公开(公告)号：US12118093B2

公开(公告)日：2024-10-15

申请号：US17169737

申请日：2021-02-08

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo Zhang ,  Philip Ginzboorg ,  Valtteri Niemi ,  Pekka Laitinen

IPC: G06F15/177 ,  G06F9/00 ,  G06F21/57 ,  H04L9/40 ,  H04W12/06

CPC classification number: G06F21/575 ,  H04L63/083 ,  H04W12/06

Abstract: This application provides an extended authentication method and apparatus for a generic bootstrapping architecture and a storage medium. A first network element obtains a bootstrapping transaction identifier (B-TID) and a key lifetime; and the first network element sends the B-TID and the key lifetime to the terminal, so that the terminal performs extensible authentication protocol (EAP)-based generic bootstrapping architecture (GBA) authentication and key agreement (AKA) authentication with the first network element based on the B-TID and the key lifetime.

公开(公告)号：US11374766B2

公开(公告)日：2022-06-28

申请号：US16638291

申请日：2017-08-11

Applicant: Huawei Technologies Co., Ltd.

Inventor： Pekka Laitinen ,  Qiming Li ,  Sampo Sovio ,  Gang Lian ,  Zhihua Shan

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/08 ,  G06F9/54

Abstract: A device with key attestation features comprises an operating system stored in its memory, the operating system comprising a secure environment including a trusted application, and two or more device certificates, each associated with a device key pair, stored in the memory of the device. The trusted application is configured to handle key pair generation requests and key pair attestation requests to read an indication of a preferred device certificate. An attestation certificate that is generated in response to the key pair attestation request is then signed using one of the two or more device certificates with its associated device key pair based on the indication of a preferred device certificate.

公开(公告)号：US20200374112A1

公开(公告)日：2020-11-26

申请号：US16768501

申请日：2017-12-01

Applicant: Huawei Technologies Co., Ltd.

Inventor： Sampo Sovio ,  Qiming Li ,  Pekka Laitinen ,  Gang Lian ,  Meilun Xie ,  Xiwen Fang ,  Zhihua Shan

IPC: H04L9/08 ,  H04L9/30 ,  H04L29/06

Abstract: In a method for secure provisioning of data to a client device, a non-trusted manufacturing facility is equipped with a secure server device to establish a secure data provisioning channel from the secure server device to trusted hardware in client devices without the secure server device and the client devices needing to have a shared secret.

公开(公告)号：US12008108B2

公开(公告)日：2024-06-11

申请号：US17169737

申请日：2021-02-08

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo Zhang ,  Philip Ginzboorg ,  Valtteri Niemi ,  Pekka Laitinen

IPC: G06F15/177 ,  G06F9/00 ,  G06F21/57 ,  H04L9/40 ,  H04W12/06

CPC classification number: G06F21/575 ,  H04L63/083 ,  H04W12/06

Abstract: This application provides an extended authentication method and apparatus for a generic bootstrapping architecture and a storage medium. A first network element obtains a bootstrapping transaction identifier (B-TID) and a key lifetime; and the first network element sends the B-TID and the key lifetime to the terminal, so that the terminal performs extensible authentication protocol (EAP)-based generic bootstrapping architecture (GBA) authentication and key agreement (AKA) authentication with the first network element based on the B-TID and the key lifetime.

公开(公告)号：US20200186357A1

公开(公告)日：2020-06-11

申请号：US16638291

申请日：2017-08-11

Applicant: Pekka LAITINEN ,  Huawei Technologies Co., Ltd.

Inventor： Pekka Laitinen ,  Qiming Li ,  Sampo Sovio ,  Gang Lian ,  Zhihua Shan

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/08 ,  G06F9/54

Abstract: A device with key attestation features comprises an operating system stored in its memory, the operating system comprising a secure environment including a trusted application, and two or more device certificates, each associated with a device key pair, stored in the memory of the device. The trusted application is configured to handle key pair generation requests and key pair attestation requests to read an indication of a preferred device certificate. An attestation certificate that is generated in response to the key pair attestation request is then signed using one of the two or more device certificates with its associated device key pair based on the indication of a preferred device certificate.