WO2018118602A1 - Handling mismatch of sequence numbers used for determining validity of packets in communications - Google Patents

Handling mismatch of sequence numbers used for determining validity of packets in communications Download PDF

Info

Publication number
WO2018118602A1
WO2018118602A1 PCT/US2017/066243 US2017066243W WO2018118602A1 WO 2018118602 A1 WO2018118602 A1 WO 2018118602A1 US 2017066243 W US2017066243 W US 2017066243W WO 2018118602 A1 WO2018118602 A1 WO 2018118602A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
sequence number
wireless device
mismatch
local
Prior art date
Application number
PCT/US2017/066243
Other languages
French (fr)
Inventor
Basant Kumar
Anikethan RV
Original Assignee
Intel IP Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel IP Corporation filed Critical Intel IP Corporation
Publication of WO2018118602A1 publication Critical patent/WO2018118602A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

Definitions

  • Embodiments of the present disclosure relate generally to wireless devices, and more specifically to handling mismatch of sequence numbers used for determining the validity of packets in communications.
  • Packets are the basis for communication in various environments.
  • a packet contains a sequence of bits according to a pre-specified specification, with the bits being interpreted according to the specification. Examples of environments in which such packets are used include, without limitation, point-to-point communications, wireless communications, internetworking environments, etc.
  • Sequences numbers are often included in transmitted packets to determine the validity of packets.
  • a transmitter may include a sequence number (packet sequence number) in each packet indicating a position in the transmission order of the transmitted packets.
  • the receiver may similarly maintain local sequence number representing a count of the number of packets already received.
  • the receiver may determine the validity of each packet based on whether the local sequence number matches (e.g., is less than equal to) the packet sequence number according to the specification.
  • the receiver needs to be implemented consistent with the transmitter to identify specific situations in which a mismatch between the two sequence numbers is to be identified and any corresponding corrective actions are to be taken as suited in the corresponding environments. Aspects of the present disclosure are related to handling such mismatch of sequence numbers.
  • Figure 1 is a block diagram of an exemplary environment in which several aspects of the present disclosure can be implemented.
  • Figure 2 is a flow-chart illustrating the manner in which mismatch of sequence numbers is handled according to aspects of the present disclosure.
  • Figure 3 is a block diagram representing an exemplary wireless device in which several aspects of the present disclosure can be implemented.
  • Figure 4 is a block diagram representing an exemplary protocol stack implemented in a wireless device.
  • Figure 5A is an exemplary block diagram of an LTE (Long Term Evolution) network.
  • LTE Long Term Evolution
  • Figure 5B depicts an exemplary format of a signal packet received by a wireless device from a node in a LTE network.
  • Figure 5C depicts exemplary security contexts maintained in a wireless device.
  • the wireless device maintains a local sequence number representing a count of packets received from a second device. Upon receiving a packet from the second device containing a packet sequence number, the wireless device determines whether there is a mismatch between the packet sequence number and the local sequence number. If there is mismatch, the wireless device checks whether an additional condition is satisfied. If the additional condition is satisfied, the wireless device resets at least one of the local sequence number and the packet sequence number to a pre-specified state. In either case, the wireless device ignores the packet after the check if there is a mismatch.
  • the payload of each packet received from the second device contains signaling data for managing connections to or from the wireless device.
  • the wireless device may be an user equipment (UE) while the second device is a MME (Mobility Management Entity) in a mobile cellular network operating according to LTE technology.
  • the payload of the packets received from the MME contains signaling data according to LTE technology.
  • Figure 1 is a block diagram of an exemplary environment in which several aspects of the present disclosure can be implemented.
  • the example environment is shown containing only representative devices and systems for illustration. However, real world environments contain more or fewer systems/devices.
  • Figure 1 shows base stations (BS) 140, 150 and 160, and wireless devices (WD) 120 and 130.
  • BS base stations
  • WD wireless devices
  • Each of BS 140, 150 and 160 is a fixed communications unit of a corresponding mobile network deployed by a cellular network operator and provides the last-mile (or last hop) communications link to wireless devices that are within communications range (i.e., within the coverage area) of the corresponding BS, and that have subscribed to services from the corresponding cellular network operator.
  • each of BS 140, BS 150 and BS 160 may be coupled to other devices/systems in the corresponding cellular network infrastructure to enable wireless devices in their coverage range to communicate with other devices, with landline communications equipment in a conventional PSTN (Public Switched Telephone Network), public data networks such as the Internet, etc.
  • PSTN Public Switched Telephone Network
  • the base stations and the wireless devices of Figure 1 may operate according to any of cellular network standards/ specifications for wireless mobile communications such as, for example, GSM (Global System for Mobile Communications), LTE (Long Term Evolution, including frequency division duplex (FDD) and/or time division duplex (TDD) modes, UMTS (Universal Mobile Telecommunications System), CDMA (Code Division Multiple Access), W- CDMA (Wideband CDMA), 5G, etc.
  • GSM Global System for Mobile Communications
  • LTE Long Term Evolution, including frequency division duplex (FDD) and/or time division duplex (TDD) modes
  • UMTS Universal Mobile Telecommunications System
  • CDMA Code Division Multiple Access
  • W- CDMA Wideband CDMA
  • 5G etc.
  • a BS In the context of LTE (Long Term Evolution), a BS is referred to as an eNodeB.
  • the term 'base station' as used herein covers base stations as well as eNodeBs. Further, although noted as covering corresponding normal cell areas, the base stations of Figure 1 can also be designed to cover a much smaller area such as, for example, a macrocell, microcell or a femtocell. Macro/micro/femtocells are special cellular base stations (operating over smaller cell areas than normal cells) that are often deployed in small areas to add extra cell capacity. For example, such small cells can be deployed temporarily during sporting events and other occasions where a large number of cell phone users are expected to be concentrated in one spot.
  • Wireless devices 120 and 130 represent devices such as mobile phones, tablets, personal computers, etc. (in general, user equipment), and may be used for wireless communication such as voice calls, data services such as web browsing, receiving and sending emails, etc.
  • a wireless device communicates with a base station of a mobile cellular network providing the corresponding user the facility of voice and data based services.
  • the communications between the wireless device (e.g., 120) and a base station (e.g. 160) is in the form of packets on a wireless medium.
  • Such communications are susceptible to attack by malicious systems (not shown) existing in the exemplary environment of Figure 1.
  • a replay attack refers to a form of network attack in which valid data communications are maliciously or fraudulently repeated or delayed.
  • a malicious system eavesdrops on the packets (possibly containing confidential information) sent from BS 160 to WD 120, and thereafter repeat/resend the same eavesdropped packets to WD 120 and thereby masquerade as BS 160.
  • the malicious system may alternatively repeat/resend the previous packets sent from WD 120 to BS 160 and thereby masquerade as WD 120.
  • Sequences numbers are commonly used to protect from such attacks, in particular, the replay attack noted above.
  • BS 160 sends packets containing increasing sequence numbers, with WD 120 accepting the packets only if the sequence numbers in the received packets have not been received before.
  • WD 120 accepts a single packet having a specific sequence number, and discards (according to prior approaches) any subsequent packets received with the same specific sequence number.
  • WD 120 discards the resent packets.
  • Another sequence number may similarly be generated for packets sent from WD 120 to BS 160, thereby protecting the communications between WD 120 and BS 160 from the replay attacks noted above.
  • any connection established between WD 120 and BS 150 is transferred from BS 150 to BS 160 (referred to as handover) to ensure that the connection is not interrupted.
  • handover the sequence number that was used for previously sending packets from BS 150 to WD 120 is also transferred to BS 160.
  • the sequence number received by BS 160 may be erroneous (for example, due to sync issues between base stations/network nodes involved in context transfers as part of handover), thereby causing BS 160 to send packets to WD 120 with previously used sequence numbers.
  • WD 120 may accordingly discard all such packets sent by BS 160, thereby causing the connection to be terminated (e.g., the voice call to be dropped or the WD's registration to fail).
  • WD 120 ends up losing the network service in spite of being in a good network coverage area, due to receiving packets with previously used sequence numbers.
  • FIG. 2 is a flow-chart illustrating the manner in which mismatch of sequence numbers is handled according to aspects of the present disclosure.
  • the flowchart is described with respect to the environment of Figure 1, and in relation to wireless device 120, merely for illustration. However, various features described herein can be implemented in other environments and using other components as well. Further, the steps in the flowchart are described in a specific sequence merely for illustration. The flowchart starts in step 201, in which control passes immediately to step 210.
  • wireless device 120 maintains a local sequence number representing a count of packets received from a second device (e.g. base station 160). The local sequence number may be incremented after each packet is received from the second device. Control then passes to step 220.
  • wireless device 120 receives from the second device a packet containing a packet sequence number.
  • the received packet typically contains a header indicating the packet is from the second device.
  • the received packet also contains the packet sequence number and a payload. Control then passes to step 240.
  • step 240 wireless device 120 determines whether there is a mismatch between the (received) packet sequence number and the local sequence number. A mismatch is determined to be present if the packet sequence number does not satisfy a specific logical relationship (for example, greater than) as against the local sequence number. Control passes to step 250 if there is a mismatch, and to step 290 otherwise.
  • wireless device 120 checks whether an additional condition is satisfied.
  • the additional condition can be as suited for the corresponding environment. According to an exemplary aspect described below, the additional condition entails whether the packet is originating from the second device (instead of, for example, from an unknown malicious system) and whether a packet is expected to be received from the second device in a current state of the wireless device. Control passes to step 260 if the additional condition is satisfied and to step 270 otherwise.
