-
公开(公告)号:US11689934B2
公开(公告)日:2023-06-27
申请号:US17336650
申请日:2021-06-02
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
CPC classification number: H04W12/37 , H04L9/08 , H04L63/0428 , H04L63/062 , H04L63/105 , H04L63/20 , H04L63/205 , H04W12/0431 , H04W12/10
Abstract: This application provides a key configuration method. A session management network element receives a request for end-to-end communication and obtains a security policy, where the security policy is determined based on at least one of: a user security requirement that is of the user equipment and that is preconfigured on a home subscriber server, a service security requirement from the user equipment, a security capability requirement supported by the user equipment, a security capability requirement from a carrier network, and a security requirement of a device on the other end of the end-to-end communication. The session management network element obtains a protection key used for protecting the end-to-end communication. The session management network element sends the security policy to the devices on two ends of the end-to-end communication.
-
公开(公告)号:US20220295271A9
公开(公告)日:2022-09-15
申请号:US17245991
申请日:2021-04-30
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/041 , H04W80/10 , H04W88/02 , H04W76/11 , H04W76/25 , H04W8/08 , H04L9/08 , H04L29/06 , H04W12/04 , H04W12/043
Abstract: An anchor key generation method, device, and system, where the method includes generating, by a unified data management network element (UDM), an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; sending, by the UDM, the intermediate key to an authentication server function (AUSF); receiving, by the AUSF, the intermediate key; generating, by the AUSF, an anchor key based on the intermediate key; sending, by the AUSF, the anchor key to a security anchor function (SEAF); and generating, by the SEAF, a key (Kamf) based on the anchor key, where the Kamf is used to derive a 3rd Generation Partnership Project (3GPP) key.
-
公开(公告)号:US20220286442A1
公开(公告)日:2022-09-08
申请号:US17700064
申请日:2022-03-21
Applicant: Huawei Technologies Co., Ltd.
IPC: H04L9/40 , H04W12/12 , H04W12/02 , H04W12/03 , H04W12/041 , H04W12/0431 , H04W12/0433 , H04L9/08
Abstract: The present invention disclose a key distribution method. The method includes obtaining, by a first key management system, a shared key of a first network element, where the shared key of the first network element is generated according to a key parameter obtained after the first network element performs authentication or a root key of the first network element; obtaining a service key, where the service key is used to perform encryption and/or integrity protection on communication data in a first service between the first network element and a second network element; performing encryption and/or integrity protection on the service key by using the shared key of the first network element, to generate a first security protection parameter; and sending the first security protection parameter to the first network element. According to present invention, data can be protected against an eavesdropping attack in a sending process.
-
公开(公告)号:US11303622B2
公开(公告)日:2022-04-12
申请号:US15977787
申请日:2018-05-11
Applicant: Huawei Technologies Co., Ltd.
IPC: H04L29/04 , G06F21/00 , H04L29/06 , H04W12/12 , H04W12/02 , H04W12/03 , H04W12/041 , H04W12/0431 , H04W12/0433 , H04L9/08 , H04L9/40
Abstract: An embodiment method includes: obtaining, by a first key management system, a shared key of a first network element, where the shared key of the first network element is generated according to a key parameter obtained after the first network element performs authentication or a root key of the first network element; obtaining a service key, where the service key is used to perform encryption and/or integrity protection on communication data in a first service between the first network element and a second network element; performing encryption and/or integrity protection on the service key by using the shared key of the first network element, to generate a first security protection parameter; and sending the first security protection parameter to the first network element.
-
公开(公告)号:US11240218B2
公开(公告)日:2022-02-01
申请号:US16169416
申请日:2018-10-24
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Rong Wu , Bo Zhang , Lu Gan , Haiguang Wang
Abstract: This application provides a key distribution and authentication method, system, and an apparatus. The method includes: a service center server distributes different keys to terminal devices, and then the terminal devices perform mutual authentication with the network authentication server based on respective keys and finally obtain communication keys for communication between the terminal devices and a functional network element. This provides a method for establishing a secure communication channel for the terminal device, having a broad application range.
