公开(公告)号：US12058239B2

公开(公告)日：2024-08-06

申请号：US18453662

申请日：2023-08-22

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia Zhang ,  Jing Chen

IPC: G06F21/00 ,  H04L9/06 ,  H04L9/12 ,  H04L9/40 ,  H04W12/02 ,  H04W12/033 ,  H04W12/04 ,  H04W4/70

CPC classification number: H04L9/0656 ,  H04L9/12 ,  H04L63/10 ,  H04L63/104 ,  H04W12/02 ,  H04W12/033 ,  H04W12/04 ,  H04L2209/80 ,  H04W4/70

Abstract: A method, and related apparatuses are provided. The method comprises receiving an initial layer-3 message, wherein the initial layer-3 message comprises an indication indicating that a part of the initial layer-3 message is encrypted, and generating a keystream, wherein the keystream is used to decrypt the encrypted part of the initial layer-3 message.

公开(公告)号：US09992669B2

公开(公告)日：2018-06-05

申请号：US14263253

申请日：2014-04-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia Zhang ,  Jing Chen

IPC: H04L29/06 ,  H04W12/04 ,  H04L9/06 ,  H04L9/12 ,  H04W12/02 ,  H04W4/00

CPC classification number: H04W12/04 ,  H04L9/0656 ,  H04L9/12 ,  H04L63/10 ,  H04L63/104 ,  H04L2209/80 ,  H04W4/70 ,  H04W12/02

Abstract: Embodiments of the present application provide an encryption method, a decryption method, and a related apparatus. The encryption method includes: generating a keystream, where the keystream is used to encrypt a part of data to be encrypted in an initial layer-3 message, and the part of data to be encrypted includes small data; generating, by performing an exclusive OR operation on the keystream and the initial layer-3 message, an initial layer-3 message in which the part of data is encrypted; and sending the initial layer-3 message in which the part of data is encrypted, where the initial layer-3 message includes an added encryption indication, and the encryption indication is used to indicate that the part of data to be encrypted in the initial layer-3 message is encrypted.

公开(公告)号：US08989381B2

公开(公告)日：2015-03-24

申请号：US13871900

申请日：2013-04-26

Applicant: Huawei Technologies Co., Ltd.

Inventor： Dongmei Zhang ,  Jing Chen ,  Lijia Zhang ,  Zhuo Chen

IPC: H04K1/00 ,  H04W12/08 ,  H04W12/02 ,  H04W12/10 ,  H04L29/06 ,  H04W84/04 ,  H04W92/20

CPC classification number: H04W12/10 ,  H04L9/14 ,  H04L63/205 ,  H04W12/02 ,  H04W12/08 ,  H04W84/047 ,  H04W92/20

Abstract: A method and an apparatus for protecting data carried on an Un interface between a eNB and a relay node are disclosed. Three types of radio bearers (RBs) are defined over the Un interface: signaling radio bearers (SRBs) for carrying control plane signaling data, signaling-data radio bearers (s-DRBs) for carrying control plane signaling date; and data-data radio bearers (d-DRBs) for carrying user plane data. An integrity protection algorithm and an encryption algorithm are negotiated for control plane signaling data on an SRB, control plane signaling data carried on an s-DRB, and user plane data carried on a d-DRB. With the respective integrity protection algorithm and encryption algorithm, the data over the Un interface can be protected respectively. Therefore, the security protection on the Un interface is more comprehensive, and the security protection requirements of data borne over different RBs can be met.

Abstract translation: 公开了一种用于保护在eNB和中继节点之间的Un接口上承载的数据的方法和装置。 在Un接口上定义了三种类型的无线承载（RB）：用于承载控制平面信令数据的信令无线电承载（SRB），用于承载控制平面信令日期的信令数据无线电承载（s-DRB）; 和用于承载用户平面数据的数据数据无线电承载（d-DRB）。 协调SRB上的控制平面信令数据，s-DRB上承载的控制平面信令数据和d-DRB上携带的用户平面数据的完整性保护算法和加密算法。 通过各自的完整性保护算法和加密算法，可以分别保护Un接口上的数据。 因此，Un接口的安全保护更全面，可以满足不同RB承载的数据的安全保护要求。

公开(公告)号：US20130310006A1

公开(公告)日：2013-11-21

申请号：US13952985

申请日：2013-07-29

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Xinyi CHEN ,  Dongmei Zhang ,  Lijia Zhang ,  Xiaohan Liu

