WO2014207506A1 - Device to device communication security - Google Patents

Device to device communication security Download PDF

Info

Publication number
WO2014207506A1
WO2014207506A1 PCT/IB2013/055217 IB2013055217W WO2014207506A1 WO 2014207506 A1 WO2014207506 A1 WO 2014207506A1 IB 2013055217 W IB2013055217 W IB 2013055217W WO 2014207506 A1 WO2014207506 A1 WO 2014207506A1
Authority
WO
WIPO (PCT)
Prior art keywords
certificate
identifier associated
further apparatus
network node
ieast
Prior art date
Application number
PCT/IB2013/055217
Other languages
French (fr)
Inventor
Jan-Erik Ekberg
Mikko Aleksi Uusitalo
Zexian Li
Original Assignee
Nokia Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Corporation filed Critical Nokia Corporation
Priority to US14/896,466 priority Critical patent/US9960922B2/en
Priority to PCT/IB2013/055217 priority patent/WO2014207506A1/en
Priority to CN201380077762.5A priority patent/CN105340353B/en
Priority to EP13888138.8A priority patent/EP3014945B1/en
Publication of WO2014207506A1 publication Critical patent/WO2014207506A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/64Self-signed certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/72Subscriber identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/75Temporary identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/14Direct-mode setup

