WO2005109741A1 - Procede pour commander le decodage de paquets de donnees codes dans un systeme de radiocommunication - Google Patents
Procede pour commander le decodage de paquets de donnees codes dans un systeme de radiocommunication Download PDFInfo
- Publication number
- WO2005109741A1 WO2005109741A1 PCT/EP2005/051933 EP2005051933W WO2005109741A1 WO 2005109741 A1 WO2005109741 A1 WO 2005109741A1 EP 2005051933 W EP2005051933 W EP 2005051933W WO 2005109741 A1 WO2005109741 A1 WO 2005109741A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data packets
- indicator
- key
- generated
- station
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/12—Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Definitions
- the invention relates to a method for controlling the decoding on the receiving end of data packets encrypted before transmission via a radio interface in a radio communication system, in particular in a mobile radio system.
- HSDPA High Speed Downlink Packet Access
- TS 25.308 V5.5.0 2004-03
- 3GPP TS 25.308 V6.1.0 2004-03
- One or more HSDPA channels are used at different times to transmit data packets from the network side to different end devices, which means that the available transmission resources of the radio interface can be used more efficiently.
- the data packets containing this message are encrypted by means of a respective key, the so-called cyphering key.
- the key is also dependent on a sequence number of the respective data packet generated, whereby each data packet transmitted in a logical channel uses a different key.
- the general procedure for encryption is described in the technical specifications 3GPP TS 33.102 V5.3.0 (2003-09) and 3GPP TS 33.102 V6.0.0 (2003-09) in chapters 6.6.3 and 6.6.4.
- the sequence number is repeated after every 128 data packets.
- internal counters are implemented both in the terminal and in the radio network controller (RNC - Radio Network Controller), which count up with each overflow of the sequence number. The current value of the counter is also taken into account for the generation of the key.
- Transmission channel more than 128 data packets in a row are not received or detected by an addressed terminal.
- the network-side counter would count up after 128 data packets sent, but the counter in the terminal would not.
- the network would have no knowledge of the non-reception of the data packets by the terminal.
- the terminal would no longer be able to decrypt data packets that were subsequently correctly received.
- it would only be possible to re-establish the logical connection for the repeated or continued transmission of the data packets not received by terminating the connection and performing the authentication again. processes are possible, but this is disadvantageously very time-consuming.
- the method according to the invention is based on encryption and decryption of data packets using keys that were generated on the basis of an indicator, the indicator being assigned to a number of data packets in each case. According to the invention, if an unsuccessful decryption of a data packet using an indicator that is assumed to be currently valid, a further attempt is made to decrypt it, but this time using a key generated with a changed indicator.
- the method is advantageously used in a radio communication system for the transmission of data packets via a radio interface.
- an interruption in the transmission and reception synchronization of the generation of the indicator described at the beginning can occur.
- This synchronicity can be restored by the method according to the invention by changing the indicator on the receiving end and thus generating a correspondingly changed key for decrypting the data packet.
- the indicator corresponds to a value of a counter
- the value of the counter is increased and the key is generated based on this.
- the indicator and thus the key can optionally be changed several times until a successful decryption, but a predetermined or signaled maximum number of increases in the value is also conceivable.
- the station has at least one device for generating keys on the basis of an indicator assigned to a number of data packets and for decrypting encrypted data packets using the generated keys, and one Device for controlling a change in the indicator in the event of an unsuccessful decryption of one of the data packets with a currently generated key.
- the station according to the invention is particularly advantageously designed as a terminal, for example a mobile or stationary subscriber terminal.
- the devices according to the invention can alternatively or additionally in one
- Network component for example in a base station and / or radio network control of the radio communication system.
- FIG. 1 shows components of a radio communication system with devices for carrying out the method according to the invention
- FIG. 2 shows a flowchart of the method according to the invention.
- station in the scope of the invention is a radio-capable mobile or stationary
- Subscriber terminal UE user equipment
- a radio station assigned to a machine for example.
- the method described can be the same
- base stations NB node B
- RNC radio network controller
- All of the devices described below and designed for the implementation of the invention are each implemented in addition to other devices for communication and control in the components of the system which are known to the person skilled in the field of radio communication.
- a station UE which is located in the radio coverage area Z (radio cell) of a base station NB, receives data packet dp from this base station NB via a radio interface in a radio channel.
- the HS-DSCH transport channel High Speed - Downlink Shared Channel
- the channel transmitting the data packets dp is not limited to this in the context of the invention.
- the data packets of a service to be transmitted to the station UE are encrypted in a device VEE for encrypting and decrypting the radio network controller RNC.
