公开(公告)号：AU2018307214A1

公开(公告)日：2020-01-16

申请号：AU2018307214

申请日：2018-07-16

Applicant: QUALCOMM INC

Inventor： LEE SOO BUM ,  ESCOTT ADRIAN EDWARD ,  PALANIGOUNDER ANAND

IPC: H04W36/00

Abstract: Methods, systems, and devices for wireless communication are described that support security key derivation for handover. A network entity (e.g., an access and mobility function (AMF)) may establish an access stratum (AS) key to ensure secure communications between a user equipment (UE) and a base station. If the UE relocates to a new network entity (e.g., target network entity), the initial network entity (e.g., source network entity) may perform a handover procedure to the target network entity. In some aspects, the network entities may derive a unified AS key for the handover procedure. Additionally, the network entities may utilize one or more intermediate keys (e.g., refreshed intermediate keys) derived from, in part, respective freshness parameters for the handover procedure. The target network entity may then utilize the derived intermediate keys to derive the AS key for the handover procedure and establish communications with the UE.

公开(公告)号：AU2017332769A1

公开(公告)日：2019-02-28

申请号：AU2017332769

申请日：2017-09-22

Applicant: QUALCOMM INC

Inventor： LEE SOO BUM ,  KUBOTA KEIICHI ,  ESCOTT ADRIAN EDWARD ,  HORN GAVIN BERNARD ,  PALANIGOUNDER ANAND

IPC: H04W12/04 ,  H04L29/06 ,  H04W36/00 ,  H04W48/18

Abstract: Certain aspects of the present disclosure provide techniques for managing security keys for enciphering and deciphering packets transmitted in a wireless communications system. According to certain aspects, a method of wireless communication by a user equipment (UE) is provided. The method generally includes obtaining an indication of a key area identifier (ID) of a first cell node, wherein the key area ID identifies a set of cell nodes that are associated with a network node that uses a first key for enciphering or deciphering messages and communicating a first set of messages with the first cell node using the first key for enciphering or deciphering the first set of messages.

公开(公告)号：AU2017328028A1

公开(公告)日：2019-02-28

申请号：AU2017328028

申请日：2017-08-16

Applicant: QUALCOMM INC

Inventor： LEE SOO BUM ,  ESCOTT ADRIAN EDWARD ,  CHAPONNIERE LENAIG GENEVIEVE

IPC: H04W12/04 ,  H04L9/08 ,  H04L29/06

Abstract: Methods, systems, and devices for wireless communication are described. A user equipment (UE) may determine that a security context with a network node has been established for more than a threshold time period. The UE may identify, based on a key hierarchy, a parent network node associated with the network node. The UE may transmit a key refresh request message to the parent network node to trigger a key refresh procedure between the parent network node and the network node. The UE may perform a procedure with the network node to establish a new security context based on the key refresh procedure.

公开(公告)号：AU2017328040A1

公开(公告)日：2019-02-21

申请号：AU2017328040

申请日：2017-08-17

Applicant: QUALCOMM INC

Inventor： LEE SOO BUM ,  PALANIGOUNDER ANAND ,  ESCOTT ADRIAN EDWARD

IPC: H04W12/06 ,  H04L29/06 ,  H04W12/04

Abstract: Techniques are described for wireless communication. A method for wireless communication at a user equipment (UE) includes performing an extensible authentication protocol (EAP) procedure with an authentication server via an authenticator. The EAP procedure is based at least in part on a set of authentication credentials exchanged between the UE and the authentication server. The method also includes deriving, as part of performing the EAP procedure, a master session key (MSK) and an extended master session key (EMSK) that are based at least in part on the authentication credentials and a first set of parameters; determining a network type associated with the authenticator; and performing, based at least in part on the determined network type, at least one authentication procedure with the authenticator. The at least one authentication procedure is based on an association of the MSK or the EMSK with the determined network type.

公开(公告)号：CA3038129A1

公开(公告)日：2018-05-11

申请号：CA3038129

申请日：2017-10-30

Applicant: QUALCOMM INC

Inventor： ESCOTT ADRIAN EDWARD ,  DHANDA MUNGAL SINGH ,  PALANIGOUNDER ANAND ,  LEE SOO BUM

IPC: H04W76/19 ,  H04L29/06 ,  H04W12/10

Abstract: One feature pertains to a method that includes establishing a radio communication connection with a first radio access node (RAN) that uses control plane signaling connections to carry user plane data. The method also includes determining that the wireless communication device is experiencing radio link failure (RLF) with the first RAN and that the radio communication connection should be reestablished with a second RAN. A reestablishment request message is transmitted to the second RAN that includes parameters that enable a core network node communicatively coupled to the second RAN to authenticate the wireless communication device and allow or reject reestablishment of the radio communication connection. The parameters include at least a message authentication code (MAC) based in part on one or more bits of a non-access stratum (NAS) COUNT value maintained at the wireless communication device.