IPC: H04W12/04

CPC classification number: H04W12/04 ,  H04L63/061 ,  H04L2463/061 ,  H04W88/12

Abstract: A method and a device for key generation are disclosed in embodiments of the present invention. The method for key generation is applied to a UMTS-LTE resource convergence scenario that has a base station as an anchor point, and includes: deriving, according to a root key and a count value of an LTE system, or according to a random number and an LTE system root key, a UMTS integrity key and cipher key, and sending the UMTS integrity key and cipher key to a UMTS control node. The embodiments of the present invention enable the derivation of the UMTS integrity key and cipher key in a UMTS-LTE resource convergence scenario that has a base station as an anchor point, enable a user equipment to communicate securely through a UMTS, and further improve security of data transmitted in the UMTS.

Abstract translation: 在本发明的实施例中公开了用于密钥生成的方法和装置。 用于密钥生成的方法应用于以基站为锚点的UMTS-LTE资源汇聚场景，包括：根据根密钥和LTE系统的计数值，根据随机数 以及LTE系统根密钥，UMTS完整性密钥和密码密钥，并将UMTS完整性密钥和加密密钥发送到UMTS控制节点。 本发明的实施例能够在具有基站作为锚点的UMTS-LTE资源汇聚场景中导出UMTS完整性密钥和加密密钥，使得用户设备能够通过UMTS安全地通信，并进一步提高安全性 的在UMTS中发送的数据。

公开(公告)号：US20180249330A1

公开(公告)日：2018-08-30

申请号：US15965854

申请日：2018-04-28

Applicant: HUAWEI TECHNOLOGIES CO.,LTD.

Inventor： Lijia Zhang ,  Jing Chen

IPC: H04W12/04 ,  H04W12/02 ,  H04L29/06 ,  H04L9/06 ,  H04L9/12 ,  H04W4/70

Abstract: In order to provide confidentiality protection, an encryption method, a decryption method, and related apparatuses are provided. An encryption device generates a first initial layer-3 message. The first initial layer-3 message includes a first part and a second part. The device generates a keystream for encrypting the first initial layer-3 message. The device performs an exclusive OR operation on the keystream and the first initial layer-3 message to generate a second initial layer-3 message. The second initial layer-3 message includes an encrypted first part of the first initial layer-3 message, an unencrypted second part of the first initial layer-3 message, and an encryption indication indicating that the first part of the first initial layer-3 message is encrypted. The device transmits the second initial layer-3 message to a network device. Small data comprised in the second initial layer-3 message is protected by the encryption.

公开(公告)号：US20160360388A1

公开(公告)日：2016-12-08

申请号：US15243333

申请日：2016-08-22

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia Zhang ,  Jing Chen ,  Yixian Xu ,  Yali Guo

IPC: H04W4/14 ,  H04L12/58 ,  H04W12/08 ,  H04W4/00

CPC classification number: H04W4/14 ,  H04L51/30 ,  H04W4/70 ,  H04W12/08 ,  H04W12/12 ,  H04W48/14

Abstract: Embodiments provide an MTC device communication method, device, and system. A second network element receives, a query message sent by a first network element after the first network element identifies that a type of a received short message is a preset-type short message. The query message comprises an identifier of a receiver of the short message and an identifier of a sender of the short message. The second network element checks whether the sender is authorized to send the preset-type short message to the receiver. The second network element sends a message to the first network element indicating whether or not to send the short message to the receiver.

Abstract translation: 实施例提供MTC设备通信方法，设备和系统。 第二网元在第一网元识别出所接收的短消息的类型是预设类型的短消息之后接收由第一网元发送的查询消息。 查询消息包括短消息的接收者的标识符和短消息的发送者的标识符。 第二网络元件检查发送者是否被授权向接收者发送预设类型的短消息。 第二网元向第一网元发送消息，指示是否向接收者发送短消息。

公开(公告)号：US20150038186A1

公开(公告)日：2015-02-05

申请号：US14518608

申请日：2014-10-20

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia Zhang ,  Jing Chen ,  Yixian Xu ,  Yali Guo

IPC: H04W4/00 ,  H04W4/14 ,  H04W48/14

CPC classification number: H04W4/14 ,  H04L51/30 ,  H04W4/70 ,  H04W12/08 ,  H04W12/12 ,  H04W48/14

Abstract: Embodiments of the present invention provide an MTC device communication method, device, and system. A second network element receives, a query message sent by a first network element after the first network element identifies that a type of a received short message is a preset-type short message. The query message comprises an identifier of a receiver of the short message and an identifier of a sender of the short message. The second network element checks whether the sender is authorized to send the preset-type short message to the receiver. The second network element sends a message to the first network element indicating whether or not to send the short message to the receiver.

