-
公开(公告)号:US20220060888A1
公开(公告)日:2022-02-24
申请号:US17513021
申请日:2021-10-28
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/033 , H04W12/041 , H04W12/0431 , H04W12/10 , H04W76/19
Abstract: A communication method and a communications apparatus, where the method includes: after receiving an RRC resume request message from a UE, determining, by a target access network device, a first user plane security protection method between the target access network device and the UE based on a context information obtaining response from a source access network device; determining a first user plane security key between the target access network device and the UE; when receiving first uplink user plane data from the UE, performing user plane security deprotection on the first uplink user plane data based on the first user plane security key and the first user plane security protection method, to obtain uplink user plane data; and sending the uplink user plane data.
-
公开(公告)号:US11240218B2
公开(公告)日:2022-02-01
申请号:US16169416
申请日:2018-10-24
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Rong Wu , Bo Zhang , Lu Gan , Haiguang Wang
Abstract: This application provides a key distribution and authentication method, system, and an apparatus. The method includes: a service center server distributes different keys to terminal devices, and then the terminal devices perform mutual authentication with the network authentication server based on respective keys and finally obtain communication keys for communication between the terminal devices and a functional network element. This provides a method for establishing a secure communication channel for the terminal device, having a broad application range.
-
公开(公告)号:US11109230B2
公开(公告)日:2021-08-31
申请号:US16909601
申请日:2020-06-23
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W12/06 , H04W8/12 , H04W12/02 , H04W12/04 , H04W12/041 , H04W12/069 , H04W80/10 , H04W88/16 , H04W84/04
Abstract: Embodiments of the present disclosure disclose a network roaming protection method and related device. The method includes: receiving, by a visited session management device, a first session establishment request that includes a first security requirement; obtaining, by the visited session management device, a target security policy, where the target security policy is obtained by processing the first security requirement set and a second security requirement set using a preset rule; and sending the target security policy to the UE instructing the UE to generate a target shared key based on a reference shared key and according to a rule defined by the target security policy, where the target shared key is used to protect secure end-to-end data transmission between the UE and the visited gateway.
-
公开(公告)号:US20210258780A1
公开(公告)日:2021-08-19
申请号:US17245991
申请日:2021-04-30
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/041 , H04W80/10 , H04W88/02 , H04W76/11 , H04W76/25 , H04W8/08 , H04L9/08 , H04L29/06 , H04W12/04 , H04W12/043
Abstract: An anchor key generation method, device, and system, where the method includes generating, by a unified data management network element (UDM), an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; sending, by the UDM, the intermediate key to an authentication server function (AUSF); receiving, by the AUSF, the intermediate key; generating, by the AUSF, an anchor key based on the intermediate key; sending, by the AUSF, the anchor key to a security anchor function (SEAF); and generating, by the SEAF, a key (Kamf) based on the anchor key, where the Kamf is used to derive a 3rd Generation Partnership Project (3GPP) key.
-
公开(公告)号:US11012855B2
公开(公告)日:2021-05-18
申请号:US16388606
申请日:2019-04-18
Applicant: Huawei Technologies Co., Ltd.
IPC: H04L9/00 , H04W12/041 , H04W80/10 , H04W88/02 , H04W76/11 , H04W76/25 , H04W8/08 , H04L9/08 , H04L29/06 , H04W12/04 , H04W12/043
Abstract: An anchor key generation method, device, and system, where the method includes generating, by a user equipment, an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; generating, by the user equipment, an anchor key based on the intermediate key; generating, by the user equipment, a key (Kamf) based on the anchor key; and deriving, by the user equipment, a 3rd Generation Partnership Project (3GPP) key based on the Kamf.
-
Patent Agency Ranking
公开(公告)号:US20200084631A1
公开(公告)日:2020-03-12
申请号:US16674697
申请日:2019-11-05
Applicant: Huawei Technologies Co., Ltd.
Abstract: A key configuration method includes receiving, by a policy function network element, a request for communication between a user equipment (UE) and a network device, determining a user plane protection mechanism based on the request, UE registration information, subscription service data, and a service security requirement, and sending the user plane protection mechanism to an algorithm network element when the network device is a core network (CN) device, where the algorithm network element determines a security protection algorithm based on the user plane protection mechanism, generates a first user plane protection key based on the security protection algorithm, sends the first user plane protection key to the CN device, and sends the security protection algorithm to the UE, and the UE generates a second user plane protection key based on the security protection algorithm.
