公开(公告)号：EP1922666A4

公开(公告)日：2010-09-29

申请号：EP05783431

申请日：2005-09-08

Applicant: ERICSSON TELEFON AB L M

Inventor： BLOM ROLF ,  NAESLUND MATS ,  NERBRANT PER-OLOF

IPC: G06F21/31 ,  G06K9/00 ,  H04L9/32

CPC classification number: G06F21/31 ,  G06F2221/2129 ,  H04L9/3236 ,  H04L2209/80

公开(公告)号：EP2235911A4

公开(公告)日：2012-08-08

申请号：EP08705335

申请日：2008-01-22

Applicant: ERICSSON TELEFON AB L M

Inventor： NAESLUND MATS ,  NORRMAN KARL ,  SAHLIN BENGT ,  LILJENSTAM MICHAEL

IPC: H04L29/06 ,  H04W12/02

CPC classification number: H04L41/0893 ,  H04L63/20 ,  H04L63/205 ,  H04W12/02

公开(公告)号：EP2151086A4

公开(公告)日：2011-08-31

申请号：EP08779280

申请日：2008-04-26

Applicant: ERICSSON TELEFON AB L M

Inventor： BLOM ROLF ,  NAESLUND MATS

IPC: H04L9/00 ,  G06F7/58 ,  G09C1/00 ,  H04L9/08 ,  H04L9/22

CPC classification number: G06F7/588 ,  G01S19/14 ,  H04L9/0662 ,  H04L9/0872 ,  H04L9/0891 ,  H04L2209/80

公开(公告)号：EP2433389A4

公开(公告)日：2014-03-19

申请号：EP09845007

申请日：2009-05-20

Applicant: ERICSSON TELEFON AB L M

Inventor： BARRIGA LUIS ,  LILJENSTAM MICHAEL ,  NERBRANT PER-OLOF ,  NAESLUND MATS

IPC: H04L9/32 ,  G06F21/36 ,  G06Q20/34 ,  G06Q30/02 ,  G07F7/10 ,  H04L29/06 ,  H04W8/18 ,  H04W8/22 ,  H04W12/06 ,  H04W48/16 ,  H04W76/02

CPC classification number: H04L9/3271 ,  G06F21/31 ,  G06F2221/2133 ,  G06Q10/107 ,  H04L63/08 ,  H04L2209/805 ,  H04W12/06 ,  H04W48/16 ,  H04W76/02

Abstract: The invention relates to a method, party challenging device (18) and computer program products for providing a challenge to a first terminal (10) intending to communicate with a second terminal (24) via two networks (N1, N2). The party challenging device receives a first electronic message (1M) concerning a transfer of media from the first terminal to the second terminal sent from the first terminal (10) and addressed to the second terminal (24), obtains communication contextual data associated with the first party or the first terminal, provides an electronic challenge message (CHM) including a challenge (CHl1) based on the obtained data and sends the challenge message to the first terminal in order to enable a decision to be made how to process the invitation message for the second terminal based on the correctness of a response (RM) including a response to the challenge.

公开(公告)号：EP2279599A4

公开(公告)日：2013-12-25

申请号：EP08767160

申请日：2008-05-22

Applicant: ERICSSON TELEFON AB L M

Inventor： WESTBERG LARS ,  CSASZAR ANDRAS ,  NAESLUND MATS

IPC: H04L29/06 ,  H04L12/701 ,  H04L12/801 ,  H04L29/12

CPC classification number: H04L45/00 ,  H04L47/20 ,  H04L61/1511 ,  H04L63/0227 ,  H04L63/0428 ,  H04L63/104

Abstract: Method and apparatus for controlling the routing of data packets in an IP network (200). A DNS system (202) stores a packet admission policy configured for a first end-host (B) that dictates conditions for allowing other end-hosts to get across data packets to the first end-host or not. A routing voucher is defined which is required for routing data packets to the first end-host. The routing voucher is distributed to routers (R) in the IP network. When an address query is received at the DNS system (202) from a second end-host, the voucher is supplied to the second end-host if the configured policy allows the second end-host to convey data packets. Otherwise, the voucher is not supplied. If allowed, the second end-host will add the routing voucher to any data packets directed to the first end-host. When a valid routing voucher is present in a packet at a router (204) in the network, the packet will be forwarded to the next router in the IP network. The router will otherwise discard the packet.

公开(公告)号：EP2027666A4

公开(公告)日：2014-03-05

申请号：EP06748029

申请日：2006-06-09

Applicant: ERICSSON TELEFON AB L M

Inventor： BARRIGA LUIS ,  BLOM ROLF ,  NAESLUND MATS

IPC: H04W4/00 ,  H04L9/32 ,  H04L29/06 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W60/00 ,  H04W74/00 ,  H04W88/16

CPC classification number: H04L65/1016 ,  H04L9/32 ,  H04L9/321 ,  H04L63/0421 ,  H04L63/062 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/0853 ,  H04L2209/80 ,  H04W4/00 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W60/00 ,  H04W74/00 ,  H04W88/16

Abstract: A method and arrangement is disclosed for providing a user, not previously having an individual subscription with a network operator, with credentials for secure access to network services. The arrangement includes a gateway, associated with a subscription for network services, having means for generating and exporting to a user entity personalized user security data derived from security data related to the subscription. In particular, the derivation of credentials is based on a function that is shared between network and gateway and further conveniently makes use of bootstrapping on keying material from the subscription authentication. Pre-registered user identities are assigned trusted users who, thereafter, can download credentials and authenticate for service access. The invention may be implemented at a public place for providing temporary visitors network access whereby trust may exemplary be established by presenting a credit card.

