PT107993B - Method and authentication system of a 3gpp operator domain - Google Patents

Method and authentication system of a 3gpp operator domain Download PDF

Info

Publication number
PT107993B
PT107993B PT107993A PT10799314A PT107993B PT 107993 B PT107993 B PT 107993B PT 107993 A PT107993 A PT 107993A PT 10799314 A PT10799314 A PT 10799314A PT 107993 B PT107993 B PT 107993B
Authority
PT
Portugal
Prior art keywords
message
aaa
aaa server
id
imsi
Prior art date
Application number
PT107993A
Other languages
Portuguese (pt)
Inventor
Rodriguez Jonathan
Rafael Almeida E Marques Hugo
Bassoli Riccardo
Grouet Christophe
Original Assignee
Inst De Telecomunicações
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inst De Telecomunicações filed Critical Inst De Telecomunicações
Priority to PT107993A priority Critical patent/PT107993B/en
Publication of PT107993B publication Critical patent/PT107993B/en

Links

Abstract

THIS APPLICATION ARTS FROM THE NEED TO PROVIDE SECURE AND EFFECTIVE AUTHENTICATION FOR IP-DIRECT ACCESS AS IP-3GPP ACCESS. DISCLOSED A METHOD IN WHICH THE AUTHENTICATION, AUTHORIZATION AND ACCOUNTING (AAA) SERVER (103), IN RESPONSE TO AN INITIAL MESSAGE (104) WITH AN IDENTIFIER ??? OF AN ACCESS ELEMENT (102), GENERATES A RANDOM NUMBER ???????? AND SENDS A FUNCTION OF BOTH TO THE ACCESS ELEMENT (105).

Description

THIS APPLICATION ARISES FROM THE NEED TO PROVIDE SECURE AND EFFICIENT AUTHENTICATION FOR both IP-DIRECT ACCESS AND IP-3GPP ACCESS. A method is disclosed whereby the AUTHENTICATION, AUTHORIZATION AND ACCOUNTING (AAA) SERVER (103), IN RESPONSE TO A START MESSAGE (104) WITH AN IDENTIFIER � & � FROM AN ACCESS ELEMENT (102), GENERATES A RANDOM NUMBER � � � � AND SEND A BOTH FUNCTION TO THE ACCESS ELEMENT (105).

ABSTRACT

3GPP OPERATOR DOMAIN AUTHENTICATION METHOD AND SYSTEM This application arises from the need for secure and efficient authentication for both direct and IP-3GPP access.

Providing IPDisclosure A method is provided wherein the Authentication, Authorization and Accounting (AAA) server (103), in response to a start message (104) with an identifier ID of a (102) generates a random RAND number and sends E [ID φ RAND] pkAAA to the access element (105). The second routes the message (106) to a WLAN user equipment (101) which processes E [IMSI] PAAA , adds that result to the received message, processes an addition result scatter function with a key K, and responds to the AAA server (107) through the access element, concatenated with the result of the UE MAC scatter function. Finally, the AAA server checks integrity through the UE MAC value and extracts the IMSI, and authentication can now be used (108, 109).

DESCRIPTION

AUTHENTICATION METHOD AND SYSTEM

Technical Domain

The present application relates to a method and system of authentication of a 3GPP operator domain.

Background

The widespread spread of laptops, tablets and smartphones has contributed to the widespread adoption of Wireless Local Area Networks (WLAN). As the number of access points (AP) has grown each year, a system of interoperability between WLANs and 3GPP (3rd Generation Partnership Project) networks has attracted great interest. In 2012, the 3GPP project published the standards to provide secure solutions for interoperable Evolved Packet Systems (WLAN-EPS) systems.

The 3GPP standard defines two possibilities for user equipment to access the Internet through WLAN APs: IP-direct access and IP-3GPP access. The first possibility is used when WLAN APs belong to the (trusted) 3GPP network operator. In this scenario, the authentication method by Extensible Authentication Protocol - Authentication and Key Agreement (EAP-AKA ') is known. The second possibility is used when WLAN APs do not belong to the 3GPP (untrusted) network operator, in which scenario EAP-AKA over IKEv2 (Internet Key Exchange version 2) is used. These two authentication methods, direct IP access and IP-3GPP access, present some problems.

