WO2006134985A1 - 秘匿処理装置及び秘匿処理方法 - Google Patents
秘匿処理装置及び秘匿処理方法 Download PDFInfo
- Publication number
- WO2006134985A1 WO2006134985A1 PCT/JP2006/311964 JP2006311964W WO2006134985A1 WO 2006134985 A1 WO2006134985 A1 WO 2006134985A1 JP 2006311964 W JP2006311964 W JP 2006311964W WO 2006134985 A1 WO2006134985 A1 WO 2006134985A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- concealment
- sequence number
- data
- mask
- mac
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
Definitions
- the present invention relates to an apparatus and method for performing confidential processing of a mobile communication system.
- Non-patent document 1 describes the outline of the wireless section concealment process in the IMT-2000 system.
- the cipher process is distributed and arranged in the radio link control (RLC) sublayer and the medium access control (MAC) sublayer.
- the protocol layer that performs the concealment process is determined according to the operation mode of the RLC protocol applied to the radio bearer (RB). For example, in the case of transparent mode (TM transparent mode) used in voice communication, concealment processing is performed in the MAC layer, and unacknowledgement mode (UM) and confirmation mode used for packet communication and control signal transmission.
- TM transparent mode transparent mode
- UM unacknowledgement mode
- confirmation mode used for packet communication and control signal transmission.
- A Acknowledgment Mode
- confidential processing is performed in the RLC layer.
- the secret sequence number (count) “COUNT” or wireless Bearer ID "BEARER” etc. are combined.
- FIG. 2 and FIG. 3 show the concealment process in the radio section in the IMT-2000 system.
- Fig. 2 shows the confidential processing applied to the RB when the RLC operation mode is TM.
- the concealment process is performed on a MAC-SDU (Service Data Unit) basis.
- a combination of a connection frame number (CFN) and a hyper frame number (HFN: Hyper Frame Number) in addition to the key number (CK) is used as a parameter for the confidential processing performed by the MAC entity.
- the identifier (direction) indicating the transmission direction of communication (uplink / downlink difference) is used by “DIRECTION ⁇ ” Is done.
- a concealment sequence common to all logical channels is set.
- FIG. 3 shows the concealment process applied to the RB when the RLC operation mode is AM or UM.
- RLC—PDU packet data unit
- CK key number
- SN sequence number
- HFN hyperframe number assigned to the RLC protocol data unit
- Chillon an individual concealment sequence (count) is set for each logical channel.
- Non-Patent Document 1 3GPP TS33.102, Chapter 6.
- Non-Patent Document 2 3GPP TR25. 858, 9. 1
- Non-Patent Document 3 3GPP TR25. 913, 6.1
- the PDU size of RLC-PDU or MAC-SDU is a fixed length of about 40 bytes.
- HSDPA see Non-Patent Document 2
- Evolved UTRAN see Non-Patent Document 3
- the bandwidth of wireless bearer transmission speeds has increased, so the unit Secret per hour
- the number of PUs that perform concealment processing increases and the processing load increases. For example, if a wireless transmission rate of 100 Mbps is assumed, information transmission of about 25000 bytes per TTI is possible if the TTI length is 2 msec, the same as HSDPA.
- the sequence number used as the confidential parameter must be synchronized in transmission and reception.
- the HFN is synchronized at the time of setting the connection between the network side (RNC) and the mobile station, and in order to maintain secrecy, it is counted independently on both the transmission side and the reception side for each period of the sequence number (SN or CFN). Will be up. For this reason, there is a problem that the HFN on the transmission / reception side is out of synchronization when PDUs of one sequence number or more are continuously lost (loss).
- the receiving side HFN is sent for one period and counted up, and the HFN is out of synchronization. Let's do it. More specifically, since the number of digits of the sequence number (SN) is 7 bits in RLC-UM, loss of secret synchronization occurs when 127 RLC-PDUs are lost.
- the present invention has been made to address at least one of the above-mentioned problems, and the problem is a concealment processing device and a concealment processing method that at least reduce concealment processing delay and concealment synchronization loss frequency. Is to provide.
- a concealment processing device that performs concealment processing in the MAC layer of the mobile communication system.
- the concealment processing device includes means for creating a mask using a concealment sequence number, and means for performing a logical operation on the mask and concealment target data and outputting encrypted data.
- the secret sequence number is composed of a hyperframe number and a system frame number.
- FIG. 1 is a diagram showing a concealment process in IMT-2000.
