-
1.发明授权公开(公告)号:US08724812B2
公开(公告)日:2014-05-13
申请号:US12983067
申请日:2010-12-31
IPC分类号: H04L9/08
CPC分类号: H04W12/04 , H04L63/045 , H04L63/061 , H04L63/0807 , H04L63/0823 , H04W12/06
摘要: Methods for establishing secure point-to-point communications in a trunked radio system include receiving, at a trunking controller, a request from a source endpoint for a traffic channel for confidential communications between the source endpoint and a destination endpoint using a shared unique first symmetric key. The trunking controller provides keying material related to the symmetric key over the secured control channel to at least one of the source or destination endpoints and assigns a traffic channel. Moreover, in response to the request, the controller assigns a traffic channel. The keying material enables the unique first symmetric key to be securely established between the source and destination endpoints.
摘要翻译: 用于在集群无线电系统中建立安全点对点通信的方法包括在中继控制器处,使用共享唯一的第一对称来在源端点和目的地端点之间接收来自源端点的业务信道的业务信道的请求 键。 中继控制器将与安全控制信道上的对称密钥相关的密钥材料提供给源端点或目的端点中的至少一个,并分配业务信道。 此外,响应于该请求,控制器分配业务信道。 密钥材料使得能够在源端点和目的端点之间安全地建立唯一的第一对称密钥。
-
公开(公告)号:US08509448B2
公开(公告)日:2013-08-13
申请号:US12511731
申请日:2009-07-29
申请人: Shanthi E. Thomas , Michael W. Bright , Chris A. Kruegel , Anthony R. Metke , Scott J. Pappas , Thomas J. Senese
发明人: Shanthi E. Thomas , Michael W. Bright , Chris A. Kruegel , Anthony R. Metke , Scott J. Pappas , Thomas J. Senese
IPC分类号: G06F21/00
CPC分类号: H04L63/061 , G06F21/57 , G06F21/602 , G06F21/606 , H04L9/0822 , H04L9/0825 , H04L63/0428 , H04L2209/80 , H04L2463/062 , H04W12/04
摘要: A sending device generates a first and a second KMM, wherein the first KMM includes a first KEK and a KMM encryption key, and the second KMM includes a set of symmetric encryption keys. The sending device further encrypts the set of symmetric encryption keys using the first KEK; encrypts the first KEK and the KMM encryption key using a first public key of a receiving device; and encrypts the second KMM using the KMM encryption key to generate an encrypted second KMM before sending the first KMM and the encrypted second KMM to the receiving device. The receiving device decrypts the first KEK and the KMM encryption key using a first private key that corresponds to the first public key; and decrypts the encrypted second KMM using the KMM encryption key to obtain the encrypted set of symmetric keys.
摘要翻译: 发送设备生成第一和第二KMM,其中第一KMM包括第一KEK和KMM加密密钥,并且第二KMM包括一组对称加密密钥。 所述发送装置使用所述第一KEK进一步加密所述一组对称加密密钥; 使用接收设备的第一公钥加密第一KEK和KMM加密密钥; 并且使用KMM加密密钥对第二KMM进行加密,以在将第一KMM和加密的第二KMM发送到接收设备之前生成加密的第二KMM。 接收设备使用对应于第一公钥的第一私钥对第一KEK和KMM加密密钥进行解密; 并使用KMM加密密钥解密加密的第二KMM以获得加密的对称密钥集。
-
公开(公告)号:US20110026714A1
公开(公告)日:2011-02-03
申请号:US12511731
申请日:2009-07-29
申请人: Shanthi E. Thomas , Michael W. Bright , Chris A. Kruegel , Anthony R. Metke , Scott J. Pappas , Thomas J. Senese
发明人: Shanthi E. Thomas , Michael W. Bright , Chris A. Kruegel , Anthony R. Metke , Scott J. Pappas , Thomas J. Senese
CPC分类号: H04L63/061 , G06F21/57 , G06F21/602 , G06F21/606 , H04L9/0822 , H04L9/0825 , H04L63/0428 , H04L2209/80 , H04L2463/062 , H04W12/04
摘要: A sending device generates a first and a second KMM, wherein the first KMM includes a first KEK and a KMM encryption key, and the second KMM includes a set of symmetric encryption keys. The sending device further encrypts the set of symmetric encryption keys using the first KEK; encrypts the first KEK and the KMM encryption key using a first public key of a receiving device; and encrypts the second KMM using the KMM encryption key to generate an encrypted second KMM before sending the first KMM and the encrypted second KMM to the receiving device. The receiving device decrypts the first KEK and the KMM encryption key using a first private key that corresponds to the first public key; and decrypts the encrypted second KMM using the KMM encryption key to obtain the encrypted set of symmetric keys.