Definitions

  • This disclosure relates to device to device communication security. This disclosure relates further relates to, but is not limited to, device to device communication security in a cellular communication system.
  • a communication system can be seen as a facility that enables communications between two or more nodes or devices such as fixed or mobile communication devices, access points (AP) such as base stations, relays, servers and so on.
  • a communication system and compatible communicating entities typically operate in accordance with a given standard or specification which sets out what the various entities associated with the system are permitted to do and how that should be achieved.
  • the standards, specifications and related protocols can define the manner how various devices shall communicate with each other, how various aspects of the communications shall be implemented and how the devices shall be configured.
  • Signals can be carried on wired or wireless carriers.
  • wireless communication systems include architectures that are standardized by the 3rd Generation Partnership Project (3GPP).
  • 3GPP 3rd Generation Partnership Project
  • LTE long-term evolution
  • UMTS Universal Mobile Telecommunications System
  • a communication device can be provided with an appropriate signal receiving and transmitting arrangement for enabling communications with other devices.
  • a communication device is used for enabling receiving and transmission of communications such as speech and data.
  • a user can access wirelessly a communication system by means of an appropriate wireless communication device or terminal, often referred to as user equipment (UE).
  • UE user equipment
  • Other types of wireless communication devices are also known, for example various access points, relays, and so on that are capable of communicating wirelessly with other devices.
  • New services and communication architectures are emerging. For example, proximity-based applications and services have been proposed. The introduction of a proximity services (ProSe) capability in systems such as LTE can be used to enable use of the proximity-based applications.
  • ProSe proximity services
  • One aspect of proximity services is devices capable of device-to-device communications (D2D).
  • Device-to-device communication in cellular networks can be used to off-load the communication from core network to high-speed locai connection, but also to form local, isoiated communicating groups for e.g. emergency services, among friends or even as a personal-area network as discussed in 3GPP TR22.803. Many of these networks carry at least private data, in some cases also confidential information. Thus proper protection against e.g. eavesdropping is a wanted feature.
  • the Trusted Computing Group is a forum that standardizes security elements for trustworthy computing.
  • One of the standards defines the TP - the trusted platform module - which is a hardware component in a computing device that will be placed in the trusted computing base of the device, and consequently provide standardized security services to the OS and applications.
  • Embodiments of the invention aim to address one or several of the above issues.
  • a method comprising: requesting a certificate comprising at least one identifier associated with a first apparatus from at least one network node; receiving at the first apparatus the certificate from the at least one network node; and forwarding the certificate to a further apparatus; receiving a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and authenticating the further apparatus based on the further certificate.
  • the method may further comprise: discovering at a first apparatus the further apparatus; and establishing between the first apparatus and the further apparatus a security association.
  • Establishing between the first apparatus and the further apparatus a security association may comprise establishing a cryptographic pipe between the first apparatus and the further apparatus.
  • Forwarding the certificate to the further apparatus may comprise: encrypting the certificate with the cryptographic pipe key; and transmitting the encrypted certificate to the further apparatus.
  • Receiving a further certificate from the further apparatus may comprise: receiving an encrypted certificate from the further apparatus; and generating a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe.
  • Authenticating the further apparatus based on the further certificate may comprise determining whether the at least one further identifier associated with the further apparatus matches a value stored within the first apparatus.
  • the certificate comprising at least one identifier associated with the first apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Heflman group element originating from the first apparatus; an identifier based on an established security association between the first apparatus and the further apparatus; a location of an access point to which the first apparatus is associated with; a phone number associated with the first apparatus; an International Mobile Subscriber Identity associated with the first apparatus; and a Temporary Mobile Subscriber Identity associated with the first apparatus.
  • the further certificate comprising at least one further identifier associated with the further apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Dsffie-He!lrnan group element originating from the further apparatus; an identifier based on an established security association between the first apparatus and the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an International Mobile Subscriber Identity associated with the further apparatus; and a Temporary Mobile Subscriber Identify associated with the further apparatus.
  • the method may further comprise: requesting from the further apparatus the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; receiving at the further apparatus the further certificate from the at least one further network node; and forwarding the further certificate from the further apparatus to the apparatus; receiving at the further apparatus the certificate from the first apparatus; authenticating at the further apparatus the apparatus based on the certificate.
  • a method comprising: receiving a request from an apparatus for a certificate comprising at least one identifier associated with the apparatus; generating the certificate comprising the at least one identifier associated with the apparatus; and transmitting the certificate comprising the at least one identifier associated with the apparatus, wherein the certificate is configured to be exchanged between apparatuses to authenticate the apparatus at a further appa atus.
  • Generating the certificate comprising the at least one identifier associated with the apparatus may comprise at least one of: determining an asymmetric public key associated with the apparatus; determining a Diffie-Hellman group element originating from the apparatus; determining a location of an access point to which the apparatus is associated with; determining a phone number associated with the apparatus; determining an International Mobile Subscriber identity associated with the apparatus; and determining a Temporary Mobile Subscriber identity associated with the apparatus.
  • Receiving a request from an apparatus for a certificate comprising at least one identifier associated with the apparatus may comprise receiving an estabiished security association between the apparatus and the further apparatus and generating the certificate comprising the at ieast one identifier associated with the apparatus may comprise generating an identifier based on the established security association between the apparatus and the further apparatus.
  • an apparatus comprising: means for requesting a certificate comprising at least one identifier associated with the apparatus from at Ieast one network node; means for receiving the certificate from the at least one network node; and means for forwarding the certificate to further apparatus; means for receiving a further certificate from the further apparatus, the further certificate comprising at Ieast one further identifier associated with the further apparatus; and means for authenticating the further apparatus based on the further certificate.
  • the apparatus may further comprise: means for discovering the further apparatus; and means for establishing between the apparatus and the further apparatus a security association.
  • the means for establishing between the apparatus and the further apparatus a security association may comprise means for establishing a cryptographic pipe between the apparatus and the further apparatus.
  • the means for forwarding the certificate to the further apparatus may comprise: means for encrypting the certificate with the cryptographic pipe key; and means for transmitting the encrypted certificate to the further apparatus.
  • the means for receiving a further certificate from the further apparatus may comprise: means for receiving an encrypted certificate from the further apparatus; and means for generating a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe.
  • the means for authenticating the further apparatus based on the further certificate may comprise determining whether the at least one further identifier associated with the further apparatus matches a value stored within the apparatus.
  • the certificate comprising at least one identifier associated with the first apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Hel!man group element originating from the apparatus; an identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the apparatus is associated with; a phone number associated with the apparatus; an !nternationai Mobile Subscriber identity associated with the apparatus; and a Temporary Mobile Subscriber identity associated with the apparatus.
  • the further certificate comprising at least one further identifier associated with the further apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Hel!man group element originating from the further apparatus; an identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an International Mobile Subscriber Identity associated with the further apparatus; and a Temporary Mobile Subscriber Identity associated with the further apparatus.
  • a system may comprise the apparatus as discussed herein, and the further apparatus, wherein the further apparatus may comprise: means for requesting the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; means for receiving the further certificate from the at least one further network node; means for forwarding the further certificate to the apparatus; means for receiving the certificate from the apparatus; and means for authenticating the apparatus based on the certificate. ?
  • an apparatus comprising: means for receiving a request from a further apparatus for a certificate comprising at least one identifier associated with the further apparatus; means for generating the certificate comprising the at feast one identifier associated with the further apparatus; and means for transmitting the certificate comprising the at least one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus.
  • the means for generating the certificate comprising the at least one identifier associated with the further apparatus may comprise at least one of: means for determining an asymmetric pubiic key associated with the further apparatus; means for determining a Diffie-Hei!man group element originating from the further apparatus; means for determining a location of an access point to which the further apparatus is associated with; means for determining a phone number associated with the further apparatus; means for determining an Internationa! Mobile Subscriber Identity associated with the further apparatus; and means for determining a Temporary Mobile Subscriber Identify associated with the further apparatus.
  • the means for receiving a request from an apparatus for a certificate comprising at least one identifier associated with the apparatus may comprise means for receiving an established security association between the apparatus and the further apparatus and wherein the means for generating the certificate comprising the at least one identifier associated with the apparatus may comprise means for generating an identifier based on the established security association between the apparatus and the further apparatus.
  • an apparatus comprising at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to: request a certificate comprising at least one identifier associated with the apparatus from at least one network node; receive the certificate from the at least one network node; forward the certificate to a further apparatus; receive a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and authenticate the further apparatus based on the further certificate.
  • the apparatus may further be caused to: discover the further apparatus; and establish between the apparatus and the further apparatus a security association.
  • Establishing between the apparatus and the further apparatus a security association may cause the apparatus to establish a cryptographic pipe between the apparatus and the further apparatus.
  • Forwarding the certificate to the further apparatus may cause the apparatus to: encrypt the certificate with the cryptographic pipe key; and transmit the encrypted certificate to the further apparatus.
  • Receiving a further certificate from the further apparatus may cause the apparatus to: receive an encrypted certificate from the further apparatus; and generate a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe.
  • Authenticating the further apparatus based on the further certificate may cause the apparatus to determine whether the at least one further identifier associated with the further apparatus matches a value stored within the apparatus.
  • the certificate comprising at least one identifier associated with the first apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Hellman group element originating from the apparatus; an identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the apparatus is associated with; a phone number associated with the apparatus; an International Mobile Subscriber Identity associated with the apparatus; and a Temporary Mobile Subscriber Identity associated with the apparatus.
  • the further certificate comprising at least one further identifier associated with the further apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Hellman group element originating from the further apparatus; an identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an international Mobile Subscriber Identity associated with the further apparatus; and a Temporary Mobile Subscriber Identity associated with the further apparatus,
  • a system may comprise the apparatus as discussed herein, and the further apparatus, wherein the further apparatus may comprise at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, which may cause the further apparatus at least to: request the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; receive the further certificate from the at least one further network node; forward the further certificate to the apparatus; receive the certificate from the apparatus; and authenticate the apparatus based on the certificate.
  • the further apparatus may comprise at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, which may cause the further apparatus at least to: request the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; receive the further certificate from the at least one further network node; forward the further certificate to the apparatus; receive the certificate from the apparatus; and authenticate the apparatus
  • an apparatus comprising at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to: receive a request from a further apparatus for a certificate comprising at least one identifier associated with the further apparatus; generate the certificate comprising the at least one identifier associated with the further apparatus; and transmit the certificate comprising the at least one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus.
  • Generating the certificate comprising the at least one identifier associated with the further apparatus may cause the apparatus to perform at least one of: determine an asymmetric public key associated with the further apparatus; determine a Ds ' ffie- Hel!man group element originating from the further apparatus; determine a location of an access point to which the further apparatus is associated with; determine a phone number associated with the further apparatus; determine an International Mobile Subscriber Identity associated with the further apparatus; and determine a Temporary Mobile Subscriber Identity associated with the further apparatus.
  • Receiving a request from an apparatus for a certificate comprising at least one identifier associated with the apparatus may cause the apparatus to receive an established security association between the apparatus and the further apparatus and wherein generating the certificate comprising the at least one identifier associated with the apparatus may cause the apparatus to generate an identifier based on the established security association between the apparatus and the further apparatus.
  • an apparatus comprising: a requester configured to request a certificate comprising at least one identifier associated with the apparatus from at least one network node; a first receiver configured to receive the certificate from the at least one network node; a forwarder configured to forward the certificate to a further apparatus; a second receiver configured to receive a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and an authenticator configured to authenticate the further apparatus based on the further certificate,
  • the apparatus may further comprise: a discoverer configured to discover the further apparatus; and an associator configured to establish between the apparatus and the further apparatus a security association,
  • the associator may be configured to establish a cryptographic pipe between the apparatus and the further apparatus.
  • the forwarder may comprise: an encrypter configured to encrypt the certificate with the cryptographic pipe key; and a transmitter configured to transmit the encrypted certificate to the further apparatus.
  • the second receiver may comprise: a certificate receiver configured to receive an encrypted certificate from the further apparatus; and a decrypter configured to generate a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe.
  • the authenticator may be configured to determine whether the at least one further identifier associated with the further apparatus matches a known value stored within the apparatus.
  • the certificate comprising at least one identifier associated with the first apparatus may comprise at least one of: an asymmetric published identifier derived from a Diffie-Heilman group element originating from the apparatus; an Identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the apparatus is associated with; a phone number associated with the apparatus; an International Mobile Subscriber Identity associated with the apparatus; and a Temporary Mobile Subscriber Identity associated with the apparatus.
  • the further certificate comprising at least one further identifier associated with the further apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Heilman group element originating from the further apparatus; an identifier based on an established security association between the first apparatus and the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an International Mobile Subscriber Identify associated with the further apparatus; and a Temporary Mobile Subscriber identity associated with the further apparatus.
  • a system may comprise the apparatus as discussed herein, and the further apparatus, wherein the further apparatus may comprise: a further apparatus requester configured to request the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; a further apparatus receiver configured to receive the further certificate from the at least one further network node; a further apparatus forwarder configured to forward the further certificate to the apparatus; a further apparatus second receiver configured to receive the certificate from the apparatus; and a further apparatus authenticate configured to authenticate the apparatus based on the certificate.
  • the further apparatus may comprise: a further apparatus requester configured to request the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; a further apparatus receiver configured to receive the further certificate from the at least one further network node; a further apparatus forwarder configured to forward the further certificate to the apparatus; a further apparatus second receiver configured to receive the certificate from the apparatus; and a further apparatus authenticate configured to authenticate the apparatus based on the certificate.
