公开(公告)号：US20190306141A1

公开(公告)日：2019-10-03

申请号：US16445072

申请日：2019-06-18

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum LEE ,  Gavin Bernard HORN ,  Anand PALANIGOUNDER

IPC: H04L29/06 ,  H04W12/00 ,  H04W12/10

Abstract: In an aspect, a network supporting client devices includes one or more network nodes implementing network functions. Such network functions enable a client device to apply a security context to communications with the network when the client device is not in a connected mode. The client device obtains a user plane key shared with a user plane network function implemented at a first network node and/or a control plane key shared with a control plane network function implemented at a second network node. The client device protects a data packet with the user plane key or a control packet with the control plane key. The data packet includes first destination information indicating the first network node and the control packet includes second destination information indicating the second network node. The client device transmits the data packet or control packet.

公开(公告)号：US20190174314A1

公开(公告)日：2019-06-06

申请号：US16201813

申请日：2018-11-27

Applicant: QUALCOMM Incorporated

Inventor： Vinay JOSEPH ,  Anand PALANIGOUNDER ,  Michele BERIONNE ,  Philip HAWKES ,  Rajat PRAKASH

IPC: H04W12/06 ,  H04W48/16 ,  H04W48/10 ,  H04W12/00

Abstract: Aspects of the present disclosure describe authentication of a user equipment (UE) in a network. It can be determined, by the UE, to access a discovered network for wireless communications, and based on a service provider associated with the discovered network, to use a modified universal subscriber identity module (USIM) subscription stored in the UE for authentication with the discovered network. The UE can obtain a subscriber identifier for authenticating on the discovered network via the authentication, where the subscriber identifier is generated based at least in part on a service provider identifier associated with the service provider and a modified mobile subscriber identity associated with the service provider. The UE can send the subscriber identifier to a node of the discovered network for the authentication.

公开(公告)号：US20180332469A1

公开(公告)日：2018-11-15

申请号：US16031923

申请日：2018-07-10

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum LEE ,  Gavin Bernard HORN ,  Anand PALANIGOUNDER ,  Adrian Edward ESCOTT ,  Stefano FACCIN

IPC: H04W12/04 ,  H04W40/02 ,  H04W12/02 ,  H04W4/70 ,  H04L29/06 ,  H04W68/00

CPC classification number: H04W12/04 ,  H04L63/0428 ,  H04L63/0457 ,  H04L63/06 ,  H04W4/70 ,  H04W12/02 ,  H04W40/02 ,  H04W68/005

Abstract: In an aspect, a network may support a number of client devices. In such a network, a client device transmits a request to communicate with a network, establishes a security context, and receives one or more encrypted client device contexts from the network. An encrypted client device context enables reconstruction of a context at the network for communication with the client device, where the context includes network state information associated with the client device. The client device transmits a message (e.g., including an uplink data packet) to the network that includes at least one encrypted client device context. Since the network device can reconstruct the context for the client device based on an encrypted client device context, the network device can reduce an amount of the context maintained at the network device in order to support a greater number of client devices.

公开(公告)号：US20170208511A1

公开(公告)日：2017-07-20

申请号：US15479877

申请日：2017-04-05

Applicant: QUALCOMM Incorporated

Inventor： David William CRAIG ,  Gavin Bernard HORN ,  Anand PALANIGOUNDER ,  Arnaud MEYLAN

IPC: H04W36/00 ,  H04L29/06 ,  H04W36/14

CPC classification number: H04W36/0038 ,  H04L63/06 ,  H04L63/0892 ,  H04L2463/061 ,  H04W12/04 ,  H04W12/04031 ,  H04W12/06 ,  H04W36/14 ,  H04W84/12 ,  H04W88/06

Abstract: Techniques for deriving a WLAN security context from an existing WWAN security context are provided. According to certain aspects, a user equipment (UE) establishes a secure connection with a wireless wide area network (WWAN). The UE may receive from the WWAN an indication of a wireless local area network (WLAN) for which to derive a security context. The UE then derives the security context for the WLAN, based on a security context for the WWAN obtained while establishing the secure connection with the WWAN and establishes a secure connection with the WLAN using the derived security context for the WLAN. This permits the UE to establish a Robust Security Network Association (RSNA) with the WLAN while avoiding lengthy authentication procedures with an AAA server, thus speeding up the association process.

公开(公告)号：US20170006469A1

公开(公告)日：2017-01-05

申请号：US14825988

申请日：2015-08-13

Applicant: QUALCOMM Incorporated

Inventor： Anand PALANIGOUNDER

IPC: H04W12/04 ,  H04L9/32 ,  H04L9/08 ,  H04L9/30 ,  H04W12/06 ,  H04L29/06

CPC classification number: H04W12/04 ,  H04L9/0841 ,  H04L9/085 ,  H04L9/0891 ,  H04L9/3066 ,  H04L9/3242 ,  H04L63/0428 ,  H04L63/067 ,  H04L63/0869 ,  H04W12/06

Abstract: Systems and methods for providing authentication key agreement (AKA) with perfect forward secrecy (PFS) are disclosed. In one embodiment, a network according to the disclosure may receive an attach request from a UE, provide an authentication request including a network support indicator to a network resource, receive an authentication token from the network resource, such that the authentication token includes an indication that a network supports PFS, provide the authentication token to the UE, receive an authentication response including a UE public key value, obtain a network public key value and a network private key value, determine a shared key value based on the network private key value and the UE public key value, bind the shared key value with a session key value to create a bound shared key value, and use the bound shared key value to protect subsequent network traffic.