An analysis of IP-direct access reveals some weaknesses. First, an attacker can passively spy on the user identity during the Request / Identity-EAP message and track the user position. Next, other attack possibilities are passive eavesdropping on user credentials for accessing services and known-plaintext attack. Finally, man-in-the-middle attacks are also possible.

Alternatively, the study of IP-3GPP access also reveals some weaknesses. From a security perspective, problems may arise when the user is roaming as the packet transmission support infrastructure is on the territory's public mobile network. This problem becomes significant if the visiting user's network operator does not trust the local network operator. However, an important problem is the increased complexity in authentication due to the amount of messages that need to be exchanged to complete authentication procedures.

Overview This application arises from the need to provide secure and efficient authentication for both direct IP access and IP-3GPP access.

A method of operating a 3GPP operator domain authentication system is disclosed, comprising the steps:

- Authentication, Authorization and Accounting (AAA) server receives a start message comprising an ID identifier of an access element, generates a random RAND number, and sends E [RAND ID] pkAAA to the access element, whereFf ...] P k AAA θ is the encryption function with the AAA server public key pk AAA ;

the element access routes the message what understand O random number encrypted to O equipment in user; the equipment user a message what

comprises the encrypted random number, processes where IMSI is the universal mobile subscriber identity, adds that result to the received message, processes an addition result scatter function with a K key, and sends a reply message consisting of the concatenation of the result of the addition and result of the UE MAC scatter function to the AAA server via the access element;

- The AAA server checks the integrity of the reply message received through the UE MAC value and extracts the IMSI from the message.

In one embodiment, the step wherein the AAA server receives a start message comprising an identifier ID comprises the WLAN ID of a 3GPP operator wireless LAN access point, the step wherein the element The access code forwards the message comprising the encrypted random number to the user equipment, comprising the step:

- If the access element is a 3GPP operator wireless LAN access point, then it processes E [ ID® RAND] pkAAA® E [ID] pkAAA and sends the EpUiVO] ,,, ^ result to the device. The step in which the AAA server checks the integrity of the reply message received through the UE MAC value and extracts the IMSI from the message comprises the step:

- if the access element is a 3GPP operator wireless LAN access point, then the AAA server processes

E ^ [Z φ = IMSI where Z is the reply message.

In another embodiment, the step wherein the AAA server receives a start message comprising an ID identifier comprises the ePDG ID of an Evolved Packet Data Gateway (ePDG), and the step wherein the AAA server checks the integrity of the response message received through the UE MAC value and extracts the IMSI from the message comprises:

- if the access element is an ePDG, then the AAA server processes e-Hk © eiid © = IMSI where Y is the reply message.

The present application further discloses a 3GPP operator domain authentication system comprising:

- an authentication, authorization and accounting (AAA) server;

- at least one domain access point;

- at least one user equipment comprising a mobile device and a smart card configured with permanent security information, a universal mobile subscriber identity and a permanent secret key, wherein the system is configured to implement the method described in any one. of the preceding claims.

In one embodiment, O fur any less an access point to the domain, is anyone in - an access point The an network wireless location 3GPP operator; or - an ePDG (Evolved Packet) Date Gateway).

In another embodiment, the mobile equipment is any of:

- a laptop computer;

- a smartphone; or

- a tablet.

Some advantages of the solution are described below.

The disclosed solution remains compliant with the 3GPP standard (3GPP TS 35,206 Release 11 - September 2012) while mitigating security threats. In parallel, it significantly reduces the standard authentication burden, especially for IP-3GPP access. Improvements are mainly possible due to the use of Full Homorphic Encryption (FHE) and unidirectional functions (ie cryptographic scatter functions), which are not only more efficient, but also prevent text transmission. through the intermediate WLAN AP.