  • an apparatus comprising: a receiver configured to receive a request from a further apparatus for a certificate comprising at least one identifier associated with the further apparatus; a certificate generator configured to generate the certificate comprising the at ieast one identifier associated with the further apparatus; and a transmitter configured to transmit the certificate comprising the at ieast one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus.
  • the certificate generator may be configured to determine at Ieast one of: an asymmetric public key associated with the further apparatus; a Diffie-He!lman group element originating from the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an international Mobile Subscriber Identity associated with the further apparatus; and a Temporary Mobile Subscriber Identity associated with the further apparatus.
  • the receiver may be configured to receive an established security association between the apparatus and the further apparatus and the certificate generator may be configured to generate an identifier based on the established security association between the apparatus and the further apparatus.
  • a computer program may comprise code means adapted to perform the steps of any of claims 1 to 11 when the program is run on a processor. It should be appreciated that any feature of any aspect may be combined with any other feature of any other aspect.
  • Figure 1 shows a schematic diagram of a D2D system where certain embodiments can be implemented
  • Figure 2a shows an example user equipment configured to implement certain embodiments
  • Figure 2b shows an example network base station or controller configured to implement certain embodiments
  • Figure 3 shows a schematic diagram of a further D2D system where certain embodiments can be implemented.
  • FIG. 4 shows a flowchart showing the operations within the further system according to some embodiments. Description of Example Embodiments
  • Figure 1 shows an example cellular/D2D (devsce-to-device) network such as ably to operate embodiments as described herein.
  • Figure 1 shows a network comprising a first base station (BS) 101 belonging to a first operator and a first user equipment (UE) or D2D device 161 configured to communicate with the first base station 101 using a standard 3G security association (which may be identified by Kc) 171 a.
  • the network comprises a second base station 103 potentially belonging to a second operator.
  • the second base station 103 is configured to communicate via a standard 3G security association 171 to two further user equipment or (D2D devices) as shown in Figure 1 by a second user equipment (D2D device) 151 and a third user equipment (D2D device) 153.
  • the second user equipment 151 is configured to communicate via a second 3G (or suitable cellular) security association 171 b with the second base station 103 and the third user equipment 153 is configured to communicate via a third 3G (or suitable celluiar) security association 171 c with the second base station 103, Furthermore the user equipment operating as D2D device are configured to communicate with each other and as such the first, second and third user equipment (D2D devices) 181 , 151 and 153 can be configured to communicate with the other D2D devices. It would be understood that communication between the user equipment operating as D2D devices requires the generation of specific D2D security contexts.
  • first D2D security association 173a formed between the first user equipment (D2D device) 181 and the second user equipment (D2D) device 151
  • second D2D security association 173b formed between the first user equipment (D2D) device 181 and the third user equipment (D2D device) 153
  • third D2D security association 173c derived between the second user equipment (D2D device) 151 and the third user equipment (D2D device) 153.
  • these security associations are used to enable authentication between the D2D devices and in some embodiments to encrypt private data communicated between the devices.
  • the concept as described herein by the embodiments is one of setting up a secure context for D2D communication using cellular devices such as user equipment from different operators which furthermore enables authentication between the devices.
  • the operators can be configured to provide via network entities or base stations an on-demand internet protocol (IP) based service where the user equipment (or customer) can request a real-time operator quotation (or certificate).
  • IP internet protocol
  • the quotation (or certificate) can in some embodiments comprise the following:
  • a location (for example provided by GPS coordinates) of the access point to which the cellular device is attached to.
  • IMSI/TMSI A phone number or other identity (IMSI/TMSI) of the cellular device as known by the cellular network.
  • this information can be signed by a known operator signature key.
  • the known operator signature can for example be the one shared across the network or be formed from keys residing in an operator (public key infrastructure) PKI structure.
  • a non-limiting example of the cellular communication system is a long-term evolution (LTE) of the Universal Mobile Telecommunications System (UMTS) that is being standardized by the 3rd Generation Partnership Project (3GPP).
  • LTE long-term evolution
  • UMTS Universal Mobile Telecommunications System
  • 3GPP 3rd Generation Partnership Project
  • radio access system include those provided by base stations of systems that are based on technologies such as wireless local area network (WLAN) and/or WiMax (Worldwide Interoperability for Microwave Access).
  • WLAN wireless local area network
  • WiMax Worldwide Interoperability for Microwave Access
  • FIG 2a shows a schematic view of an example of user equipment (or D2D device) (UE) 8 that may be used for communicating with the base stations of Figure 1 (or Figure 3) via a wireless interface.
  • the UE 8 may be any device capable of at least sending or receiving radio signals to or from the base stations of Figure 1 (or Figure 3) and additionally may be capable of sending and receiving signals to from another UE in Device-to-Device (D2D) communications.
  • D2D Device-to-Device
  • the UE 151 , 153, 181 , 203, 205, 213 may, for example, be a device designed for tasks involving human interaction such as making and receiving phone calls between users, and streaming multimedia or providing other digital content to a user.
  • Non- 18 limiting examples include a smart phone, and a laptop computer/notebook computer/tablet computer/ e-reader device provided with a wireless interface facility.
  • the UE 151 , 153, 181 , 203, 205, 213 may communicate via radio transceiver circuitry, unit or module 298 and associated antenna arrangement 294 comprising at least one antenna or antenna unit.
  • the antenna arrangement 294 may be arranged internally or externally to the UE 151 , 153, 161 , 203, 205, 213.
  • the UE 151 , 153, 181 , 203, 205 and 213 may be provided with: a baseband unit comprising one or more baseband processors 293; and at least one memory or data storage entity 297.
  • the baseband processor 293 and one or more memory entities 297 may be provided on an appropriate circuit board and/or in chipsets.
  • the memory or data storage entity 297 is typically internal but may also be external or a combination thereof, such as in the case when additionai memory capacity is obtained from a service provider.
  • the user may control the operation of the UE 151 , 153, 161 , 203, 205, 213 by means of a suitable user interface such as key pad 291 , voice commands, touch sensitive screen or pad, combinations thereof or the like.
  • a display 295, a speaker and a microphone may also be provided.
  • the UE 151 , 153, 161 , 203, 205, 213 may comprise appropriate connectors (either wired or wireless) to other devices and/or for connecting external accessories, for example hands-free equipment, thereto.
  • Figure 2b shows one example of apparatus for use at the base station 101 , 103 of Figure 1 or the base station 201 , 211 of Figure 3.
  • the apparatus comprises or is coupled to a radio frequency antenna array 391 (comprising at least one antenna or antenna unit) configured to receive and transmit radio frequency signals; radio transceiver circuitry, module or unit 393 configured to interface the radio frequency signals received and transmitted by the antenna array 391 ; and a baseband unit comprising one or more baseband processors 396.
  • the apparatus usually comprises an interface 399 via which, for example, the baseband processor 398 can communicate with other network elements such as the core network (not shown).
  • the baseband processor 396 is configured to process signals from the radio transceiver 393.
  • the radio transceiver 393 may also control the radio transceiver 393 to generate suitable RF signals to communicate information to UEs 151 , 153, 181 , 203, 205, 213 via a wireless communications link, and also to exchange information with other network nodes 200, 210 and/or other e!MBs 151 , 153, 181 , 203, 205, 213 across a wired link via the interface 399.
  • the one or more memory or data storage units 397 are used for storing data, parameters and/or instructions for use by the baseband processor 398.
  • the memory or data storage entity may be internal or externa!
  • the baseband unit comprising the baseband processor 398 is located remotely from the radio transceiver 393 and the antenna array 391 , and is connected to the radio transceiver 393 by e.g. a fibre optic link.
  • the memories 297, 397 may be implemented using a suitable data storage technology, such as, for example, semiconductor based memory devices, flash memory, magnetic memory devices and systems, optica! memory devices and systems, fixed memory and removable memory.
  • the data processors 293, 398 may, for example, include one or more of microprocessors, digital signal processors (DSPs) and processors based on a multi-core processor architecture. References below to processors 293, 396 controlling the operation of other elements of UEs 151 , 153, 161 , 203, 205, 213 and base stations 201 , 211 , 101 , 103 refer to the processors operating in accordance with program code stored at memories 297, 397. It would be appreciated that the apparatus shown in each of Figures 2a and 2b described above may comprise further elements which are not directly involved with the embodiments described hereafter.
  • Figure 3 shows a further example communication system showing an example D2D Security Association being formed between a first user equipment 203 and a second user equipment 213, in this example the first user equipment 201 and the second user equipment are operating using different base stations from different operators, however it would be understood that similar operations can be performed with respect to user equipment operating as D2D devices using the same operator and/or base station,
  • Figure 4 a flow diagram showing the operations performed with respect to generating the D2D security association according to some embodiments is shown.
  • a first user equipment UE1 203 which is located proximate to a second user equipment UE2 213.
  • the first user equipment 203 communicates with a first base station 201.
  • the first base station 201 furthermore can be configured to communicate with a further user equipment 205 and also to a core network (CM) or base station control node 200.
  • the second user equipment 213 can be configured to communicate with a second base station 211 which in turn can be configured to communicate with a second core network (CM 2) or second base station control node 210,
  • CM 2 second core network
  • the first user equipment UE1 203 and the second user equipment UE2 213 can discover each other in the radio space.
  • the user equipment can belong to different operators or the same operator.
  • the different user equipment can discover each other directly over the air or in other ways. Examples describe use of specific discovery patterns and groups of discovery patterns applicable to nodes operating in a frame based system.
  • D2D communication discovery in some embodiments may use TDD (time division duplexing) technology or FDD (Frequency Division Duplexing) technology.
  • TDD time division duplexing
  • FDD Frequency Division Duplexing
  • the discovery patterns used by each user equipment can be built on top of a frame based communication arrangement In such embodiments the user equipment can be assumed to be synchronized with each other.
  • the discovery of devices or user equipment can be controlled by providing different discovery patterns of transmission and reception phases for different devices in the network for transmission and reception of discovery information between the devices.
  • a network entity responsible for allocating the discovery patterns can also control the reservation/assigning of those resources for the devices that are a part of the discovery.
  • an appropriate controlling network entity may comprise an eNB or base station or another access point in control of a!iocation of discovery patterns.
  • the control can be logica!iy provided by a network node on the highest hierarchy level in a certain geographical area. The operation of discovery is known and is not discussed further,
  • the user equipment can be configured to set up a Diffie-Hellman pipe or shared secret.
  • the Diffie-Heilman pipe uses 2K keys (in other words the shared secret is one with 2048 bits) however any suitable length shared secret can be generated.
  • the keys used to set up the Diffie-Heliman pipe should be 'fresh' in other words generated in real-time and not ephemera! or old keys.
  • any suitable fresh challenge is exchanged between the user equipment using the established security context provided by the Diffie-Heliman pipe.
  • the fresh challenge and/or response can then be used in the following operations.
  • the generated Diffie- Heilman pipe secret (or challenge) is used as an Identifier to generate a Diffie- Heilman security context request, !n other words using an identifier uniquely derived from the shared secret a request is generated within each user equipment.
  • Figure 4 it is shown that the first user equipment (UE1 ) 203 sends the request to the associated base station 201 in step 304.
  • the second user equipment (UE2) 213 transmits the request to the second base station 211 in step 305.
  • the base station for each of the user equipment can then forward this request to a suitable core network node or base station controller node.
  • step 308 The operation of forwarding the request from the first base station 201 to the first core network node or base station controller node 200 is shown in Figure 4 by step 308.
  • the respective base station can perform the quotation generation operation described herein and as such there is no requirement to forward the request to the core network node or base station controller (in other words the forwarding the request and the respective receiving the quotation from the core network node or base station controller node is an optional operation where the base station can perform the generation of the quotation or certificate).
  • the core network node or base station controller node can then generate a real-time operator quotation or certificate comprising the following information under the security context of the cellular network.
  • the quotation can in some embodiments comprise an asymmetric (ECC/RSA) public key and/or a DH (Diffie-Hellman) group element originating from the user equipment or cellular device.
  • the quotation can in some embodiments comprise a location (for example provided by GPS coordinates) of the access point to which the cellular device is attached to.
  • the quotation can comprise a phone number or other identity, for example an International Mobile Subscriber Identity/ Temporary Mobile Subscriber Identity (IMSI TMSI) of the cellular device as known by the cellular network,
  • IMSI TMSI International Mobile Subscriber Identity/ Temporary Mobile Subscriber Identity
  • step 380 The operation of generating the quotation/certificate in the first network is shown in Figure 4 by step 380.
  • the quotation can then be sent back via the respective base station to the user equipment using the cellular security context.
  • the quotation/certificate is sent from the first core network node or base station controller node to the base station in step 308.
  • the quotation Is then forwarded from the base station 201 to the first user equipment 203 in step 310.
  • the quotation/certificate is sent from the second core network node or base station controller node to the second base station in step 309.
  • the quotation is then forwarded from the second base station 211 to the second user equipment 213 in step 312.
  • the first user equipment 203 can then be configured to pass to the second user equipment 213 the signed quotation/certificate from the first network.
  • the second user equipment 213 can be configured to transfer the quotation/certificate from the second network to the first user equipment 203.
  • the operation of transferring the quotation/certificate over the protected security context is shown in Figure 4 by step 313.
  • the user equipment having received the quotation/certificate from the peer user equipment is in some embodiments configured to analyse or checks that the certificate comprises the same Diffie-Hellman shared secret. In other words, determining that the counterpart Is the other endpoint of the Diffie-Hellman pipe.
  • the user equipment receiving the quotation/certificate from the peer user equipment is configured in some embodiments to check the quotation/certificate to determine that the certificate comprises a location which is consistent with the current location of the user equipment or D2D device. In other words, that the user equipment or D2D device which is attempting to participate in a device to device communication is within a determined range and substantially within the same geographical location.
  • the user equipment receiving the quotation/certificate from the peer user equipment is configured in some embodiments to check the quotation/certificate to determine that the certificate comprises a signature from a known and trusted operator.
  • the user equipment determines that the checks are passed. For example that in some embodiments the quotation/certificate contains valid responses in comprising the same DH secret, similar location, and a signature from a known and trusted operator then the user equipment determines that the other user equipment is authenticated and communication between the user equipment can begin.
  • the quotation/certificate can comprise an identity for the other device which can be stored locally along with the new secret set up under the DH context. In some embodiments by storing the identity for the other device with the new secret future D2D context setups can be performed without the overhead of generating new DH contexts and quotation/certificates.
  • the operation of checking the certificate from the peer user equipment and determining whether authentication has occurred is shown in the first user equipment 203 in Figure 4 by step 370 and in the second user equipment in Figure 4 by step 371.
  • the verification of the certificate can be performed in the base station associated with the user equipment.
  • the received certificate following step 313 is forwarded to the associated base station for verification.
  • the verification operation is performed partially in the user equipment and partially in the base station.
  • the channel allocation for the D2D communication can be included within the transmitted information in other words distributing channel allocation information for user equipment or devices participating in the D2D communication and effectively taking a master role for the allocation.
  • the data processors may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), gate level circuits and processors based on mu!ti core processor architecture, as non- limiting examples.
  • the data processing may be distributed across several data processing modules.
  • a data processor may be provided by means of, for example, at least one chip. Appropriate memory capacity can also be provided in the relevant devices.
  • the memory or memories may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory,
  • the various embodiments may be implemented in hardware or special purpose circuits, software, logic or any combination thereof. Some aspects of the invention may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although the invention is not limited thereto. While various aspects of the invention may be illustrated and described as block diagrams, flow charts, or using some other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof.
  • the software may be stored on such physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD.

