公开(公告)号：US20140237237A1

公开(公告)日：2014-08-21

申请号：US13771531

申请日：2013-02-20

Applicant: QUALCOMM INCORPORATED

Inventor： Billy B. Brumley ,  Alexander W. Dent

IPC: H04W12/06

CPC classification number: H04L9/0643 ,  H04L9/065 ,  H04L9/3242 ,  H04L63/123 ,  H04L2209/80 ,  H04W12/10 ,  H04W88/02

Abstract: A method for authenticating a message by a wireless device is described. The wireless device obtains the input message. The wireless device generates a keystream. The wireless device computes a message authentication code using the keystream and a universal hash function. The universal hash function is computed using carryless multiplication.

Abstract translation: 描述了一种由无线设备认证消息的方法。 无线设备获得输入消息。 无线设备生成密钥流。 无线设备使用密钥流和通用散列函数来计算消息认证码。 通用哈希函数使用无花果乘法计算。

公开(公告)号：US09443107B2

公开(公告)日：2016-09-13

申请号：US13770802

申请日：2013-02-19

Applicant: QUALCOMM Incorporated

Inventor： Alexander W. Dent

IPC: G06F7/04 ,  G06F21/64 ,  G06F21/79 ,  H04L9/32 ,  H04L9/08 ,  H04L9/14

CPC classification number: G06F21/64 ,  G06F21/79 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/3242

Abstract: One feature pertains to an efficient algorithm to protect the integrity of a plurality of data structures by computing an aggregate message authentication code (MAC) over the plurality of data structures. An aggregate MAC may be constructed from a plurality of MAC values associated with a plurality of data structures. The aggregate MAC binds the plurality of data structures and attests to their combined integrity simultaneously. Rather than checking the integrity of a data structure when it is accessed, the aggregate MAC is periodically checked or verified, to ascertain the integrity of all data structures. If the aggregate MAC computed is different from the previously stored aggregate MAC, then all data structures that are part of the aggregate MAC are discarded.

Abstract translation: 一个特征涉及通过在多个数据结构上计算聚合消息认证码（MAC）来保护多个数据结构的完整性的有效算法。 可以从与多个数据结构相关联的多个MAC值构建聚合MAC。 聚合MAC绑定多个数据结构并同时证明其组合的完整性。 在访问数据结构时，不是检查数据结构的完整性，而是定期检查或验证聚合MAC，以确定所有数据结构的完整性。 如果计算的聚合MAC与先前存储的聚合MAC不同，那么作为聚合MAC的一部分的所有数据结构将被丢弃。

公开(公告)号：US09298947B2

公开(公告)日：2016-03-29

申请号：US13762195

申请日：2013-02-07

Applicant: QUALCOMM Incorporated

Inventor： Alexander W. Dent ,  Can Erkin Acar ,  Billy B. Brumley

IPC: G06F21/00 ,  H04L9/00 ,  G06F21/71 ,  G06F21/52 ,  H04L9/06 ,  H04L9/32 ,  G06F21/64 ,  H04L29/06

CPC classification number: G06F21/71 ,  G06F21/52 ,  G06F21/64 ,  H04L9/0643 ,  H04L9/3242 ,  H04L63/123

Abstract: One feature pertains to a mechanism to secure a data structure by using a computationally efficient algorithm. A plurality of keys and/or masks may be pre-generated upon boot-up or initiation of a session. An authentication code may be computed for each data structure (e.g., memory block or header block) by selecting a subset of the plurality of pre-generated keys and/or a mask from the plurality of pre-generated masks. The authentication code may be stored within the data structure for future verification of the integrity of the data structure. The keys and/or masks used for all authentication codes (e.g., for other data structures) may be selected from the same plurality of keys and/or masks during the same cycle or session.

