-
公开(公告)号:US10200862B2
公开(公告)日:2019-02-05
申请号:US15383725
申请日:2016-12-19
发明人: Suresh P. Nair , Semyon Mizikovsky
摘要: We disclose various embodiments that enable a mobile terminal to confirm authenticity of a base station before the mobile terminal proceeds to camp on the corresponding cell. In an example embodiment, the authentication processing includes the mobile terminal tuning to a selected control channel of the base station to monitor RF signals transmitted thereon. The base station is deemed to be authentic if the monitored RF signals indicate the presence of live traffic between the base station and one or more other mobile terminals. The control channel can be selected from a fixed set of uplink and/or downlink control channels that are typically used by a legitimate base station. The presence of live traffic on the selected control channel can be detected by detecting certain control messages that are typically transmitted on that control channel between the base station and one or more mobile terminals served by that base station.
-
公开(公告)号:US20180124697A1
公开(公告)日:2018-05-03
申请号:US15383733
申请日:2016-12-19
发明人: Suresh P. Nair , Semyon Mizikovsky
CPC分类号: H04W12/06 , H01Q1/243 , H04W4/025 , H04W12/00503 , H04W12/04 , H04W48/20 , H04W72/0406 , H04W88/02
摘要: We disclose various embodiments that enable a mobile terminal to confirm authenticity of a base station before the mobile terminal proceeds to camp on the corresponding cell, e.g., during an idle mode. In an example embodiment, the authentication processing includes the mobile terminal validating a digital signature included in an information block received from a candidate base station, the digital signature having been generated by the base station using an extended time stamp that indicates the calendar year, month, and/or day in addition to the UTC time-counter value. The information block typically includes a truncated time stamp, which the mobile terminal uses to reconstruct the extended time stamp, the reconstruction being performed using a system time stamp that was previously broadcast by the base station. The reconstructed time stamp is then fed, together with other relevant data, into a security algorithm that can confirm the validity of the digital signature.
-
3.发明申请SECURITY KEY GENERATION FOR SIMULTANEOUS MULTIPLE CELL CONNECTIONS FOR MOBILE DEVICE 有权用于移动设备的同时多个小区连接的安全密钥生成公开(公告)号:US20150163202A1
公开(公告)日:2015-06-11
申请号:US14265987
申请日:2014-04-30
CPC分类号: H04L63/062 , H04L9/0861 , H04L63/04 , H04L63/10 , H04L63/123 , H04L2463/061 , H04W12/04 , H04W12/10 , H04W76/15 , H04W84/045
摘要: A first security context is established between a given user computing device and a first network computing device associated with a first network cell of a communications network to enable a secure data connection between the given user computing device and the first network computing device. A second security context is established between the given user computing device and a second network computing device associated with a second network cell of the communications network to enable a secure data connection between the given user computing device and the second network computing device simultaneous with the secure data connection between the given user computing device and the first network computing device. Establishment of the second security context includes the first network computing device sending the given user computing device a simultaneous secure data connection parameter useable by the given user computing device to establish the second security context with the second network computing device.
摘要翻译: 在给定用户计算设备和与通信网络的第一网络小区相关联的第一网络计算设备之间建立第一安全上下文以实现给定用户计算设备和第一网络计算设备之间的安全数据连接。 在给定用户计算设备和与通信网络的第二网络小区相关联的第二网络计算设备之间建立第二安全上下文,以实现给定用户计算设备与第二网络计算设备之间的安全数据连接,同时与安全 给定用户计算设备与第一网络计算设备之间的数据连接。 建立第二安全上下文包括:第一网络计算设备向给定用户计算设备发送由给定用户计算设备使用的同时安全数据连接参数,以与第二网络计算设备建立第二安全上下文。
-
公开(公告)号:US20180331830A1
公开(公告)日:2018-11-15
申请号:US15726974
申请日:2017-10-06
发明人: Anja Jerichow , Annett Seefeldt , Suresh P. Nair
CPC分类号: H04L9/3073 , H04L9/006 , H04L9/083 , H04L9/0891 , H04L9/0897 , H04L9/14 , H04L63/0442 , H04L63/062 , H04L63/068 , H04W12/0023 , H04W12/04
摘要: Key identification techniques for determination of appropriate keys for processing messages in communication systems are provided. In one or more methods, an indicator is assigned to each key pair provisioned in a communication system. The indicator is then sent to one or more network elements or functions in the communication system with a message encrypted with a first part of the key pair corresponding to the indicator. A network element or function receiving the encrypted message determines, based on the indicator, a corresponding second part of the key pair to use to process the encrypted message.
-
公开(公告)号:US20180324583A1
公开(公告)日:2018-11-08
申请号:US15588039
申请日:2017-05-05
发明人: Suresh P. Nair , Anja Jerichow
摘要: Techniques are provided for protecting the privacy of user equipment during identity request operations in a communication system. In one example, a method includes receiving a current identity request at given user equipment of a communication system. The method further includes making a determination at the given user equipment whether or not to respond to the current identity request in a manner requested based on a count of previous identity requests received by the given user equipment.
