公开(公告)号：US20160112869A1

公开(公告)日：2016-04-21

申请号：US14918470

申请日：2015-10-20

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  George Cherian ,  Abhishek Pramod Patil ,  Santosh Paul Abraham ,  Jouni Malinen

IPC: H04W12/04 ,  H04L29/06

CPC classification number: H04W12/04 ,  H04L63/061 ,  H04L63/08 ,  H04W12/06

Abstract: Systems, methods, and computer readable mediums for authenticating a device perform a method of receiving, at a second device, a first authentication protocol reauthentication response for the device, the authentication response including a reauthentication master session key (rMSK), transmitting, at the second device, a second first authentication protocol reauthentication response to a first access point based on the reauthentication master session key, generating, at the second device, a first pairwise master key (PMK) based on the reauthentication master session key, generating, at the second device, a key message to include the first pairwise master key, and transmitting, at the second device, the key message to the second access point.

Abstract translation: 用于认证设备的系统，方法和计算机可读介质执行在第二设备处接收设备的第一认证协议重新认证响应的方法，所述认证响应包括重新认证主会话密钥（rMSK），在 基于所述重新认证主会话密钥对第一接入点进行第二第一认证协议重新认证响应，在所述第二设备处，基于所述重新认证主会话密钥生成第一成对主密钥（PMK），在所述第二设备 第二设备，包括第一成对主密钥的密钥消息，以及在第二设备将密钥消息发送到第二接入点。

公开(公告)号：US20130286889A1

公开(公告)日：2013-10-31

申请号：US13658268

申请日：2012-10-23

Applicant: Qualcomm Incorporated

Inventor： George Cherian ,  Jouni Malinen ,  Santosh Paul Abraham ,  Peerapol Tinnakornsrisuphap ,  Samir Kapoor ,  Rolf De Vegt

IPC: H04W76/02

CPC classification number: H04W76/14 ,  H04L63/18 ,  H04W12/04 ,  H04W12/06 ,  H04W84/12

Abstract: A method includes, at a first device while the first device is connected to a wireless local area network (WLAN) and a second device is unconnected to the WLAN, establishing a secure channel to the second device using an EAP exchange. The method also includes sending at least one credential associated with the WLAN to the second device via the secure channel to enable the second device to connect to the WLAN.

Abstract translation: 一种方法包括在第一设备处，第一设备连接到无线局域网（WLAN），第二设备与WLAN无连接时，使用EAP交换机向第二设备建立安全通道。 该方法还包括经由安全信道向WLAN发送与WLAN相关联的至少一个凭证，以使第二设备能够连接到WLAN。

公开(公告)号：US12207083B2

公开(公告)日：2025-01-21

申请号：US17742212

申请日：2022-05-11

Applicant: QUALCOMM Incorporated

Inventor： Anand Palanigounder ,  Jouni Malinen

IPC: H04L9/40 ,  H04L9/06 ,  H04W12/04 ,  H04W12/041 ,  H04W12/0431 ,  H04W12/0433 ,  H04W12/06 ,  H04W12/08 ,  H04W36/00 ,  H04W36/14 ,  H04W84/04 ,  H04L12/66 ,  H04W84/12 ,  H04W88/06 ,  H04W92/02 ,  H04W92/20

Abstract: One feature pertains to a method for secure wireless communication at an apparatus of a network. The method includes receiving a user equipment identifier identifying a user equipment and a cryptographic key from a wireless wide area network node, and using the cryptographic key as a pairwise master key (PMK). A PMK identifier (PKMID) is generated based on the PMK and the two are stored at the network. A PMK security association is initialized by associating the PMK with at least the PMKID and an access point identifier identifying an access point of the apparatus. An association request is received that includes a PMKID from the user equipment, and it's determined that the PMKID received from the user equipment matches the PMKID stored. A key exchange is initiated with the user equipment based on the PMK to establish a wireless local area network security association with the user equipment.