摘要翻译: 发送设备生成第一和第二KMM,其中第一KMM包括第一KEK和KMM加密密钥,并且第二KMM包括一组对称加密密钥。 所述发送装置使用所述第一KEK进一步加密所述一组对称加密密钥; 使用接收设备的第一公钥加密第一KEK和KMM加密密钥; 并且使用KMM加密密钥对第二KMM进行加密,以在将第一KMM和加密的第二KMM发送到接收设备之前生成加密的第二KMM。 接收设备使用对应于第一公钥的第一私钥对第一KEK和KMM加密密钥进行解密; 并使用KMM加密密钥解密加密的第二KMM以获得加密的对称密钥集。
-
4.发明授权Method for a communication device to operate with multiple key management facilities 有权用于通信设备与多个密钥管理设备操作的方法公开(公告)号:US08948396B2
公开(公告)日:2015-02-03
申请号:US13008251
申请日:2011-01-18
CPC分类号: H04L9/088 , H04L9/083 , H04L9/16 , H04L63/062 , H04L2209/80 , H04W12/04
摘要: A method for operating with KMFs includes a communication device having a memory device: receiving a designation of a primary KMF for the communication device, wherein only one primary KMF is designated for the communication device at any given time instance; receiving a designation of a secondary KMF for the communication device; storing, within the memory device, a first and a second set of crypto groups, wherein each crypto group within each set of crypto groups comprises at least one keyset, wherein each set of crypto groups is associated, within the memory device, to only one KMF identifier; associating, within the memory device, the first set of crypto groups to an identifier for the primary KMF; and associating, within the memory device, the second set of crypto groups to an identifier for the secondary KMF.
摘要翻译: 一种使用KMF进行操作的方法包括具有存储装置的通信装置:接收用于通信装置的主要KMF的指定,其中在任何给定的时间实例中仅为通信装置指定一个主要的KMF; 接收通信设备的次级KMF的指定; 在所述存储器设备内存储第一组密码组和第二组加密组,其中每组密码组内的每个密码组包括至少一个密钥组,其中每组密码组在存储器设备内仅与一个密钥组相关联 KMF标识符 在所述存储设备内将所述第一组密码组与所述主KMF的标识符相关联; 以及在所述存储器装置内将所述第二组密码组关联到所述次级KMF的标识符。
-
公开(公告)号:US08650404B2
公开(公告)日:2014-02-11
申请号:US13406610
申请日:2012-02-28
IPC分类号: H04L29/00
CPC分类号: H04L63/123 , H04L9/0822 , H04L9/0891 , H04L9/3242 , H04L9/3247 , H04L2209/80 , H04W12/10
摘要: A method and apparatus for authenticating a key management message within a secure communication system is provided herein. During operation, a digital signature for message authentication of a Project 25 Key Management Message (KMM) is utilized. In particular, the digital signature will be used to authenticate the KMM in scenarios where there is no Message Authentication Code (MAC). The MAC will be utilized to authenticate the KMM when available. Because authentication of KMMs take place, even when no MAC is available, it becomes increasingly more difficult to tamper or spoof the delivery of encryption keys.
摘要翻译: 本文提供了一种在安全通信系统内验证密钥管理消息的方法和装置。 在操作期间,利用了一个用于项目25密钥管理消息(KMM)的消息认证的数字签名。 特别地,在不存在消息认证码(MAC)的情况下,数字签名将用于认证KMM。 当可用时,MAC将用于认证KMM。 由于KMM的认证发生,即使没有MAC可用,变得越来越难以篡改或欺骗加密密钥的传送。
-
6.发明授权Method for key identification using an internet security association and key management based protocol 有权使用互联网安全关联和基于密钥管理的协议进行密钥识别的方法公开(公告)号:US08448235B2
公开(公告)日:2013-05-21
申请号:US13173020
申请日:2011-06-30
IPC分类号: G06F9/00
CPC分类号: H04L9/0838 , H04L63/061 , H04L63/164
摘要: An initiating device: generates a message having an ISAKMP-based header that includes a security parameter index (SPI) field; identifies a key in the SPI field of the ISKMP-based header; and sends the message to a responding device. The responding device: receives the message; extracts the key identifier; and when a shared key is selected using the key identifier, uses the selected shared key to establish, with the initiating device, a session having a secure tunnel.
摘要翻译: 发起设备:生成具有基于ISAKMP的报头的消息,该报头包括安全参数索引(SPI)字段; 识别基于ISKMP的头部的SPI字段中的键; 并将消息发送到响应设备。 响应设备:接收消息; 提取密钥标识符; 并且当使用密钥标识符选择共享密钥时,使用所选择的共享密钥与发起设备建立具有安全隧道的会话。
-
公开(公告)号:US09143321B2
公开(公告)日:2015-09-22
申请号:US13416468
申请日:2012-03-09
CPC分类号: H04L9/0822 , H04L9/0825 , H04L63/0442 , H04L2463/062 , H04W12/02 , H04W12/04 , H04W84/08
摘要: A method and apparatus for transmitting encryption keys in a secure communication system is provided herein. During rekeying of a device, a key encryption key (KEK) is utilized to wrap (encrypt) the traffic encryption key (TEK) when the KEK is available to the device. If unavailable, the TEK will be wrapped using public key encryption with the recipient device's public key. The receiving device will then be able to unwrap the TEK using public key decryption with its own private key. Because TEKs are always transmitted in a secure manner, secure and efficient rekeying of devices on foreign networks can occur.