Abstract

An apparatus comprising: a requester configured to request a certificate comprising at least one identifier associated with the apparatus from at Ieast one network node; a first receiver configured to receive the certificate from the at Ieast one network node; and a forwarder configured to forward the certificate to at least one further apparatus; a second receiver configured to receive a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and an authenticated configured to authenticate the further apparatus based on the further certificate.

Description

Device t© device communication security
Field
This disclosure relates to device to device communication security. This disclosure relates further relates to, but is not limited to, device to device communication security in a cellular communication system.
Background
A communication system can be seen as a facility that enables communications between two or more nodes or devices such as fixed or mobile communication devices, access points (AP) such as base stations, relays, servers and so on. A communication system and compatible communicating entities typically operate in accordance with a given standard or specification which sets out what the various entities associated with the system are permitted to do and how that should be achieved. For example, the standards, specifications and related protocols can define the manner how various devices shall communicate with each other, how various aspects of the communications shall be implemented and how the devices shall be configured.
Signals can be carried on wired or wireless carriers. Examples of wireless communication systems include architectures that are standardized by the 3rd Generation Partnership Project (3GPP). A recent development in this field is often referred to as the long-term evolution (LTE) of the Universal Mobile Telecommunications System (UMTS) radio-access technology. Further developments of the communication systems are expected,
A communication device can be provided with an appropriate signal receiving and transmitting arrangement for enabling communications with other devices. Typically a communication device is used for enabling receiving and transmission of communications such as speech and data. A user can access wirelessly a communication system by means of an appropriate wireless communication device or terminal, often referred to as user equipment (UE). Other types of wireless communication devices are also known, for example various access points, relays, and so on that are capable of communicating wirelessly with other devices. New services and communication architectures are emerging. For example, proximity-based applications and services have been proposed. The introduction of a proximity services (ProSe) capability in systems such as LTE can be used to enable use of the proximity-based applications. One aspect of proximity services is devices capable of device-to-device communications (D2D).
Device-to-device communication in cellular networks can be used to off-load the communication from core network to high-speed locai connection, but also to form local, isoiated communicating groups for e.g. emergency services, among friends or even as a personal-area network as discussed in 3GPP TR22.803. Many of these networks carry at least private data, in some cases also confidential information. Thus proper protection against e.g. eavesdropping is a wanted feature.
The Trusted Computing Group is a forum that standardizes security elements for trustworthy computing. One of the standards defines the TP - the trusted platform module - which is a hardware component in a computing device that will be placed in the trusted computing base of the device, and consequently provide standardized security services to the OS and applications.
It is noted that the above discussed issues are not limited to any particular communication environment and station apparatus but may occur in any appropriate system.
Statement
Embodiments of the invention aim to address one or several of the above issues.
In accordance with an embodiment there is provided a method comprising: requesting a certificate comprising at least one identifier associated with a first apparatus from at feast one network node; receiving at the first apparatus the certificate from the at least one network node; and forwarding the certificate to a further apparatus; receiving a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and authenticating the further apparatus based on the further certificate.
The method may further comprise: discovering at a first apparatus the further apparatus; and establishing between the first apparatus and the further apparatus a security association.
Establishing between the first apparatus and the further apparatus a security association may comprise establishing a cryptographic pipe between the first apparatus and the further apparatus. Forwarding the certificate to the further apparatus may comprise: encrypting the certificate with the cryptographic pipe key; and transmitting the encrypted certificate to the further apparatus.
Receiving a further certificate from the further apparatus may comprise: receiving an encrypted certificate from the further apparatus; and generating a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe.
Authenticating the further apparatus based on the further certificate may comprise determining whether the at least one further identifier associated with the further apparatus matches a value stored within the first apparatus.
The certificate comprising at least one identifier associated with the first apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Heflman group element originating from the first apparatus; an identifier based on an established security association between the first apparatus and the further apparatus; a location of an access point to which the first apparatus is associated with; a phone number associated with the first apparatus; an International Mobile Subscriber Identity associated with the first apparatus; and a Temporary Mobile Subscriber Identity associated with the first apparatus.
The further certificate comprising at least one further identifier associated with the further apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Dsffie-He!lrnan group element originating from the further apparatus; an identifier based on an established security association between the first apparatus and the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an International Mobile Subscriber Identity associated with the further apparatus; and a Temporary Mobile Subscriber Identify associated with the further apparatus.
The method may further comprise: requesting from the further apparatus the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; receiving at the further apparatus the further certificate from the at least one further network node; and forwarding the further certificate from the further apparatus to the apparatus; receiving at the further apparatus the certificate from the first apparatus; authenticating at the further apparatus the apparatus based on the certificate.
According to a second aspect there is provided a method comprising: receiving a request from an apparatus for a certificate comprising at least one identifier associated with the apparatus; generating the certificate comprising the at least one identifier associated with the apparatus; and transmitting the certificate comprising the at least one identifier associated with the apparatus, wherein the certificate is configured to be exchanged between apparatuses to authenticate the apparatus at a further appa atus. Generating the certificate comprising the at least one identifier associated with the apparatus may comprise at least one of: determining an asymmetric public key associated with the apparatus; determining a Diffie-Hellman group element originating from the apparatus; determining a location of an access point to which the apparatus is associated with; determining a phone number associated with the apparatus; determining an International Mobile Subscriber identity associated with the apparatus; and determining a Temporary Mobile Subscriber identity associated with the apparatus. Receiving a request from an apparatus for a certificate comprising at least one identifier associated with the apparatus may comprise receiving an estabiished security association between the apparatus and the further apparatus and generating the certificate comprising the at ieast one identifier associated with the apparatus may comprise generating an identifier based on the established security association between the apparatus and the further apparatus.
According to a third aspect there is provided an apparatus comprising: means for requesting a certificate comprising at least one identifier associated with the apparatus from at Ieast one network node; means for receiving the certificate from the at least one network node; and means for forwarding the certificate to further apparatus; means for receiving a further certificate from the further apparatus, the further certificate comprising at Ieast one further identifier associated with the further apparatus; and means for authenticating the further apparatus based on the further certificate.
The apparatus may further comprise: means for discovering the further apparatus; and means for establishing between the apparatus and the further apparatus a security association. The means for establishing between the apparatus and the further apparatus a security association may comprise means for establishing a cryptographic pipe between the apparatus and the further apparatus.
The means for forwarding the certificate to the further apparatus may comprise: means for encrypting the certificate with the cryptographic pipe key; and means for transmitting the encrypted certificate to the further apparatus.
The means for receiving a further certificate from the further apparatus may comprise: means for receiving an encrypted certificate from the further apparatus; and means for generating a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe.
The means for authenticating the further apparatus based on the further certificate may comprise determining whether the at least one further identifier associated with the further apparatus matches a value stored within the apparatus.
The certificate comprising at least one identifier associated with the first apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Hel!man group element originating from the apparatus; an identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the apparatus is associated with; a phone number associated with the apparatus; an !nternationai Mobile Subscriber identity associated with the apparatus; and a Temporary Mobile Subscriber identity associated with the apparatus.
The further certificate comprising at least one further identifier associated with the further apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Hel!man group element originating from the further apparatus; an identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an International Mobile Subscriber Identity associated with the further apparatus; and a Temporary Mobile Subscriber Identity associated with the further apparatus.
A system may comprise the apparatus as discussed herein, and the further apparatus, wherein the further apparatus may comprise: means for requesting the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; means for receiving the further certificate from the at least one further network node; means for forwarding the further certificate to the apparatus; means for receiving the certificate from the apparatus; and means for authenticating the apparatus based on the certificate. ?
According to a fourth aspect there is provided an apparatus comprising: means for receiving a request from a further apparatus for a certificate comprising at least one identifier associated with the further apparatus; means for generating the certificate comprising the at feast one identifier associated with the further apparatus; and means for transmitting the certificate comprising the at least one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus. The means for generating the certificate comprising the at least one identifier associated with the further apparatus may comprise at least one of: means for determining an asymmetric pubiic key associated with the further apparatus; means for determining a Diffie-Hei!man group element originating from the further apparatus; means for determining a location of an access point to which the further apparatus is associated with; means for determining a phone number associated with the further apparatus; means for determining an Internationa! Mobile Subscriber Identity associated with the further apparatus; and means for determining a Temporary Mobile Subscriber Identify associated with the further apparatus. The means for receiving a request from an apparatus for a certificate comprising at least one identifier associated with the apparatus may comprise means for receiving an established security association between the apparatus and the further apparatus and wherein the means for generating the certificate comprising the at least one identifier associated with the apparatus may comprise means for generating an identifier based on the established security association between the apparatus and the further apparatus.
According to a fifth aspect there is provided an apparatus comprising at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to: request a certificate comprising at least one identifier associated with the apparatus from at least one network node; receive the certificate from the at least one network node; forward the certificate to a further apparatus; receive a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and authenticate the further apparatus based on the further certificate. The apparatus may further be caused to: discover the further apparatus; and establish between the apparatus and the further apparatus a security association.
Establishing between the apparatus and the further apparatus a security association may cause the apparatus to establish a cryptographic pipe between the apparatus and the further apparatus.
Forwarding the certificate to the further apparatus may cause the apparatus to: encrypt the certificate with the cryptographic pipe key; and transmit the encrypted certificate to the further apparatus.
Receiving a further certificate from the further apparatus may cause the apparatus to: receive an encrypted certificate from the further apparatus; and generate a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe.
Authenticating the further apparatus based on the further certificate may cause the apparatus to determine whether the at least one further identifier associated with the further apparatus matches a value stored within the apparatus. The certificate comprising at least one identifier associated with the first apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Hellman group element originating from the apparatus; an identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the apparatus is associated with; a phone number associated with the apparatus; an International Mobile Subscriber Identity associated with the apparatus; and a Temporary Mobile Subscriber Identity associated with the apparatus. The further certificate comprising at least one further identifier associated with the further apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Hellman group element originating from the further apparatus; an identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an international Mobile Subscriber Identity associated with the further apparatus; and a Temporary Mobile Subscriber Identity associated with the further apparatus,
