-
公开(公告)号:WO2021067060A1
公开(公告)日:2021-04-08
申请号:PCT/US2020/051816
申请日:2020-09-21
Applicant: QUALCOMM INCORPORATED
Inventor: PALANIGOUNDER, Anand , ESCOTT, Adrian Edward , LEE, Soo Bum
Abstract: Methods, systems, and devices are provided for supporting user plane integrity protection (UP IP) for communications with a radio access network (RAN). Various embodiments may include indicating whether or not a wireless device supports UP IP over Evolved Universal Mobile Telecommunications System (UMTS) Terrestrial Radio Access (eUTRA) by including UP IP support indications in user equipment (UE) security capability information elements (IEs).
-
2.发明申请
公开(公告)号:WO2020150697A1
公开(公告)日:2020-07-23
申请号:PCT/US2020/014232
申请日:2020-01-18
Applicant: QUALCOMM INCORPORATED
Inventor: ESCOTT, Adrian Edward , LEE, Soo Bum , PALANIGOUNDER, Anand
Abstract: Techniques and apparatus for protecting sequence numbers used in authentication procedures are described. One technique includes receiving at a UE (120a), from a network (130), an authentication request comprising at least a random challenge. After receipt of the authentication request, a synchronization parameter is generated based at least in part on a key shared by the network (130) and the UE (120a), the random challenge, and a first message authentication code, MAC. The synchronization parameter and the first MAC are transmitted to the network in response to the authentication request.
-
3.发明申请TECHNIQUES FOR DERIVING SECURITY KEYS FOR A CELLULAR NETWORK BASED ON PERFORMANCE OF AN EXTENSIBLE AUTHENTICATION PROTOCOL (EAP) PROCEDURE 审中-公开基于可扩展认证协议(EAP)过程性能的蜂窝网络安全关键技术
公开(公告)号:WO2018052640A1
公开(公告)日:2018-03-22
申请号:PCT/US2017/047355
申请日:2017-08-17
Applicant: QUALCOMM INCORPORATED
Inventor: LEE, Soo Bum , PALANIGOUNDER, Anand , ESCOTT, Adrian Edward
Abstract: Techniques are described for wireless communication. A method for wireless communication at a user equipment (UE) includes performing an extensible authentication protocol (EAP) procedure with an authentication server via an authenticator. The EAP procedure is based at least in part on a set of authentication credentials exchanged between the UE and the authentication server. The method also includes deriving, as part of performing the EAP procedure, a master session key (MSK) and an extended master session key (EMSK) that are based at least in part on the authentication credentials and a first set of parameters; determining a network type associated with the authenticator; and performing, based at least in part on the determined network type, at least one authentication procedure with the authenticator. The at least one authentication procedure is based on an association of the MSK or the EMSK with the determined network type.
Abstract translation: 描述了用于无线通信的技术。 用于在用户设备(UE)处进行无线通信的方法包括经由认证器与认证服务器执行可扩展认证协议(EAP)过程。 EAP过程至少部分基于在UE和认证服务器之间交换的一组认证证书。 该方法还包括:作为执行EAP过程的一部分,导出至少部分地基于认证凭证和第一组参数的主会话密钥(MSK)和扩展的主会话密钥(EMSK); 确定与认证器相关联的网络类型; 以及至少部分地基于所确定的网络类型来执行与所述认证器的至少一个认证过程。 至少一个认证过程基于MSK或EMSK与确定的网络类型的关联。
-
公开(公告)号:WO2018017227A1
公开(公告)日:2018-01-25
申请号:PCT/US2017/037965
申请日:2017-06-16
Applicant: QUALCOMM INCORPORATED
Inventor: LEE, Soo Bum , PALANIGOUNDER, Anand , ESCOTT, Adrian Edward
Abstract: Methods, systems, and devices for wireless communication are described. A user equipment (UE) may perform authentication procedures using an alternative identity (e.g., a privacy mobile subscriber identity (PMSI)) instead of an international mobile subscriber identity (IMSI) to protect the privacy of the user. If the UE does not have a PMSI, it may include a request for a PMSI initialization in an attach request. In some cases, the PMSI may be used once, and a new PMSI may be generated for the next attachment procedure. In some cases, a universal subscriber identity module (USIM) of the UE may not support storage of a PMSI. So a privacy module of the UE may communicate with the USIM according to the USIMs capabilities and may maintain a PMSI separately for communication with the network.