Encrypted and energy efficient transmission is due to FHE. The server that has to process the encrypted data provides the results to the client, which has to decrypt the data for further processing. The deciphered result is equivalent to the intended computed value if performed on the original clear text data. FHE schema operations are designed to improve the efficiency of the authentication procedure. In addition, decryption of the public key FHE scheme is only performed on the AAA server, which has no computational restrictions and a battery life as limited as user equipment. These aspects keep the complexity reduced.

There is also effective WLAN-EPS interoperation resulting from the security platform. The proposed schemes allow only legitimate WLAN user devices to access WLAN connections. In the case of direct IP access, an attacker between the WLAN user equipment and the WLAN AP cannot obtain any information by listening to the exchanged messages. Since IMSI is not in plain text, it is not possible to follow a user. In case of IP3GPP access, the parties to the authentication procedure are authenticated at the beginning of the communication. The authentication burden is significantly reduced. The size of the Message Authentication Code (MAC) obtained by applying scatter functions Ή 'may be chosen according to need, for example to optimize the added effort.

In the approach to generate CK and IK keys for authentication, the encrypted version of the OP value is also used. According to the 3GPP standard, the OP is a value that defines the operator for all subscribers. The solution guarantees the high protection of this value since it is computed from USIM (not stored on user equipment) and is kept confidential by the public cipher.

Recommended parameters for 3GPP authentication are introduced. The WLAN ID is a value that uniquely identifies each operator-owned AP in IP-direct access scenarios. This identity for access points compares directly with IMSI for user equipment. It is not disclosed to user equipment and is protected against cipher attacks. In fact, in the AP, the encrypted version is stored so as not to be broken. In addition, the ePDG ID represents a unique identifier of an ePDG in IP3GPP access scenarios. In fact, this use opens up possibilities for solving 3GPP roaming problems.

Brief Description of the Figures

For an easier understanding of the present application, appended to these figures are preferred embodiments which, however, are not intended to limit the art disclosed herein.

Figure 1 illustrates one embodiment of the access procedure in an IP-direct access scenario, where reference numbers represent:

101 - WLAN user equipment;

102 - Authenticator - Non 3GPP Access Point;

103 - AAA / HSS Server;

4 -;

105 - X;

6 - E [RAND] pkAAA ;

107 - EU ZVMAC;

108 - E [OP] pkAAA V OP Haaa ; 10 9 - And [OP] pkAAA \ / OP Haaa .

Figure 2 illustrates one embodiment of the access procedure in an IP-3GPP access scenario, where reference numbers represent:

201 - WLAN user equipment;

202 - ePDG;

203 - AAA / HSS Server;

04 - Auth START ;

05 - RAND;

XV RAND;

07 - YVMAC eu ;

208 - E [OP] pkAAA \ / OP Haaa ;

209 - Keys.

Description of embodiments

Referring to the figures, some embodiments are now described in more detail, which are not, however, intended to limit the scope of the present application.

The additions referred to in this request to the encrypted domain are considered at bit level (XORs). However, the person skilled in the art will easily be able to generalize these same additions to integers. The WLAN user equipment stores the secret key K, its IMSI and the pk AAA public key. The WLAN AP has the WLAN ID identifier encrypted with the pk AAA public key. The AAA server knows all these parameters and the AAA sk secret key to decrypt the previous encrypted message. E and E 1 respectively identify the encoding and decoding processes.

In the following embodiments, it is considered that:

- WLAN user equipment is configured with an IMSI, a secret key, K, pre-shared with the AAA server and the AAA Server public key, pk AAA ;

- the WLAN access point is configured with its identity encrypted by the pk AAA key;

- the AAA server is configured with all the previous parameters and with the sk AAA private key to decrypt the encrypted messages with its pk AAA public key.

In one embodiment of the present solution for the IP-direct access scenario, the procedure initiates the establishment of a connection between the user equipment and the WLAN AP. The WLAN AP then sends message 0, with the associated encrypted WLAN ID identifier, to the AAA server. The AAA server decrypts the WLAN ID and authenticates the AP. It then generates a random RAND number and adds it with the WLAN ID. It then encrypts the final result with the public key pk AAA and sends it back to the WLAN AP.