-
公开(公告)号:US20180270786A1
公开(公告)日:2018-09-20
申请号:US15462207
申请日:2017-03-17
发明人: Suresh P. Nair , Anja Jerichow
摘要: Techniques are provided for protecting the privacy of user equipment during paging operations in a communication system. In one example, a method includes determining at a mobility management element of a communication system that a paging operation is to be initiated for given user equipment. The method further includes restricting the paging operation between the mobility management element and the given user equipment to use of a temporary identifier for the given user equipment. By not using a permanent identifier of the given user equipment during paging operations, the given user equipment is effectively non-trackable by malicious base stations and active/passive listeners.
-
7.发明申请GENERATION OF MULTIPLE SHARED KEYS BY USER EQUIPMENT AND BASE STATION USING KEY EXPANSION MULTIPLIER 有权使用主要扩展单元的用户设备和基站生成多个共享的KEYS公开(公告)号:US20160127893A1
公开(公告)日:2016-05-05
申请号:US14527231
申请日:2014-10-29
发明人: Semyon Mizikovsky , Suresh P. Nair
CPC分类号: H04W12/04 , H04L63/062 , H04L63/068 , H04W72/042
摘要: In one embodiment, multiple keys are generated in user equipment of a communication system based at least in part on a designated key expansion multiplier. A key identifier is received in the user equipment from a base station of the communication system. The user equipment selects a particular one of the keys as a function of the received key identifier, and utilizes the selected one of the keys to secure data sent from the user equipment to the base station. For example, the keys may comprise respective portions of a key stream generated by the user equipment responsive to a message received from the base station, with the keys being shared by the user equipment and the base station through independent generation of the key stream in the base station. The base station may illustratively comprise an evolved Node B (eNB) of an Evolved Universal Terrestrial Radio Access Network (E-UTRAN).
摘要翻译: 在一个实施例中,至少部分地基于指定的密钥扩展乘法器在通信系统的用户设备中生成多个密钥。 从通信系统的基站在用户设备中接收到密钥标识符。 用户设备根据所接收的密钥标识符来选择密钥中的特定密钥,并利用所选择的一个密钥来保护从用户设备发送到基站的数据。 例如,密钥可以包括由用户设备响应于从基站接收到的消息生成的密钥流的相应部分,密钥由用户设备和基站通过独立生成密钥流在 基站。 基站可以示例性地包括演进的通用陆地无线电接入网络(E-UTRAN)的演进节点B(eNB)。
-
8.发明申请公开(公告)号:US20160006726A1
公开(公告)日:2016-01-07
申请号:US14324811
申请日:2014-07-07
CPC分类号: H04L63/061 , H04L63/0807 , H04W12/06
摘要: A mobility management entity (MME) receives a request for a key to establish a security context for communication between a base station and a user equipment in response to the user equipment requesting connectionless service with the base station. In response to receiving the request, the MME transmits a cookie to identify the security context stored by the base station.
摘要翻译: 响应于请求与基站的无连接服务的用户设备,移动性管理实体(MME)接收对密钥的请求,以建立用于基站和用户设备之间的通信的安全上下文。 响应于接收到请求,MME发送cookie以识别由基站存储的安全上下文。
-
公开(公告)号:US10433286B2
公开(公告)日:2019-10-01
申请号:US15647990
申请日:2017-07-12
发明人: Suresh P. Nair
IPC分类号: H04W72/04 , H04W12/06 , H04B7/15 , H04L5/00 , H04W76/11 , H04W12/04 , H04B7/26 , H04W88/04 , H04W76/14 , H04W12/00
摘要: Embodiments provide a mobile communications device that includes a processor configured to communicate with a transceiver and a memory. The transceiver is configured to exchange control signals with a network node. The memory contains instructions that when executed by the processor configure the processor to operate the transceiver to exchange the control signals. The instructions further configure the processor to pass a first proper subset of the control signals to a remote device without operating according to the control signals, and to operate according to control signals in a second proper subset of the control signals. The processor is thereby configured to operate on behalf of a remote communication device to support communication between the remote communication device and the network node.
-
公开(公告)号:US10165546B2
公开(公告)日:2018-12-25
申请号:US15462207
申请日:2017-03-17
发明人: Suresh P. Nair , Anja Jerichow
摘要: Techniques are provided for protecting the privacy of user equipment during paging operations in a communication system. In one example, a method includes determining at a mobility management element of a communication system that a paging operation is to be initiated for given user equipment. The method further includes restricting the paging operation between the mobility management element and the given user equipment to use of a temporary identifier for the given user equipment. By not using a permanent identifier of the given user equipment during paging operations, the given user equipment is effectively non-trackable by malicious base stations and active/passive listeners.
-
-
-
-
-
-
-
-
-
搜索结果
24 条记录 (耗时 0.017 秒)