  • wireless device 120 resets to a pre-specified state as suited for the corresponding environment. For example, in LTE environment, a Key Set Identifier (KSI) value is reset, and WD 120 moves to a Deregistered State and one or both of the local sequence number and the packet sequence number (maintained at the second device) is set to a new common value. Such resetting may avoid mismatches in sequence numbers for future packets. Control then passes to step 270.
  • KKI Key Set Identifier
  • step 270 wireless device 120 ignores the packet after the checking (of step 250). Ignoring implies that no actions are performed based on the content of the payload of the received packet. Control then passes to step 299, in which the flowchart ends. As will be clear from the description above, additional processing in relation to the packet is performed under certain scenarios, while the packet is entirely ignored in others.
  • step 290 wireless 120 examines the payload of the received packet (since the received sequence number does not have a mismatch) and performs any actions as specified in the payload content. Control then passes to step 299, in which the flowchart ends.
  • wireless device 120 can obtain several benefits as illustrated below with respect to example scenarios. A description of the implementation details of wireless device 120 according to an aspect of the present disclosure is provided next.
  • FIG. 3 is a block diagram representing an example wireless device in which several aspects of the present disclosure can be implemented.
  • Wireless device 120 is shown containing processing circuitry or block 310, non-volatile memory 320, input/output (I/O) block 330, random access memory (RAM) 340, real-time clock (RTC) 345, subscriber identity module (SIM) module 360, transmit (Tx) block 370, receive (Rx) block 380, switch 390, and antenna 395.
  • processing circuitry or block 310 non-volatile memory 320
  • I/O input/output
  • RAM random access memory
  • RTC real-time clock
  • SIM subscriber identity module
  • Tx transmit
  • Rx receive
  • switch 390 switch 390
  • wireless device 120 may be powered by a battery (not shown).
  • wireless device 120 is mains-powered and comprises corresponding components such as regulators, filters, etc.
  • the specific blocks of wireless device 120 are shown by way of illustration only, and wireless device 120 may contain more or fewer blocks depending on specific requirements.
  • the combination of processing block (or circuitry) 310, non- volatile memory 320, input/output (I/O) block 330, random access memory (RAM) 340, real-time clock (RTC) 345, Tx block 370 and Rx block 380 may be implemented in integrated circuit (IC) form.
  • SIM module 360 is designed to identify the specific subscribers and related parameters to facilitate the subscriber to access various services provided via the wireless communication network.
  • SIM module 360 contains a physical holder (into which a SIM card can be inserted) and electrical/electronic circuits which together retrieve various data parameters stored on the inserted SIM card.
  • a SIM card may provide the international mobile subscriber identity (IMSI) number (also the phone number) used by a network operator to identify and authenticate a subscriber.
  • IMSI international mobile subscriber identity
  • the SIM is 'inserted' into such holder before wireless device 120 can access the services provided by the network operator for the subscriber configured on the SIM.
  • a SIM card may store address book/telephone numbers of subscribers, security keys, temporary information related to the local network, a list of the services provided by the network operator, etc.
  • SIM module 360 may accordingly be implemented to support virtual SIMs.
  • a physical SIM may be supported in combination with one or more virtual SIMs within the wireless device.
  • the modules may be implemented to support such alternative embodiments as well.
  • Processing block 310 may read the IMSI number, security keys etc., in transmitting and receiving voice/data via Tx block 370 and Rx block 380 respectively.
  • SIM 360 may subscribe to data and voice services according to one of several radio access technologies such as GSM, LTE (FDD as well as TDD), CDMA, WCDMA, 5G, etc., as also noted above.
  • RTC 345 operates as a clock, and provides the 'current' time to processing block 310. Additionally, RTC 345 may internally contain one or more timers. I/O block 330 provides interfaces for user interaction with wireless device 120, and includes input devices and output devices. The input devices may include a keypad and a pointing device (e.g., touch-pad). Output devices may include a display with touch- sensitive screen.
  • Antenna 395 operates to receive from, and transmit to, a wireless medium, corresponding wireless signals (representing voice, data, etc.) according to one or more standards/RATs (radio access technologies) such as LTE and 3G.
  • Switch 390 may be controlled by processing block 310 (connection not shown) to connect antenna 395 to one of blocks 370 and 380 as desired, depending on whether transmission or reception of wireless signals is required.
  • Switch 390, antenna 395 and the corresponding connections of Figure 3 are shown merely by way of illustration. Instead of a single antenna 395, separate antennas, one for transmission and another for reception of wireless signals, can also be used. In addition, separate antennas may be provided corresponding to each SIM when the wireless device contains multiple SIMs.
  • Tx block 370 receives, from processing block 310, digital signals representing information (voice, data, etc.) to be transmitted on a wireless medium (e.g., according to the corresponding standards/specifications), generates a modulated radio frequency (RF) signal (according to the standard), and transmits the RF signal via switch 390 and antenna 395.
  • Tx block 370 may contain RF circuitry (mixers/up-converters, local oscillators, filters, power amplifier, etc.) as well as baseband circuitry for modulating a carrier with the baseband information signal.
  • Tx block 370 may contain only the RF circuitry, with processing block 310 performing the modulation and other baseband operations (in conjunction with the RF circuitry).
  • Rx block 380 represents a receiver that receives a wireless (RF) signal bearing voice/data and/or control information via switch 390, and antenna 395, demodulates the RF signal, and provides the extracted voice/data or control information to processing block 310.
  • Rx block 380 may contain RF circuitry (front-end filter, low-noise amplifier, mixer/down-converter, filters) as well as baseband processing circuitry for demodulating the down-converted signal.
  • Rx block 380 (the receive chain) may contain only the RF circuitry, with processing block 310 performing the baseband operations in conjunction with the RF circuitry.
  • Non-volatile memory 320 is a non-transitory machine readable medium, and stores instructions, which when executed by processing block 310, causes wireless device 120 to operate as described herein.
  • the instructions enable wireless device 120 to operate as described with respect to the flowchart of Figure 2.
  • the instructions may either be executed directly from non-volatile memory 320 or be copied to RAM 340 for execution.
  • RAM 340 is a volatile random access memory, and may be used for storing instructions and data.
  • RAM 340 and non-volatile memory 320 (which may be implemented in the form of read-only memory/ROM/Flash) constitute computer program products or machine (or computer) readable medium, which are means for providing instructions to processing block 310.
  • Processing block 310 may retrieve the instructions, and execute the instructions to provide several features of the present disclosure.
  • Processing block 310 may contain multiple processing units internally, with each processing unit potentially being designed for a specific task. Accordingly, processing block 310 may be implemented as separate processing cores, one each for handling corresponding operations. Alternatively, processing block 310 may represent only a single processing unit executing multiple execution threads in software, each execution thread for handling corresponding operations. In general, processing block 310 executes instructions stored in non-volatile memory 320 or RAM 340 to enable wireless device 120 to operate according to several aspects of the present disclosure, described in detail below.
  • Processing block 310 maintains a local sequence numbers Rx count and Tx count in RAM 340, with Rx count representing a count of packets received from a second device (e.g. base station 160), and Tx count representing a count of the packets sent/transmitted to the second device. It may be appreciated that the Tx count maintained in the second device (base station 160) is included in the packets as the packet sequence number when sending the packets from the second device to wireless device 120.
  • processing block 310 Upon receiving a packet from the second device containing a packet sequence number, processing block 310 checks whether there is a mismatch between the received packet sequence number and the local sequence number (Rx count). According to an aspect, a mismatch is present if the packet sequence number is not greater than (in other words, less than or equal to) the Rx count. Thus, if processing block 310 determines that the packet sequence number is greater than the Rx count (no mismatch), processing block 310 examines the payload in the received packet for corresponding actions to be performed.
  • Rx count local sequence number
  • processing block 310 determines that the packet sequence number is less than or equal to the Rx count (mismatch exists)
  • processing block 310 checks whether an additional condition is satisfied.
  • the additional condition is whether the packet originated from the second device.
  • processing block 310 inspects a header portion of the packet to determine whether the packet is originating from the second device. If the additional condition is satisfied, processing block 310 resets at least one of the local sequence number and the packet sequence number to a pre-specified state. The reset may be performed in communication with the second device. Processing block 310 then ignores the received packet after the checking (if there is a mismatch).
  • Protocol stack that may be implemented in wireless device 120.
  • Protocol stack may be implemented in wireless device 120.
  • FIG. 4 is a block diagram representing an exemplary protocol stack implemented in a wireless device.
  • Protocol stack 400 which is assumed to handle operations for SIM module 360, is shown containing layers LI, L2, L3 and the application layer.
  • the various layers in stack 400 may be implemented to generally conform to the ISO OSI (International Standards Organization Open Systems Interconnect) model, and are only briefly described below, since the corresponding implementations of the blocks would be well known to one skilled in the relevant arts on reading the disclosure herein.
  • ISO OSI International Standards Organization Open Systems Interconnect
  • Layer 1 corresponds to PHY 410, which represents the electrical and physical interface between wireless device 120 and a transmission medium (here a wireless medium).
  • PHY 410 receives data from MAC 420 and forwards the data to antenna 395 for transmission.
  • PHY 410 receives data from antenna 395 and forwards the data to MAC 420 for further processing.
  • PHY 410 includes Tx blocks 370 and Rx block 380.
  • Layer 2 includes MAC (Medium Access Control layer) 420, Radio Link Control layer (RLC) 430 and Packet Data Convergence Protocol (PDCP) 440.
  • MAC 420 performs operations such as mapping between logical channels and transport channels, error correction through HARQ, priority handling between logical channels, etc.
  • RLC 430 performs operations such as error correction through ARQ, concatenation, segmentation and reassembly of RLC SDUs, re- segmentation of RLC data PDUs, duplicate detection, etc.
  • RLC 430 (and the RLC layer for SIM) may operate to recover the packet using the ARQ mechanism.
  • PDCP 440 performs operations such as header compression and decompression, ciphering and deciphering, etc.
  • Layer 3 includes RRC (Radio Resource Control layer) 460 and NAS (Non-access Stratum protocol) 470.