公开(公告)号：US10856143B2

公开(公告)日：2020-12-01

申请号：US14729313

申请日：2015-06-03

Applicant: QUALCOMM Incorporated

Inventor： George Cherian ,  Santosh Paul Abraham ,  Jouni Malinen ,  Hemanth Sampath

IPC: H04W12/06 ,  H04W28/02 ,  H04W76/11 ,  H04L29/12 ,  H04W48/14 ,  H04W76/10 ,  H04W28/18 ,  H04W84/12 ,  H04W74/08 ,  H04W12/08

Abstract: A method includes, prior to authenticating a mobile device, receiving by an access point a first message from the mobile device, determining that the mobile device is to be authenticated prior to responding to the first message, and sending to an authentication server a second message that includes an authentication request and the first message. The method also includes receiving from the authentication server a third message that includes a response to the authentication request and that further includes the first message.

公开(公告)号：US10129930B2

公开(公告)日：2018-11-13

申请号：US15695975

申请日：2017-09-05

Applicant: QUALCOMM Incorporated

Inventor： Abhishek Pramod Patil ,  George Cherian ,  Jouni Malinen ,  Alfred Asterjadhi

IPC: H04W88/06 ,  H04W88/10 ,  H04W48/12 ,  H04W16/06 ,  H04W48/16 ,  H04W84/12

Abstract: This disclosure provides systems, methods and apparatuses for enabling Multiple BSSID functionality. In some implementations, each BSS of the multi-BSS AP may transmit management frames with a Multiple BSSID element (MBE). Multiple BSSID-capable STAs may interpret the MBE information and implement corresponding Multiple BSSID functionality, whereas legacy STAs may ignore the MBE and interpret such frames as legacy management frames. In some other implementations, a multi-BSS AP may configure one or more of its BSSs to transmit management frames without the MBE. These legacy management frames may include a multi-BSS indicator (MBID) to advertise that the corresponding AP is a multi-BSS AP. The MBID also may provide information regarding a transmitted BSS of the multi-BSS AP. Multiple BSSID-capable STAs may search for a transmitted BSS based on the presence of the MBID, whereas legacy STAs may ignore the MBID and interpret such frames as legacy management frames.

公开(公告)号：US20140351932A1

公开(公告)日：2014-11-27

申请号：US14284785

申请日：2014-05-22

Applicant: QUALCOMM Incorporated

Inventor： Santosh Paul Abraham ,  George Cherian ,  Jouni Malinen

IPC: H04L29/06 ,  H04L12/18

CPC classification number: H04L63/123 ,  H04L9/3242 ,  H04L12/1863 ,  H04W12/10

Abstract: Systems, methods, and devices for multicast wireless local area network messages with message authentication are contained herein. The method includes determining a message integrity check value for each of a plurality of wireless devices. The method further includes transmitting a multicast packet to each of the plurality of devices on a wireless local area network, the multicast packet including an indication of each of the plurality of devices and the message integrity check value for each of the plurality of devices.

Abstract translation: 本文包含具有消息认证的组播无线局域网消息的系统，方法和设备。 该方法包括确定多个无线设备中的每一个的消息完整性校验值。 所述方法还包括向无线局域网上的所述多个设备中的每一个发送多播分组，所述多播分组包括所述多个设备中的每一个的指示和所述多个设备中的每一个的消息完整性校验值。

公开(公告)号：US09961170B2

公开(公告)日：2018-05-01

申请号：US14950102

申请日：2015-11-24

Applicant: QUALCOMM Incorporated

Inventor： Maarten Menzo Wentink ,  Alfred Asterjadhi ,  Simone Merlin ,  Jouni Malinen

IPC: H04L12/46 ,  H04L29/06 ,  H04W84/12 ,  H04L29/08

CPC classification number: H04L69/22 ,  H04L12/4633 ,  H04L69/321 ,  H04W84/12

Abstract: Apparatuses and methods are disclosed that may allow a wireless device to process an Ethertype data packet encapsulated in a frame based on whether the frame contains an Ethertype Packet Discrimination (EPD) indicator. The wireless device may receive the frame from another wireless device over a wireless network, and may detect a presence of the EPD indicator in the received frame. Then, the wireless device may identify a protocol type of the Ethertype data packet according to an EPD operation based on the presence of the EPD indicator, or may identify the protocol type of the Ethertype data packet according to an LPD operation based on an absence of the EPD indicator.

