公开(公告)号：US11178547B2

公开(公告)日：2021-11-16

申请号：US16293521

申请日：2019-03-05

申请人： Apple Inc.

发明人： Xiangying Yang ,  Shu Guo ,  Lijia Zhang ,  Qian Sun ,  Huarui Liang ,  Fangli Xu ,  Yuqin Chen ,  Haijing Hu ,  Dawei Zhang ,  Hao Duo ,  Lanpeng Chen

IPC分类号： H04W12/10 ,  H04W72/04 ,  H04W12/106 ,  H04L9/32 ,  H04W74/00 ,  H04W12/069 ,  H04W12/0433 ,  H04W72/00

摘要： Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PKID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PKPKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SKID obtained from the PKG server, which generates the identity-based private key SKID using (i) the ID value of the network entity and (ii) a private key SKPKG that is known only by the PKG server and corresponds to the public key PKPKG.

公开(公告)号：US11856402B2

公开(公告)日：2023-12-26

申请号：US17455000

申请日：2021-11-15

申请人： Apple Inc.

发明人： Xiangying Yang ,  Shu Guo ,  Lijia Zhang ,  Qian Sun ,  Huarui Liang ,  Fangli Xu ,  Yuqin Chen ,  Haijing Hu ,  Dawei Zhang ,  Hao Duo ,  Lanpeng Chen

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04W12/106 ,  H04L9/32 ,  H04W74/00 ,  H04W12/069 ,  H04W12/0433 ,  H04W72/23

CPC分类号： H04W12/106 ,  H04L9/3268 ,  H04W12/0433 ,  H04W12/069 ,  H04W72/23 ,  H04W74/006

摘要： Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PKID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PKPKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SKID obtained from the PKG server, which generates the identity-based private key SKID using (i) the ID value of the network entity and (ii) a private key SKPKG that is known only by the PKG server and corresponds to the public key PKPKG.

公开(公告)号：US20210204129A1

公开(公告)日：2021-07-01

申请号：US17057622

申请日：2018-06-22

申请人： Apple Inc.

发明人： Xiangying Yang ,  Elliot S. Briggs ,  Samuel D. Post ,  Yannick L. Sierra ,  Fangli Xu ,  Dawei Zhang ,  Haijing Hu ,  Huarui Liang ,  Li Li ,  Lijia Zhang ,  Shu Guo ,  Yuqin Chen

IPC分类号： H04W12/069 ,  H04W12/73 ,  H04W12/108 ,  H04W76/27 ,  H04W74/08

摘要： This disclosure relates to techniques, base stations, and user equipment devices (UEs) for performing base station authentication through access stratum signaling transmissions. The UE may operate in idle mode and may receive an authentication message from a base station through the wireless interface while operating in idle mode. The UE may determine whether a signature comprised within the authentication message is valid, and the UE may continue a connection procedure with the base station based on a determination that the signature is valid. If it is determined that the signature is invalid, the UE may designate the base station as a barred base station and may perform cell re-selection. The authentication message may be one of a radio resource control (RRC) connection setup message, a special RRC message, a media access control (MAC) message, or a random access channel (RACH) message comprising a random access response (RAR) message.

公开(公告)号：US11405788B2

公开(公告)日：2022-08-02

申请号：US17052163

申请日：2018-05-02

申请人： Apple Inc.

发明人： Xiangying Yang ,  Lijia Zhang ,  Huarui Liang ,  Dawei Zhang

IPC分类号： H04W12/37 ,  H04W12/72 ,  H04W12/086 ,  H04W88/02

摘要： A device level lock policy, which applies to all smart secure platform (SSP) applications of a mobile device, is used to determine whether a particular SSP application can be activated. A tamper resistant hardware secure element (SE) includes a primary platform with a low level operating system (OS) and one or more SSP applications within one or more secondary platform bundles that include secondary platforms with high level OSs specific to the secondary platform bundles. The low level OS enforces the device level lock policy for all secondary platform bundles by verifying whether a lock policy for the SSP application is consistent with the device level lock policy. When verification succeeds, activation is allowed, and when verification fails, activation is disallowed. Subscription identifiers are not provided in unencrypted form to processing circuitry of the mobile device external to the tamper resistant hardware SE to provide subscriber identity privacy protection.