- the key used for this is based on a value of a counter C.
- the value of the counter is, for example, incremented after every 128 encrypted data packets in order to provide a different key for the data packet to be transmitted To use encryption.
- the encrypted data packets are then transmitted via a radio interface to the base station NB, which is implemented in the base station NB connected to the radio network controller RNC Transfer station UE.
- Mechanisms and procedures to be used for transmission via the radio interface can generally be found in the UMTS standard.
- the station UE has a transmission
- E pfangs leverage TRX to receive the transmitted encrypted data packets dp. These are then fed to a device VEE for encryption and decryption, in which the data packets dp are decrypted on the basis of a generated key.
- the key used here is based, among other things, on the current transmission side described, on a current value of a counter C, which is also counted up after every 128 decrypted data packets. If the station UE receives each of the data packets dp sent from the network side, the counters C in the radio network controller RNC and in the station UE are counted up in a synchronous manner, and a correct key for decrypting the data packets dp is generated in each case.
- the station UE does not correctly receive a large number of data packets dp.
- the key for the decryption is generated in the station UE with a value of the counter C that is no longer correct, and decryption of subsequently correctly received data packets dp is not possible.
- At least one further attempt to decrypt with a key that has been changed compared to the key originally used is performed. ternommen.
- the value of the counter C is increased and a new key for a new decryption attempt is generated on the basis of this increased value. If the received data packet can be decrypted with this changed key, then subsequently received data packets with keys are decrypted based on the increased value of the counter. If, however, decryption with the new key is again not possible, one or more repeated increases in the value of the counter can be used as the basis for generating the key.
- the maximum number of attempts with a respective increase in the value of the counter can, for example, be predefined and stored in the station UE, or it can be signaled by the network when a connection is established. However, this can alternatively also be controlled variably, for example depending on a processing capacity available in the station.
- FIG. 2 shows the method according to the invention again in the form of a flow diagram.
- a data packet has been received in a first step 1
- an attempt is made in a second step 2 to decrypt the received data packet.
- a key is used for decryption, which was generated based on an indicator, for example a current value of a counter. If it is determined in a third step 3 that decryption was possible - yes - the decrypted data packet is passed on to further processing methods, represented by step 4. If, however, it is determined in step 3 that the data packet could not be decrypted, a change in the key is controlled in a fifth step 5, for example by means of a change in the indicator, and the data packet is re-encrypted. search in step 2, this time using the changed key.
Abstract
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE200410022537 DE102004022537A1 (de) | 2004-05-05 | 2004-05-05 | Verfahren zur Steuerung der Entschlüsselung von verschlüsselten Datenpaketen in einem Funk-Kommunikationssystem |
DE102004022537.0 | 2004-05-05 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2005109741A1 true WO2005109741A1 (fr) | 2005-11-17 |
Family
ID=34966491
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2005/051933 WO2005109741A1 (fr) | 2004-05-05 | 2005-04-28 | Procede pour commander le decodage de paquets de donnees codes dans un systeme de radiocommunication |
Country Status (2)
Country | Link |
---|---|
DE (1) | DE102004022537A1 (fr) |
WO (1) | WO2005109741A1 (fr) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2490470A1 (fr) * | 2011-02-16 | 2012-08-22 | Marvell World Trade Ltd. | Rétablissement après erreurs de décryptage dans une séquence de paquets de communication |
US9385865B2 (en) | 2013-07-18 | 2016-07-05 | Marvell World Trade Ltd. | Correcting deciphering mis-synchronization in a mobile communication terminal |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0446194A1 (fr) * | 1990-03-07 | 1991-09-11 | Telefonaktiebolaget L M Ericsson | Synchronisation continue des dispositifs de chiffrage dans un système cellulaire de communication |
EP1094634A2 (fr) * | 1999-10-19 | 2001-04-25 | Lucent Technologies Inc. | Resynchronisation automatique d'une information de crypto-synchronisation |
-
2004
- 2004-05-05 DE DE200410022537 patent/DE102004022537A1/de not_active Ceased