Abstract translation: 公开了提供具有完美前向保密（PFS）的认证密钥协商（AKA）的系统和方法。 在一个实施例中，根据本公开的网络可以从UE接收附加请求，向网络资源提供包括网络支持指示符的认证请求，从网络资源接收认证令牌，使得认证令牌包括指示 网络支持PFS，向UE提供认证令牌，接收包括UE公钥值的认证响应，获取网络公钥值和网络私钥值，基于网络私钥值确定共享密钥值 和UE公钥值，将共享密钥值与会话密钥值绑定以创建绑定的共享密钥值，并使用绑定的共享密钥值来保护后续网络流量。

公开(公告)号：US20160345188A1

公开(公告)日：2016-11-24

申请号：US15062932

申请日：2016-03-07

Applicant: QUALCOMM Incorporated

Inventor： Kenneth CHEN ,  Anand PALANIGOUNDER ,  Soo Bum LEE

IPC: H04W24/02

CPC classification number: H04W24/02 ,  H04L9/0861 ,  H04L2209/08 ,  H04L2209/805 ,  H04W84/12

Abstract: Aspects of the disclosure are related to a method for generating random numbers based on WLAN signal measurements, comprising: measuring WLAN signals; harvesting entropy based on the WLAN signal measurements; and generating a random number based on the harvested entropy.

Abstract translation: 本公开的方面涉及基于WLAN信号测量产生随机数的方法，包括：测量WLAN信号; 基于WLAN信号测量的收获熵; 并基于收获的熵生成随机数。

公开(公告)号：US20160295409A1

公开(公告)日：2016-10-06

申请号：US14680023

申请日：2015-04-06

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum LEE ,  Jouni Kalevi MALINEN ,  Anand PALANIGOUNDER

IPC: H04W12/06 ,  H04L29/06 ,  H04W12/04

CPC classification number: H04W12/06 ,  H04L63/0428 ,  H04W12/04 ,  H04W84/12 ,  H04W88/08

Abstract: A method, an apparatus, and a computer program product for wireless communication are provided. The apparatus may be a STA. The STA sends, in a re-association procedure, a re-association object to a first AP to establish a first security association with the first AP. The re-association object is encrypted by using a first key unknown to the STA. The re-association object includes a second key derived from a second security association in a previous association procedure between the STA and a second AP. The STA receives a response from the first AP indicating that the first security association has been successfully established. The STA authenticates the response.

Abstract translation: 提供了一种用于无线通信的方法，装置和计算机程序产品。 该装置可以是STA。 STA在重新关联过程中将重新关联对象发送到第一AP以建立与第一AP的第一安全关联。 通过使用STA未知的第一密钥来加密重新关联对象。 重新关联对象包括在STA和第二AP之间的先前关联过程中从第二安全关联导出的第二密钥。 STA接收来自第一AP的响应，指示第一安全关联已被成功建立。 STA认证响应。

公开(公告)号：US20130275760A1

公开(公告)日：2013-10-17

申请号：US13787510

申请日：2013-03-06

Applicant: QUALCOMM INCORPORATED

Inventor： Philip HAWKES ,  Olivier Jean BENOIT ,  Anand PALANIGOUNDER

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  H04L9/3268 ,  H04L63/062

Abstract: Disclosed is a method for configuring an internal entity of a WiFi-enabled remote station with a certificate. In the method, the remote station receives the certificate in at least one message from a registrar acting as a certificate authority. The remote station provides the certificate to the internal entity. The internal entity securely communicates with an external entity based on the certificate.

Abstract translation: 公开了一种用于配置具有证书的启用WiFi的远程站的内部实体的方法。 在该方法中，远程站从作为证书颁发机构的注册器的至少一个消息中接收证书。 远程站向内部实体提供证书。 内部实体根据证书与外部实体进行安全通信。

公开(公告)号：US20130258944A1

公开(公告)日：2013-10-03

申请号：US13652318

申请日：2012-10-15

Applicant: QUALCOMM INCORPORATED

Inventor： Anand PALANIGOUNDER

IPC: H04W8/26

CPC classification number: H04W12/02 ,  H04W24/02 ,  H04W84/045

Abstract: Disclosed is a method for configuring a home node with a secure address for an operator network node. In the method, the home node receives, from a removable smartcard, an initial address for an initial serving network node. The home node establishes communication with the initial serving network node using the initial address. The home node receives the secure address from the initial serving network node. The home node communicates with the operator network node using the secure address.

Abstract translation: 公开了一种用于配置具有用于运营商网络节点的安全地址的家庭节点的方法。 在该方法中，家庭节点从可移动智能卡接收初始服务网络节点的初始地址。 家庭节点使用初始地址建立与初始服务网络节点的通信。 家庭节点从初始服务网络节点接收安全地址。 家庭节点使用安全地址与运营商网络节点进行通信。

公开(公告)号：US20240171978A1

公开(公告)日：2024-05-23

申请号：US18498971

申请日：2023-10-31

Applicant: QUALCOMM Incorporated

Inventor： Anand PALANIGOUNDER ,  Adrian Edward ESCOTT

IPC: H04W12/106 ,  H04W8/08 ,  H04W12/06

CPC classification number: H04W12/106 ,  H04W8/08 ,  H04W12/06

Abstract: Disclosed are systems and techniques for wireless communications. For example, a network entity (e.g., a Unified Data Management (UDM) network entity) can generate a user equipment (UE) parameters update (UPU) container. The UPU container includes a UE parameters update header information element (IE) and a UE parameters update list IE. The UE parameters update header IE includes UE parameters update header information. The UE parameters update list IE includes the UE parameters update header information of the UE parameters update header IE. The network entity can transmit the UPU container to a network device (e.g., a UE). The network device can generate, based on the UE parameters update list IE, a UPU message authentication code (MAC) for verifying integrity of the UPU container.