WO2009004590A3 - Method, apparatus, system and computer program for key parameter provisioning - Google Patents
Method, apparatus, system and computer program for key parameter provisioning Download PDFInfo
- Publication number
- WO2009004590A3 WO2009004590A3 PCT/IB2008/052665 IB2008052665W WO2009004590A3 WO 2009004590 A3 WO2009004590 A3 WO 2009004590A3 IB 2008052665 W IB2008052665 W IB 2008052665W WO 2009004590 A3 WO2009004590 A3 WO 2009004590A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- information
- user equipment
- key
- processing instruction
- equipment processing
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0414—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/061—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
- Storage Device Security (AREA)
Abstract
A method includes receiving, for a specific user equipment, an inquiry for key generation-related information, and user equipment processing instruction information, generating first key information on the received user equipment processing instruction information, encrypting at least core-network related dynamic identity information based on the generated key information, and sending the key generation-related information comprising at least the encrypted core-network related dynamic identity information and the received user equipment processing instruction information. Also described is a method that includes receiving key generation-related information that has at least encrypted core-network related dynamic identity information and user equipment processing instruction information, generating first key information on the received user equipment processing instruction information, decrypting the received encrypted core-network related dynamic identity information based on the generated first key information, and deriving second key information based on the decrypted core-network related dynamic identity information. These methods protect certain data in a network initiated GBA (push) bootstrapping from tampering and observation.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US92958907P | 2007-07-03 | 2007-07-03 | |
US60/929,589 | 2007-07-03 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2009004590A2 WO2009004590A2 (en) | 2009-01-08 |
WO2009004590A3 true WO2009004590A3 (en) | 2009-02-26 |
Family
ID=40094130
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2008/052665 WO2009004590A2 (en) | 2007-07-03 | 2008-07-02 | Method, apparatus, system and computer program for key parameter provisioning |
Country Status (2)
Country | Link |
---|---|
TW (1) | TW200915814A (en) |
WO (1) | WO2009004590A2 (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2394452B1 (en) | 2009-02-05 | 2017-12-06 | Telefonaktiebolaget LM Ericsson (publ) | Network unit of a device management network system for protection of a bootstrap message, and corresponding device, method and computer program |
CN105144600B (en) * | 2013-05-31 | 2018-11-02 | 英特尔Ip公司 | Hybrid digital and analog beam for large-scale antenna array shape |
GB2518257A (en) | 2013-09-13 | 2015-03-18 | Vodafone Ip Licensing Ltd | Methods and systems for operating a secure mobile device |
CN106487501B (en) * | 2015-08-27 | 2020-12-08 | 华为技术有限公司 | Key distribution and reception method, key management center, first network element and second network element |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060079205A1 (en) * | 2004-09-08 | 2006-04-13 | James Semple | Mutual authentication with modified message authentication code |
WO2007008120A1 (en) * | 2005-07-07 | 2007-01-18 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and arrangement for authentication and privacy |
US20070086591A1 (en) * | 2005-10-13 | 2007-04-19 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and apparatus for establishing a security association |
-
2008
- 2008-07-02 WO PCT/IB2008/052665 patent/WO2009004590A2/en active Application Filing
- 2008-07-03 TW TW097125032A patent/TW200915814A/en unknown
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060079205A1 (en) * | 2004-09-08 | 2006-04-13 | James Semple | Mutual authentication with modified message authentication code |
WO2007008120A1 (en) * | 2005-07-07 | 2007-01-18 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and arrangement for authentication and privacy |
US20070086591A1 (en) * | 2005-10-13 | 2007-04-19 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and apparatus for establishing a security association |
Non-Patent Citations (2)
Title |
---|
3GPP: "3rd Generation Partnership Project;Technical Specification Group Services and System Aspects; Generic Authentication Architecture (GAA);Generic Bootstrapping Architecture (GBA) Push Function (Release 7)", 3GPP DRAFT; S3-070456_33223-040(RM)_V1, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. tsg_sa\WG3_Security\TSGS3_47_Tallinn\Docs, no. Tallinn; 20070522, 25 May 2007 (2007-05-25), XP050279928 * |
NOKIA ET AL: "GBA push: Key derivation for broadcast NAF and privacy", 3GPP DRAFT; S3-070563-GBA PUSH NAF NAME 030707V1, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. tsg_sa\WG3_Security\TSGS3_48_Montreal\Docs, no. Montreal; 20070710, 3 July 2007 (2007-07-03), XP050280030 * |
Also Published As
Publication number | Publication date |
---|---|
TW200915814A (en) | 2009-04-01 |
WO2009004590A2 (en) | 2009-01-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2003077084A3 (en) | Implementation of storing secret information in data storage reader products | |
WO2008030704A3 (en) | Method and system for secure processing of authentication key material in an ad hoc wireless network | |
US20120170740A1 (en) | Content protection apparatus and content encryption and decryption apparatus using white-box encryption table | |
WO2008001327A3 (en) | Method and apparatus for encrypting/decrypting data | |
WO2008032304A3 (en) | Method and system for secure data collection and distribution | |
EP2544400A3 (en) | PUF based Cryptographic communication system and cryptographic communication method | |
CN107005577B (en) | Fingerprint data processing method and processing device | |
WO2000072500A3 (en) | Information encryption system and method | |
CA2585987A1 (en) | System and method for protecting master encryption keys | |
WO2009151832A3 (en) | Method and system for securing a payment transaction | |
TW200701728A (en) | Data-encrypting/decrypting method, data-saving media using the method, and data-encrypting/decrypting module | |
CN101164063A (en) | Method and apparatus for managing digital content | |
CN103177222A (en) | Processing method for file shell adding and shell removing and device thereof | |
CN101140610B (en) | Contents decryption method using DRM card | |
CN107306254B (en) | Digital copyright protection method and system based on double-layer encryption | |
ATE542325T1 (en) | METHOD AND DEVICE FOR SECURE DISTRIBUTION OF PROGRAM CONTENT | |
CN101539977B (en) | Method for protecting computer software | |
CN105208028A (en) | Data transmission method and related device and equipment | |
MX2018007696A (en) | Method and system for enhancing the security of a transaction. | |
EP1611725B8 (en) | Method and apparatuses for provisioning data access | |
WO2007106586A3 (en) | Decryption key reuse in ancrypted digital data stream distribution systems | |
WO2009004590A3 (en) | Method, apparatus, system and computer program for key parameter provisioning | |
CN101399663B (en) | Method, system and device for digital content authentication | |
CN112528309A (en) | Data storage encryption and decryption method and device | |
US20150200777A1 (en) | Data securing method, data securing system and data carrier |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 08763453 Country of ref document: EP Kind code of ref document: A2 |