A system may comprise the apparatus as discussed herein, and the further apparatus, wherein the further apparatus may comprise at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at feast one processor, which may cause the further apparatus at least to: request the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; receive the further certificate from the at least one further network node; forward the further certificate to the apparatus; receive the certificate from the apparatus; and authenticate the apparatus based on the certificate.
According to a sixth aspect there is provided an apparatus comprising at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to: receive a request from a further apparatus for a certificate comprising at least one identifier associated with the further apparatus; generate the certificate comprising the at least one identifier associated with the further apparatus; and transmit the certificate comprising the at least one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus.
Generating the certificate comprising the at least one identifier associated with the further apparatus may cause the apparatus to perform at least one of: determine an asymmetric public key associated with the further apparatus; determine a Ds'ffie- Hel!man group element originating from the further apparatus; determine a location of an access point to which the further apparatus is associated with; determine a phone number associated with the further apparatus; determine an International Mobile Subscriber Identity associated with the further apparatus; and determine a Temporary Mobile Subscriber Identity associated with the further apparatus.
Receiving a request from an apparatus for a certificate comprising at least one identifier associated with the apparatus may cause the apparatus to receive an established security association between the apparatus and the further apparatus and wherein generating the certificate comprising the at least one identifier associated with the apparatus may cause the apparatus to generate an identifier based on the established security association between the apparatus and the further apparatus.
According to a seventh aspect there is provided an apparatus comprising: a requester configured to request a certificate comprising at least one identifier associated with the apparatus from at least one network node; a first receiver configured to receive the certificate from the at least one network node; a forwarder configured to forward the certificate to a further apparatus; a second receiver configured to receive a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and an authenticator configured to authenticate the further apparatus based on the further certificate,
The apparatus may further comprise: a discoverer configured to discover the further apparatus; and an associator configured to establish between the apparatus and the further apparatus a security association, The associator may be configured to establish a cryptographic pipe between the apparatus and the further apparatus. The forwarder may comprise: an encrypter configured to encrypt the certificate with the cryptographic pipe key; and a transmitter configured to transmit the encrypted certificate to the further apparatus. The second receiver may comprise: a certificate receiver configured to receive an encrypted certificate from the further apparatus; and a decrypter configured to generate a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe. The authenticator may be configured to determine whether the at least one further identifier associated with the further apparatus matches a known value stored within the apparatus.
The certificate comprising at least one identifier associated with the first apparatus may comprise at least one of: an asymmetric publi public identifier derived from a Diffie-Heilman group element originating from the apparatus; an Identifier based on an established security association between the apparatus and the further apparatus; a location of an access point to which the apparatus is associated with; a phone number associated with the apparatus; an International Mobile Subscriber Identity associated with the apparatus; and a Temporary Mobile Subscriber Identity associated with the apparatus.
The further certificate comprising at least one further identifier associated with the further apparatus may comprise at least one of: an asymmetric public key; a public identifier derived from a Diffie-Heilman group element originating from the further apparatus; an identifier based on an established security association between the first apparatus and the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an International Mobile Subscriber Identify associated with the further apparatus; and a Temporary Mobile Subscriber identity associated with the further apparatus.
A system may comprise the apparatus as discussed herein, and the further apparatus, wherein the further apparatus may comprise: a further apparatus requester configured to request the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node; a further apparatus receiver configured to receive the further certificate from the at least one further network node; a further apparatus forwarder configured to forward the further certificate to the apparatus; a further apparatus second receiver configured to receive the certificate from the apparatus; and a further apparatus authenticate configured to authenticate the apparatus based on the certificate.
According to an eighth aspect there is provided an apparatus comprising: a receiver configured to receive a request from a further apparatus for a certificate comprising at least one identifier associated with the further apparatus; a certificate generator configured to generate the certificate comprising the at ieast one identifier associated with the further apparatus; and a transmitter configured to transmit the certificate comprising the at ieast one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus.
The certificate generator may be configured to determine at Ieast one of: an asymmetric public key associated with the further apparatus; a Diffie-He!lman group element originating from the further apparatus; a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus; an international Mobile Subscriber Identity associated with the further apparatus; and a Temporary Mobile Subscriber Identity associated with the further apparatus.
The receiver may be configured to receive an established security association between the apparatus and the further apparatus and the certificate generator may be configured to generate an identifier based on the established security association between the apparatus and the further apparatus.
A computer program may comprise code means adapted to perform the steps of any of claims 1 to 11 when the program is run on a processor. It should be appreciated that any feature of any aspect may be combined with any other feature of any other aspect.
Summary of Figures
Embodiments will now be described in further detail, by way of example only, with reference to the following examples and accompanying drawings, in which:
Figure 1 shows a schematic diagram of a D2D system where certain embodiments can be implemented;
Figure 2a shows an example user equipment configured to implement certain embodiments;
Figure 2b shows an example network base station or controller configured to implement certain embodiments;
Figure 3 shows a schematic diagram of a further D2D system where certain embodiments can be implemented; and
Figure 4 shows a flowchart showing the operations within the further system according to some embodiments. Description of Example Embodiments
In the following certain exemplifying embodiments are explained with reference to a wireless or mobile communication system serving mobile communication devices. Before explaining in detail the exemplifying embodiments, certain general principles of a wireless communication system, access systems thereof, and communication devices are briefly explained with reference to Figures 1 and 2a and 2b to assist in understanding the technology underlying the described examples.
Figure 1 shows an example cellular/D2D (devsce-to-device) network such as ably to operate embodiments as described herein. Figure 1 shows a network comprising a first base station (BS) 101 belonging to a first operator and a first user equipment (UE) or D2D device 161 configured to communicate with the first base station 101 using a standard 3G security association (which may be identified by Kc) 171 a. Furthermore the network comprises a second base station 103 potentially belonging to a second operator. The second base station 103 is configured to communicate via a standard 3G security association 171 to two further user equipment or (D2D devices) as shown in Figure 1 by a second user equipment (D2D device) 151 and a third user equipment (D2D device) 153. The second user equipment 151 is configured to communicate via a second 3G (or suitable cellular) security association 171 b with the second base station 103 and the third user equipment 153 is configured to communicate via a third 3G (or suitable celluiar) security association 171 c with the second base station 103, Furthermore the user equipment operating as D2D device are configured to communicate with each other and as such the first, second and third user equipment (D2D devices) 181 , 151 and 153 can be configured to communicate with the other D2D devices. It would be understood that communication between the user equipment operating as D2D devices requires the generation of specific D2D security contexts. For example a first D2D security association 173a formed between the first user equipment (D2D device) 181 and the second user equipment (D2D) device 151 , a second D2D security association 173b formed between the first user equipment (D2D) device 181 and the third user equipment (D2D device) 153 and a third D2D security association 173c derived between the second user equipment (D2D device) 151 and the third user equipment (D2D device) 153. As described herein these security associations are used to enable authentication between the D2D devices and in some embodiments to encrypt private data communicated between the devices.
In other words it is known how to provide a cryptographic key exchange (for example using a Diffie-Hellman method) and so set or establish a security association between the D2D devices and so establish a cryptographic pipe, however these methods fail to establish authentication regarding who is at the other end.
The concept as described herein by the embodiments is one of setting up a secure context for D2D communication using cellular devices such as user equipment from different operators which furthermore enables authentication between the devices. In such embodiments the operators can be configured to provide via network entities or base stations an on-demand internet protocol (IP) based service where the user equipment (or customer) can request a real-time operator quotation (or certificate). The quotation (or certificate) can in some embodiments comprise the following:
« An asymmetric (ECC/RSA) public key and/or a DH (Diffie-He!lman) group element originating from the user equipment or cellular device.
*> A location (for example provided by GPS coordinates) of the access point to which the cellular device is attached to.
* A phone number or other identity (IMSI/TMSI) of the cellular device as known by the cellular network.
In some embodiments this information can be signed by a known operator signature key. The known operator signature can for example be the one shared across the network or be formed from keys residing in an operator (public key infrastructure) PKI structure.
A non-limiting example of the cellular communication system is a long-term evolution (LTE) of the Universal Mobile Telecommunications System (UMTS) that is being standardized by the 3rd Generation Partnership Project (3GPP). However it would be understood that other examples of radio access system include those provided by base stations of systems that are based on technologies such as wireless local area network (WLAN) and/or WiMax (Worldwide Interoperability for Microwave Access).
Figure 2a shows a schematic view of an example of user equipment (or D2D device) (UE) 8 that may be used for communicating with the base stations of Figure 1 (or Figure 3) via a wireless interface. The UE 8 may be any device capable of at least sending or receiving radio signals to or from the base stations of Figure 1 (or Figure 3) and additionally may be capable of sending and receiving signals to from another UE in Device-to-Device (D2D) communications.
The UE 151 , 153, 181 , 203, 205, 213 may, for example, be a device designed for tasks involving human interaction such as making and receiving phone calls between users, and streaming multimedia or providing other digital content to a user. Non- 18 limiting examples include a smart phone, and a laptop computer/notebook computer/tablet computer/ e-reader device provided with a wireless interface facility. The UE 151 , 153, 181 , 203, 205, 213 may communicate via radio transceiver circuitry, unit or module 298 and associated antenna arrangement 294 comprising at least one antenna or antenna unit. The antenna arrangement 294 may be arranged internally or externally to the UE 151 , 153, 161 , 203, 205, 213.
The UE 151 , 153, 181 , 203, 205 and 213 may be provided with: a baseband unit comprising one or more baseband processors 293; and at least one memory or data storage entity 297. The baseband processor 293 and one or more memory entities 297 may be provided on an appropriate circuit board and/or in chipsets. The memory or data storage entity 297 is typically internal but may also be external or a combination thereof, such as in the case when additionai memory capacity is obtained from a service provider.
In the cases of devices designed for human interaction, the user may control the operation of the UE 151 , 153, 161 , 203, 205, 213 by means of a suitable user interface such as key pad 291 , voice commands, touch sensitive screen or pad, combinations thereof or the like. A display 295, a speaker and a microphone may also be provided. Furthermore, the UE 151 , 153, 161 , 203, 205, 213 may comprise appropriate connectors (either wired or wireless) to other devices and/or for connecting external accessories, for example hands-free equipment, thereto.