The AP performs the XOR operation between the value 'X' and the encrypted version of its WLAN ID and sends the result to the user equipment. This calculation assists the AAA server to verify the correct identity of the AP in question after processing message 3 (avoids the 'lying authenticator' problem).

WLAN equipment encrypts your IMSI with the pk AAA key and performs XOR operation between the result and the encrypted version of the received random number received. In addition, it applies a scatter function to this result 'Z' using the secret key 'K' as input. Finally, the WLAN user equipment sends the 'Z' value concatenated with the scatter function (MAC UE ) output to the AAA server.

AAA server performs XOR operation between 'Z' and E [RAND] pkAAA and decrypts the result: this way IMSI is obtained from the WLAN user equipment. In parallel, the identity of the WLAN user equipment is also by checking between the output of the scatter function calculated with inputs' K 'and' Z (MAC aaa ) with the received mass . If the two values are identical, the user equipment is fully authenticated and the server is also sure that the AP that was exchanging messages with the user equipment sent the 0 message.

A method for key generation (integrity and confidentiality keys) is then performed. Keys are generated by scatter functions using the encrypted OP value, the user equipment secret key, a random number, and a constant. A possible alternative would be to calculate a single scatter function with an output twice the length: this output could then be equally divided into two bit streams, which would represent IK and CK.

Figure 1 illustrates one embodiment of the disclosed authentication method for direct IP access, which begins with the initial establishment of a layer 2 connection between the user equipment and the WLAN access point and then proceeds from as follows:

1. The WLAN access point (Authenticator) sends the Auth_START message to the AAA server. This message includes the WLAN ID encrypted by the pk AAA key;

2. The AAA server retrieves (decrypts) the WLAN ID from the network using skaAA and authenticates the authenticator based on the WLAN ID. The AAA server generates a random number, RAND, the same size as the WLAN ID, performs an XOR operation between the RAND and the obtained WLAN ID value, encrypts the result of this operation with pk AAA, and sends a message with the result. final, X, for the authenticator;

3. Authenticator performs XOR operation between value

X is received and the WLAN ID value is encrypted with pk ^ aa and sends the result to the WLAN user equipment. This calculation will help the A7 \ A server verify the identity of the authenticator after processing message 3, avoiding the problem known as a lying authenticator;

4. The UE receives the message, uses the encrypted value, which at this time corresponds to the encrypted RAND, to perform an XOR operation between that value and the value of its encrypted IMSI with the pkAAA key. The result (Z) of this XOR operation is concatenated with its authenticated synthesis (MACue) - the K key is used in the synthesis calculation - and sent in a message directly to the AAA server;

AAA server receives the message and performs a

operation XOR between O Z value Received and the value encrypted from RAND. 0 server in AAA decipher O result of this operation and gets O value from IMSI of EU. In parallel O server in AAA calculate The

authenticated synthesis of the received Z value (MACaaa) using the K key and compares it to the received authenticated synthesis (MACue). If both values are identical, not only does the AAA server authenticate the UE, but it also ensures that the authenticator involved in the message exchange was the authenticator responsible for sending message 1.

6. At this time the AAA server calculates the CK and IK keys. This calculation can be done by two methods:

6ai. Method 1: This method assumes that two constants m and n are pre-stored in a secure repository of WLAN user equipment and AAA Server. The CK key corresponds to the K-encrypted synthesis of the following parameters: (i) ο OP encrypted with the pk ^ Aa key; (ii) the RAND and; (iii) a constant n. This procedure is described by the following expression:

CK = h k (£ '[PO] pkAAA, RAND + n)

The IK key is determined identically to the CK key using a constant m, other than n, as described in the following expression:

IK = H k (£ '[PO] pkAAA, RAND + m)

6aii. The AAA server now sends a message to the WLAN user equipment containing: (i) the value of the encrypted OP with the pkAAa key; (ii) the K-key encrypted synthesis of the OP value encrypted by the pkaAA key as described by the following expression:

and [0P] pkAAAVH t (£ [ 0P ] pkAAA )

6aa.The WLAN user equipment receives this message, uses the pre-stored constants m and n, and calculates the encrypted synthesis of the first parameter received by comparing it to the value of the second parameter received. If they match, the WLAN user equipment authenticates the message, that is, confirms that the message can only be created by the AAA Server, and proceeds to calculate the CK and IK values using the same procedure described in step 6.