Abstract translation: 描述了用于无线通信的方法,系统和设备。 用户设备(UE)可以使用替代身份(例如,隐私移动订户身份(PMSI))而不是国际移动订户身份(IMSI)来执行认证过程以保护用户的隐私。 如果UE不具有PMSI,则它可以在附着请求中包括对PMSI初始化的请求。 在某些情况下,PMSI可以使用一次,并且可以为下一个附件程序生成新的PMSI。 在一些情况下,UE的通用订户身份模块(USIM)可能不支持PMSI的存储。 因此,UE的隐私模块可以根据USIM能力与USIM进行通信,并且可以分别维护PMSI以与网络进行通信。
-
公开(公告)号:WO2016140823A1
公开(公告)日:2016-09-09
申请号:PCT/US2016/018860
申请日:2016-02-22
Applicant: QUALCOMM INCORPORATED
Inventor: LEE, Soo Bum , PALANIGOUNDER, Anand , ESCOTT, Adrian Edward , HORN, Gavin Bernard
Abstract: Systems and techniques are disclosed to protect a user equipment's international mobile subscriber identity by providing a privacy mobile subscriber identity instead. In an attach attempt to a serving network, the UE provides the PMSI instead of IMSI, protecting the IMSI from exposure. The PMSI is determined between a home network server and the UE so that intermediate node elements in the serving network do not have knowledge of the relationship between the PMSI and the IMSI. Upon receipt of the PMSI in the attach request, the server generates a next PMSI to be used in a subsequent attach request and sends the next PMSI to the UE for confirmation. The UE confirms the next PMSI to synchronize between the UE and server and sends an acknowledgment token to the server. The UE and the server then each update local copies of the current and next PMSI values.
Abstract translation: 公开了通过提供隐私移动用户身份来保护用户设备的国际移动用户身份的系统和技术。 在对服务网络的附着尝试中,UE提供PMSI而不是IMSI,保护IMSI免受暴露。 在家庭网络服务器和UE之间确定PMSI,使得服务网络中的中间节点元素不知道PMSI和IMSI之间的关系。 在附件请求中接收到PMSI后,服务器生成下一个PMSI以便在随后的附加请求中使用,并将下一个PMSI发送给UE进行确认。 UE确认下一个PMSI以在UE和服务器之间同步,并向服务器发送确认令牌。 然后,UE和服务器每个更新当前和下一个PMSI值的本地副本。
-
Patent Agency Ranking6.发明申请METHODS AND APPARATUS FOR PROVIDING NETWORK-ASSISTED KEY AGREEMENT FOR P2P COMMUNICATIONS 审中-公开提供P2P通信网络协助关键协议的方法和设备
公开(公告)号:WO2014063083A1
公开(公告)日:2014-04-24
申请号:PCT/US2013/065728
申请日:2013-10-18
Applicant: QUALCOMM INCORPORATED
Inventor: ESCOTT, Adrian Edward , VANDERVEEN, Michaela , DENT, Alexander W.
Abstract: A method, an apparatus, and a computer program product for wireless communication are provided in connection with facilitating secure D2D communications in a LTE based WWAN. In one example, a UE is equipped to send a shared key request using a first non-access stratum (NAS) message to a MME, calculate a first UE key based on a MME-first UE key, an uplink count value, and at least a portion of contextual information, receive a second NAS message from the MME, and calculate a final UE key based at least on the first UE key. In another example, a MME is equipped to receive a NAS message such as the message send by the first UE, calculate a first UE key, receive a message at least indicating successful contact with the second UE, and send a second NAS message to the first UE indicating the successful contact.
Abstract translation: 提供了一种用于无线通信的方法,装置和计算机程序产品,用于促进基于LTE的WWAN中的安全的D2D通信。 在一个示例中,UE被配备为使用第一非接入层(NAS)消息向MME发送共享密钥请求,基于MME第一UE密钥,上行链路计数值,以及 至少一部分上下文信息,从MME接收第二NAS消息,并且至少基于第一UE密钥来计算最终UE密钥。 在另一示例中,MME被配备为接收诸如由第一UE发送的消息的NAS消息,计算第一UE密钥,接收至少指示与第二UE成功联系的消息,并向第二UE发送第二NAS消息 第一个UE指示成功的联系。
-
7.发明申请
公开(公告)号:WO2023076545A1
公开(公告)日:2023-05-04
申请号:PCT/US2022/048150
申请日:2022-10-28
Applicant: QUALCOMM INCORPORATED
Inventor: ESCOTT, Adrian Edward , PALANIGOUNDER, Anand , LEE, Soo Bum , KIM, Hongil
IPC: H04W12/041 , H04W12/043 , H04W12/06 , H04L9/40
Abstract: In embodiment methods for supporting pre-shared key (PSK) renegotiation, a user equipment (UE) may generate a request message including a first bootstrapping transaction identifier (B-TID), a first PSK namespace identifying a first bootstrapping procedure supported by the UE, and a first correlated PSK namespace indicating PSK renegotiation is supported by the UE for the first bootstrapping procedure, and send the request message to a network device. The network device may determine an indication of a PSK renegotiation for the first correlated PSK namespace in response to determining PSK renegotiation is required for the UE, generate a response message including the indication of the PSK renegotiation for the first correlated PSK namespace, and send the response message to the UE. In response, the UE may perform a bootstrapping procedure to obtain a second B-TID and second (i.e., new) session key (Ks).