- FIG. 2 is a diagram showing a concealment process in RLC-TM.
- FIG. 3 is a diagram showing a concealment process in RLC-UM and RLC-AM.
- FIG. 5 is a diagram showing a MAC layer concealment configuration (transmission side).
- FIG. 6 is a diagram showing a MAC layer concealment configuration (reception side).
- FIG. 7 is a diagram showing a confidential processing unit of the present invention.
- FIG. 8 is a diagram showing a concealment process of the present invention.
- FIG. 9 is a diagram showing the effect of the present invention.
- FIG. 10 is a diagram showing a MAC concealment sublayer of the present invention.
- the MAC concealment sublayer performs concealment processing in units of transport blocks (TB).
- a transport block is a unit of data transfer from the MAC layer to the physical layer per unit time (TTI).
- TTI physical layer per unit time
- HFN Hyperframe numbers
- SFN system frame numbers
- the concealment processing unit By integrating the concealment processing unit in the MAC sublayer, it is possible to realize the simplification of the mobile device configuration. Conventionally, concealment processing was repeated for each RLC-PDU, but in one form of the present invention, concealment processing is performed collectively for each PDU in the MAC layer, thereby reducing processing load and processing delay. be able to. Regardless of the RLC mode, the confidential processing system can be simplified by using a unified sequence number. In addition, by using the system frame number, it is possible to reduce the probability of the synchronization parameter being out of synchronization.
- FIG. 5 shows a configuration example of a transmission side MAC sublayer including a MAC concealment sublayer according to an embodiment of the present invention.
- the transmission side MAC sublayer is composed of a logical channel (LCH) multiplexing unit, a priority identification unit, a priority queue, a scheduling unit, a MAC concealment sublayer, and a transmission side HARQ unit.
- the logical channel multiplexing unit multiplexes a plurality of different logical channels transferred from the upper layer, and transfers the data to the subsequent priority identification unit. For example, based on signaling information from an upper layer, the priority identification unit ranks transmission priorities among the flows for a plurality of data flows multiplexed in the logical channel multiplexing unit, and assigns priority to each data.
- the priority queue buffers the transferred data, and the transmission timing is assigned based on the instruction from the scheduling unit. If the transmission timing is detrimental to the priority queue, the queue power and the PDU data from higher layers are extracted according to the amount of radio resources allocated to layer 1 and the transport block (TB) And transfer data to the MAC concealment sublayer.
- the MAC concealment sublayer performs concealment processing on the data and transfers the data to the HARQ section on the transmission side.
- the HARQ unit performs data delivery management and retransmits the transmission data depending on whether there is an error in data transmission in the radio section.
- FIG. 6 shows a configuration example of the receiving side MAC sublayer including the MAC concealment sublayer in the present invention.
- the receiving side MAC sublayer includes a logical channel separation unit, a MAC reordering unit (Reordering) unit, a MAC concealment sublayer, and a receiving side HARQ unit.
- the receiving HARQ unit makes a retransmission request to the transmitting HARQ unit based on the decoding result of the data transferred from the lower layer, and transfers the decoded data to the MAC concealed sublayer when the data is received correctly.
- the MAC concealment sublayer performs the decryption process on the received data and transfers the data to the MAC reordering unit.
- the MAC reordering unit performs buffering to maintain the order consistency of the incoming data, and reports the guaranteed data to the logical channel separation unit.
- the logical channel separation unit separates the logical channels multiplexed on the transmission side and transfers the data to the upper layer for each logical channel.
- the MAC concealment sublayer is notified of a concealment sequence number (SFN) and a priority queue ID (BEARER) as parameters used for concealment processing.
- SFN concealment sequence number
- BEARER priority queue ID
- a method for notifying the confidential parameter to the MAC secret sublayer on the receiving side may be a method of notifying the transmission timing of the corresponding TB (SFN) as scheduling allocation information using a common control channel. Since the transmission direction (DIRECTION) is known, no notification is required.
- the MAC sublayer according to this embodiment shown in FIGS. 5 and 6 functions as shown in FIG.
- the MAC sublayer on the transmission side encrypts the logical channel using the system frame number (SFN) and gives it to the physical layer.
- the MAC sublayer on the receiving side cancels the signal number based on the system frame number (SFN) and reports to the upper layer.
- FIG. 7 shows an example of the confidential processing unit.