-
公开(公告)号:US10362043B2
公开(公告)日:2019-07-23
申请号:US15270722
申请日:2016-09-20
Applicant: Huawei Technologies Co., Ltd.
Inventor: Rong Wu , Chengdong He , Lu Gan
Abstract: A method and an apparatus for detecting a man-in-the-middle attack, where the method includes receiving, by a macro evolved Node B (MeNB), a first check request message sent by a secondary evolved Node B (SeNB), where the first check request message includes first identifier information and a first data packet count value, generating a second check request message according to the first identifier information, sending the second check request message to a user terminal, receiving a first check response message generated by the user terminal according to the second check request message, where the first check response message includes second identifier information and a second data packet count value, determining, by the MeNB, that the man-in-the-middle attack exists between the SeNB and the user terminal when the first data packet count value is different from the second data packet count value.
-
28.发明申请Key Generation Method, Master eNodeB, Secondary eNodeB and User Equipment 审中-公开密钥生成方法,主eNodeB,辅助eNodeB和用户设备公开(公告)号:US20170005795A1
公开(公告)日:2017-01-05
申请号:US15268808
申请日:2016-09-19
Applicant: Huawei Technologies Co., Ltd.
Inventor: Lu Gan , Rong Wu , Chengdong He
CPC classification number: H04L9/0869 , H04L63/061 , H04L63/123 , H04L2463/061 , H04W12/04 , H04W76/11
Abstract: The present disclosure relates to a key generation method, a master eNodeB, a secondary eNodeB, and UE. The key generation method includes: determining a key parameter corresponding to a data radio bearer DRB; sending the key parameter to UE corresponding to the DRB, so that the UE generates a user plane key according to the key parameter and a basic key generated by the UE; receiving a basic key generated by a master eNodeB and sent by the master eNodeB; and generating the user plane key according to the key parameter and the basic key generated by the master eNodeB.
Abstract translation: 本公开涉及密钥生成方法,主eNodeB,辅助eNodeB和UE。 密钥生成方法包括:确定与数据无线承载DRB对应的密钥参数; 向与所述DRB相对应的UE发送所述密钥参数,使得所述UE根据所述密钥参数和所述UE生成的基本密钥生成用户平面密钥; 接收由主eNodeB产生并由主机eNodeB发送的基本密钥; 以及根据由主eNodeB产生的密钥参数和基本密钥生成用户平面密钥。
-
公开(公告)号:US12273706B2
公开(公告)日:2025-04-08
申请号:US18164697
申请日:2023-02-06
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Ao Lei , He Li , Yizhuang Wu , Rong Wu
IPC: H04L29/06 , H04W12/033 , H04W12/037
Abstract: A method for determining a user plane security algorithm, a system, and an apparatus. The method may include: a second device selects a non-null user plane confidentiality protection algorithm based on a security capability of a first device and a security capability of the second device in a case in which user plane confidentiality protection between the second device and the first device is enabled and control plane confidentiality protection between the second device and the first device is not enabled. The second device sends a first message to the first device. The first message includes first algorithm indication information indicating the user plane confidentiality protection algorithm. Therefore, the first device can obtain the non-null user plane confidentiality protection algorithm. Embodiments can be adopted to determine an effective user plane confidentiality protection algorithm, for confidentiality protecting user plane data.
-
公开(公告)号:US12273445B2
公开(公告)日:2025-04-08
申请号:US18050977
申请日:2022-10-28
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Longhua Guo , He Li , Rong Wu , Yizhuang Wu
IPC: H04L9/08 , H04L9/14 , H04L67/141
Abstract: This application provides a key management method, a device, and a system. The method includes: A terminal device sends a first application session establishment request message to a first application function network element, where the establishment request message carries identification information of a first key, and the first key is an authentication and key management for applications AKMA key. The terminal device receives a first authentication request message in a procedure of the re-authentication. The terminal device sends a response message for the first authentication request message in the procedure of the re-authentication. The terminal device receives a response message for the establishment request message. The terminal device derives a communication key between the terminal device and the first application function network element by using the first key.
-
-
-
-
-
-
-
-
-
Search Results
77
records
(took 0.024 seconds)
