公开(公告)号：US10278073B2

公开(公告)日：2019-04-30

申请号：US15890936

申请日：2018-02-07

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Youyang Yu ,  Jing Chen

IPC: H04W72/02 ,  H04W12/06 ,  H04W48/02 ,  H04W8/04 ,  H04W8/24 ,  H04W12/08 ,  H04W48/08 ,  H04L29/06

Abstract: A processing method for terminal access to a 3GPP network is provided. A UE sends an access request message to a core network device on the 3GPP network, and the core network device sends an unauthorized access message to the UE after determining that the UE has no permission to access the 3GPP network. The unauthorized access message includes authentication information of the core network device. The UE performs authentication on the core network device according to the authentication information of the core network device, and executes a corresponding network access policy after authentication on the core network device by the UE succeeds, that is, after the UE determines that a source of the unauthorized access message is authorized.

公开(公告)号：US20190081802A1

公开(公告)日：2019-03-14

申请号：US16178955

申请日：2018-11-02

Applicant: Huawei Technologies Co., Ltd.

Inventor： Jiangwei Ying ,  Yanmei Yang ,  Jing Chen ,  Qi Li

IPC: H04L9/32 ,  H04L9/30

CPC classification number: H04L9/3268 ,  H04L9/30 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/0823 ,  H04L2209/80 ,  H04L2209/84 ,  H04W12/0609

Abstract: A certificate notification method, including reporting a certificate of a first terminal to a server, obtaining public key maintenance information including a public key corresponding to a certificate of each of one or more terminals within a preset area range and certificate identification information corresponding to the certificate of the corresponding terminal, receiving a communication message including certificate identification information corresponding to a certificate of the second terminal and a signature generated by the second terminal, determining, according to certificate identification information and the public key maintenance information, a public key corresponding to the certificate of the second terminal, and verifying, according to the public key corresponding to the certificate of the second terminal, the signature generated by the second terminal.

公开(公告)号：US20190044707A1

公开(公告)日：2019-02-07

申请号：US16140217

申请日：2018-09-24

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Dongmei Zhang ,  Jing Chen

IPC: H04L9/08 ,  H04L29/06 ,  H04W12/04 ,  H04W12/02 ,  H04W12/06 ,  H04W12/08 ,  H04W36/00

Abstract: Embodiments disclose a method, an apparatus, and a system for establishing a security context and relates to the communications field, so as to comprehensively protect UE data. The method includes: acquiring an encryption algorithm of an access node; acquiring a root key and deriving, according to the root key and the encryption algorithm, an encryption key of the access node; sending the encryption key and the encryption algorithm to the access node, so that the access node starts downlink encryption and uplink decryption; sending the encryption algorithm of the access node to the UE so as to negotiate the encryption algorithm with the UE; and instructing the access node to start downlink encryption and uplink decryption and instructing, during algorithm negotiation, the UE to start downlink decryption and uplink encryption.

公开(公告)号：US10084594B2

公开(公告)日：2018-09-25

申请号：US15594975

申请日：2017-05-15

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Dongmei Zhang ,  Jing Chen

IPC: H04L9/08 ,  H04W12/02 ,  H04W12/04 ,  H04L29/06 ,  H04W12/06 ,  H04W12/08 ,  H04W36/00

CPC classification number: H04L9/0816 ,  H04L9/083 ,  H04L9/0861 ,  H04L63/06 ,  H04L63/205 ,  H04L2209/24 ,  H04L2463/061 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08 ,  H04W36/0038

Abstract: Embodiment of the present invention discloses a method, an apparatus, and a system for establishing a security context and relates to the communications field, so as to comprehensively protect UE data. The method includes: acquiring an encryption algorithm of an access node; acquiring a root key and deriving, according to the root key and the encryption algorithm, an encryption key of the access node; sending the encryption key and the encryption algorithm to the access node, so that the access node starts downlink encryption and uplink decryption; sending the encryption algorithm of the access node to the UE so as to negotiate the encryption algorithm with the UE; and instructing the access node to start downlink encryption and uplink decryption and instructing, during algorithm negotiation, the UE to start downlink decryption and uplink encryption. The present invention mainly applies to SCC security protection.

公开(公告)号：US09992669B2

公开(公告)日：2018-06-05

申请号：US14263253

申请日：2014-04-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia Zhang ,  Jing Chen

IPC: H04L29/06 ,  H04W12/04 ,  H04L9/06 ,  H04L9/12 ,  H04W12/02 ,  H04W4/00

CPC classification number: H04W12/04 ,  H04L9/0656 ,  H04L9/12 ,  H04L63/10 ,  H04L63/104 ,  H04L2209/80 ,  H04W4/70 ,  H04W12/02

Abstract: Embodiments of the present application provide an encryption method, a decryption method, and a related apparatus. The encryption method includes: generating a keystream, where the keystream is used to encrypt a part of data to be encrypted in an initial layer-3 message, and the part of data to be encrypted includes small data; generating, by performing an exclusive OR operation on the keystream and the initial layer-3 message, an initial layer-3 message in which the part of data is encrypted; and sending the initial layer-3 message in which the part of data is encrypted, where the initial layer-3 message includes an added encryption indication, and the encryption indication is used to indicate that the part of data to be encrypted in the initial layer-3 message is encrypted.