- a plurality of PDUs belonging to a plurality of different logical channels having the same priority are multiplexed into one transport block and transferred to the lower layer every unit time (TTI). In the conventional method, each PDU was concealed.
- a plurality of PDUs multiplexed by the logical channel multiplexing unit are used as a unit of the concealment process.
- This unit may be called a protocol unit (PU).
- PU protocol unit
- TTI processing load delay
- FIG. 8 shows a concealment process in the MAC concealment sublayer according to the present embodiment.
- MAC Concealment PU Transport Block
- X0R arithmetic processing
- Ciphered transport block is generated and transferred to the sending HARQ section shown in Fig. 4.
- the secret algorithm In order to generate a secret mask sequence, the secret algorithm generates a secret key sequence (CK: Ciphering Key), a secret sequence number (count) “COUNT”, a transmission direction (direction) “DIRECTION”, and a priority queue number (bearer). ) Use "BEARER" as a parameter.
- the secret sequence number (count) consists of a combination of HFN and SFN.
- the SFN is a sequence number that the base station has uniquely, is notified to the mobile station managed by the base station through a common channel, and is synchronized between the base station and the mobile station.
- the SFN is counted up at regular intervals regardless of the user data. Therefore, if the base station and the mobile station each count up the HFN based on the SFN cycle, they can maintain the synchronized state even if the count-up is performed independently. Therefore, in the case of the conventional method using the sequence number assigned to each PDU, the problem of loss of synchronization caused by a packet loss of one period or more can be avoided (see Fig. 9).
- the discrepancy of the concealment parameter occurs only when the transport block transmission delay due to retransmission exceeds the SFN period.
- the probability that parameter mismatch will occur is substantially higher than that of the prior art. This is significantly reduced.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/917,889 US20090220079A1 (en) | 2005-06-15 | 2006-06-14 | Concealing device and concealing method |
EP06766731A EP1892988A1 (en) | 2005-06-15 | 2006-06-14 | Concealing device and concealing method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2005-175779 | 2005-06-15 | ||
JP2005175779A JP4671776B2 (ja) | 2005-06-15 | 2005-06-15 | 秘匿処理装置及び秘匿処理方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006134985A1 true WO2006134985A1 (ja) | 2006-12-21 |
Family
ID=37532340
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2006/311964 WO2006134985A1 (ja) | 2005-06-15 | 2006-06-14 | 秘匿処理装置及び秘匿処理方法 |
Country Status (7)
Country | Link |
---|---|
US (1) | US20090220079A1 (ja) |
EP (1) | EP1892988A1 (ja) |
JP (1) | JP4671776B2 (ja) |
KR (1) | KR20080015894A (ja) |
CN (1) | CN101218844A (ja) |
TW (1) | TW200708015A (ja) |
WO (1) | WO2006134985A1 (ja) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007282086A (ja) * | 2006-04-11 | 2007-10-25 | Nippon Telegr & Teleph Corp <Ntt> | 通信方法及び通信装置 |
KR100913373B1 (ko) | 2006-06-22 | 2009-08-20 | 이노베이티브 소닉 리미티드 | 무선 통신 시스템에서의 보안 시퀀스 번호 생성 방법 및장치 |
CN103546475A (zh) * | 2013-10-29 | 2014-01-29 | 冯丽娟 | 网络通信主体确认方法及系统 |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8023446B2 (en) | 2006-09-28 | 2011-09-20 | Hang Zhang | Systems and methods for facilitating intra-cell-peer-to-peer communication |
CN101325684B (zh) * | 2007-06-14 | 2010-10-06 | 中兴通讯股份有限公司 | 基于移动多媒体广播的加密控制信息传输方法及系统 |
WO2009122831A1 (ja) | 2008-03-31 | 2009-10-08 | 日本電気株式会社 | 秘匿処理装置、秘匿処理方法、および秘匿処理プログラム |
