公开(公告)号：US20230014494A1

公开(公告)日：2023-01-19

申请号：US17952879

申请日：2022-09-26

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Zhongding LEI ,  Haiguang WANG ,  Xin KANG

IPC: H04W12/71 ,  H04W12/06 ,  H04W12/75

Abstract: A communication method and apparatus are provided. The method includes: Second user equipment sends a second message, first user equipment sends a first message to a network device in response to the second message, to request to perform identity verification on the second user equipment, and the network device verifies whether an identity of the second user equipment is valid, and sends, to the first user equipment, a verification result indicating whether the identity of the second user equipment is valid. Alternatively, the first user equipment sends a third message for request the second user equipment to reply with information used for remote identification, and the second user equipment replies with a fourth message, where the fourth message includes the information used for remote identification on the second user equipment, and the third message and the fourth message are encrypted by using corresponding keys.

公开(公告)号：US20210320788A1

公开(公告)日：2021-10-14

申请号：US17304587

申请日：2021-06-23

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Xin KANG ,  Haiguang WANG ,  Zhongding LEI ,  Bo ZHANG

IPC: H04L9/08 ,  H04L9/32

Abstract: Example communication methods and apparatus are described. One example communication method includes that user equipment (UE) sends an N1 message to a security anchor function (SEAF), where the N1 message carries a Diffie-Hellman (DH) public parameter or a DH public parameter index, the N1 message further carries an encrypted identifier of the UE, and the encrypted identifier is obtained by encrypting a permanent identifier of the UE and a first DH public key. The UE receives an authentication request that carries a random number and that is sent by the SEAF. The UE sends, to the SEAF, an authentication response used to respond to the authentication request, where the authentication response carries an authentication result calculated based on a root key and the random number.

公开(公告)号：US20190394033A1

公开(公告)日：2019-12-26

申请号：US16563316

申请日：2019-09-06

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Xin KANG ,  Xuwu ZHANG ,  Yanjiang YANG ,  Haiguang WANG ,  Zhongding LEI

IPC: H04L9/08

Abstract: This application discloses a private key generation method and system, and a device. The method includes: sending, by a first network device, a first request to a second network device, where the first request includes a first parameter set; receiving, by the first network device, a first response message returned by the second network device, where the first response message includes a first sub-private key and a second parameter set, the first sub-private key is generated based on the first parameter set, and the first sub-private key is generated for a terminal device; generating, by the first network device, a second sub-private key based on the second parameter set, where the second sub-private key is generated for the terminal device; and synthesizing, by the first network device, the first sub-private key and the second sub-private key into a joint private key according to a synthesis formula.

公开(公告)号：US20190068591A1

公开(公告)日：2019-02-28

申请号：US16171235

申请日：2018-10-25

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo ZHANG ,  Rong WU ,  Lu GAN ,  Haiguang WANG

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32

Abstract: The present disclosure relates to example key distribution and authentication methods and devices. In one example method, a second-level key is received by a terminal device from a user management server. The terminal device performs mutual authentication with a network authentication server based on the second-level key, to obtain a communication key for communication between the terminal device and a functional network element.

公开(公告)号：US20240195839A1

公开(公告)日：2024-06-13

申请号：US18427281

申请日：2024-01-30

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Haiguang WANG ,  Xin KANG ,  Tieyan LI ,  Cheng Kang CHU ,  Zhongding LEI

IPC: H04L9/40

CPC classification number: H04L63/20 ,  H04L63/0236 ,  H04L63/102

Abstract: Embodiments of the present disclosure disclose a data transmission method and a related device. The method includes: receiving a first data packet from a terminal device, where the first data packet includes a first QoT level of a service corresponding to the first data packet and a forwarding policy of the first data packet; obtaining a second QoT level of a second network device; and sending the first data packet to the second network device based on the first QoT level and the second QoT level and according to the forwarding policy. Embodiments of this disclosure help construct a trusted network route for data transmission.

公开(公告)号：US20230259926A1

公开(公告)日：2023-08-17

申请号：US18308786

申请日：2023-04-28

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Xin KANG ,  Yanjiang YANG ,  Haiguang WANG

IPC: G06Q20/38 ,  G06Q20/02

CPC classification number: G06Q20/3829 ,  G06Q20/3827 ,  G06Q20/02

Abstract: Embodiments of this disclosure disclose an address generation method which includes: a first blockchain node generates a shared key based on a private key of a first blockchain node and a first public key of a second blockchain node, generates a temporary first public key address of the second blockchain node based on the shared key and first transaction content, and writes first transaction information into a blockchain, where the first transaction information includes a public key address of the first blockchain node, the first public key address, and first transaction content between the first blockchain node and the second blockchain node; and the first public key address needs to be verified by using the shared key, and a recipient may also generate the shared key by using a public key of the first blockchain node and a first private key of the second blockchain node, to verify the transaction information.