  • RRC 460 performs operations such as paging, establishment, maintenance and release of an RRC connection between wireless device 120 and the corresponding base station, security functions including key management, QoS (Quality of Service) management functions, measurement reporting and control of the reporting, etc.
  • NAS 470 performs operations such as support of mobility of wireless device 120, support of session management procedures to establish and maintain IP connectivity between wireless device 120 and a packet data network gateway, etc.
  • Application layer 480 represents a communications component that allows software applications executing in wireless device 120 to communicate with software applications in other nodes (servers, etc.) via the other blocks shown in Figure 4.
  • NAS 470 handles mismatch of sequence numbers used for determining validity of received packets according to the flowchart of Figure 2.
  • LTE Long Term Evolution
  • FIG. 5 A is an exemplary block diagram of an LTE (Long Term Evolution) network.
  • LTE network is shown containing wireless device 120, eNodeBs (ENB) 510A-510B, serving gateway (SGW) 515A-515B, packet-data-network gateway (PGW) 520A-520B, network address translation block (NAT) 525A-525B, mobility management entity (MME) 530A-530B, home subscriber servers (HSS) 335A-535B and Internet 540.
  • ENB eNodeBs
  • SGW serving gateway
  • PGW packet-data-network gateway
  • NAT network address translation block
  • MME mobility management entity
  • HSS home subscriber servers
  • eNodeB 510A/510B represents a cell tower or base station (for example, corresponding to 150 and 160 respectively) which provides wireless communication facility to user equipment/wireless device 120.
  • the description is continued assuming that there has been a handover of wireless device 120 from eNodeB 510A (base station 150) to eNodeB 510B (base station 160). Accordingly, the operation of the various blocks coupled to eNodeB 510B is described below.
  • the pair of SGW 515B and PGW 520B operates in the data plane, implying the user data is transported by the pair in both directions.
  • PGW 520B provides interworking between the 4G/LTE network and external packet switched networks, such as Internet 540.
  • PGW 520B allocates IP addresses to the user equipment (120) during setup of the connection, and also provides filtering of the user data.
  • NAT 525B provides network address translation (NAT) functions for packets being transmitted and received, in a known way.
  • MME 530B operates in the control plane providing control/signaling functions related to, for example, mobility and security.
  • HSS 535B is a database storing user-related information, which is used for supporting functions in mobility management, call and session setup, user authentication and access authorization.
  • a control session is established between the MME 530B and SGW 515B, initiated by MME 530B. Thereafter, a data session (or more than one data sessions) is formed between ENB 510B and SGW 515B to exchange data.
  • the creation of the control session and data sessions entails transmitting of packets from MME 530B/SGW515B to wireless device 120.
  • the packets transmitted for creation of the control session contains signaling data that facilitates wireless device 120 to establish a connection with the LTE network. A sample format of such a signaling packet is described in detail below.
  • Figure 5B depicts an exemplary format of a signal packet received by a wireless device (120) from a node (MME 530B) in a LTE network.
  • the format is shown in rows/octets, with each octet containing 8 bytes (columns 1 to 8).
  • Message authentication code (MAC) 550 represents data used for authenticating the packet
  • sequence number (SN) 560 represents a sequence number included by the sender/second device (MME 530B) based on which MAC 550 is generated.
  • NAS message 570 represents the payload to be examined upon successful authentication.
  • NAS 470 in wireless device 120 determines whether SN 560 (packet sequence number) has already been received by wireless device 120 in a prior packet. According to an aspect of the present disclosure, the determination of whether SN 560 has already been received is performed by determining whether there is a mismatch between SN 560 (packet sequence number) and a local sequence number maintained in the wireless device/user equipment. According to an aspect, the local sequence numbers are maintained as part of security contexts as described in detail below.
  • FIG. 5C depicts exemplary security contexts maintained in a wireless device (120).
  • Each of SCI, SC2, etc. represents a separate security context maintained in wireless device.
  • Key set identifier 580 specifies the specific security context to be used for communications between the wireless device and the second device (MME 530B).
  • wireless device 120 maintains 7 security contexts, with the key set identifier 580 specifying a value of 0 to 6 to indicate the specific security context to be used.
  • Each of UL_NAS_COUNT and DL_NAS_COUNT indicates a count of the signaling packets sent to/received from MME 530B.
  • MME 530B the same security contexts is also maintained at MME 530B, thereby enabling MME 530B to include the value of UL_NAS_COUNT as the packet sequence number in the signaling packets sent to wireless device 120.
  • all the packets received on a specific connection/session are based on the same security context maintained at both wireless device 120 (as shown in Figure 5C) and also at MME 530B.
  • the key set identifier 580 has the value 2 indicating SC2 and accordingly DL count 590 is the local sequence number representing a count of packets received from MME 530B.
  • NAS 470 determines whether there is a mismatch between the values of SN 560 and DL count 590.
  • the packet sequence number is generated in (monotonically) ascending order, and as such the mismatch is determined to be present if the packet sequence number is less than or equal to the local sequence number.
  • any suitable logical relationship between SN 560 and DL count 590 may be chosen as the basis for testing mismatch.
  • NAS 470 determines that SN 560 is greater than DL count 590 (that is, there is no mismatch)
  • NAS 470 examines the payload (NAS message 570) for corresponding actions to be performed.
  • NAS 470 may first calculate an authentication code based on the packet sequence number (SN 560) and a common security key (previously generated at both the wireless device and MME 530B), and then perform the examining of the payload only if the calculated authentication code is equal to MAC 550 (packet authentication code).
  • NAS 470 also sets DL count 590 (local sequence number) equal to SN 560 (packet sequence number).
  • NAS 470 checks whether an additional condition of whether the received LTE signaling packet is received from MME 530B. In other words, the wireless device checks whether the signaling packet has been received from a genuine LTE network (and not from a malicious system). If the additional condition is determined to be satisfied (that is the signaling packet has been received from MME 530B), NAS 470 resets at least one of the local sequence number (DL count 590) and the packet sequence number (SN 560) to a pre-specified state. NAS 470 also ignores the received packet after the checking of the additional condition (that is, no further examining/processing of the received packet is performed).
  • the additional condition includes (A) determining whether the local authentication code can be successfully generated using the packet sequence number (SN 560) and if the payload can be successfully deciphered; and (B) whether the wireless device is expected to receive at least one packet from the second device (MME 530B) in a current state.
  • the checking may be performed by inspecting a state information (not shown) maintained in wireless device 120 according to a pre-specified design.
  • NAS 470 resets one or both of the local and packet sequence numbers. According to an aspect of the present disclosure, NAS 470 first invalidate the security context maintained at wireless device 120 by setting the key set identifier 580 to an invalid value (e.g. 7) thereby indicating that there is no active security context with the LTE network.
  • an invalid value e.g. 7
  • the invalidation of the security context causes the other layers in protocol stack 400 to terminate the present connection (detach from the LTE network) and to establish a new connection (attach to the LTE network) while notifying that there is no active security context. Accordingly, as part of establishing the new connection, a new security context (in response to notifying that there is no active security context) containing a new value for the local sequence number is received.
  • the new security context is stored in one of the locations 1-6 and the key set identifier 580 is set to point to the new security context. Accordingly, the local sequence number is set to the new value (e.g. zero).
  • the new value is also part of the security context maintained in MME 530B, both of the local sequence number and the packet sequence number at the second device are set to the new value.
  • wireless device 120 is facilitated to restart a new session on the LTE network with minor disruptions which would otherwise not have been possible.
  • Example 1 corresponds to a wireless device which maintains a local sequence number representing a count of packets received from a second device.
  • the wireless device operates to determine whether there is a mismatch between a packet sequence number in a received first packet and the local sequence number. If there is a mismatch, the wireless device checks whether an additional condition is satisfied. If the additional condition is satisfied, the wireless device resets at least one of the local sequence number and the packet sequence number to a pre- specified state and ignores the first packet after the check.
  • Example 2 corresponds to the wireless device of claim 1, wherein the additional condition comprises whether the first packet originated from the second device and wherein the checking comprises inspecting a header portion of the first packet. If there is no mismatch, the wireless device examines a payload of the first packet for performing corresponding actions specified in the payload.
  • the wireless device of any of examples 1-3 wherein the wireless device is a user equipment (UE) and the second device is a MME (Mobility Management Entity) in a network operating according to LTE (Long Term Evolution) technology, wherein the payload of the first packet contains signaling data according to LTE technology, and wherein the mismatch is determined to be present if the packet sequence number has already been received by the wireless device in a prior packet.
  • UE user equipment
  • MME Mobility Management Entity
  • LTE Long Term Evolution
  • example 5 the wireless device of any of examples 1-4, wherein the packet sequence number is generated in ascending order, wherein the mismatch is determined to be present if the packet sequence number is less than or equal to the local sequence number.
  • example 6 the wireless device of any of examples 1-5, wherein the header portion of the first packet comprises a packet authentication code, and wherein checking the additional condition comprises generating a local authentication code using the packet sequence number and comparing the local authentication code with the packet authentication code.
  • the wireless device of any of examples 1-6 wherein the additional condition further comprises deciphering of the first packet and whether at least one packet is expected to be received from the second device in a current state, and wherein the reset is performed if the comparison and subsequent deciphering is successful and if at least one packet is expected to be received from the second device in the current state.
  • each of the packets is received on a first connection based on a first security context maintained at each of the wireless device and the second device, wherein the local sequence number is part of the first security context on the wireless device and the packet sequence number is part of the first security context on the second device, wherein to reset, the processor is operable to:

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A wireless device maintains a local sequence number representing a count of packets received from a second device. Upon receiving a packet from the second device containing a packet sequence number, the wireless device determines whether there is a mismatch between the packet sequence number and the local sequence number. If there is mismatch, the wireless device checks whether an additional condition is satisfied. If the additional condition is satisfied, the wireless device resets at least one of the local sequence number and the packet sequence number to a pre-specified state. In either case, the wireless device ignores the packet after the check if there is a mismatch.

Description

HANDLING MISMATCH OF SEQUENCE NUMBERS USED FOR DETERMINING VALIDITY OF PACKETS IN COMMUNICATIONS
PRIORITY APPLICATION
[001] This application claims the benefit of priority to India Application No. 201641044104, filed 23 December 2016, which is incorporated herein by reference in its entirety.
Background
[002] Technical Field
[003] Embodiments of the present disclosure relate generally to wireless devices, and more specifically to handling mismatch of sequence numbers used for determining the validity of packets in communications.
[004] Related Art
[005] Packets are the basis for communication in various environments. A packet contains a sequence of bits according to a pre-specified specification, with the bits being interpreted according to the specification. Examples of environments in which such packets are used include, without limitation, point-to-point communications, wireless communications, internetworking environments, etc.
[006] Sequences numbers are often included in transmitted packets to determine the validity of packets. For example, a transmitter may include a sequence number (packet sequence number) in each packet indicating a position in the transmission order of the transmitted packets. The receiver may similarly maintain local sequence number representing a count of the number of packets already received. The receiver may determine the validity of each packet based on whether the local sequence number matches (e.g., is less than equal to) the packet sequence number according to the specification.
[007] However, the receiver needs to be implemented consistent with the transmitter to identify specific situations in which a mismatch between the two sequence numbers is to be identified and any corresponding corrective actions are to be taken as suited in the corresponding environments. Aspects of the present disclosure are related to handling such mismatch of sequence numbers.
Brief Description of the views of Drawings
[008] Example embodiments of the present disclosure will be described with reference to the accompanying drawings briefly described below.
[009] Figure 1 is a block diagram of an exemplary environment in which several aspects of the present disclosure can be implemented. [010] Figure 2 is a flow-chart illustrating the manner in which mismatch of sequence numbers is handled according to aspects of the present disclosure.
[Oil] Figure 3 is a block diagram representing an exemplary wireless device in which several aspects of the present disclosure can be implemented.
[012] Figure 4 is a block diagram representing an exemplary protocol stack implemented in a wireless device.
[013] Figure 5A is an exemplary block diagram of an LTE (Long Term Evolution) network.
[014] Figure 5B depicts an exemplary format of a signal packet received by a wireless device from a node in a LTE network.
[015] Figure 5C depicts exemplary security contexts maintained in a wireless device.
[016] In the drawings, like reference numbers generally indicate identical, functionally similar, and/or structurally similar elements. The drawing in which an element first appears is indicated by the leftmost digit(s) in the corresponding reference number. Detailed Description
[017] 1. Overview
[018] Aspects of the present disclosure enable to handle mismatch of sequence numbers used for determining validity of packets in communications. The wireless device maintains a local sequence number representing a count of packets received from a second device. Upon receiving a packet from the second device containing a packet sequence number, the wireless device determines whether there is a mismatch between the packet sequence number and the local sequence number. If there is mismatch, the wireless device checks whether an additional condition is satisfied. If the additional condition is satisfied, the wireless device resets at least one of the local sequence number and the packet sequence number to a pre-specified state. In either case, the wireless device ignores the packet after the check if there is a mismatch.
[019] By resetting the local or packet sequence number to a pre-specified state, mismatch for subsequent packets sent from the second device to the wireless device is avoided.
[020] According to an aspect of the present disclosure, the payload of each packet received from the second device contains signaling data for managing connections to or from the wireless device. For example, the wireless device may be an user equipment (UE) while the second device is a MME (Mobility Management Entity) in a mobile cellular network operating according to LTE technology. The payload of the packets received from the MME contains signaling data according to LTE technology.
[021] Several aspects of the invention are described below with reference to examples for illustration. It should be understood that numerous specific details, relationships, and methods are set forth to provide a full understanding of the invention. One skilled in the relevant arts, however, will readily recognize that the invention can be practiced without one or more of the specific details, or with other methods, etc. In other instances, well-known structures or operations are not shown in detail to avoid obscuring the features of the invention.
[022] 2. Example Environment
[023] Figure 1 is a block diagram of an exemplary environment in which several aspects of the present disclosure can be implemented. The example environment is shown containing only representative devices and systems for illustration. However, real world environments contain more or fewer systems/devices. Figure 1 shows base stations (BS) 140, 150 and 160, and wireless devices (WD) 120 and 130.
[024] Each of BS 140, 150 and 160 is a fixed communications unit of a corresponding mobile network deployed by a cellular network operator and provides the last-mile (or last hop) communications link to wireless devices that are within communications range (i.e., within the coverage area) of the corresponding BS, and that have subscribed to services from the corresponding cellular network operator. Although not shown in Figure 1, each of BS 140, BS 150 and BS 160 may be coupled to other devices/systems in the corresponding cellular network infrastructure to enable wireless devices in their coverage range to communicate with other devices, with landline communications equipment in a conventional PSTN (Public Switched Telephone Network), public data networks such as the Internet, etc.
[025] The base stations and the wireless devices of Figure 1 may operate according to any of cellular network standards/ specifications for wireless mobile communications such as, for example, GSM (Global System for Mobile Communications), LTE (Long Term Evolution, including frequency division duplex (FDD) and/or time division duplex (TDD) modes, UMTS (Universal Mobile Telecommunications System), CDMA (Code Division Multiple Access), W- CDMA (Wideband CDMA), 5G, etc.
[026] In the context of LTE (Long Term Evolution), a BS is referred to as an eNodeB. The term 'base station' as used herein covers base stations as well as eNodeBs. Further, although noted as covering corresponding normal cell areas, the base stations of Figure 1 can also be designed to cover a much smaller area such as, for example, a macrocell, microcell or a femtocell. Macro/micro/femtocells are special cellular base stations (operating over smaller cell areas than normal cells) that are often deployed in small areas to add extra cell capacity. For example, such small cells can be deployed temporarily during sporting events and other occasions where a large number of cell phone users are expected to be concentrated in one spot.
[027] Wireless devices 120 and 130 represent devices such as mobile phones, tablets, personal computers, etc. (in general, user equipment), and may be used for wireless communication such as voice calls, data services such as web browsing, receiving and sending emails, etc. In a common scenario, a wireless device communicates with a base station of a mobile cellular network providing the corresponding user the facility of voice and data based services. The communications between the wireless device (e.g., 120) and a base station (e.g. 160) is in the form of packets on a wireless medium.
[028] Such communications are susceptible to attack by malicious systems (not shown) existing in the exemplary environment of Figure 1. For example, a replay attack refers to a form of network attack in which valid data communications are maliciously or fraudulently repeated or delayed. Specifically, a malicious system eavesdrops on the packets (possibly containing confidential information) sent from BS 160 to WD 120, and thereafter repeat/resend the same eavesdropped packets to WD 120 and thereby masquerade as BS 160. The malicious system may alternatively repeat/resend the previous packets sent from WD 120 to BS 160 and thereby masquerade as WD 120.
[029] Sequences numbers are commonly used to protect from such attacks, in particular, the replay attack noted above. According to an aspect, during a connection established between WD 120 and BS 160, BS 160 sends packets containing increasing sequence numbers, with WD 120 accepting the packets only if the sequence numbers in the received packets have not been received before. In other words, WD 120 accepts a single packet having a specific sequence number, and discards (according to prior approaches) any subsequent packets received with the same specific sequence number.
[030] As such, in the scenario that a malicious system repeats/resend the previously eavesdropped packets, WD 120 discards the resent packets. Another sequence number may similarly be generated for packets sent from WD 120 to BS 160, thereby protecting the communications between WD 120 and BS 160 from the replay attacks noted above.
[031] However, there are several legitimate scenarios where multiple packets may be sent with the same sequence number. For example, when WD 120 moves from the coverage area of a previous base station (150) to the coverage area of BS 160, any connection established between WD 120 and BS 150 (for example, an ongoing voice call) is transferred from BS 150 to BS 160 (referred to as handover) to ensure that the connection is not interrupted. As part of the handover, the sequence number that was used for previously sending packets from BS 150 to WD 120 is also transferred to BS 160.
[032] However, during such hand over, the sequence number received by BS 160 may be erroneous (for example, due to sync issues between base stations/network nodes involved in context transfers as part of handover), thereby causing BS 160 to send packets to WD 120 with previously used sequence numbers. WD 120 may accordingly discard all such packets sent by BS 160, thereby causing the connection to be terminated (e.g., the voice call to be dropped or the WD's registration to fail). In other words, WD 120 ends up losing the network service in spite of being in a good network coverage area, due to receiving packets with previously used sequence numbers.
[033] The manner in which such packets having duplicate (same as previously accepted) sequence numbers is gracefully handled, overcoming some of the drawbacks of the current approaches, is described below with examples. [034] 3. Handling Mismatch Of Sequence Numbers
[035] Figure 2 is a flow-chart illustrating the manner in which mismatch of sequence numbers is handled according to aspects of the present disclosure. The flowchart is described with respect to the environment of Figure 1, and in relation to wireless device 120, merely for illustration. However, various features described herein can be implemented in other environments and using other components as well. Further, the steps in the flowchart are described in a specific sequence merely for illustration. The flowchart starts in step 201, in which control passes immediately to step 210.
[036] In step 210, wireless device 120 maintains a local sequence number representing a count of packets received from a second device (e.g. base station 160). The local sequence number may be incremented after each packet is received from the second device. Control then passes to step 220.
[037] In step 220, wireless device 120 receives from the second device a packet containing a packet sequence number. The received packet typically contains a header indicating the packet is from the second device. The received packet also contains the packet sequence number and a payload. Control then passes to step 240.
[038] In step 240, wireless device 120 determines whether there is a mismatch between the (received) packet sequence number and the local sequence number. A mismatch is determined to be present if the packet sequence number does not satisfy a specific logical relationship (for example, greater than) as against the local sequence number. Control passes to step 250 if there is a mismatch, and to step 290 otherwise.
[039] In step 250, wireless device 120 checks whether an additional condition is satisfied. The additional condition can be as suited for the corresponding environment. According to an exemplary aspect described below, the additional condition entails whether the packet is originating from the second device (instead of, for example, from an unknown malicious system) and whether a packet is expected to be received from the second device in a current state of the wireless device. Control passes to step 260 if the additional condition is satisfied and to step 270 otherwise.