WO2010026637A1 (ja) * | 2008-09-04 | 2010-03-11 | 富士通株式会社 | 送信装置、受信装置、送信方法および受信方法 |
KR101541079B1 (ko) * | 2009-02-09 | 2015-07-31 | 삼성전자주식회사 | 이동통신시스템에서 상향 링크 데이터의 암호화처리 장치 및 방법 |
KR101049301B1 (ko) * | 2009-08-14 | 2011-07-13 | 인하대학교 산학협력단 | Wban의 매체 접근 제어 프레임, 웨이크업 프레임 및 상기 매체 접근 제어 프레임 및 상기 웨이크업 프레임을 이용하는 네트워크 장치 및 네트워크 제어 장치 |
US20120284524A1 (en) * | 2011-05-03 | 2012-11-08 | Texas Instruments Incorporated | Low overhead nonce construction for message security |
US9313756B2 (en) * | 2012-10-10 | 2016-04-12 | Qualcomm Incorporated | Apparatus and methods for managing hyper frame number (HFN) de-synchronization in radio link control (RLC) unacknowledged mode (UM) |
JP6309543B2 (ja) * | 2013-01-09 | 2018-04-11 | 株式会社Nttドコモ | 無線基地局間(inter−eNB)キャリアアグリゲーションによる保護された無線アクセス |
JP5423916B2 (ja) * | 2013-02-25 | 2014-02-19 | 富士通株式会社 | 通信方法 |
CN103581192A (zh) * | 2013-11-08 | 2014-02-12 | 冯丽娟 | 网络通信主体确认方法及系统 |
JP6629466B2 (ja) * | 2017-01-20 | 2020-01-15 | 日本電信電話株式会社 | 秘密計算システム、秘密計算装置、秘密計算方法、プログラム |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003525556A (ja) * | 2000-03-01 | 2003-08-26 | ノキア コーポレイション | 無線フレーム特有のカウンタ初期化 |
Family Cites Families (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2809579B1 (fr) * | 2000-05-23 | 2003-07-04 | Nortel Matra Cellular | Procede de controle d'un canal entre un terminal radio et une infrastructure de radiocommunication cellulaire, et reseau d'acces mettant en oeuvre un tel procede |
FR2809576B1 (fr) * | 2000-05-23 | 2002-11-15 | Nortel Matra Cellular | Procede de controle d'un canal entre un terminal radio et une infrastructure de radiocommunication cellulaire, et reseau d'acces mettant en oeuvre un tel procede |
FI110736B (fi) * | 2000-08-01 | 2003-03-14 | Nokia Corp | Datansiirtomenetelmä, tilaajapäätelaite ja GPRS/EDGE-radioliityntäverkko |
DE10056361A1 (de) * | 2000-11-14 | 2002-05-23 | Philips Corp Intellectual Pty | Drahtloses Netzwerk zur Übermittlung von Parametern für eine verschlüsselte Datenübertragung |
KR100789565B1 (ko) * | 2001-04-07 | 2007-12-28 | 엘지전자 주식회사 | 무선 베어러 설정 방법과 그에 따른 암호화 수행 및 변경 방법과 데이터 암호화 방법 |
US6870932B2 (en) * | 2001-05-07 | 2005-03-22 | Asustek Computer Inc. | Frame number identification and ciphering activation time synchronization for a wireless communications protocol |
DE10138718A1 (de) * | 2001-08-07 | 2003-02-20 | Siemens Ag | Verfahren zur Übermittlung von Chiffrierungsinformationen an Teilnehmer einer Multicast-Gruppe |
JP2003143217A (ja) * | 2001-10-31 | 2003-05-16 | Nec Commun Syst Ltd | パケット通信システム及びそれに用いるパケット通信方法 |
US6987981B2 (en) * | 2001-11-13 | 2006-01-17 | Asustek Computer Inc. | Robust RLC reset procedure in a wireless communication system |
KR100765123B1 (ko) * | 2002-02-16 | 2007-10-11 | 엘지전자 주식회사 | Srns 재할당 방법 |
US7523306B2 (en) * | 2003-01-16 | 2009-04-21 | Texas Instruments Incorporated | Simplified CCMP mode for a wireless local area network |
KR100956823B1 (ko) * | 2003-02-11 | 2010-05-11 | 엘지전자 주식회사 | 이동 통신 시스템에서 보안 설정 메시지를 처리하는 방법 |
US7233671B2 (en) * | 2003-02-13 | 2007-06-19 | Innovative Sonic Limited | Method for storing a security start value in a wireless communications system |
EP1465369A1 (en) * | 2003-03-31 | 2004-10-06 | Matsushita Electric Industrial Co., Ltd. | Reset synchronisation method for a retransmission protocol |
US7039407B2 (en) * | 2003-08-14 | 2006-05-02 | Nokia Corporation | Method and system for determining a value of a first counter of a wireless communication system serving a user station which moves at a time of handover |
DE602004000677T2 (de) * | 2003-08-15 | 2007-05-10 | Research In Motion Ltd., Waterloo | Bestimmung der Aktivierungszeit für eine Aufwärtsrichtungsverschlüsselung in einem UMTS Teilnehmergerät |
