12/041

CPC classification number: H04L9/0861 ,  H04L9/0891 ,  H04W12/041 ,  H04L2209/80

Abstract: Apparatuses, systems, and methods for application function (AF) key generation and AF key renewal. A user equipment device (UE) may communicate with an application function (AF) via a radio access network (RAN) using a first AF key and determine that the first AF key has expired. The UE may derive a second AF key based on at least an Architecture for Authentication and Key Management for Applications (AKMA) anchor key (KAKMA) and a counter parameter and communicate with the AF via the RAN using the second AF key. At least one of the UE, the AF, and/or an AKMA Anchor Function (AAnF) may be configured to monitor expiration of the first AF key based on an associated lifetime of the first AF key. The first and second AF keys may be derived using a key derivation function that includes at least one variable parameter.

公开(公告)号：US12101630B2

公开(公告)日：2024-09-24

申请号：US17634950

申请日：2019-08-18

Applicant: Apple Inc.

Inventor： Xiangying Yang ,  Jean-Marc Padova ,  Li Li ,  Shu Guo

IPC: G06F7/04 ,  H04L9/32 ,  H04W8/20 ,  H04W12/041 ,  H04W12/0431 ,  H04W12/069 ,  H04L9/40

CPC classification number: H04W12/069 ,  H04L9/3247 ,  H04L9/3263 ,  H04W8/205 ,  H04W12/041 ,  H04W12/0431 ,  H04L63/166 ,  H04L2209/80

Abstract: This application sets forth techniques for authenticating a mobile device with a cellular wireless network without electronic Subscriber Identity Module (eSIM) credentials by using an Extensible Authentication Protocol Transport Layer Security (EAP-TLS) procedure. The mobile device authenticates with an Authentication Server Function (AUSF) of the cellular wireless network using an embedded Universal Integrated Circuit Card (eUICC) certificate. Processing circuitry of the mobile wireless device external to the eUICC implements the EAP-TLS procedure and authenticates validity of the AUSF. In some embodiments, the eUICC provides key generation and storage for a session key for communication between the mobile device and the cellular wireless network. In some embodiments, a third-party managed Unified Data Management (UDM) broker authenticates the mobile device based on knowledge of the eUICC certificate and provides a session key to the cellular wireless network for subsequent communication with the mobile device, upon successful authentication of the mobile device.

公开(公告)号：US12063505B2

公开(公告)日：2024-08-13

申请号：US17442778

申请日：2020-04-01

Applicant: Apple Inc.

Inventor： Shu Guo ,  Xiangying Yang ,  Yuqin Chen ,  Fangli Xu ,  Zhibin Wu ,  Dawei Zhang ,  Huarui Liang ,  Haijing Hu

IPC: H04W12/08 ,  H04W12/67

CPC classification number: H04W12/08 ,  H04W12/67

Abstract: Techniques discussed herein can facilitate improved security establishment procedures for Vehicle to Everything (V2X) direct connections. Various embodiments are employable at or comprise User Equipment, and can initiate and/or receive V2X security establishment connections wherein a receiving UE can reject the connection based on the initiating UE's capabilities/policy and/or the initiating UE can make the final decision regarding the connection based at least on receiving security policy and capability information from the receiving UE.

公开(公告)号：US20240214910A1

公开(公告)日：2024-06-27

申请号：US17919998

申请日：2021-10-21

Applicant: Apple Inc.

Inventor： Zhibin Wu ,  Shu Guo ,  Chunxuan Ye ,  Haijing Hu ,  Haitong Sun ,  Seyed Ali Akbar Fakoorian ,  Sudeep Manithara Vamanan ,  Yuqin Chen

IPC: H04W48/14 ,  H04W76/14 ,  H04W88/04 ,  H04W92/18

CPC classification number: H04W48/14 ,  H04W76/14 ,  H04W88/04 ,  H04W92/18

Abstract: The present application relates to devices and components including apparatus, systems, and methods for managing relay identifiers for sidelink relays in wireless networks.

公开(公告)号：US11968530B2

公开(公告)日：2024-04-23

申请号：US17593499

申请日：2020-08-06

Applicant: Apple Inc.

Inventor： Shu Guo ,  Dawei Zhang ,  Fangli Xu ,  Haijing Hu ,  Huarui Liang ,  Mona Agnel ,  Ralf Rossbach ,  Sudeep Manithara Vamanan ,  Xiangying Yang ,  Yuqin Chen

IPC: H04L29/06 ,  H04W12/06 ,  H04W60/00

CPC classification number: H04W12/068 ,  H04W60/00

Abstract: A network may authenticate a user equipment (UE) to access an edge data network. The network generates a first credential based on a second credential, the second credential generated for a procedure between the UE and a cellular network corresponding to the network component, receives an identifier associated with the first credential from a further network component in response to the UE transmitting an application registration request to a server associated with an edge data network and retrieves the first credential based on the identifier. The network also receives a multi-access edge computing (MEC) authorization parameter, verifies the MEC authorization parameter and transmits an authentication verification response to a second network component.

公开(公告)号：US11924184B2

公开(公告)日：2024-03-05

申请号：US17598224

申请日：2021-06-15

Applicant: Apple Inc.

Inventor： Shu Guo ,  Fangli Xu ,  Yuqin Chen ,  Xiangying Yang ,  Huarui Liang ,  Haijing Hu ,  Chunhai Yao ,  Dawei Zhang ,  Yushu Zhang ,  Zhibin Wu

IPC: H04L9/40 ,  H04L9/14

CPC classification number: H04L63/061 ,  H04L9/14

Abstract: The present application relates to devices and components including apparatus, systems, and methods for secured user equipment communications over a user equipment relay. In some embodiments, symmetric or asymmetric encryption may be used for the secured user equipment communications.