Figure 2b shows one example of apparatus for use at the base station 101 , 103 of Figure 1 or the base station 201 , 211 of Figure 3. The apparatus comprises or is coupled to a radio frequency antenna array 391 (comprising at least one antenna or antenna unit) configured to receive and transmit radio frequency signals; radio transceiver circuitry, module or unit 393 configured to interface the radio frequency signals received and transmitted by the antenna array 391 ; and a baseband unit comprising one or more baseband processors 396. The apparatus usually comprises an interface 399 via which, for example, the baseband processor 398 can communicate with other network elements such as the core network (not shown). The baseband processor 396 is configured to process signals from the radio transceiver 393. It may also control the radio transceiver 393 to generate suitable RF signals to communicate information to UEs 151 , 153, 181 , 203, 205, 213 via a wireless communications link, and also to exchange information with other network nodes 200, 210 and/or other e!MBs 151 , 153, 181 , 203, 205, 213 across a wired link via the interface 399. The one or more memory or data storage units 397 are used for storing data, parameters and/or instructions for use by the baseband processor 398. The memory or data storage entity may be internal or externa! (locating in another network entity) or a combination thereof, in some embodiments the baseband unit comprising the baseband processor 398 is located remotely from the radio transceiver 393 and the antenna array 391 , and is connected to the radio transceiver 393 by e.g. a fibre optic link.
The memories 297, 397 may be implemented using a suitable data storage technology, such as, for example, semiconductor based memory devices, flash memory, magnetic memory devices and systems, optica! memory devices and systems, fixed memory and removable memory. The data processors 293, 398 may, for example, include one or more of microprocessors, digital signal processors (DSPs) and processors based on a multi-core processor architecture. References below to processors 293, 396 controlling the operation of other elements of UEs 151 , 153, 161 , 203, 205, 213 and base stations 201 , 211 , 101 , 103 refer to the processors operating in accordance with program code stored at memories 297, 397. It would be appreciated that the apparatus shown in each of Figures 2a and 2b described above may comprise further elements which are not directly involved with the embodiments described hereafter.
Figure 3 shows a further example communication system showing an example D2D Security Association being formed between a first user equipment 203 and a second user equipment 213, in this example the first user equipment 201 and the second user equipment are operating using different base stations from different operators, however it would be understood that similar operations can be performed with respect to user equipment operating as D2D devices using the same operator and/or base station, Furthermore with respect to Figure 4 a flow diagram showing the operations performed with respect to generating the D2D security association according to some embodiments is shown. In the example shown in Figure 3 there is a first user equipment UE1 203 which is located proximate to a second user equipment UE2 213. In the example shown in Figure 3 the first user equipment 203 communicates with a first base station 201. The first base station 201 furthermore can be configured to communicate with a further user equipment 205 and also to a core network (CM) or base station control node 200. Furthermore the second user equipment 213 can be configured to communicate with a second base station 211 which in turn can be configured to communicate with a second core network (CM 2) or second base station control node 210, In some embodiments the first user equipment UE1 203 and the second user equipment UE2 213 can discover each other in the radio space. As described herein it would be understood that in some embodiments the user equipment can belong to different operators or the same operator. In the following examples the different user equipment can discover each other directly over the air or in other ways. Examples describe use of specific discovery patterns and groups of discovery patterns applicable to nodes operating in a frame based system. D2D communication discovery in some embodiments may use TDD (time division duplexing) technology or FDD (Frequency Division Duplexing) technology. In some embodiments the discovery patterns used by each user equipment can be built on top of a frame based communication arrangement In such embodiments the user equipment can be assumed to be synchronized with each other.
In some embodiments the discovery of devices or user equipment can be controlled by providing different discovery patterns of transmission and reception phases for different devices in the network for transmission and reception of discovery information between the devices. In such embodiments a network entity responsible for allocating the discovery patterns can also control the reservation/assigning of those resources for the devices that are a part of the discovery. For example, for D2D an appropriate controlling network entity may comprise an eNB or base station or another access point in control of a!iocation of discovery patterns. Generally speaking, the control can be logica!iy provided by a network node on the highest hierarchy level in a certain geographical area. The operation of discovery is known and is not discussed further,
The operation of discovery between the first user equipment UE1 203 and the second user equipment UE2 213 is shown in Figure 4 by step 301. in some embodiments the user equipment (or D2D devices) can be configured to set up a Diffie-Hellman pipe or shared secret. In some embodiments the Diffie-Heilman pipe uses 2K keys (in other words the shared secret is one with 2048 bits) however any suitable length shared secret can be generated. In some embodiments the keys used to set up the Diffie-Heliman pipe should be 'fresh' in other words generated in real-time and not ephemera! or old keys.
The operation of generating a Diffie-Heliman pipe between the first user equipment (UE1 ) 203 and the second user equipment (UE2) 213 is shown in Figure 4 by step 303. In some embodiments any suitable fresh challenge is exchanged between the user equipment using the established security context provided by the Diffie-Heliman pipe. The fresh challenge and/or response can then be used in the following operations. In some embodiments, within the user equipment, having generated a Diffie-Heilman pipe (in other words having established a shared secret), the generated Diffie- Heilman pipe secret (or challenge) is used as an Identifier to generate a Diffie- Heilman security context request, !n other words using an identifier uniquely derived from the shared secret a request is generated within each user equipment.
The operation of generating a security context request is shown in Figure 4 in the first user equipment 203 by the step 350 and in the second user equipment 213 by step 351 , This request can then be sent to a respective base station.
In Figure 4 it is shown that the first user equipment (UE1 ) 203 sends the request to the associated base station 201 in step 304.
Similarly the second user equipment (UE2) 213 transmits the request to the second base station 211 in step 305.
In some embodiments the base station for each of the user equipment can then forward this request to a suitable core network node or base station controller node.
The operation of forwarding the request from the first base station 201 to the first core network node or base station controller node 200 is shown in Figure 4 by step 308.
Similarly the operation of forwarding the request from the second base station 211 to the second core network node or base station controller node 210 is shown in Figure 4 by step 307. It would be understood that in some embodiments the respective base station can perform the quotation generation operation described herein and as such there is no requirement to forward the request to the core network node or base station controller (in other words the forwarding the request and the respective receiving the quotation from the core network node or base station controller node is an optional operation where the base station can perform the generation of the quotation or certificate).
In some embodiments the core network node or base station controller node can then generate a real-time operator quotation or certificate comprising the following information under the security context of the cellular network.
Firstly the quotation can in some embodiments comprise an asymmetric (ECC/RSA) public key and/or a DH (Diffie-Hellman) group element originating from the user equipment or cellular device. Secondly the quotation can in some embodiments comprise a location (for example provided by GPS coordinates) of the access point to which the cellular device is attached to.
Thirdly in some embodiments the quotation can comprise a phone number or other identity, for example an International Mobile Subscriber Identity/ Temporary Mobile Subscriber Identity (IMSI TMSI) of the cellular device as known by the cellular network,
The operation of generating the quotation/certificate in the first network is shown in Figure 4 by step 380.
Furthermore the operation of generating the quotation in the second network is shown in Figure 4 by step 361.
The quotation can then be sent back via the respective base station to the user equipment using the cellular security context. Thus for example in Figure 4 the quotation/certificate is sent from the first core network node or base station controller node to the base station in step 308. The quotation Is then forwarded from the base station 201 to the first user equipment 203 in step 310. Similarly with respect to the second network the quotation/certificate is sent from the second core network node or base station controller node to the second base station in step 309. The quotation is then forwarded from the second base station 211 to the second user equipment 213 in step 312. The first user equipment 203 can then be configured to pass to the second user equipment 213 the signed quotation/certificate from the first network. Similarly the second user equipment 213 can be configured to transfer the quotation/certificate from the second network to the first user equipment 203. The operation of transferring the quotation/certificate over the protected security context is shown in Figure 4 by step 313.
The user equipment having received the quotation/certificate from the peer user equipment is in some embodiments configured to analyse or checks that the certificate comprises the same Diffie-Hellman shared secret. In other words, determining that the counterpart Is the other endpoint of the Diffie-Hellman pipe.
Furthermore the user equipment receiving the quotation/certificate from the peer user equipment is configured in some embodiments to check the quotation/certificate to determine that the certificate comprises a location which is consistent with the current location of the user equipment or D2D device. In other words, that the user equipment or D2D device which is attempting to participate in a device to device communication is within a determined range and substantially within the same geographical location.
Furthermore the user equipment receiving the quotation/certificate from the peer user equipment is configured in some embodiments to check the quotation/certificate to determine that the certificate comprises a signature from a known and trusted operator.
Where the user equipment determines that the checks are passed. For example that in some embodiments the quotation/certificate contains valid responses in comprising the same DH secret, similar location, and a signature from a known and trusted operator then the user equipment determines that the other user equipment is authenticated and communication between the user equipment can begin.
In some embodiments the quotation/certificate can comprise an identity for the other device which can be stored locally along with the new secret set up under the DH context. In some embodiments by storing the identity for the other device with the new secret future D2D context setups can be performed without the overhead of generating new DH contexts and quotation/certificates. The operation of checking the certificate from the peer user equipment and determining whether authentication has occurred is shown in the first user equipment 203 in Figure 4 by step 370 and in the second user equipment in Figure 4 by step 371.
In some embodiments the verification of the certificate can be performed in the base station associated with the user equipment. Thus in some embodiments the received certificate following step 313 is forwarded to the associated base station for verification.
In some embodiments the verification operation is performed partially in the user equipment and partially in the base station.
In some embodiments the channel allocation for the D2D communication can be included within the transmitted information in other words distributing channel allocation information for user equipment or devices participating in the D2D communication and effectively taking a master role for the allocation.
It would be understood that during handovers in a master cellular network the channel allocation wouid be renewed.
It Is noted that whilst embodiments have been described with reference to LTE, similar principles can be applied to any other communication system or indeed to further developments with LTE. Therefore, although certain embodiments were described above by way of example with reference to certain exemplifying architectures for wireless networks, technologies and standards, embodiments may be applied to any other suitable forms of communication systems than those illustrated and described herein. The required data processing apparatus and functions of any of the communication devices may be provided by means of one or more data processors. The described functions at each end may be provided by separate processors or by an integrated processor. The data processors may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), gate level circuits and processors based on mu!ti core processor architecture, as non- limiting examples. The data processing may be distributed across several data processing modules. A data processor may be provided by means of, for example, at least one chip. Appropriate memory capacity can also be provided in the relevant devices. The memory or memories may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory,
In general, the various embodiments may be implemented in hardware or special purpose circuits, software, logic or any combination thereof. Some aspects of the invention may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although the invention is not limited thereto. While various aspects of the invention may be illustrated and described as block diagrams, flow charts, or using some other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof. The software may be stored on such physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD.
In the above various examples of means for implementing the functionalities are given. However, it is noted that these examples do not provide an exhaustive list of means capable of operating in accordance with the inventive principles described herein.
The foregoing description has provided by way of exemplary and non-limiting examples a full and informative description of the exemplary embodiment of this invention. However, various modifications and adaptations may become apparent to those skilled In the relevant arts In view of the foregoing description, when read in conjunction with the accompanying drawings and the appended claims. However, all such and similar modifications of the teachings of this invention will still fall within the spirit and scope of this invention as defined in the appended claims. Indeed there is a further embodiment comprising a combination of one or more of any of the other embodiments previously discussed.