JP4379472B2 (ja) * | 2004-03-24 | 2009-12-09 | 日本電気株式会社 | 移動体通信システム、基地局及びそれらに用いるhsdpa伝送方法 |
US8259752B2 (en) * | 2004-05-07 | 2012-09-04 | Interdigital Technology Corporation | Medium access control layer architecture for supporting enhanced uplink |
US7333442B2 (en) * | 2004-07-30 | 2008-02-19 | M-Stack Limited | Apparatus and method for applying ciphering in universal mobile telecommunications system |
US20060050679A1 (en) * | 2004-09-09 | 2006-03-09 | Sam Shiaw-Shiang Jiang | Method for On-Line Recovery of Parameter Synchronization for Ciphering Applications |
US20060126841A1 (en) * | 2004-12-14 | 2006-06-15 | Tata Consultancy Services Ltd. | Method and apparatus for a security system for wireless networks |
US20080226074A1 (en) * | 2007-03-15 | 2008-09-18 | Interdigital Technology Corporation | Method and apparatus for ciphering packet units in wireless communications |
-
2005
- 2005-06-15 JP JP2005175779A patent/JP4671776B2/ja not_active Expired - Fee Related
-
2006
- 2006-06-14 KR KR1020077031002A patent/KR20080015894A/ko not_active Application Discontinuation
- 2006-06-14 EP EP06766731A patent/EP1892988A1/en not_active Withdrawn
- 2006-06-14 US US11/917,889 patent/US20090220079A1/en not_active Abandoned
- 2006-06-14 CN CNA2006800252006A patent/CN101218844A/zh active Pending
- 2006-06-14 WO PCT/JP2006/311964 patent/WO2006134985A1/ja active Application Filing
- 2006-06-15 TW TW095121399A patent/TW200708015A/zh not_active IP Right Cessation
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003525556A (ja) * | 2000-03-01 | 2003-08-26 | ノキア コーポレイション | 無線フレーム特有のカウンタ初期化 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007282086A (ja) * | 2006-04-11 | 2007-10-25 | Nippon Telegr & Teleph Corp <Ntt> | 通信方法及び通信装置 |
KR100913373B1 (ko) | 2006-06-22 | 2009-08-20 | 이노베이티브 소닉 리미티드 | 무선 통신 시스템에서의 보안 시퀀스 번호 생성 방법 및장치 |
CN103546475A (zh) * | 2013-10-29 | 2014-01-29 | 冯丽娟 | 网络通信主体确认方法及系统 |
Also Published As
Publication number | Publication date |
---|---|
KR20080015894A (ko) | 2008-02-20 |
JP4671776B2 (ja) | 2011-04-20 |
TW200708015A (en) | 2007-02-16 |
TWI317595B (ja) | 2009-11-21 |
CN101218844A (zh) | 2008-07-09 |
EP1892988A1 (en) | 2008-02-27 |
US20090220079A1 (en) | 2009-09-03 |
JP2006352490A (ja) | 2006-12-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4671776B2 (ja) | 秘匿処理装置及び秘匿処理方法 | |
JP6328196B2 (ja) | 移動通信システムにおける無線プロトコル処理方法及び移動通信送信機 | |
US10135610B2 (en) | Method and apparatus for ciphering packet units in wireless communications | |
US9312992B2 (en) | Method and apparatus for data security and automatic repeat request implementation in a wireless communication system | |
EP2208294B1 (en) | Method of repairing a security failure | |
US8811617B2 (en) | Efficient security-related processing | |
US8379855B2 (en) | Ciphering in a packet-switched telecommunications system | |
JP5344200B2 (ja) | 通信システム | |
JP5033424B2 (ja) | 秘匿通信システム | |
AU2014277841B2 (en) | Method and apparatus for data security and automatic repeat request implementation in a wireless communication system | |
JP5309712B2 (ja) | 通信装置、秘匿解除方法 | |
KR20070121538A (ko) | 무선 통신 시스템에서 데이터 프레이밍을 위한 방법 및장치 | |
KR20070080059A (ko) | 이동통신 시스템에서 무선 링크 제어 계층의 데이터 전송방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200680025200.6 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2006766731 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020077031002 Country of ref document: KR |
|
WWP | Wipo information: published in national office |
Ref document number: 2006766731 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11917889 Country of ref document: US |