6b. Method 2: The procedures for determining keys CK and IK are identical to those for Method 1 but without the use of constants m and n. In this case the synthesis function to be used must produce a result twice the size, which can be divided into two parts (CK and IK) of identical size, as illustrated in Figure 1 and described by the following expression:

CKVlK = // k (£ [OP] pkAAA , RAND)

In the following embodiments, it is considered that:

- WLAN user equipment is configured with an IMSI, a secret key, K, pre-shared with the AAA server and the AAA Server public key, pk AAA ;

- ePDG has a unique identity, ePDG ID, and AAA Server public key, pk AAA configured;

- the AAA server is configured with all of the above parameters as well as an OP value which, according to the 3GPP specification unambiguously identifies an operator, and a sk AAA private key to decrypt messages encrypted with its pk AAA public key;

In one embodiment of the present solution for the IP-3GPP access scenario, the procedure begins by establishing the connection between the user equipment and the WLAN AP. The WLAN AP then sends an authentication start message to the ePDG that adds its identifier and forwards it to the AAA server. The server now knows the identity of the ePDG and authenticates it. EPDG authentication is important when user equipment is roaming and the home operator does not trust it.

AAA server generates a random number (RAND) and sends it to ePDG. Since ePDG is reliable, this number does not need to be encrypted. The ePDG performs the XOR operation between its ID identifier and the RAND, and encrypts the result with the pk AAA key. It then sends the concatenation of 'X' and RAND to the WLAN user equipment.

Then the WLAN user equipment adds the encrypted version of IMSI (with pk AAA } with 'X'. In addition, it uses the result Ύ 'as input to the scatter function in conjunction with its secret key K. 0 equipment WLAN user sends the concatenation of Ύ 'and MAC ue to the ePDG which forwards it to the AAA server.

AAA server can authenticate WLAN user equipment by obtaining IMSI from 'X' and Ύ 'as shown in figure 2. Finally AAA server generates 0P Haaa quantity which is the result of the scatter function with IMSI inputs and the encoded value of the PB key pk with the θ-AAA- server sends the encrypted concatenation and OP h the 0P aa which is sent by the ePDG to the WLAN user equipment.

Once the WLAN user equipment receives these parameters, it can check the OP and generate CK and IK in the same way as they are generated in the IP-direct access procedure described above. Then, from CK and IK, the other keys to establish the IPSec tunnel with ePDG are derived. In parallel, the AAA server does the same and sends these keys to ePDG.

Figure 2 shows an embodiment of the authentication method for IP-3GPP access scenarios. The structure is similar to the previous one: this time, the authenticator role is performed by ePDG instead of the WLAN AP (which in this case is not reliable). The procedure begins by establishing a connection between the WLAN user equipment and the WLAN access point (WLAN AP), and then proceeds as follows:

í. WLAN AP sends an Auth_START message, ePDG receives this message and forwards it to the AAA server, including its ID, ePDG ID;

The AAA server receives the message and learns the identity of the authenticator, ePDG, authenticating it. Authenticator authentication is important for scenarios where the WLAN user equipment is roaming and the native operator does not trust the remote ePDG. The AAA server generates a random number, RAND, and sends it to ePDG. Since the connection to ePDG is reliable, the RAND value is not protected;

On receiving this value, ePDG performs an XOR operation between its ePDG ID value and RAND and encrypts the result with the pkAAA key, obtaining X. It then sends X along with the RAND to the WLAN EU;