-
Patent Agency Ranking
公开(公告)号:US11109230B2
公开(公告)日:2021-08-31
申请号:US16909601
申请日:2020-06-23
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W12/06 , H04W8/12 , H04W12/02 , H04W12/04 , H04W12/041 , H04W12/069 , H04W80/10 , H04W88/16 , H04W84/04
Abstract: Embodiments of the present disclosure disclose a network roaming protection method and related device. The method includes: receiving, by a visited session management device, a first session establishment request that includes a first security requirement; obtaining, by the visited session management device, a target security policy, where the target security policy is obtained by processing the first security requirement set and a second security requirement set using a preset rule; and sending the target security policy to the UE instructing the UE to generate a target shared key based on a reference shared key and according to a rule defined by the target security policy, where the target shared key is used to protect secure end-to-end data transmission between the UE and the visited gateway.
-
公开(公告)号:US20210258780A1
公开(公告)日:2021-08-19
申请号:US17245991
申请日:2021-04-30
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/041 , H04W80/10 , H04W88/02 , H04W76/11 , H04W76/25 , H04W8/08 , H04L9/08 , H04L29/06 , H04W12/04 , H04W12/043
Abstract: An anchor key generation method, device, and system, where the method includes generating, by a unified data management network element (UDM), an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; sending, by the UDM, the intermediate key to an authentication server function (AUSF); receiving, by the AUSF, the intermediate key; generating, by the AUSF, an anchor key based on the intermediate key; sending, by the AUSF, the anchor key to a security anchor function (SEAF); and generating, by the SEAF, a key (Kamf) based on the anchor key, where the Kamf is used to derive a 3rd Generation Partnership Project (3GPP) key.
-
公开(公告)号:US11012855B2
公开(公告)日:2021-05-18
申请号:US16388606
申请日:2019-04-18
Applicant: Huawei Technologies Co., Ltd.
IPC: H04L9/00 , H04W12/041 , H04W80/10 , H04W88/02 , H04W76/11 , H04W76/25 , H04W8/08 , H04L9/08 , H04L29/06 , H04W12/04 , H04W12/043
Abstract: An anchor key generation method, device, and system, where the method includes generating, by a user equipment, an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; generating, by the user equipment, an anchor key based on the intermediate key; generating, by the user equipment, a key (Kamf) based on the anchor key; and deriving, by the user equipment, a 3rd Generation Partnership Project (3GPP) key based on the Kamf.
-
公开(公告)号:US20200084631A1
公开(公告)日:2020-03-12
申请号:US16674697
申请日:2019-11-05
Applicant: Huawei Technologies Co., Ltd.
Abstract: A key configuration method includes receiving, by a policy function network element, a request for communication between a user equipment (UE) and a network device, determining a user plane protection mechanism based on the request, UE registration information, subscription service data, and a service security requirement, and sending the user plane protection mechanism to an algorithm network element when the network device is a core network (CN) device, where the algorithm network element determines a security protection algorithm based on the user plane protection mechanism, generates a first user plane protection key based on the security protection algorithm, sends the first user plane protection key to the CN device, and sends the security protection algorithm to the UE, and the UE generates a second user plane protection key based on the security protection algorithm.
-
公开(公告)号:US10362043B2
公开(公告)日:2019-07-23
申请号:US15270722
申请日:2016-09-20
Applicant: Huawei Technologies Co., Ltd.
Inventor: Rong Wu , Chengdong He , Lu Gan
Abstract: A method and an apparatus for detecting a man-in-the-middle attack, where the method includes receiving, by a macro evolved Node B (MeNB), a first check request message sent by a secondary evolved Node B (SeNB), where the first check request message includes first identifier information and a first data packet count value, generating a second check request message according to the first identifier information, sending the second check request message to a user terminal, receiving a first check response message generated by the user terminal according to the second check request message, where the first check response message includes second identifier information and a second data packet count value, determining, by the MeNB, that the man-in-the-middle attack exists between the SeNB and the user terminal when the first data packet count value is different from the second data packet count value.
-
-
-
-
-
-
-
-
-
Search Results
62
records
(took 0.052 seconds)