-
公开(公告)号:WO2021034364A1
公开(公告)日:2021-02-25
申请号:PCT/US2020/034339
申请日:2020-05-22
Applicant: QUALCOMM INCORPORATED
Inventor: ESCOTT, Adrian Edward , WHYTE, William , PALANIGOUNDER, Anand
Abstract: Embodiments include devices and methods for providing secure communications between a first computing device and a second computing device are disclosed. A processor of the first computing device may determine in a first application software first security key establishment information. The processor may provide the first security key establishment information to a communication layer of the first computing device for transmission to the second computing device. The processor may receive, in the first application software from the communication layer of the first computing device, second security key establishment information received from the second computing device. The processor may determine a first security key by the first application software based at least in part on the second security key establishment information. The processor may provide the first security key to the communication layer for protecting messages from the first application software to the second computing device.
-
公开(公告)号:WO2019195776A1
公开(公告)日:2019-10-10
申请号:PCT/US2019/026137
申请日:2019-04-05
Applicant: QUALCOMM INCORPORATED
Abstract: Aspects directed towards steering of roaming (SoR) are disclosed. In one example, a communication from a public land mobile network (PLMN) is received by a user equipment (UE) in which the communication indicates an acceptance of a UE registration with the PLMN. This example further includes performing a determination of whether an SoR indicator associated with a home PLMN (HPLMN) is embedded within the communication. The UE then manages PLMN selection according to the determination. In another example, a UE is configured to operate according to an SoR configuration in which the UE is configured to ascertain whether an SoR indicator is embedded within a communication from a PLMN. An SoR indicator associated with an HPLMN is then generated and subsequently transmitted from the HPLMN to the UE via the PLMN.
-
10.发明申请METHOD AND APPARATUS FOR REESTABLISHING RADIO COMMUNICATION LINKS DUE TO RADIO LINK FAILURE 审中-公开用于由于无线电链路故障而重新建立无线电通信链路的方法和设备
公开(公告)号:WO2018085181A1
公开(公告)日:2018-05-11
申请号:PCT/US2017/058947
申请日:2017-10-30
Applicant: QUALCOMM INCORPORATED
Inventor: ESCOTT, Adrian Edward , DHANDA, Mungal Singh , PALANIGOUNDER, Anand , LEE, Soo Bum
Abstract: One feature pertains to a method that includes establishing a radio communication connection with a first radio access node (RAN) that uses control plane signaling connections to carry user plane data. The method also includes determining that the wireless communication device is experiencing radio link failure (RLF) with the first RAN and that the radio communication connection should be reestablished with a second RAN. A reestablishment request message is transmitted to the second RAN that includes parameters that enable a core network node communicatively coupled to the second RAN to authenticate the wireless communication device and allow or reject reestablishment of the radio communication connection. The parameters include at least a message authentication code (MAC) based in part on one or more bits of a non-access stratum (NAS) COUNT value maintained at the wireless communication device.
Abstract translation: 一个特征涉及一种方法,该方法包括与使用控制平面信令连接来承载用户平面数据的第一无线电接入节点(RAN)建立无线电通信连接。 该方法还包括确定无线通信设备正在经历与第一RAN的无线电链路故障(RLF)并且应该与第二RAN重新建立无线电通信连接。 重新建立请求消息被发送到第二RAN,该消息包括使通信地耦合到第二RAN的核心网络节点能够认证无线通信设备并且允许或拒绝重新建立无线电通信连接的参数。 参数至少包括部分基于在无线通信设备处维护的非接入层(NAS)计数值的一个或多个比特的消息认证码(MAC)。
-
-
-
-
-
-
-
-
-
Search Results
111
records
(took 0.027 seconds)