公开(公告)号：DK3120517T3

公开(公告)日：2018-01-08

申请号：DK15704660

申请日：2015-01-30

Applicant: QUALCOMM INC

Inventor： CHENG HONG ,  BAGHEL SUDHIR KUMAR ,  ESCOTT ADRIAN EDWARD

IPC: H04L29/06 ,  H04W8/00 ,  H04W12/10 ,  H04W12/12

公开(公告)号：BR112012026451A2

公开(公告)日：2016-08-09

申请号：BR112012026451

申请日：2011-04-15

Applicant: QUALCOMM INC

Inventor： ESCOTT ADRIAN EDWARD ,  PALANIGOUNDER ANAND

IPC: H04W12/04 ,  H04W36/00

公开(公告)号：BR112012026136A2

公开(公告)日：2016-06-28

申请号：BR112012026136

申请日：2011-04-15

Applicant: QUALCOMM INC

Inventor： ESCOTT ADRIAN EDWARD ,  PALANIGOUNDER ANAND

IPC: H04L29/06 ,  H04W12/04

Abstract: aparelho e método para sinalizar um contexto de segurança aperfeiçoada para criptografia de sessão e chaves de integridade. é revelado um método para estabelecer um contexto de segurança aprimorado entre uma estação remota e uma rede servidora. no método, a estação remota encaminha uma primeira mensagem à rede servidora, em que a primeira mensagem inclui um elemento de informações que sinaliza que a estação remota suporta um contexto de segurança aprimorado. a estação remota gera ao menos uma chave de sessão, de acordo com o contexto de segurança aprimorado, com uso do elemento de informações. a estação remota recebe, em resposta à primeira mensagem, uma segunda mensagem que tem uma indicação de que a rede servidora suporta o contexto de segurança aprimorado. a estação remota, em resposta à segunda mensagem, tem comunicações sem fio protegidas pela ao menos uma chave de sessão.

公开(公告)号：SG186307A1

公开(公告)日：2013-01-30

申请号：SG2012091286

申请日：2011-06-16

Applicant: QUALCOMM INC

Inventor： ESCOTT ADRIAN EDWARD ,  PALANIGOUNDER ANAND

Abstract: Disclosed is a method for transitioning an enhanced security context from a UTRAN/GERAN-based serving network to an E-UTRAN-based serving network. In the method, the remote station the remote station generates first and second session keys, in accordance with the enhanced security context, using a first enhanced security context root key associated with a UTRAN/GERAN-based serving network and a first information element. The remote station receives a first message from the E-UTRAN-based serving network. The first message signals to the remote station to generate a second enhanced security context root key for use with the E-UTRAN-based serving network. The remote station generates, in response to the first message, the second enhanced security context root key from the first enhanced security context root key using the s first and second session keys as inputs. The remote station protects wireless communications, on the E-UTRAN-based serving network, based on the second enhanced security context root key.

公开(公告)号：AR081944A1

公开(公告)日：2012-10-31

申请号：ARP110102088

申请日：2011-06-16

Applicant: QUALCOMM INC

Inventor： ESCOTT ADRIAN EDWARD ,  PALANIGOUNDER ANAND

IPC: H04L29/06

Abstract: Un método de autenticación entre un dispositivo (p. ej. un dispositivo del cliente o terminal de acceso) y una entidad de la red. Un dispositivo de almacenamiento removible puede estar acoplado al dispositivo y almacena una clave específica del abonado que puede ser usado para la autenticación del abonado. Un dispositivo de almacenamiento seguro puede estar acoplado al dispositivo y almacena una clave específica del dispositivo usado para la autenticación del dispositivo. La autenticación del abonado se puede realizar entre el dispositivo y una entidad de la red. La autenticación del dispositivo también se puede realizar por el dispositivo con la entidad de la red. Entonces se puede generar una clave de seguridad que une la autenticación del abonado con la autenticación del dispositivo. La clave de seguridad se puede usar para comunicaciones seguras entre el dispositivo y una red servidora.