WLAN user equipment receives the message and: (i) performs XOR operation between the received X value and its pkaAA encrypted IMSI, obtaining Y as the resulting value; (ii) create an encrypted synthesis with key Y of value Y. At the end the WLAN user equipment sends both the Y values and the encrypted synthesis to ePDG which sends them to the AAA server;

The AAA server receives the message, removes the value of Y, and performs the XOR operation between Y and X, previously calculated, resulting in the IMSI encrypted with its public key, pkaAA. The AAA server uses its private key, sk ^ AA, to decipher this value and obtain the user's IMSI. The AAA server authenticates the user if its K-encrypted version of the synthesis of Y is the same as that sent by the WLAN user equipment; The AAA server is now in a position to calculate the CK and IK keys using Method 1 or Method 2 described above in points 6a and 6b.

the AAA server now sends a message to the WLAN user equipment containing: (i) the OP value encrypted with the pk ^ key; (ii) the synthesis, encrypted with the K key, of the IMSI and the value of the OP encrypted by the pkAAA key, as described by the following expression:

And [PO] en _ II H k (lMSI.E [PO]

P k AV \)

8. the WLAN user equipment receives this message, uses the pre-stored m and n constants, and calculates the IMSI encrypted synthesis with the first parameter received by comparing it to the value of the second parameter received. If they match, the WLAN user equipment authenticates the message, that is, confirms that the message can only be created by the AAA server, and proceeds to calculate the CK and IK values using Method 1 or Method 2 described above. in steps 6a (iiii) and 6b.

Based on the CK and IK keys, WLAN user equipment can derive the keys necessary for establishing IPSec security associations with ePDG. At the same time the AAA server performs the same procedure and sends them to ePDG.

The present description is, of course, not restricted to the achievements presented in this person of ordinary skill in the art many possibilities for modification from departing from the general idea, such as claims.

so some document is may predict same without defined in the

Lisbon, October 13, 2015

Claims (6)

1. A method of operating a 3GPP operator domain authentication system, comprising the steps:
- Authentication, Authorization and Accounting (AAA) server receives a start message comprising an ID identifier of an access element, generates a random RAND number, and sends E [RAND ID] pkAAA to the access element, whereFf ...] P k AAA θ is the encryption function with the AAA server public key pk AAA ;
the access element forwards the message comprising the encrypted random number to the user equipment;
- the user equipment receives a message comprising the encrypted random number, processes E [IMSI] pkAAA where IMSI is the universal mobile subscriber identity, adds that result to the received message, processes an addition result scatter function with a key K, and sends a response message consisting of the concatenation of the result of the addition and the results of EU MAC spread function to the AAA server through the access element;
The AAA server checks the integrity of the received response message by the soft value and extracts the IMSI from the message.
Method according to the preceding claim, characterized in that the step in which the AAA server receives a start message comprising an ID identifier comprises the WLAN ID of a 3GPP operator wireless LAN access point. , the step wherein the access element forwards the message comprising the encrypted random number to the user equipment comprises the step:
- if the access element is a 3GPP operator wireless LAN access point, then it processes E [ID φ RAND] pkAAA φ E [ID] pkAAA and sends the result to the user equipment, and the step wherein the AAA server checks the integrity of the response message received through the UE MAC value and extracts the IMSI from the message, comprising the step:
- if the access element is a 3GPP operator wireless LAN access point, then the AAA server processes
F - '[Z © = IMSI where Z is the reply message.
Method according to claim 1, characterized in that the step wherein the AAA server receives a start message comprising an ID identifier comprises the ePDG ID of an Evolved Packet Data Gateway (ePDG), and the step wherein the AAA server checks the integrity of the response message received through the UE MAC value and extracts the IMSI from the message, comprising:
- if the access element is an ePDG, then the AAA server processes © E [ID © = IMSI where Y is the reply message.
4. A 3GPP operator domain authentication system, comprising:
- an authentication, authorization and accounting (AAA) server;
- at least one domain access point;
- at least one user equipment comprising a mobile device and a smart card configured with permanent security information, a universal mobile subscriber identity and a permanent secret key, wherein the system is configured to implement the method described in any one. of the preceding claims.
System according to the preceding claim, characterized in that at least one domain access point is any of:
- an access point to a 3GPP operator wireless local area network; or
- an Evolved Packet Data Gateway (ePDG).
System according to the preceding claim, characterized in that the mobile equipment is any of:
- a laptop computer;
- a smartphone; or
- a tablet.
Lisbon, October 13, 2015
1/2
Fig. 1
PT107993A 2014-10-21 2014-10-21 Method and authentication system of a 3gpp operator domain PT107993B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PT107993A PT107993B (en) 2014-10-21 2014-10-21 Method and authentication system of a 3gpp operator domain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PT107993A PT107993B (en) 2014-10-21 2014-10-21 Method and authentication system of a 3gpp operator domain