[040] In step 260, wireless device 120 resets to a pre-specified state as suited for the corresponding environment. For example, in LTE environment, a Key Set Identifier (KSI) value is reset, and WD 120 moves to a Deregistered State and one or both of the local sequence number and the packet sequence number (maintained at the second device) is set to a new common value. Such resetting may avoid mismatches in sequence numbers for future packets. Control then passes to step 270.
[041] In step 270, wireless device 120 ignores the packet after the checking (of step 250). Ignoring implies that no actions are performed based on the content of the payload of the received packet. Control then passes to step 299, in which the flowchart ends. As will be clear from the description above, additional processing in relation to the packet is performed under certain scenarios, while the packet is entirely ignored in others.
[042] In step 290, wireless 120 examines the payload of the received packet (since the received sequence number does not have a mismatch) and performs any actions as specified in the payload content. Control then passes to step 299, in which the flowchart ends.
[043] By resetting the packet/local sequence numbers upon mismatch and satisfaction of the additional condition, wireless device 120 can obtain several benefits as illustrated below with respect to example scenarios. A description of the implementation details of wireless device 120 according to an aspect of the present disclosure is provided next.
[044] 4. Wireless device
[045] Figure 3 is a block diagram representing an example wireless device in which several aspects of the present disclosure can be implemented. Wireless device 120 is shown containing processing circuitry or block 310, non-volatile memory 320, input/output (I/O) block 330, random access memory (RAM) 340, real-time clock (RTC) 345, subscriber identity module (SIM) module 360, transmit (Tx) block 370, receive (Rx) block 380, switch 390, and antenna 395.
[046] Some or all units of wireless device 120 may be powered by a battery (not shown). In another aspect of the present disclosure, wireless device 120 is mains-powered and comprises corresponding components such as regulators, filters, etc. The specific blocks of wireless device 120 are shown by way of illustration only, and wireless device 120 may contain more or fewer blocks depending on specific requirements. The combination of processing block (or circuitry) 310, non- volatile memory 320, input/output (I/O) block 330, random access memory (RAM) 340, real-time clock (RTC) 345, Tx block 370 and Rx block 380 may be implemented in integrated circuit (IC) form.
[047] SIM module 360 is designed to identify the specific subscribers and related parameters to facilitate the subscriber to access various services provided via the wireless communication network. According to an aspect, SIM module 360 contains a physical holder (into which a SIM card can be inserted) and electrical/electronic circuits which together retrieve various data parameters stored on the inserted SIM card. A SIM card may provide the international mobile subscriber identity (IMSI) number (also the phone number) used by a network operator to identify and authenticate a subscriber. Typically, the SIM is 'inserted' into such holder before wireless device 120 can access the services provided by the network operator for the subscriber configured on the SIM. Additionally, a SIM card may store address book/telephone numbers of subscribers, security keys, temporary information related to the local network, a list of the services provided by the network operator, etc.
[048] However, in an alternative embodiment, 'virtual SIMs' can be used instead of physical SIM cards, and SIM module 360 may accordingly be implemented to support virtual SIMs. In yet another alternative embodiment, a physical SIM may be supported in combination with one or more virtual SIMs within the wireless device. The modules may be implemented to support such alternative embodiments as well.
[049] Processing block 310 may read the IMSI number, security keys etc., in transmitting and receiving voice/data via Tx block 370 and Rx block 380 respectively. SIM 360 may subscribe to data and voice services according to one of several radio access technologies such as GSM, LTE (FDD as well as TDD), CDMA, WCDMA, 5G, etc., as also noted above.
[050] RTC 345 operates as a clock, and provides the 'current' time to processing block 310. Additionally, RTC 345 may internally contain one or more timers. I/O block 330 provides interfaces for user interaction with wireless device 120, and includes input devices and output devices. The input devices may include a keypad and a pointing device (e.g., touch-pad). Output devices may include a display with touch- sensitive screen.
[051] Antenna 395 operates to receive from, and transmit to, a wireless medium, corresponding wireless signals (representing voice, data, etc.) according to one or more standards/RATs (radio access technologies) such as LTE and 3G. Switch 390 may be controlled by processing block 310 (connection not shown) to connect antenna 395 to one of blocks 370 and 380 as desired, depending on whether transmission or reception of wireless signals is required. Switch 390, antenna 395 and the corresponding connections of Figure 3 are shown merely by way of illustration. Instead of a single antenna 395, separate antennas, one for transmission and another for reception of wireless signals, can also be used. In addition, separate antennas may be provided corresponding to each SIM when the wireless device contains multiple SIMs. [052] Tx block 370 receives, from processing block 310, digital signals representing information (voice, data, etc.) to be transmitted on a wireless medium (e.g., according to the corresponding standards/specifications), generates a modulated radio frequency (RF) signal (according to the standard), and transmits the RF signal via switch 390 and antenna 395. Tx block 370 may contain RF circuitry (mixers/up-converters, local oscillators, filters, power amplifier, etc.) as well as baseband circuitry for modulating a carrier with the baseband information signal. Alternatively, Tx block 370 may contain only the RF circuitry, with processing block 310 performing the modulation and other baseband operations (in conjunction with the RF circuitry).
[053] Rx block 380 represents a receiver that receives a wireless (RF) signal bearing voice/data and/or control information via switch 390, and antenna 395, demodulates the RF signal, and provides the extracted voice/data or control information to processing block 310. Rx block 380 may contain RF circuitry (front-end filter, low-noise amplifier, mixer/down-converter, filters) as well as baseband processing circuitry for demodulating the down-converted signal. Alternatively, Rx block 380 (the receive chain) may contain only the RF circuitry, with processing block 310 performing the baseband operations in conjunction with the RF circuitry.
[054] Non-volatile memory 320 is a non-transitory machine readable medium, and stores instructions, which when executed by processing block 310, causes wireless device 120 to operate as described herein. In particular, the instructions enable wireless device 120 to operate as described with respect to the flowchart of Figure 2. The instructions may either be executed directly from non-volatile memory 320 or be copied to RAM 340 for execution.
[055] RAM 340 is a volatile random access memory, and may be used for storing instructions and data. RAM 340 and non-volatile memory 320 (which may be implemented in the form of read-only memory/ROM/Flash) constitute computer program products or machine (or computer) readable medium, which are means for providing instructions to processing block 310. Processing block 310 may retrieve the instructions, and execute the instructions to provide several features of the present disclosure.
[056] Processing block 310 (or processor in general) may contain multiple processing units internally, with each processing unit potentially being designed for a specific task. Accordingly, processing block 310 may be implemented as separate processing cores, one each for handling corresponding operations. Alternatively, processing block 310 may represent only a single processing unit executing multiple execution threads in software, each execution thread for handling corresponding operations. In general, processing block 310 executes instructions stored in non-volatile memory 320 or RAM 340 to enable wireless device 120 to operate according to several aspects of the present disclosure, described in detail below.
[057] Processing block 310 maintains a local sequence numbers Rx count and Tx count in RAM 340, with Rx count representing a count of packets received from a second device (e.g. base station 160), and Tx count representing a count of the packets sent/transmitted to the second device. It may be appreciated that the Tx count maintained in the second device (base station 160) is included in the packets as the packet sequence number when sending the packets from the second device to wireless device 120.
[058] Upon receiving a packet from the second device containing a packet sequence number, processing block 310 checks whether there is a mismatch between the received packet sequence number and the local sequence number (Rx count). According to an aspect, a mismatch is present if the packet sequence number is not greater than (in other words, less than or equal to) the Rx count. Thus, if processing block 310 determines that the packet sequence number is greater than the Rx count (no mismatch), processing block 310 examines the payload in the received packet for corresponding actions to be performed.
[059] Alternatively, if processing block 310 determines that the packet sequence number is less than or equal to the Rx count (mismatch exists), processing block 310 checks whether an additional condition is satisfied. According to an aspect, the additional condition is whether the packet originated from the second device. As such, processing block 310 inspects a header portion of the packet to determine whether the packet is originating from the second device. If the additional condition is satisfied, processing block 310 resets at least one of the local sequence number and the packet sequence number to a pre-specified state. The reset may be performed in communication with the second device. Processing block 310 then ignores the received packet after the checking (if there is a mismatch).
[060] The description is continued with the details of a protocol stack that may be implemented in wireless device 120. [061] 5. Protocol Stack
[062] Figure 4 is a block diagram representing an exemplary protocol stack implemented in a wireless device. Protocol stack 400, which is assumed to handle operations for SIM module 360, is shown containing layers LI, L2, L3 and the application layer. The various layers in stack 400 may be implemented to generally conform to the ISO OSI (International Standards Organization Open Systems Interconnect) model, and are only briefly described below, since the corresponding implementations of the blocks would be well known to one skilled in the relevant arts on reading the disclosure herein.
[063] Further, only the relevant blocks of the protocol stack are shown in Figure 4, and typically more blocks (such as transport layer etc.) according to the ISO OSI model may be present, as also would be apparent to one skilled in the relevant arts. [064] In stack 400, Layer 1 (LI) corresponds to PHY 410, which represents the electrical and physical interface between wireless device 120 and a transmission medium (here a wireless medium). PHY 410 receives data from MAC 420 and forwards the data to antenna 395 for transmission. PHY 410 receives data from antenna 395 and forwards the data to MAC 420 for further processing. PHY 410 includes Tx blocks 370 and Rx block 380.
[065] Layer 2 (L2) includes MAC (Medium Access Control layer) 420, Radio Link Control layer (RLC) 430 and Packet Data Convergence Protocol (PDCP) 440. MAC 420 performs operations such as mapping between logical channels and transport channels, error correction through HARQ, priority handling between logical channels, etc. RLC 430 performs operations such as error correction through ARQ, concatenation, segmentation and reassembly of RLC SDUs, re- segmentation of RLC data PDUs, duplicate detection, etc. When packets are deemed to be lost at the PHY/MAC level, RLC 430 (and the RLC layer for SIM) may operate to recover the packet using the ARQ mechanism. PDCP 440 performs operations such as header compression and decompression, ciphering and deciphering, etc.
[066] Layer 3 (L3) includes RRC (Radio Resource Control layer) 460 and NAS (Non-access Stratum protocol) 470. RRC 460 performs operations such as paging, establishment, maintenance and release of an RRC connection between wireless device 120 and the corresponding base station, security functions including key management, QoS (Quality of Service) management functions, measurement reporting and control of the reporting, etc.
[067] NAS 470 performs operations such as support of mobility of wireless device 120, support of session management procedures to establish and maintain IP connectivity between wireless device 120 and a packet data network gateway, etc. Application layer 480 represents a communications component that allows software applications executing in wireless device 120 to communicate with software applications in other nodes (servers, etc.) via the other blocks shown in Figure 4.
