公开(公告)号：US11528603B2

公开(公告)日：2022-12-13

申请号：US16936347

申请日：2020-07-22

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Keiichi Kubota ,  Adrian Edward Escott ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04W12/04 ,  H04L9/40 ,  H04W12/03 ,  H04W12/041 ,  H04W12/043 ,  H04W12/062 ,  H04W36/00 ,  H04W48/16 ,  H04W24/02 ,  H04W48/18 ,  H04W12/06 ,  H04L9/08

Abstract: Certain aspects of the present disclosure provide techniques for managing security keys for enciphering and deciphering packets transmitted in a wireless communications system. According to certain aspects, a method of wireless communication by a user equipment (UE) is provided. The method generally includes obtaining an indication of a key area identifier (ID) of a first cell node, wherein the key area ID identifies a set of cell nodes that are associated with a network node that uses a first key for enciphering or deciphering messages and communicating a first set of messages with the first cell node using the first key for enciphering or deciphering the first set of messages.

公开(公告)号：US11496891B2

公开(公告)日：2022-11-08

申请号：US16287308

申请日：2019-02-27

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Anand Palanigounder ,  Adrian Edward Escott ,  Gavin Bernard Horn

IPC: H04W12/02 ,  H04W8/04 ,  H04W8/18 ,  H04W12/033 ,  H04W12/72 ,  H04L101/654 ,  H04W12/04 ,  H04W12/06

Abstract: Systems and techniques are disclosed to protect a user equipment's international mobile subscriber identity by providing a privacy mobile subscriber identity instead. In an attach attempt to a serving network, the UE provides the PMSI instead of IMSI, protecting the IMSI from exposure. The PMSI is determined between a home network server and the UE so that intermediate node elements in the serving network do not have knowledge of the relationship between the PMSI and the IMSI. Upon receipt of the PMSI in the attach request, the server generates a next PMSI to be used in a subsequent attach request and sends the next PMSI to the UE for confirmation. The UE confirms the next PMSI to synchronize between the UE and server and sends an acknowledgment token to the server. The UE and the server then each update local copies of the current and next PMSI values.

公开(公告)号：US11070981B2

公开(公告)日：2021-07-20

申请号：US16743927

申请日：2020-01-15

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Ozcan Ozturk ,  Gavin Bernard Horn ,  Adrian Edward Escott ,  Anand Palanigounder

IPC: H04W76/10 ,  H04W12/10 ,  H04W12/06 ,  H04W12/03

Abstract: Methods, systems, and devices for wireless communications are described. In some systems, devices may use information protection to detect fake base stations. A base station verified by a network may transmit first information to a user equipment (UE) in an unprotected message. If a fake base station intercepts and modifies the message before relaying the message to the UE, the UE may receive different information than the transmitted first information. The UE may then transmit an indication of the received information to the verified base station in a protected message. In some cases, based on the indication, the verified base station may re-transmit the first information to the UE in a message protected against modification by the fake base station. If the UE determines that the initially received information is different from the information received in the protected retransmission, the UE identifies message modification by the fake base station.

公开(公告)号：US20200344605A1

公开(公告)日：2020-10-29

申请号：US16856467

申请日：2020-04-23

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Adrian Edward Escott ,  Anand Palanigounder ,  Gavin Bernard Horn

IPC: H04W12/06 ,  H04W12/10

Abstract: A user equipment (UE) may receive system information from a base station and may calculate a hash value using the system information as input to a hashing function. Similarly, prior to transmitting the system information, a valid base station may calculate a hash value using the system information as input to a hashing function. The base station may transmit the calculated hash value (e.g., which represent or be included in a set of hash values) to the UE in an access stratum (AS) security mode command (SMC) message. The UE may determine whether the received system information was modified based on the hash value (e.g., by comparing the UE calculated hash value and the set of hash values received from the base station in the AS SMC). If the UE indicates a mismatch of hash information, the base station may re-transmit the system information (e.g., in an integrity protected message).

公开(公告)号：US10588019B2

公开(公告)日：2020-03-10

申请号：US15345077

申请日：2016-11-07

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Lenaig Genevieve Chaponniere ,  Anand Palanigounder ,  Adrian Edward Escott ,  Gavin Bernard Horn

IPC: H04M1/66 ,  H04W12/08 ,  H04W12/06 ,  H04W12/00 ,  H04W12/04 ,  H04L29/06

Abstract: Techniques are described for wireless communication. A wireless device may generate a secured query message based at least in part on a security credential of the wireless device. The secured query message may be generated prior to performing an authentication and key agreement (AKA) with a network. The wireless device may transmit the secured query message to the network, and receive a response to the secured query message. The wireless device may then determine whether or not to perform the AKA with the network based on the received response (e.g., the wireless device may determine whether or not the response is associated with the security credential of the wireless communication device and a network security credential of the network). The wireless device may establish a secure connection with the network or refrain from considering the response based on the determination.