Publications (1)

Publication Number Publication Date
PT107993B true PT107993B (en) 2016-11-11

Family

ID=58668587

Family Applications (1)

Application Number Title Priority Date Filing Date
PT107993A PT107993B (en) 2014-10-21 2014-10-21 Method and authentication system of a 3gpp operator domain

Country Status (1)

Country Link
PT (1) PT107993B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1672945A1 (en) * 2004-12-14 2006-06-21 Samsung Electronics Co., Ltd. UMTS-WLAN interworking system and authentication method therefor
WO2010027314A1 (en) * 2008-09-05 2010-03-11 Telefonaktiebolaget L M Ericsson (Publ) Secure negotiation of authentication capabilities
WO2012087435A1 (en) * 2010-11-06 2012-06-28 Qualcomm Incorporated Authentication in secure user plane location (supl) systems

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1672945A1 (en) * 2004-12-14 2006-06-21 Samsung Electronics Co., Ltd. UMTS-WLAN interworking system and authentication method therefor
WO2010027314A1 (en) * 2008-09-05 2010-03-11 Telefonaktiebolaget L M Ericsson (Publ) Secure negotiation of authentication capabilities
WO2012087435A1 (en) * 2010-11-06 2012-06-28 Qualcomm Incorporated Authentication in secure user plane location (supl) systems

Similar Documents

Publication Publication Date Title
CN101473668B (en) Method and apparatus for security protection of an original user identity in an initial signaling message
US8892874B2 (en) Enhanced security for direct link communications
EP2272271B1 (en) Method and system for mutual authentication of nodes in a wireless communication network
US7908484B2 (en) Method of protecting digest authentication and key agreement (AKA) against man-in-the-middle (MITM) attack
EP2005702B1 (en) Authenticating an application
CN101822082B (en) Techniques for secure channelization between UICC and terminal
KR101608956B1 (en) Method and apparatus for base station self-configuration
Xu et al. Security issues in privacy and key management protocols of IEEE 802.16
US7793103B2 (en) Ad-hoc network key management
US7734280B2 (en) Method and apparatus for authentication of mobile devices
US20050210251A1 (en) Linked authentication protocols
ES2436340T3 (en) Secure Initial Sequence for wireless communications
ES2637313T3 (en) Generation of cryptographic keys
Forsberg et al. LTE security
Vanhoef et al. Key reinstallation attacks: Forcing nonce reuse in WPA2
KR20140066230A (en) Systems and methods for encoding exchanges with a set of shared ephemeral key data
US20060206710A1 (en) Network assisted terminal to SIM/UICC key establishment
JP5390619B2 (en) HOMENODE-B device and security protocol
Shon et al. An analysis of mobile WiMAX security: vulnerabilities and solutions
CN102037707B (en) Secure session key generation
KR20150139602A (en) Securing peer-to-peer and group communications
CN1298194C (en) Radio LAN security access method based on roaming key exchange authentication protocol
US7546459B2 (en) GSM-like and UMTS-like authentication in a CDMA2000 network environment
US20110305339A1 (en) Key Establishment for Relay Node in a Wireless Communication System
Mun et al. 3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA

Legal Events

Date Code Title Description
BB1A Laying open of patent application

Effective date: 20160218

FG3A Patent granted, date of granting

Effective date: 20161107