公开(公告)号：EP2215769A4

公开(公告)日：2013-10-30

申请号：EP07852199

申请日：2007-11-30

Applicant: ERICSSON TELEFON AB L M

Inventor： BLOM ROLF ,  CHENG YI ,  LINDHOLM FREDRIK ,  MATTSSON JOHN ,  NAESLUND MATS ,  NORRMAN KARL

IPC: H04L9/08 ,  H04L29/06

CPC classification number: H04L9/0838 ,  H04L9/083 ,  H04L9/0861 ,  H04L63/061 ,  H04L63/062 ,  H04L63/0884 ,  H04L65/1016

Abstract: A method and arrangement is disclosed for managing session keys for secure communication between a first and at least a second user device in a communications network. The method is independent of what type of credential each user device implements for security operations. A first user receives from a first key management server keying information and a voucher and generates a first session key. The voucher is forwarded to at least a responding user device that, with support from a second key management server communicating with the first key management server, resolves the voucher and determines a second session key. First and second session keys are, thereafter, used for secure communication. In one embodiment the communication traverses an intermediary whereby first and second session keys protect communication in their respective leg to said intermediary.

公开(公告)号：EP2345212A4

公开(公告)日：2012-10-10

申请号：EP08878023

申请日：2008-11-07

Applicant: ERICSSON TELEFON AB L M

Inventor： CSASZAR ANDRAS ,  MAGNUSSON LARS G ,  NAESLUND MATS ,  WESTBERG LARS

IPC: H04L12/56 ,  H04L29/06

CPC classification number: H04L45/00 ,  H04L63/0227

公开(公告)号：WO2008133590A9

公开(公告)日：2009-11-19

申请号：PCT/SE2008050479

申请日：2008-04-26

Applicant: ERICSSON TELEFON AB L M ,  BLOM ROLF ,  NAESLUND MATS

Inventor： BLOM ROLF ,  NAESLUND MATS

IPC: H04L9/00 ,  G06F7/58 ,  G09C1/00 ,  H04L9/08 ,  H04L9/22

CPC classification number: G06F7/588 ,  G01S19/14 ,  H04L9/0662 ,  H04L9/0872 ,  H04L9/0891 ,  H04L2209/80

Abstract: A communications apparatus includes a mobile device. The apparatus includes a receiver for receiving at the mobile device a plurality of signals carrying information including received signals which provides randomly varying data related to location of the mobile device. The apparatus includes a random number generator which generates a random number as a function of the data. The apparatus includes a cryptographic key generator which generates a cryptographic key using the random number. A method to establish at a mobile device a random number for cryptographic operations includes the steps of receiving at the mobile device a plurality of signals carrying information including received signals which provides randomly varying data related to location of the mobile device. There is the step of estimating signal entropy for at least one of the received signals in dependence of location where the signals are received by the mobile device. There is the step of selecting the at least one entropy estimated signal having estimated entropy satisfying a predetermined property. There is the step of generating from the at least one entropy estimated signal the random number.

Abstract translation: 通信装置包括移动装置。 该装置包括接收机，用于在移动设备处接收携带包括接收信号的信息的多个信号，所述接收信号提供与移动设备的位置相关的随机变化的数据。 该装置包括随机数生成器，其生成作为数据的函数的随机数。 该装置包括使用随机数生成加密密钥的加密密钥生成器。 一种用于在移动设备处建立用于密码操作的随机数的方法包括以下步骤：在移动设备处接收携带包括接收信号的信息的多个信号，所述接收信号提供与移动设备的位置相关的随机变化的数据。 根据移动设备接收信号的位置，估计接收到的信号中的至少一个信号熵的步骤。 存在选择具有满足预定特性的估计熵的至少一个熵估计信号的步骤。 存在从至少一个熵估计信号产生随机数的步骤。

公开(公告)号：WO2004036413A3

公开(公告)日：2004-06-24

申请号：PCT/SE0301560

申请日：2003-10-07

Applicant: ERICSSON TELEFON AB L M

Inventor： BLOM ROLF ,  NAESLUND MATS

IPC: G06F7/00 ,  G06F7/38 ,  G06F7/72 ,  H04L9/30

CPC classification number: G06F7/724 ,  G06Q20/3829 ,  H04L9/0841 ,  H04L9/3066

Abstract: A method of processing binary data representing field elements of an odd-characteristic finite field GF(pk) is described. The method comprises storing binary data representing at least a portion of a field element of an odd-characteristic finite field GF(pk) in a register, p being an odd prime number, the field element comprising k coefficients in accordance with a polynomial-basis representation, the binary data comprising plural groups of data bits, wherein each group of data bits represents an associated one of the k coefficients. The method also comprises executing at least one operation on contents of the register such that the plural groups of data bits are processed in parallel. An apparatus comprising a memory and a processing unit coupled to the memory to carry out the method is also described.

Abstract translation: 描述了表示奇特征有限域GF（pk）的场元素的二进制数据的处理方法。 该方法包括将表示奇特征有限域GF（pk）的场元素的至少一部分的二进制数据存储在寄存器中，p是奇素数，该场元素包括k个系数，依照基于多项式的 表示，二进制数据包括多组数据比特，其中每组数据比特表示k个系数中相关联的一个。 该方法还包括对寄存器的内容执行至少一个操作，使得并行处理多组数据位。 还描述了包括存储器和耦合到存储器以执行该方法的处理单元的设备。