公开(公告)号：US11895495B2

公开(公告)日：2024-02-06

申请号：US17057622

申请日：2018-06-22

申请人： Apple Inc.

发明人： Xiangying Yang ,  Elliot S. Briggs ,  Samuel D. Post ,  Yannick L. Sierra ,  Fangli Xu ,  Dawei Zhang ,  Haijing Hu ,  Huarui Liang ,  Li Li ,  Lijia Zhang ,  Shu Guo ,  Yuqin Chen

IPC分类号： H04W12/069 ,  H04W76/27 ,  H04W12/73 ,  H04W12/108 ,  H04W74/08

CPC分类号： H04W12/069 ,  H04W12/108 ,  H04W12/73 ,  H04W74/0833 ,  H04W76/27

摘要： This disclosure relates to techniques, base stations, and user equipment devices (UEs) for performing base station authentication through access stratum signaling transmissions. The UE may operate in idle mode and may receive an authentication message from a base station through the wireless interface while operating in idle mode. The UE may determine whether a signature comprised within the authentication message is valid, and the UE may continue a connection procedure with the base station based on a determination that the signature is valid. If it is determined that the signature is invalid, the UE may designate the base station as a barred base station and may perform cell re-selection. The authentication message may be one of a radio resource control (RRC) connection setup message, a special RRC message, a media access control (MAC) message, or a random access channel (RACH) message comprising a random access response (RAR) message.

公开(公告)号：US11863982B2

公开(公告)日：2024-01-02

申请号：US18150771

申请日：2023-01-05

申请人： Apple Inc.

发明人： Xiangying Yang ,  Huarui Liang ,  Lijia Zhang ,  Shu Guo ,  Haijing Hu ,  Fangli Xu ,  Yuqin Chen ,  Dawei Zhang ,  Li Li

IPC分类号： H04W12/122 ,  H04W12/069 ,  H04W12/72 ,  H04W12/0433 ,  H04W12/03 ,  H04W12/041 ,  H04L9/08 ,  H04L9/16 ,  H04L9/32 ,  H04W12/02

CPC分类号： H04W12/069 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/0844 ,  H04L9/0891 ,  H04L9/16 ,  H04L9/3228 ,  H04W12/02 ,  H04W12/03 ,  H04W12/041 ,  H04W12/0433 ,  H04W12/122 ,  H04W12/72

摘要： Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys, generated by a user equipment (UE), and network provided keys are disclosed. Encryption of the SUPI to form the SUCIs can mitigate snooping by rogue network entities, such as fake base stations. The UE is restricted from providing the unencrypted SUPI over an unauthenticated connection to a network entity. In some instances, the UE uses a trusted symmetric fallback encryption key KFB or trusted asymmetric fallback public key PKFB to verify messages from an unauthenticated network entity and/or to encrypt the SUPI to form a fallback SUCIFB for communication of messages with the unauthenticated network entity.

公开(公告)号：US11589228B2

公开(公告)日：2023-02-21

申请号：US17054148

申请日：2018-05-11

申请人： Apple Inc.

发明人： Xiangying Yang ,  Huarui Liang ,  Lijia Zhang ,  Shu Guo ,  Haijing Hu ,  Fangli Xu ,  Yuqin Chen ,  Dawei Zhang ,  Li Li

IPC分类号： H04W12/122 ,  H04W12/069 ,  H04W12/72 ,  H04W12/0433 ,  H04W12/03 ,  H04W12/041 ,  H04L9/08 ,  H04L9/16 ,  H04L9/32 ,  H04W12/02

摘要： Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys, generated by a user equipment (UE), and network provided keys are disclosed. Encryption of the SUPI to form the SUCIs can mitigate snooping by rogue network entities, such as fake base stations. The UE is restricted from providing the unencrypted SUPI over an unauthenticated connection to a network entity. In some instances, the UE uses a trusted symmetric fallback encryption key KFB or trusted asymmetric fallback public key PKFB to verify messages from an unauthenticated network entity and/or to encrypt the SUPI to form a fallback SUCIFB for communication of messages with the unauthenticated network entity.