[068] According to aspects of the present disclosure, NAS 470 handles mismatch of sequence numbers used for determining validity of received packets according to the flowchart of Figure 2. The specific operation of NAS 470 when the received packets are according to LTE (Long Term Evolution) technology is described below with examples.
[069] 6. LTE Packets
[070] Figure 5 A is an exemplary block diagram of an LTE (Long Term Evolution) network. LTE network is shown containing wireless device 120, eNodeBs (ENB) 510A-510B, serving gateway (SGW) 515A-515B, packet-data-network gateway (PGW) 520A-520B, network address translation block (NAT) 525A-525B, mobility management entity (MME) 530A-530B, home subscriber servers (HSS) 335A-535B and Internet 540.
[071] As noted above, eNodeB 510A/510B represents a cell tower or base station (for example, corresponding to 150 and 160 respectively) which provides wireless communication facility to user equipment/wireless device 120. The description is continued assuming that there has been a handover of wireless device 120 from eNodeB 510A (base station 150) to eNodeB 510B (base station 160). Accordingly, the operation of the various blocks coupled to eNodeB 510B is described below.
[072] The pair of SGW 515B and PGW 520B operates in the data plane, implying the user data is transported by the pair in both directions. PGW 520B provides interworking between the 4G/LTE network and external packet switched networks, such as Internet 540. In particular, PGW 520B allocates IP addresses to the user equipment (120) during setup of the connection, and also provides filtering of the user data. NAT 525B provides network address translation (NAT) functions for packets being transmitted and received, in a known way.
[073] MME 530B operates in the control plane providing control/signaling functions related to, for example, mobility and security. HSS 535B is a database storing user-related information, which is used for supporting functions in mobility management, call and session setup, user authentication and access authorization.
[074] Initially, when user equipment/wireless device 120 requests a session to be created, a control session is established between the MME 530B and SGW 515B, initiated by MME 530B. Thereafter, a data session (or more than one data sessions) is formed between ENB 510B and SGW 515B to exchange data. The creation of the control session and data sessions entails transmitting of packets from MME 530B/SGW515B to wireless device 120. The packets transmitted for creation of the control session contains signaling data that facilitates wireless device 120 to establish a connection with the LTE network. A sample format of such a signaling packet is described in detail below.
[075] Figure 5B depicts an exemplary format of a signal packet received by a wireless device (120) from a node (MME 530B) in a LTE network. For convenience, the format is shown in rows/octets, with each octet containing 8 bytes (columns 1 to 8). Message authentication code (MAC) 550 represents data used for authenticating the packet, while sequence number (SN) 560 represents a sequence number included by the sender/second device (MME 530B) based on which MAC 550 is generated. NAS message 570 represents the payload to be examined upon successful authentication.
[076] Upon receiving a signaling packet according to LTE as shown in Figure 5B, NAS 470 in wireless device 120 determines whether SN 560 (packet sequence number) has already been received by wireless device 120 in a prior packet. According to an aspect of the present disclosure, the determination of whether SN 560 has already been received is performed by determining whether there is a mismatch between SN 560 (packet sequence number) and a local sequence number maintained in the wireless device/user equipment. According to an aspect, the local sequence numbers are maintained as part of security contexts as described in detail below.
[077] Figure 5C depicts exemplary security contexts maintained in a wireless device (120). Each of SCI, SC2, etc. represents a separate security context maintained in wireless device. Key set identifier 580 specifies the specific security context to be used for communications between the wireless device and the second device (MME 530B). According to an aspect, wireless device 120 maintains 7 security contexts, with the key set identifier 580 specifying a value of 0 to 6 to indicate the specific security context to be used. Each of UL_NAS_COUNT and DL_NAS_COUNT (corresponding to the above noted Tx Count and Rx Count respectively) indicates a count of the signaling packets sent to/received from MME 530B.
[078] Though not shown, it should be appreciated the same security contexts is also maintained at MME 530B, thereby enabling MME 530B to include the value of UL_NAS_COUNT as the packet sequence number in the signaling packets sent to wireless device 120. In general, all the packets received on a specific connection/session are based on the same security context maintained at both wireless device 120 (as shown in Figure 5C) and also at MME 530B. In the following disclosure, it is assumed that the key set identifier 580 has the value 2 indicating SC2 and accordingly DL count 590 is the local sequence number representing a count of packets received from MME 530B.
[079] Thus, upon receiving a signaling packet of Figure 5B, NAS 470 determines whether there is a mismatch between the values of SN 560 and DL count 590. According to an aspect, the packet sequence number is generated in (monotonically) ascending order, and as such the mismatch is determined to be present if the packet sequence number is less than or equal to the local sequence number. However, in alternative implementations, any suitable logical relationship between SN 560 and DL count 590 may be chosen as the basis for testing mismatch.
[080] If NAS 470 determines that SN 560 is greater than DL count 590 (that is, there is no mismatch), NAS 470 examines the payload (NAS message 570) for corresponding actions to be performed. NAS 470 may first calculate an authentication code based on the packet sequence number (SN 560) and a common security key (previously generated at both the wireless device and MME 530B), and then perform the examining of the payload only if the calculated authentication code is equal to MAC 550 (packet authentication code). NAS 470 also sets DL count 590 (local sequence number) equal to SN 560 (packet sequence number).
[081] If a mismatch is determined to be present, NAS 470 checks whether an additional condition of whether the received LTE signaling packet is received from MME 530B. In other words, the wireless device checks whether the signaling packet has been received from a genuine LTE network (and not from a malicious system). If the additional condition is determined to be satisfied (that is the signaling packet has been received from MME 530B), NAS 470 resets at least one of the local sequence number (DL count 590) and the packet sequence number (SN 560) to a pre-specified state. NAS 470 also ignores the received packet after the checking of the additional condition (that is, no further examining/processing of the received packet is performed).
[082] According to aspects of the present disclosure, the additional condition includes (A) determining whether the local authentication code can be successfully generated using the packet sequence number (SN 560) and if the payload can be successfully deciphered; and (B) whether the wireless device is expected to receive at least one packet from the second device (MME 530B) in a current state. The checking may be performed by inspecting a state information (not shown) maintained in wireless device 120 according to a pre-specified design.
[083] Accordingly, if the deciphering is successful and if at least one packet is expected to be received from MME 530B in the current state, NAS 470 resets one or both of the local and packet sequence numbers. According to an aspect of the present disclosure, NAS 470 first invalidate the security context maintained at wireless device 120 by setting the key set identifier 580 to an invalid value (e.g. 7) thereby indicating that there is no active security context with the LTE network.
[084] The invalidation of the security context causes the other layers in protocol stack 400 to terminate the present connection (detach from the LTE network) and to establish a new connection (attach to the LTE network) while notifying that there is no active security context. Accordingly, as part of establishing the new connection, a new security context (in response to notifying that there is no active security context) containing a new value for the local sequence number is received. The new security context is stored in one of the locations 1-6 and the key set identifier 580 is set to point to the new security context. Accordingly, the local sequence number is set to the new value (e.g. zero). As the new value is also part of the security context maintained in MME 530B, both of the local sequence number and the packet sequence number at the second device are set to the new value.
[085] It may be appreciated that by getting a new security context and thereafter accepting signaling packets sent by MME 530B, wireless device 120 is facilitated to restart a new session on the LTE network with minor disruptions which would otherwise not have been possible.
[086] 7. Conclusion
[087] References throughout this specification to "one embodiment", "an embodiment", similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrases "in one embodiment", "in an embodiment" and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment. The following examples pertain to above or further embodiments.
[088] Example 1 corresponds to a wireless device which maintains a local sequence number representing a count of packets received from a second device. The wireless device operates to determine whether there is a mismatch between a packet sequence number in a received first packet and the local sequence number. If there is a mismatch, the wireless device checks whether an additional condition is satisfied. If the additional condition is satisfied, the wireless device resets at least one of the local sequence number and the packet sequence number to a pre- specified state and ignores the first packet after the check.
[089] Example 2 corresponds to the wireless device of claim 1, wherein the additional condition comprises whether the first packet originated from the second device and wherein the checking comprises inspecting a header portion of the first packet. If there is no mismatch, the wireless device examines a payload of the first packet for performing corresponding actions specified in the payload.
[090] In example 3, the wireless device of any of examples 1 and 2, wherein the payload of each packet received from the second device contains signaling data for managing connections to or from the wireless device.
[091] In example 4, the wireless device of any of examples 1-3, wherein the wireless device is a user equipment (UE) and the second device is a MME (Mobility Management Entity) in a network operating according to LTE (Long Term Evolution) technology, wherein the payload of the first packet contains signaling data according to LTE technology, and wherein the mismatch is determined to be present if the packet sequence number has already been received by the wireless device in a prior packet.
[092] In example 5, the wireless device of any of examples 1-4, wherein the packet sequence number is generated in ascending order, wherein the mismatch is determined to be present if the packet sequence number is less than or equal to the local sequence number.
[093] In example 6, the wireless device of any of examples 1-5, wherein the header portion of the first packet comprises a packet authentication code, and wherein checking the additional condition comprises generating a local authentication code using the packet sequence number and comparing the local authentication code with the packet authentication code.
[094] In example 7, the wireless device of any of examples 1-6, wherein the additional condition further comprises deciphering of the first packet and whether at least one packet is expected to be received from the second device in a current state, and wherein the reset is performed if the comparison and subsequent deciphering is successful and if at least one packet is expected to be received from the second device in the current state.
[095] In example 8, the wireless device of any of examples 1-7, wherein each of the packets is received on a first connection based on a first security context maintained at each of the wireless device and the second device, wherein the local sequence number is part of the first security context on the wireless device and the packet sequence number is part of the first security context on the second device, wherein to reset, the processor is operable to:
[096] invalidate the first security context maintained at the wireless device;
[097] terminate the first connection and establish a new connection with the second device while notifying that the first security context is invalidated;
[098] receive a new security context in response to notifying that the first security context is invalidated, the new security context containing a new value for the local sequence number; and
[099] set the local sequence number to the new value, wherein both of the local sequence number and the packet sequence number at the second device are set to the new value,
[0100] wherein the setting avoids the mismatch for subsequent packets sent from the second device to the wireless device.
[0101] While various embodiments of the present invention have been described above, it should be understood that they have been presented by way of example only, and not limitation. Thus, the breadth and scope of the present invention should not be limited by any of the above- described embodiments, but should be defined only in accordance with the following claims and their equivalents.