公开(公告)号：US09924354B2

公开(公告)日：2018-03-20

申请号：US14842945

申请日：2015-09-02

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Dongmei Zhang ,  Jing Chen

IPC: H04L9/08 ,  H04W12/04 ,  H04L29/06 ,  H04W76/02

CPC classification number: H04W12/04 ,  H04L9/0819 ,  H04L63/06 ,  H04L63/061 ,  H04L63/205 ,  H04W76/14

Abstract: Embodiments of the present invention disclose a key exchange method and apparatus, which relate to the communications field, and can enable user equipments establishing a D2D link to share a set of keys, and further, information security can be achieved when a user equipment transmits service data or a signaling message through a Ud interface. A specific solution is that: a network device acquires a first key, and sends a message including the first key to a second user equipment, so that the second user equipment uses, when communicating with a first user equipment by using a D2D link, the first key to protect transmitted information. The present invention is applicable to an exchange process of keys for protecting data on a D2D link.

公开(公告)号：US09736125B2

公开(公告)日：2017-08-15

申请号：US14304073

申请日：2014-06-13

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Dongmei Zhang ,  Jing Chen ,  Yang Cui

IPC: H04L9/08 ,  H04L29/06 ,  H04W12/04 ,  H04W88/06 ,  H04W88/10 ,  H04W76/02

CPC classification number: H04L63/0485 ,  H04L2463/061 ,  H04W12/04 ,  H04W76/15 ,  H04W88/06 ,  H04W88/10

Abstract: In the communications system, a user equipment UE accesses a core network via a first network-side device by using a first air interface and connects to the first network-side device via a second network-side device by using a second air interface to access the core network. The method includes: acquiring, by the network-side device, an input parameter; calculating, by the network-side device, an access stratum root key KeNB* according to the input parameter and an access stratum root key KeNB on the first air interface, or using, by the network-side device, the KeNB as the KeNB*; and generating, by the second network-side device, an access stratum key on the second air interface according to the KeNB*, or sending, by the first network-side device, the KeNB* to the second network-side device.

公开(公告)号：US09661539B2

公开(公告)日：2017-05-23

申请号：US14824342

申请日：2015-08-12

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Min Huang ,  Jing Chen ,  Aiqin Zhang ,  Xiaohan Liu

IPC: H04L29/06 ,  H04W36/08 ,  H04W36/00 ,  H04W76/04 ,  H04W12/04

CPC classification number: H04W36/08 ,  H04W12/04 ,  H04W36/0038 ,  H04W36/0088 ,  H04W76/27

Abstract: A method, an apparatus and a system for key derivation are disclosed. The method includes the following steps: a target base station) receives multiple keys derived by a source base station, where the keys correspond to cells of the target base station; the target base station selects a key corresponding to the target cell after knowing a target cell that a user equipment (UE) wants to access. An apparatus for key derivation and a communications system are also provided.

公开(公告)号：US09398510B2

公开(公告)日：2016-07-19

申请号：US14082480

申请日：2013-11-18

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Jing Chen ,  Boyun Xie ,  Tao Wang

IPC: H04W12/04 ,  H04W36/34 ,  H04L29/06 ,  H04W36/00

CPC classification number: H04W36/34 ,  H04L63/205 ,  H04W12/04 ,  H04W36/0038

Abstract: Embodiments of the present invention provide a handover method, base station, user equipment, and mobility management entity. The handover method includes: obtaining an algorithm used by a user equipment in a universal mobile telecommunication system and four least significant bits of a downlink non-access stratum count; and sending a handover command to the user equipment, where the handover command carries the algorithm used by the user equipment in the universal mobile telecommunication system and the four least significant bits of the downlink non-access stratum count, so that the user equipment calculates a cipher key and an integrity key according to the four least significant bits of the downlink non-access stratum count.

Abstract translation: 本发明的实施例提供了切换方法，基站，用户设备和移动性管理实体。 切换方法包括：获得由通用移动电信系统中的用户设备使用的算法和下行链路非接入层计数的四个最低有效位; 并向所述用户设备发送切换命令，其中所述切换命令携带所述通用移动电信系统中的用户设备所使用的算法和所述下行非接入层计数的所述四个最低有效位，以使得所述用户设备计算 密钥和完整性密钥，根据下行链路非接入层数的四个最低有效位。

公开(公告)号：US20150236851A1

公开(公告)日：2015-08-20

申请号：US14706432

申请日：2015-05-07

Applicant: Huawei Technologies Co., Ltd.

Inventor： Xiaoyu Bi ,  Jing Chen ,  Yixian Xu ,  Chunshan Xiong

IPC: H04L9/08 ,  H04L9/30

CPC classification number: H04L9/0825 ,  H04L9/0891 ,  H04L9/30 ,  H04L9/3268 ,  H04L63/0823 ,  H04L2209/24 ,  H04L2209/64 ,  H04L2209/80 ,  H04W4/90 ,  H04W12/04

Abstract: A method and an apparatus for updating a public key, a UE and a CA are disclosed. The method includes: receiving a first message including CA public key information, where the CA public key information includes a CA public key or CA public key acquiring information; and updating a local CA public key of a UE according to the CA public key or to the CA public key acquiring information. The present invention can realize update of the CA public key in the UE.

Abstract translation: 公开了一种用于更新公钥，UE和CA的方法和装置。 该方法包括：接收包括CA公开密钥信息的第一消息，其中CA公钥信息包括CA公钥或CA公钥获取信息; 以及根据所述CA公钥更新所述UE的本地CA公开密钥或所述CA公钥获取信息。 本发明可以实现UE中的CA公钥的更新。