公开(公告)号：US11297492B2

公开(公告)日：2022-04-05

申请号：US17042859

申请日：2018-03-27

申请人： Apple Inc.

发明人： Xiangying Yang ,  Lijia Zhang ,  Dawei Zhang ,  Huarui Liang ,  Shu Guo ,  Rohan C. Malthankar ,  Krisztian Kiss

IPC分类号： H04L29/06 ,  H04W12/02 ,  H04W12/00 ,  H04W12/04 ,  H04W12/72 ,  H04W12/0433 ,  H04W12/041 ,  H04W12/033 ,  H04W12/40

摘要： Techniques to protect subscriber identity in messages communicated between a user equipment (UE) and a cellular wireless network entity by using multiple ephemeral asymmetric keys are disclosed. The UE determines multiple ephemeral UE public and secret key pairs, while the cellular wireless network entity provides a network public key to the UE. The network public key may be updated over time. Multiple encryption keys based on the multiple ephemeral UE secret keys and the public network key are derived and used to encrypt a subscription permanent identifier (SUPI) to generate multiple subscription concealed identifiers (SUCIs). Each SUCI is used only once for messages communicated to a cellular wireless network and discarded after use. New SUCI are generated when the network public key is updated.

公开(公告)号：US20200235914A1

公开(公告)日：2020-07-23

申请号：US16733515

申请日：2020-01-03

申请人： Apple Inc.

发明人： Dawei Zhang ,  Fangli Xu ,  Haijing Hu ,  Huarui Liang ,  Lijia Zhang ,  Robert K. Kitchens ,  Samuel D. Post ,  Shu Guo ,  Xiangying Yang ,  Yannick L. Sierra ,  Yuqin Chen

IPC分类号： H04L9/06 ,  H04L29/06 ,  H04W12/06 ,  H04L9/08 ,  H04W12/04

摘要： Apparatuses, systems, and methods for generating and utilizing improved initialization vectors (IVs) when performing encryption and authentication in wireless communications. In some scenarios, a wireless communication device may generate one or more pseudorandom multi-bit values, e.g., using a respective plurality of key derivation functions (KDFs). A first portion of each value may be used as a respective key for encryption or authentication of traffic on the user plane or the control plane. A second portion of each value may be used as a nonce value in a respective IV for use with a respective key for encryption or authentication of traffic on the user plane or the control plane. In some scenarios, the nonce values may instead be generated as part of an additional pseudorandom value (e.g., by executing an additional KDF), from which all of the IVs may be drawn.

公开(公告)号：US11329801B2

公开(公告)日：2022-05-10

申请号：US16733515

申请日：2020-01-03

申请人： Apple Inc.

发明人： Dawei Zhang ,  Fangli Xu ,  Haijing Hu ,  Huarui Liang ,  Lijia Zhang ,  Robert K. Kitchens ,  Samuel D. Post ,  Shu Guo ,  Xiangying Yang ,  Yannick L. Sierra ,  Yuqin Chen

IPC分类号： H04L9/06 ,  H04L29/06 ,  H04W12/06 ,  H04W12/04 ,  H04L9/08

摘要： Apparatuses, systems, and methods for generating and utilizing improved initialization vectors (IVs) when performing encryption and authentication in wireless communications. In some scenarios, a wireless communication device may generate one or more pseudorandom multi-bit values, e.g., using a respective plurality of key derivation functions (KDFs). A first portion of each value may be used as a respective key for encryption or authentication of traffic on the user plane or the control plane. A second portion of each value may be used as a nonce value in a respective IV for use with a respective key for encryption or authentication of traffic on the user plane or the control plane. In some scenarios, the nonce values may instead be generated as part of an additional pseudorandom value (e.g., by executing an additional KDF), from which all of the IVs may be drawn.