Claims

What is claimed is:
1. A wireless device comprising:
a memory unit to maintain a local sequence number representing a count of packets received from a second device;
a transceiver to receive from the second device, a first packet containing a packet sequence number; and
a processor coupled to the transceiver and configured to:
determine whether there is a mismatch between the packet sequence number and the local sequence number; and
if there is mismatch:
check whether an additional condition is satisfied;
if the additional condition is satisfied, reset at least one of the local sequence number and the packet sequence number to a pre-specified state; and ignore the first packet after the check.
2. The wireless device of claim 1, wherein the additional condition comprises whether the first packet originated from the second device and wherein the checking comprises inspecting a header portion of the first packet,
if there is no mismatch, the processor is further configured to examine a payload of the first packet for corresponding actions.
3. The wireless device of claim 1 or 2, wherein the payload of each packet received from the second device contains signaling data for managing connections to or from the wireless device.
4. The wireless device any of claims 1-3, wherein the wireless device is a user equipment (UE) and the second device is a MME (Mobility Management Entity) in a network operating according to LTE (Long Term Evolution) technology, wherein the payload of the first packet contains signaling data according to LTE technology,
wherein the mismatch is determined to be present if the packet sequence number has already been received by the wireless device in a prior packet.
5. The wireless device of any of claims 1-4, wherein the packet sequence number is generated in ascending order, wherein the mismatch is determined to be present if the packet sequence number is less than or equal to the local sequence number.
6. The wireless device of any of claims 1-3, wherein the header portion of the first packet comprises a packet authentication code,
wherein checking the additional condition comprises generating a local authentication code using the packet sequence number and comparing the local authentication code with the packet authentication code.
7. The wireless device of any of claims 1-3 or 6, wherein the additional condition further comprises deciphering of the first packet and whether at least one packet is expected to be received from the second device in a current state,
wherein the reset is performed if the comparison and subsequent deciphering is successful and if at least one packet is expected to be received from the second device in the current state.
8. The wireless device of any of claims 1-3 or 6-7, wherein each of the packets is received on a first connection based on a first security context maintained at each of the wireless device and the second device, wherein the local sequence number is part of the first security context on the wireless device and the packet sequence number is part of the first security context on the second device,
wherein to reset, the processor is operable to:
invalidate the first security context maintained at the wireless device; terminate the first connection and establish a new connection with the second device while notifying that the first security context is invalidated;
receive a new security context in response to notifying that the first security context is invalidated, the new security context containing a new value for the local sequence number; and
set the local sequence number to the new value, wherein both of the local sequence number and the packet sequence number at the second device are set to the new value,
wherein the setting avoids the mismatch for subsequent packets sent from the second device to the wireless device.
9. An integrated circuit comprising:
a transceiver to transmit and receive signals on a wireless medium; a processing block coupled to the transceiver and configured to: maintain a local sequence number representing a count of packets received from a second device;
receive from the second device a first packet containing a packet sequence number;
determine whether there is a mismatch between the packet sequence number and the local sequence number; and
if there is mismatch:
check whether an additional condition is satisfied;
if the additional condition is satisfied, reset at least one of the local sequence number and the packet sequence number to a pre-specified state; and
ignore the first packet after the check.
10. The integrated circuit of claim 9, wherein the additional condition comprises whether the first packet originated from the second device and wherein the checking comprises inspecting a header portion of the first packet,
if there is no mismatch, the processing block is further configured to examine a payload of the first packet for corresponding actions.
11. A method performed in a wireless device, the method comprising:
maintaining a local sequence number representing a count of packets received from a second device;
receiving from the second device a first packet containing a packet sequence number; determining whether there is a mismatch between the packet sequence number and the local sequence number; and
if there is mismatch:
checking whether an additional condition is satisfied;
if the additional condition is satisfied, resetting at least one of the local sequence number and the packet sequence number to a pre-specified state; and
ignoring the first packet after the checking.
12. The method of claim 11, wherein the additional condition comprises whether the first packet originated from the second device and wherein the checking comprises inspecting a header portion of the first packet, if there is no mismatch, the method further comprising examining a payload of the first packet for corresponding actions.
13. The method of claim 11 or 12, wherein the payload of each packet received from the second device contains signaling data for managing connections to or from the wireless device, wherein the wireless device is a user equipment (UE) and the second device is a MME (Mobility Management Entity) in a network operating according to LTE (Long Term Evolution) technology, wherein the payload of the first packet contains signaling data according to LTE technology,
wherein the mismatch is determined to be present if the packet sequence number has already been received by the wireless device in a prior packet.
14. The method of any of claims 11-13, wherein the packet sequence number is generated in ascending order, wherein the mismatch is determined to be present if the packet sequence number is less than or equal to the local sequence number.
15. The method of any of claims 11-14, wherein the header portion of the first packet comprises a packet authentication code,
wherein checking the additional condition comprises generating a local authentication code using the packet sequence number and comparing the local authentication code with the packet authentication code.
wherein the additional condition further comprises deciphering of the first packet and whether at least one packet is expected to be received from the second device in a current state, wherein the reset is performed if the comparison and subsequent deciphering is successful and if at least one packet is expected to be received from the second device in the current state.
16. The method of any of claims 11-15, wherein each of the packets is received on a first connection based on a first security context maintained at each of the wireless device and the second device, wherein the local sequence number is part of the first security context on the wireless device and the packet sequence number is part of the first security context on the second device,
wherein the resetting comprises:
invalidating the first security context maintained at the wireless device; terminating the first connection and establishing a new connection with the second device while notifying that the first security context is invalidated;
receiving a new security context in response to notifying that the first security context is invalidated, the new security context containing a new value for the local sequence number; and
setting the local sequence number to the new value, wherein both of the local sequence number and the packet sequence number at the second device are set to the new value,
wherein the setting avoids the mismatch for subsequent packets sent from the second device to the wireless device.
17. A non-transitory machine readable medium storing one or more sequences of instructions for operating a wireless device, wherein execution of said one or more instructions by one or more processors contained in said wireless device enables said wireless device to perform the actions of:
maintaining a local sequence number representing a count of packets received from a second device;
receiving from the second device a first packet containing a packet sequence number; determining whether there is a mismatch between the packet sequence number and the local sequence number; and
if there is mismatch:
checking whether an additional condition is satisfied;