摘要翻译: 本发明提供一种用于在安全通信系统中发送加密密钥的方法和装置。 在设备的密钥更新期间,当KEK可用于设备时,利用密钥加密密钥(KEK)来包裹(加密)流量加密密钥(TEK)。 如果不可用,TEK将使用公钥加密与收件人设备的公钥进行包装。 接收设备将能够使用其自己的私钥使用公钥解密来解开TEK。 由于TEK始终以安全的方式传输,因此可能会发生外部网络上设备的安全高效的密钥密钥。
-
公开(公告)号:US07729701B2
公开(公告)日:2010-06-01
申请号:US11191563
申请日:2005-07-28
CPC分类号: H04W16/14 , H04W52/0206 , Y02D70/00
摘要: A method and system include de-keying a base station in a conventional TDMA communications system and staffing a timer in the base station when the base station de-keys. The method and system further include receiving a transmission from a mobile station and re-keying and repeating the transmission, if the transmission is received with proper synchronization before expiration of the timer.
摘要翻译: 一种方法和系统包括在传统的TDMA通信系统中对基站进行解密,并且当基站解密时在基站中配置定时器。 所述方法和系统还包括如果在定时器到期之前以适当的同步接收到传输,则从移动站接收传输并重新键入并重复传输。
-
9.发明授权Method for allowing a subscriber unit to access a channel for voice transmissions 有权用于允许用户单元访问用于语音传输的信道的方法公开(公告)号:US07499441B2
公开(公告)日:2009-03-03
申请号:US10984431
申请日:2004-11-09
申请人: David G. Wiatrowski , Thomas B. Bohn , Thomas J. Senese , John P. Belmonte , Terry K. Mansfield
发明人: David G. Wiatrowski , Thomas B. Bohn , Thomas J. Senese , John P. Belmonte , Terry K. Mansfield
CPC分类号: H04W4/06 , H04W4/10 , H04W72/005 , H04W76/45
摘要: In a TDMA system whereby the TDMA system comprises a plurality of subscriber units and a plurality of base radios, a method and system for providing access to a channel for voice transmissions where the first subscriber unit determines whether it is provisioned for polite access to the channel. In addition, the first subscriber unit is characterized by a first color code and a first talkgroup ID. The first subscriber unit also examines the voice transmissions on the channel for voice transmissions that are from a second subscriber unit with a second color code and a second talkgroup ID. If the first color code and the second color code match and if the first talkgroup ID and the second talkgroup match, then the first subscriber unit is allowed access to the channel for voice transmissions even though the channel is being used for voice transmissions by the second subscriber unit.
摘要翻译: 在TDMA系统中,TDMA系统包括多个用户单元和多个基站无线电,一种用于提供对用于语音传输的信道的接入的方法和系统,其中第一用户单元确定是否被提供用于礼貌访问信道 。 此外,第一用户单元的特征在于第一颜色代码和第一通话组ID。 第一用户单元还检查来自具有第二颜色代码和第二通话组ID的第二用户单元的语音传输的信道上的语音传输。 如果第一颜色代码和第二颜色代码相匹配,并且如果第一通话组ID和第二通话组匹配,则允许第一用户单元访问用于语音传输的信道,即使该信道正在被第二代码和第二通话组用于语音传输 用户单位。
-
公开(公告)号:US07369869B2
公开(公告)日:2008-05-06
申请号:US10899479
申请日:2004-07-26
IPC分类号: H04Q7/20
CPC分类号: H04W48/12
摘要: A method and system for scanning a TDMA channel by a subscriber unit in a wireless communications landscape 100 is disclosed. The subscriber unit locks onto a channel that is preprogrammed in the subscriber unit. A base radio transmits a control message to the subscriber unit. The control message informs the subscriber unit of activity present on the channel. The subscriber unit receives and decodes the control message to determine whether there is activity on the channel. If there is, the subscriber unit determines whether the activity is of interest. If it is, then the subscriber unit remains on the channel to receive the activity present on the channel.
摘要翻译: 公开了一种用于在无线通信环境100中由用户单元扫描TDMA信道的方法和系统。 用户单元锁定在用户单元中被预编程的信道上。 基站无线电向用户单元发送控制消息。 该控制消息通知用户单元存在于该信道上的活动。 用户单元接收并解码控制消息以确定信道上是否存在活动。 如果存在,则订户单元确定该活动是否是感兴趣的。 如果是,则用户单元保持在信道上以接收该频道上存在的活动。
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.024 秒)