Abstract translation: 本发明的实施例提供一种MTC设备通信方法，设备和系统。 第二网元在第一网元识别出所接收的短消息的类型是预设类型的短消息之后接收由第一网元发送的查询消息。 查询消息包括短消息的接收者的标识符和短消息的发送者的标识符。 第二网络元件检查发送者是否被授权向接收者发送预设类型的短消息。 第二网元向第一网元发送消息，指示是否向接收者发送短消息。

公开(公告)号：US20140357262A1

公开(公告)日：2014-12-04

申请号：US14335509

申请日：2014-07-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia Zhang ,  Jing Chen ,  Chunshan Xiong

IPC: H04W4/00 ,  H04W88/06 ,  H04W12/08

CPC classification number: H04W88/06 ,  H04L63/0236 ,  H04L63/101 ,  H04W4/12 ,  H04W4/70 ,  H04W12/00514 ,  H04W12/08

Abstract: The present invention discloses a method and apparatus for secure processing of a short message, and relates to the field of wireless communications technologies. The method includes: receiving, by a second device, identifier information sent by a first device; sending a rejection indication or a query result to the first device if the second device determines, according to the identifier information, that a receiver is a machine type communication MTC device or determines that the identifier information is not in an authorization list; or sending an acknowledgement indication or a query result to the first device if the second device determines, according to the identifier information, that a receiver is another device other than an MTC device or determines that the identifier information is in an authorization list. Embodiments of the present invention are mainly applied to a secure processing procedure of a short message.

Abstract translation: 本发明公开了一种用于短消息安全处理的方法和装置，涉及无线通信技术领域。 该方法包括：由第二设备接收由第一设备发送的标识符信息; 如果所述第二设备根据所述标识符信息确定接收机是机器型通信MTC设备或者确定所述标识符信息不在授权列表中，则向所述第一设备发送拒绝指示或查询结果; 或者如果第二设备根据标识符信息确定接收机是除MTC设备之外的另一设备或者确定标识符信息在授权列表中，则向第一设备发送确认指示或查询结果。 本发明的实施例主要应用于短消息的安全处理过程。

公开(公告)号：US20180034635A1

公开(公告)日：2018-02-01

申请号：US15727027

申请日：2017-10-06

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia Zhang ,  Cuili Ge

IPC: H04L9/14 ,  H04W12/10 ,  H04W12/06 ,  H04L9/08

CPC classification number: H04L9/14 ,  H04L9/0827 ,  H04L63/123 ,  H04W4/70 ,  H04W12/02 ,  H04W12/06 ,  H04W12/08 ,  H04W12/10

Abstract: A GPRS system key enhancement method, an SGSN device, UE, and a GPRS system are provided. The method includes: receiving, by the SGSN, a request message sent by the UE; acquiring, by the SGSN, an authentication vector including a first ciphering key and a first integrity key from the HLR/HSS; when the SGSN determines that the UE is UE of a first type, selecting a ciphering algorithm and an integrity algorithm for the UE, and sending the selected ciphering algorithm and the selected integrity algorithm to the UE; and computing, by the SGSN, a second ciphering key and a second integrity key according to the first ciphering key and the first integrity key.

公开(公告)号：US09736738B2

公开(公告)日：2017-08-15

申请号：US14197660

申请日：2014-03-05

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Dongmei Zhang ,  Lijia Zhang ,  Ke Wang

IPC: H04W36/00 ,  H04W36/12

CPC classification number: H04W36/0033 ,  H04W36/0038 ,  H04W36/12

Abstract: The present invention discloses a method for transferring a context and a mobility management entity. When S1 handover occurs on an RN, the method includes: acquiring, by a source MME to which a UE is attached, an indicator for transferring a context of the UE, where the UE is a UE served by the RN when the S1 handover occurs; and transferring, by the source MME to which the UE is attached, the context of the UE to a target MME according to the indicator for transferring the context of the UE, so that the target MME acquires security information of the UE according to the context of the UE, where the target MME is an MME to which the UE needs to be attached in the handover process.