if the additional condition is satisfied, resetting at least one of the local sequence number and the packet sequence number to a pre-specified state; and
ignoring the first packet after the checking.
18. The non-transitory machine readable medium of claim 17, wherein the additional condition comprises whether the first packet originated from the second device and wherein the checking comprises inspecting a header portion of the first packet,
if there is no mismatch, further comprising one or more instructions for examining a payload of the first packet for corresponding actions.
19. The non-transitory machine readable medium of claim 17-18, wherein the payload of each packet received from the second device contains signaling data for managing connections to or from the wireless device, wherein the wireless device is a user equipment (UE) and the second device is a MME (Mobility Management Entity) in a network operating according to LTE (Long Term Evolution) technology, wherein the payload of the first packet contains signaling data according to LTE technology,
wherein the mismatch is determined to be present if the packet sequence number has already been received by the wireless device in a prior packet.
20. The non-transitory machine readable medium of any of claims 17-19, wherein the packet sequence number is generated in ascending order, wherein the mismatch is determined to be present if the packet sequence number is less than or equal to the local sequence number.
21. The non-transitory machine readable medium of any of claims 17-20, wherein the header portion of the first packet comprises a packet authentication code,
wherein checking the additional condition comprises generating a local authentication code using the packet sequence number and comparing the local authentication code with the packet authentication code.
wherein the additional condition further comprises deciphering of the first packet and whether at least one packet is expected to be received from the second device in a current state, wherein the reset is performed if the comparison and subsequent deciphering is successful and if at least one packet is expected to be received from the second device in the current state.
22. The non-transitory machine readable medium of any of claims 17-21, wherein each of the packets is received on a first connection based on a first security context maintained at each of the wireless device and the second device, wherein the local sequence number is part of the first security context on the wireless device and the packet sequence number is part of the first security context on the second device,
wherein the resetting comprises one or more instructions for:
invalidating the first security context maintained at the wireless device;
terminating the first connection and establishing a new connection with the second device while notifying that the first security context is invalidated;
receiving a new security context in response to notifying that the first security context is invalidated, the new security context containing a new value for the local sequence number; and setting the local sequence number to the new value, wherein both of the local sequence number and the packet sequence number at the second device are set to the new value,
wherein the setting avoids the mismatch for subsequent packets sent from the second device to the wireless device.
23. A wireless device comprising:
means for maintaining a local sequence number representing a count of packets received from a second device;
means for receiving from the second device, a first packet containing a packet sequence number;
means for determining whether there is a mismatch between the packet sequence number and the local sequence number; and
if there is mismatch:
means for checking whether an additional condition is satisfied;
if the additional condition is satisfied, means for resetting at least one of the local sequence number and the packet sequence number to a pre-specified state; and
wherein the means for checking ignores the first packet after the check.
24. The wireless device of claim 23, wherein the additional condition comprises whether the first packet originated from the second device and wherein the means for checking inspects a header portion of the first packet,
wherein if there is no mismatch, the wireless device further comprises means to examine a payload of the first packet for corresponding actions.
25. The wireless device of claim 23 or 24, wherein the payload of each packet received from the second device contains signaling data for managing connections to or from the wireless device.
PCT/US2017/066243 2016-12-23 2017-12-14 Handling mismatch of sequence numbers used for determining validity of packets in communications WO2018118602A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN201641044104 2016-12-23
IN201641044104 2016-12-23

Publications (1)

Publication Number Publication Date
WO2018118602A1 true WO2018118602A1 (en) 2018-06-28

Family

ID=62627966

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2017/066243 WO2018118602A1 (en) 2016-12-23 2017-12-14 Handling mismatch of sequence numbers used for determining validity of packets in communications

Country Status (1)

Country Link
WO (1) WO2018118602A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040077368A1 (en) * 2002-05-15 2004-04-22 Anderson Nicholas William System, transmitter, receiver and method for communication power control
US20090135827A1 (en) * 2007-11-28 2009-05-28 Prashant Dewan Synchronizing sequence numbers among peers in a network
US20120099525A1 (en) * 2010-04-22 2012-04-26 Qualcomm Incorporated Counter check procedure for packet data transmission
US20140185807A1 (en) * 2006-05-24 2014-07-03 Telefonaktiebolaget L M Ericsson (Publ) Delegation based mobility management
US20150295946A1 (en) * 2014-04-15 2015-10-15 Nuance Communications, Inc. System and method for handling rogue data packets

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040077368A1 (en) * 2002-05-15 2004-04-22 Anderson Nicholas William System, transmitter, receiver and method for communication power control
US20140185807A1 (en) * 2006-05-24 2014-07-03 Telefonaktiebolaget L M Ericsson (Publ) Delegation based mobility management
US20090135827A1 (en) * 2007-11-28 2009-05-28 Prashant Dewan Synchronizing sequence numbers among peers in a network
US20120099525A1 (en) * 2010-04-22 2012-04-26 Qualcomm Incorporated Counter check procedure for packet data transmission
US20150295946A1 (en) * 2014-04-15 2015-10-15 Nuance Communications, Inc. System and method for handling rogue data packets

Similar Documents

Publication Publication Date Title
US11937177B2 (en) Method and apparatus for handling non-integrity protected reject messages in non-public networks
CN107889050B (en) Apparatus and method for processing signal quality measurement request
CN110741688B (en) Forbidden public land mobile network list enhancement processing method and user equipment thereof
EP3228066B1 (en) Control of maximum transmission unit size discovery using at commands
US10003957B2 (en) Method and apparatus for supporting location privacy protection in wireless access system supporting small cell environment
US8762450B2 (en) Apparatus and method for reducing frequent server messages
EP3528591B1 (en) Dual-sim card dual-call connection communication method, terminal, network and system
US20180115888A1 (en) Network node, a wireless device and methods therein for handling radio access network (ran) context information in a wireless communications network
RU2767778C2 (en) Method and device for protecting data integrity
US10448286B2 (en) Mobility in mobile communications network
EP3713293B1 (en) Terminal apparatus, base station apparatus, and methods
CN111404814A (en) Data transmission method and communication device
US11419174B2 (en) Connection recovery method for recovering a connection between a communications apparatus and a data network and the associated communications apparatus
WO2020019987A1 (en) Method and apparatus for transmitting euicc data in internet of things
US20220086145A1 (en) Secondary Authentication Method And Apparatus
CN113676904B (en) Slice authentication method and device
JPWO2015076345A1 (en) Communication control method, user terminal, and processor
WO2020217224A1 (en) Amf and scp behavior in delegated discovery of pcf
CN114600487B (en) Identity authentication method and communication device
WO2019131320A1 (en) Terminal device, method, and integrated circuit
WO2018118602A1 (en) Handling mismatch of sequence numbers used for determining validity of packets in communications
TW202105968A (en) Packet delivery methods and communications apparatus
TWI805465B (en) A method of enhancing 3gpp session establishment procedure and an user equipment thereof
WO2018111788A1 (en) Providing concurrent connections to a subscriber using a mobile device having multiple transceivers
CN114630355B (en) Fault recovery method, device, equipment and storage medium based on core network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17884550

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17884550

Country of ref document: EP

Kind code of ref document: A1