公开(公告)号：US20180098378A1

公开(公告)日：2018-04-05

申请号：US15695975

申请日：2017-09-05

Applicant: QUALCOMM Incorporated

Inventor： Abhishek Pramod Patil ,  George Cherian ,  Jouni Malinen ,  Alfred Asterjadhi

IPC: H04W88/10 ,  H04W88/06

CPC classification number: H04W88/10 ,  H04W16/06 ,  H04W48/12 ,  H04W48/16 ,  H04W84/12 ,  H04W88/06

Abstract: This disclosure provides systems, methods and apparatuses for enabling Multiple BSSID functionality. In some implementations, each BSS of the multi-BSS AP may transmit management frames with a Multiple BSSID element (MBE). Multiple BSSID-capable STAs may interpret the MBE information and implement corresponding Multiple BSSID functionality, whereas legacy STAs may ignore the MBE and interpret such frames as legacy management frames. In some other implementations, a multi-BSS AP may configure one or more of its BSSs to transmit management frames without the MBE. These legacy management frames may include a multi-BSS indicator (MBID) to advertise that the corresponding AP is a multi-BSS AP. The MBID also may provide information regarding a transmitted BSS of the multi-BSS AP. Multiple BSSID-capable STAs may search for a transmitted BSS based on the presence of the MBID, whereas legacy STAs may ignore the MBID and interpret such frames as legacy management frames.

公开(公告)号：US20160127903A1

公开(公告)日：2016-05-05

申请号：US14931574

申请日：2015-11-03

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Jouni Malinen ,  George Cherian ,  Abhishek Pramod Patil ,  Santosh Paul Abraham

IPC: H04W12/06 ,  H04L9/08 ,  H04W12/04

CPC classification number: H04W12/06 ,  H04L9/0841 ,  H04L9/0861 ,  H04L9/0869 ,  H04L63/068 ,  H04L2209/80 ,  H04W12/04 ,  H04W36/0038 ,  H04W84/005 ,  H04W84/12

Abstract: Systems, methods, and computer readable mediums for authenticating a device are disclosed. In some aspects, a method includes determining, using a second device, a key shared with the first device, generating, by the second device, a first pairwise master key (PMK) based on the key shared with the first device. The method may also include generating, by the second device, a second pairwise master key (PMK) for a first access point based on the first pairwise master key, and one or more properties of the first access point. The method then transmits the second pairwise master key to the first access point. The first access point may use the second pairwise master key to facilitate secure communication with the first device. For example, the first access point may encode/encrypt and/or decode/decrypt messages exchanged with the first device based on the second pairwise master key.

Abstract translation: 公开了用于认证设备的系统，方法和计算机可读介质。 在一些方面，一种方法包括：使用第二设备确定与第一设备共享的密钥，基于与第一设备共享的密钥，由第二设备生成第一成对主密钥（PMK）。 该方法还可以包括由第二设备基于第一成对主密钥和第一接入点的一个或多个属性生成用于第一接入点的第二成对主密钥（PMK）。 该方法然后将第二成对主密钥发送到第一接入点。 第一接入点可以使用第二成对主密钥来促进与第一设备的安全通信。 例如，第一接入点可以基于第二成对主密钥对与第一设备交换的消息进行编码/加密和/或解码/解密。

公开(公告)号：US09031050B2

公开(公告)日：2015-05-12

申请号：US13658268

申请日：2012-10-23

Applicant: Qualcomm Incorporated

Inventor： George Cherian ,  Jouni Malinen ,  Santosh Paul Abraham ,  Peerapol Tinnakornsrisuphap ,  Samir Kapoor ,  Rolf De Vegt

IPC: H04W4/00 ,  H04W76/02 ,  H04L29/06 ,  H04W12/04 ,  H04W12/06 ,  H04W84/12

CPC classification number: H04W76/14 ,  H04L63/18 ,  H04W12/04 ,  H04W12/06 ,  H04W84/12

Abstract: A method includes, at a first device while the first device is connected to a wireless local area network (WLAN) and a second device is unconnected to the WLAN, establishing a secure channel to the second device using an EAP exchange. The method also includes sending at least one credential associated with the WLAN to the second device via the secure channel to enable the second device to connect to the WLAN.

Abstract translation: 一种方法包括在第一设备处，第一设备连接到无线局域网（WLAN），第二设备与WLAN无连接时，使用EAP交换机向第二设备建立安全通道。 该方法还包括经由安全信道向WLAN发送与WLAN相关联的至少一个凭证，以使第二设备能够连接到WLAN。