Claims

Claims
1. A method comprising:
requesting a certificate comprising at least one identifier associated with a first apparatus from at least one network node;
receiving at the first apparatus the certificate from the at least one network node; and
forwarding the certificate to a further apparatus;
receiving a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus;
authenticating the further apparatus based on the further certificate.
2. The method as claimed in claim 1 , further comprising:
discovering at a first apparatus the further apparatus; and
establishing between the first apparatus and the further apparatus a security
3. The method as claimed in claim 2, wherein establishing between the first apparatus and the further apparatus a security association comprises establishing a cryptographic pipe between the first apparatus and the further apparatus.
4. The method as claimed in claim 3, wherein forwarding the certificate to the further apparatus comprises:
encrypting the certificate with the cryptographic pipe key; and
transmitting the encrypted certificate to the further apparatus,
5. The method as claimed in claim 3 or 4, wherein receiving a further certificate from the further apparatus comprises:
receiving an encrypted certificate from the further apparatus; and
generating a further certificate from the encrypted certificate by decrypting the encrypted certificated based on a key from the cryptographic pipe.
8. The method as claimed in anyone of daims 1 to 5, wherein authenticating the further apparatus based on the further certificate comprises determining whether the at least one further identifier associated with the further apparatus matches a value stored within the first apparatus.
7. The method as claimed In anyone of claims 1 to 8, wherein the certificate comprising at least one identifier associated with the first apparatus comprises at least one of:
an asymmetric public key;
a public Identifier derived from a diffie-Hellman group element originating from the first apparatus;
an identifier based on an established security association between the first apparatus and the further apparatus;
a location of an access point to which the first apparatus is associated with; a phone number associated with the first apparatus;
an International Mobile Subscriber Identity associated with the first apparatus; and
a Temporary Mobile Subscriber Identity associated with the first apparatus.
8. The method as claimed in anyone of claims 1 to 7, wherein the further certificate comprising at least one further identifier associated with the further apparatus comprises at least one of:
an asymmetric public key;
a public identifier derived from a diffie-Hellman group element originating from the further apparatus;
an identifier based on an established security association between the first apparatus and the further apparatus;
a location of an access point to which the further apparatus is associated with; a phone number associated with the further apparatus;
an International Mobile Subscriber Identity associated with the further apparatus; and
a Temporary Mobile Subscriber Identity associated with the further apparatus.
9. The method as claimed in anyone of claims 1 to 8, further comprising; requesting from the further apparatus the further certificate comprising at Ieast one identifier associated with the further apparatus from at ieast one further network node;
receiving at the further apparatus the further certificate from the at Ieast one further network node; and
forwarding the further certificate from the further apparatus to the first apparatus;
receiving at the further apparatus the certificate from the first apparatus;
authenticating at the further apparatus the apparatus based on the certificate.
10. A method comprising:
receiving a request from an apparatus for a certificate comprising at Ieast one identifier associated with the apparatus;
generating the certificate comprising the at Ieast one identifier associated with the apparatus;
transmitting the certificate comprising the at Ieast one identifier associated with the apparatus, wherein the certificate is configured to be exchanged between apparatuses to authenticate the apparatus at a further apparatus. 11. The method as claimed in claim 10, wherein generating the certificate comprising the at Ieast one identifier associated with the apparatus comprises at Ieast one of:
determining an asymmetric public key associated with the apparatus;
determining a diffie-Hellman group element originating from the apparatus; determining a location of an access point to which the apparatus Is associated with;
determining a phone number associated with the apparatus;
determining an International Mobile Subscriber Identity associated with the apparatus; and
determining a Temporary Mobile Subscriber Identity associated with the apparatus,
12. The method as claimed in claims 10 and 1 1 , wherein receiving a request from an apparatus for a certificate comprising at Ieast one identifier associated with the apparatus comprises receiving an estabiished security association between the apparatus and the further apparatus and wherein generating the certificate comprising the at ieast one identifier associated with the apparatus comprises generating an identifier based on the estabiished security association between the apparatus and the further apparatus.
13. An apparatus comprising:
means for requesting a certificate comprising at Ieast one identsfser associated with the apparatus from at least one network node;
means for receiving the certificate from the at Ieast one network node; and means for forwarding the certificate to further apparatus;
means for receiving a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and
means for authenticating the further apparatus based on the further certificate.
14. A system comprising the apparatus as claimed in claim 13, and a further apparatus, wherein the further apparatus comprises:
means for requesting the further certificate comprising at teas! one identifier associated with the further apparatus from at Ieast one further network node;
means for receiving the further certificate from the at Ieast one further network node;
means for forwarding the further certificate to the apparatus; means for receiving the certificate from the apparatus; and
means for authenticating the apparatus based on the certificate.
15. An apparatus comprising:
means for receiving a request from a further apparatus for a certificate comprising at Ieast one Identifier associated with the further apparatus;
means for generating the certificate comprising the at Ieast one identifier associated with the further apparatus; and
means for transmitting the certificate comprising the at least one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus.
18. An apparatus comprising at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to:
request a certificate comprising at least one identifier associated with the apparatus from at least one network node;
receive the certificate from the at least one network node; and
forward the certificate to a further apparatus;
receive a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and authenticate the further apparatus based on the further certificate,
17. A system comprising the apparatus as claimed in claim 16, and a further apparatus, wherein the further apparatus comprises at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, which may cause the further apparatus at least to:
request a further certificate comprising at least one identifier associated with the further apparatus from at least one further network node;
receive the further certificate from the at least one further network node;
forward the further certificate to the apparatus;
receive the certificate from the apparatus; and
authenticate the apparatus based on the certificate.
18, An apparatus comprising at least one processor and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to:
receive a request from a further apparatus for a certificate comprising at least one identifier associated with the further apparatus; generate the certificate comprising the at [east one identifier associated with the further apparatus; and
transmit the certificate comprising the at least one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus.
19, An apparatus comprising:
a requester configured to request a certificate comprising at least one identifier associated with the apparatus from at least one network node;
a first receiver configured to receive the certificate from the at least one network node; and
a forwarder configured to forward the certificate to a further apparatus;
a second receiver configured to receive a further certificate from the further apparatus, the further certificate comprising at least one further identifier associated with the further apparatus; and
an authenticator configured to authenticate the further apparatus based on the further certificate. 20. A system comprising the apparatus as claimed in claim 19, and a further apparatus, wherein the further apparatus comprises:
a further apparatus requester configured to request the further certificate comprising at least one identifier associated with the further apparatus from at least one further network node;
a further apparatus receiver configured to receive the further certificate from the at least one further network node;
a further apparatus forwarder configured to forward the further certificate to the apparatus;
a further apparatus second receiver configured to receive the certificate from the apparatus; and
a further apparatus authenticator configured to authenticate the apparatus based on the certificate.
21. An apparatus comprising:
a receiver configured to receive a request from a further apparatus for a certificate comprising at least one identifier associated with the further apparatus; a certificate generator configured to generate the certificate comprising the at least one identifier associated with the further apparatus; and
a transmitter configured to transmit the certificate comprising the at least one identifier associated with the further apparatus, wherein the certificate is configured to be exchanged between further apparatuses to authenticate the further apparatus at a second further apparatus.
PCT/IB2013/055217 2013-06-25 2013-06-25 Device to device communication security WO2014207506A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US14/896,466 US9960922B2 (en) 2013-06-25 2013-06-25 Device-to-device communication security with authentication certificates
PCT/IB2013/055217 WO2014207506A1 (en) 2013-06-25 2013-06-25 Device to device communication security
CN201380077762.5A CN105340353B (en) 2013-06-25 2013-06-25 Device-to-device communication security
EP13888138.8A EP3014945B1 (en) 2013-06-25 2013-06-25 Device to device communication security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IB2013/055217 WO2014207506A1 (en) 2013-06-25 2013-06-25 Device to device communication security