公开(公告)号：US20200037155A1

公开(公告)日：2020-01-30

申请号：US16591419

申请日：2019-10-02

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Adrian Edward Escott ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04W12/04 ,  H04W36/00 ,  H04W12/02

Abstract: A device that identifies entry into a new service area, transmits a service area update request to a network device associated with a network, receives a control plane message from the network indicating control plane device relocation or a key refresh due to a service area change in response to transmitting the service area update request, and derives a first key based in part on data included in the control plane message and a second key shared between the device and a key management device. Another device that receives a handover command from a network device associated with a network, the handover command indicating a new service area, derives a first key based on data included in the handover command and on a second key shared between the device and a key management device, and sends a handover confirmation message that is secured based on the first key.

公开(公告)号：US10462837B2

公开(公告)日：2019-10-29

申请号：US15443981

申请日：2017-02-27

Applicant: QUALCOMM Incorporated

Inventor： Adrian Edward Escott ,  Mungal Singh Dhanda ,  Anand Palanigounder ,  Soo Bum Lee

IPC: H04W76/19 ,  H04W36/00 ,  H04W36/30 ,  H04W12/10 ,  H04L29/06

Abstract: One feature pertains to a method that includes establishing a radio communication connection with a first radio access node (RAN) that uses control plane signaling connections to carry user plane data. The method also includes determining that the wireless communication device is experiencing radio link failure (RLF) with the first RAN and that the radio communication connection should be reestablished with a second RAN. A reestablishment request message is transmitted to the second RAN that includes parameters that enable a core network node communicatively coupled to the second RAN to authenticate the wireless communication device and allow or reject reestablishment of the radio communication connection. The parameters include at least a message authentication code (MAC) based in part on one or more bits of a non-access stratum (NAS) COUNT value maintained at the wireless communication device.

公开(公告)号：US10462656B2

公开(公告)日：2019-10-29

申请号：US15787575

申请日：2017-10-18

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Adrian Edward Escott ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04W12/04 ,  H04W36/00 ,  H04W12/02

Abstract: A device that identifies entry into a new service area, transmits a service area update request to a network device associated with a network, receives a control plane message from the network indicating control plane device relocation or a key refresh due to a service area change in response to transmitting the service area update request, and derives a first key based in part on data included in the control plane message and a second key shared between the device and a key management device. Another device that receives a handover command from a network device associated with a network, the handover command indicating a new service area, derives a first key based on data included in the handover command and on a second key shared between the device and a key management device, and sends a handover confirmation message that is secured based on the first key.

公开(公告)号：US10433174B2

公开(公告)日：2019-10-01

申请号：US15913771

申请日：2018-03-06

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Stefano Faccin ,  Anand Palanigounder ,  Miguel Griot ,  Adrian Edward Escott

IPC: H04W12/08 ,  H04W12/04 ,  H04W12/02 ,  H04L9/32 ,  H04W12/06 ,  H04L29/06

Abstract: The present disclosure provides techniques that may be applied, for example, in a multi-slice network for maintaining privacy when attempting to access the network. An exemplary method generally includes transmitting a registration request message to a serving network to register with the serving network; receiving a first confirmation message indicating a secure connection with the serving network has been established; transmitting, after receiving the first confirmation message, a secure message to the serving network comprising an indication of at least one configured network slice that the UE wants to communicate over, wherein the at least one configured network slice is associated with a privacy flag that is set; and receiving a second confirmation message from the serving network indicating that the UE is permitted to communicate over the at least one configured network slice.

公开(公告)号：US10433163B2

公开(公告)日：2019-10-01

申请号：US15489670

申请日：2017-04-17

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Anand Palanigounder ,  Adrian Edward Escott

IPC: H04W12/04 ,  H04W12/06 ,  H04L29/06

Abstract: Techniques are described for wireless communication. A method for wireless communication at a user equipment (UE) includes performing an extensible authentication protocol (EAP) procedure with an authentication server via an authenticator. The EAP procedure is based at least in part on a set of authentication credentials exchanged between the UE and the authentication server. The method also includes deriving, as part of performing the EAP procedure, a master session key (MSK) and an extended master session key (EMSK) that are based at least in part on the authentication credentials and a first set of parameters; determining a network type associated with the authenticator; and performing, based at least in part on the determined network type, at least one authentication procedure with the authenticator. The at least one authentication procedure is based on an association of the MSK or the EMSK with the determined network type.