-
2005
- 2005-04-28 WO PCT/EP2005/051933 patent/WO2005109741A1/fr active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0446194A1 (fr) * | 1990-03-07 | 1991-09-11 | Telefonaktiebolaget L M Ericsson | Synchronisation continue des dispositifs de chiffrage dans un système cellulaire de communication |
EP1094634A2 (fr) * | 1999-10-19 | 2001-04-25 | Lucent Technologies Inc. | Resynchronisation automatique d'une information de crypto-synchronisation |
Non-Patent Citations (1)
Title |
---|
"Universal Mobile Telecommunications System (UMTS); 3G security; Security architecture (3GPP TS 33.102 version 5.3.0 Release 5); ETSI TS 133 102", ETSI STANDARDS, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE, SOPHIA-ANTIPO, FR, vol. 3-SA3, no. V530, September 2003 (2003-09-01), XP014017590, ISSN: 0000-0001 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2490470A1 (fr) * | 2011-02-16 | 2012-08-22 | Marvell World Trade Ltd. | Rétablissement après erreurs de décryptage dans une séquence de paquets de communication |
US8582768B2 (en) | 2011-02-16 | 2013-11-12 | Marvell World Trade Ltd. | Recovery from decryption errors in a sequence of communication packets |
US8964985B2 (en) | 2011-02-16 | 2015-02-24 | Marvell World Trade Ltd. | Recovery from decryption errors in a sequence of communication packets |
US9385865B2 (en) | 2013-07-18 | 2016-07-05 | Marvell World Trade Ltd. | Correcting deciphering mis-synchronization in a mobile communication terminal |
Also Published As
Publication number | Publication date |
---|---|
DE102004022537A1 (de) | 2005-12-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE60312689T2 (de) | Verfahren und vorrichtung zur verminderung von übertragungsfehlern | |
EP3142410B1 (fr) | Terminal utilisateur et station de base pour l'administration des rapports d'état de tampon | |
DE19723659B4 (de) | Datenkommunikationssystem und Verfahren zur Chiffrierung zu übertragender Daten | |
DE602004012862T2 (de) | Dienstgüte-bewusste Ablaufsteuerung für Aufwärtsübertragungen über zugeordneten Kanälen | |
DE602004010209T2 (de) | Verbesserte Aufwärtsrichtungsdatenübertragung | |
EP3451781B1 (fr) | Procédé de transmission de données, appareil de réseau, et équipement utilisateur | |
EP0996306A2 (fr) | Méthode et système de radiocommunication pour controler la signalisation | |
DE602004000677T2 (de) | Bestimmung der Aktivierungszeit für eine Aufwärtsrichtungsverschlüsselung in einem UMTS Teilnehmergerät | |
EP1119925B1 (fr) | Procede et systeme de communication radio pour le reglage de puissance entre une station de base et une station abonnee | |
DE112017001234T5 (de) | Verfahren zum Empfangen eines Multicast-Signals in einem drahtlosen Kommunikationssystem und Vorrichtung dafür | |
EP1419607B1 (fr) | Procede et station sans fil pour la transmission de paquets de donnees dans un systeme de communication radio | |
EP1519598B1 (fr) | Transmission d'une information (NACK) provenant d'un terminal abonné relatif à la réception d'un paquet de données dans un système de transmission "point à multipoint" | |
DE10321207B3 (de) | Verfahren zur Steuerung der Sendeleistung einer sendenden Station eines Funkkommunikationssystems sowie sendende Station, empfangende Station und Funkkomunikationssystem | |
DE60208909T2 (de) | Verfahren zur steuerung einer netzwerkeinheit und einer mobilstation | |
WO2005109741A1 (fr) | Procede pour commander le decodage de paquets de donnees codes dans un systeme de radiocommunication | |
EP1419639A1 (fr) | Procede de transmission de paquets de donnees dans un systeme de communication radio | |
EP1726181A1 (fr) | Extension de protocole d'un message de signalisation | |
EP1829243B1 (fr) | Procede pour la transmission de paquets de donnees | |
DE102012105355B4 (de) | Transmitterschaltkreis und Verfahren | |
EP1586206A1 (fr) | Procede pour synchronisation dans des systemes de radiocommunication | |
EP1694000A1 (fr) | Procédé permettant de faire fonctionner une station d'abonné et pour faire fonctionner un dispositif de réseau dans un système de radiocommunications | |
WO2008055774A1 (fr) | Réacheminement d'informations utiles et de contrôle lors d'un transfert continu | |
WO2002021719A2 (fr) | Procede pour repartir des donnees de signalisation sur des canaux de transmission dans un systeme de radiotelephonie mobile | |
DE102005043005B4 (de) | Verfahren zum Auswählen mindestens eines Kommunikationsdienstes, Kommunikationseinrichtung, Kommunikationseinrichtungs-Chipkarte und Computerprogrammelement | |
EP1741249A1 (fr) | Procédé, station d'abonné et dispositif de réseau pour la communication radio, en particulier dans le contexte de services HSDPA |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DPEN | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101) | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
122 | Ep: pct application non-entry in european phase |