公开(公告)号：US20230033598A1

公开(公告)日：2023-02-02

申请号：US17819188

申请日：2022-08-11

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhongding LEI ,  Lichun LI ,  Bo ZHANG ,  Fei LIU ,  Haiguang WANG ,  Xin KANG

IPC: H04L9/08 ,  H04L9/14 ,  H04L9/40

Abstract: Embodiments of this application disclose a network key processing system, including user equipment, a security anchor network element, and an access and mobility management network element, where the security anchor network element is configured to: obtain a first key parameter from a slice selection network element, where the first key parameter includes identifier information of N network slices; generate N slice-dedicated keys based on the first key parameter; and send the N slice-dedicated keys to the corresponding N network slices respectively; the access and mobility management network element is configured to: obtain the first key parameter, and send the first key parameter to the user equipment; and the user equipment is configured to: generate the N slice-dedicated keys for the N network slices based on the first key parameter, and access the N network slices based on the generated N slice-dedicated keys.

公开(公告)号：US20190342082A1

公开(公告)日：2019-11-07

申请号：US16517645

申请日：2019-07-21

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Zhongding LEI ,  Lichun LI ,  Bo ZHANG ,  Fei LIU ,  Haiguang WANG ,  Xin KANG

IPC: H04L9/08 ,  H04L9/14 ,  H04L29/06

Abstract: Embodiments of this application disclose a network key processing system, including user equipment, a security anchor network element, and an access and mobility management network element, where the security anchor network element is configured to: obtain a first key parameter from a slice selection network element, where the first key parameter includes identifier information of N network slices; generate N slice-dedicated keys based on the first key parameter; and send the N slice-dedicated keys to the corresponding N network slices respectively; the access and mobility management network element is configured to: obtain the first key parameter, and send the first key parameter to the user equipment; and the user equipment is configured to: generate the N slice-dedicated keys for the N network slices based on the first key parameter, and access the N network slices based on the generated N slice-dedicated keys.

公开(公告)号：US20190261180A1

公开(公告)日：2019-08-22

申请号：US16399985

申请日：2019-04-30

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Zhongding LEI ,  Haiguang WANG ,  Xin KANG

IPC: H04W12/06 ,  H04W12/08 ,  H04W12/00 ,  H04W8/04

Abstract: Embodiments provide a network authentication method, and a related device and system. In this method, an access request sent by user equipment is received by a network authentication network element. The received access request includes identification information of the user equipment. It is then verified, by the network authentication network element, whether the identification information is valid. If the identification information is valid, a slice authentication network element corresponding to the user equipment is determined based on the identification information. The identification information can be then sent to the slice authentication network element corresponding to the user equipment. The identification information is used by the slice authentication network element corresponding to the user equipment to generate authentication data for the user equipment and initiate a user authentication request to the user equipment by using the authentication data.

公开(公告)号：US20190238322A1

公开(公告)日：2019-08-01

申请号：US16382201

申请日：2019-04-12

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Haiguang WANG ,  Yanjiang YANG ,  Xin KANG ,  Zhongding LEI

IPC: H04L9/08 ,  H04L9/32 ,  H04W12/04

CPC classification number: H04L9/083 ,  H04L9/08 ,  H04L9/0827 ,  H04L9/32 ,  H04L9/3247 ,  H04L9/3263 ,  H04L29/06 ,  H04L63/0428 ,  H04L63/0442 ,  H04L63/0807 ,  H04L63/0823 ,  H04L63/126 ,  H04W4/40 ,  H04W12/04031

Abstract: A key distribution method is disclosed. In this method, a key request can be received by a key management system (KMS) from a mobile operator network element (MNO). The key request can carry a public key of UE. At least one PVT and one SSK can be allocated to the US based on an IBC ID. The at least one PVT and SSK can be encrypted based on the public key to generate ciphertext; and an object can be signed based on a preset digital signature private key (DSPK) to generate a digital signature. The object can include the public key and the ciphertext. Still, a signature validation public key associated with the DSPK can be determined and a key response can be returned to the MNO. The key response can carry the signature validation public key, the public key of the UE, the ciphertext, and the digital signature.