Publications (1)

Publication Number Publication Date
WO2014207506A1 true WO2014207506A1 (en) 2014-12-31

Family

ID=52141160

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2013/055217 WO2014207506A1 (en) 2013-06-25 2013-06-25 Device to device communication security

Country Status (4)

Country Link
US (1) US9960922B2 (en)
EP (1) EP3014945B1 (en)
CN (1) CN105340353B (en)
WO (1) WO2014207506A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016180153A1 (en) * 2015-08-17 2016-11-17 中兴通讯股份有限公司 Service processing method and apparatus
EP3395091A4 (en) * 2015-12-24 2019-07-10 Nokia Technologies Oy Authentication and key agreement in communication network

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3448075A1 (en) * 2017-08-22 2019-02-27 Gemalto M2M GmbH Method for securing a communication connection

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080196086A1 (en) 2007-02-09 2008-08-14 Sony Corporation, A Japanese Corporation Method and apparatus for authorizing a communication interface
WO2010030515A2 (en) * 2008-09-12 2010-03-18 Qualcomm Incorporated Ticket-based configuration parameters validation
WO2010050515A1 (en) 2008-10-31 2010-05-06 国立大学法人東京工業大学 Comparator and analog/digital converter
US20110258327A1 (en) * 2010-04-20 2011-10-20 Nokia Corporation D2D Communications Considering Different Network Operators
GB2494460A (en) * 2011-09-12 2013-03-13 Renesas Mobile Corp Registering and attaching to a communication network for device-to-device (D2D) communication
US20130125224A1 (en) 2011-11-10 2013-05-16 Skype Limited Device association via video handshake
EP2663051A1 (en) * 2012-05-07 2013-11-13 Industrial Technology Research Institute Authentication system for device-to-device communication and authentication method therefore

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100759489B1 (en) * 2004-11-18 2007-09-18 삼성전자주식회사 Method and appratus for security of ip security tunnel using public key infrastructure in a mobile communication network
TW200922256A (en) * 2007-11-06 2009-05-16 Nat Univ Tsing Hua Method for reconfiguring security mechanism of a wireless network and the mobile node and network node thereof
CN101464932B (en) * 2007-12-19 2012-08-22 联想(北京)有限公司 Cooperation method and system for hardware security units, and its application apparatus
US20100217975A1 (en) * 2009-02-25 2010-08-26 Garret Grajek Method and system for secure online transactions with message-level validation
EP2524532B1 (en) 2010-01-14 2016-09-21 Nokia Solutions and Networks Oy Method and device for data processing in a wireless network
WO2011147462A1 (en) 2010-05-28 2011-12-01 Nokia Siemens Networks Oy Method and apparatus for device-to-device communications
US8627083B2 (en) * 2010-10-06 2014-01-07 Motorala Mobility LLC Online secure device provisioning with online device binding using whitelists
US9578041B2 (en) 2010-10-25 2017-02-21 Nokia Technologies Oy Verification of peer-to-peer multimedia content
KR20140017579A (en) * 2011-05-06 2014-02-11 엘지전자 주식회사 Method and device for selecting a channel according to a device's mobility
US9565211B2 (en) * 2013-03-15 2017-02-07 True Ultimate Standards Everywhere, Inc. Managing exchanges of sensitive data

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080196086A1 (en) 2007-02-09 2008-08-14 Sony Corporation, A Japanese Corporation Method and apparatus for authorizing a communication interface
WO2010030515A2 (en) * 2008-09-12 2010-03-18 Qualcomm Incorporated Ticket-based configuration parameters validation
WO2010050515A1 (en) 2008-10-31 2010-05-06 国立大学法人東京工業大学 Comparator and analog/digital converter
US20110258327A1 (en) * 2010-04-20 2011-10-20 Nokia Corporation D2D Communications Considering Different Network Operators
GB2494460A (en) * 2011-09-12 2013-03-13 Renesas Mobile Corp Registering and attaching to a communication network for device-to-device (D2D) communication
US20130125224A1 (en) 2011-11-10 2013-05-16 Skype Limited Device association via video handshake
EP2663051A1 (en) * 2012-05-07 2013-11-13 Industrial Technology Research Institute Authentication system for device-to-device communication and authentication method therefore

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016180153A1 (en) * 2015-08-17 2016-11-17 中兴通讯股份有限公司 Service processing method and apparatus
EP3395091A4 (en) * 2015-12-24 2019-07-10 Nokia Technologies Oy Authentication and key agreement in communication network

Also Published As

Publication number Publication date
CN105340353B (en) 2019-05-31
EP3014945A1 (en) 2016-05-04
CN105340353A (en) 2016-02-17
US9960922B2 (en) 2018-05-01
US20160142214A1 (en) 2016-05-19
EP3014945B1 (en) 2019-09-11
EP3014945A4 (en) 2017-03-08

Similar Documents

Publication Publication Date Title
US10841784B2 (en) Authentication and key agreement in communication network
KR102398221B1 (en) Method and apparatus to identity verification using asymmetric keys in wireless direct communication network
CN110830989B (en) Communication method and device
US8295488B2 (en) Exchange of key material
WO2019041802A1 (en) Discovery method and apparatus based on service-oriented architecture
CN110475249B (en) Authentication method, related equipment and system
WO2020238957A1 (en) Verification method and apparatus
US20240080316A1 (en) Methods and apparatus for provisioning, authentication, authorization, and user equipment (ue) key generation and distribution in an on-demand network
US9960922B2 (en) Device-to-device communication security with authentication certificates
CN116723507B (en) Terminal security method and device for edge network
KR20080093449A (en) Gsm authentication in a cdma network
WO2023011630A1 (en) Authorization verification method and apparatus
CN113302958A (en) Communication method and device
KR101431214B1 (en) Mutual authentication method and system with network in machine type communication, key distribution method and system, and uicc and device pair authentication method and system in machine type communication
CN114584969B (en) Information processing method and device based on associated encryption
US20230209334A1 (en) Methods and apparatus for secure voice communications
WO2023143022A1 (en) Method and apparatus for data processing in random access process
WO2023159603A1 (en) Security implementation method and apparatus, terminal device, and network elements
CN116528234B (en) Virtual machine security and credibility verification method and device
CN113873492B (en) Communication method and related device
CN117203935A (en) Method and apparatus for setup, authentication, authorization, and User Equipment (UE) key generation and distribution in an on-demand network
KR20230016662A (en) Key negotiation method, apparatus and system
CN116868609A (en) User equipment authentication and authorization procedure for edge data networks
CN116530119A (en) Method, device and system for protecting serial numbers in wireless network

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201380077762.5

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13888138

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 14896466

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2013888138

Country of ref document: EP