Abstract translation: 一个特征涉及通过使用计算有效的算法来保护数据结构的机制。 可以在启动或启动会话时预先生成多个键和/或掩码。 可以通过从多个预生成的掩模中选择多个预先生成的密钥的子集和/或掩码来为每个数据结构（例如，存储块或头块）计算认证码。 认证码可以存储在数据结构中，以便将来验证数据结构的完整性。 用于所有认证码（例如，对于其他数据结构）的密钥和/或掩码可以在相同周期或会话期间从相同的多个密钥和/或掩码中选择。

公开(公告)号：US08873757B2

公开(公告)日：2014-10-28

申请号：US13655884

申请日：2012-10-19

Applicant: QUALCOMM Incorporated

Inventor： Adrian Edward Escott ,  Michaela Vanderveen ,  Alexander W. Dent

IPC: H04K1/00

CPC classification number: H04W12/04 ,  H04L63/18 ,  H04W76/14

Abstract: A method, an apparatus, and a computer program product for wireless communication are provided in connection with facilitating secure D2D communications in a LTE based WWAN. In one example, a UE is equipped to send a shared key request using a first non-access stratum (NAS) message to a MME, calculate a first UE key based on a MME-first UE key, an uplink count value, and at least a portion of contextual information, receive a second NAS message from the MME, and calculate a final UE key based at least on the first UE key. In another example, a MME is equipped to receive a NAS message such as the message send by the first UE, calculate a first UE key, receive a message at least indicating successful contact with the second UE, and send a second NAS message to the first UE indicating the successful contact.

Abstract translation: 提供了一种用于无线通信的方法，装置和计算机程序产品，用于促进基于LTE的WWAN中的安全的D2D通信。 在一个示例中，UE被配备为使用第一非接入层（NAS）消息向MME发送共享密钥请求，基于MME第一UE密钥，上行链路计数值，以及 至少一部分上下文信息，从MME接收第二NAS消息，并且至少基于第一UE密钥来计算最终UE密钥。 在另一示例中，MME被配备为接收诸如由第一UE发送的消息的NAS消息，计算第一UE密钥，接收至少指示与第二UE成功联系的消息，并向第二UE发送第二NAS消息 第一个UE指示成功的联系。

公开(公告)号：US20140112475A1

公开(公告)日：2014-04-24

申请号：US13656112

申请日：2012-10-19

Applicant: QUALCOMM INCORPORATED

Inventor： Adrian Edward Escott ,  Michaela Vanderveen ,  Alexander W. Dent

IPC: H04L9/00

CPC classification number: H04W12/02 ,  H04L63/0457 ,  H04W12/04 ,  H04W76/14

Abstract: A method, an apparatus, and a computer program product for wireless communication are provided in connection with providing additional security for communication of sensitive information within a LTE based WWAN. In one example, a communications device is equipped to generate a keystream based on a mobility management entity-user equipment (MME-UE) key, a non-access stratum (NAS) message count value, and a contextual string associated with an informational element, and the contextual information, and cryptographically process the informational element using the generated keystream. In such an example, the communications device may be a UE, a MME, etc.

Abstract translation: 提供一种用于无线通信的方法，装置和计算机程序产品，用于提供用于在基于LTE的WWAN内的敏感信息的通信的附加安全性。 在一个示例中，通信设备被配备为基于移动性管理实体 - 用户设备（MME-UE）密钥，非接入层（NAS）消息计数值和与信息元素相关联的上下文字符串来生成密钥流 ，以及上下文信息，并使用生成的密钥流密码地处理信息元素。 在这种示例中，通信设备可以是UE，MME等

公开(公告)号：US09119062B2

公开(公告)日：2015-08-25

申请号：US13656112

申请日：2012-10-19

Applicant: QUALCOMM Incorporated

Inventor： Adrian Edward Escott ,  Michaela Vanderveen ,  Alexander W. Dent

IPC: H04L9/00 ,  H04W12/02 ,  H04L29/06 ,  H04W12/04 ,  H04W76/02

CPC classification number: H04W12/02 ,  H04L63/0457 ,  H04W12/04 ,  H04W76/14

Abstract: A method, an apparatus, and a computer program product for wireless communication are provided in connection with providing additional security for communication of sensitive information within a LTE based WWAN. In one example, a communications device is equipped to generate a keystream based on a mobility management entity-user equipment (MME-UE) key, a non-access stratum (NAS) message count value, and a contextual string associated with an informational element, and the contextual information, and cryptographically process the informational element using the generated keystream. In such an example, the communications device may be a UE, a MME, etc.

Abstract translation: 提供一种用于无线通信的方法，装置和计算机程序产品，用于提供用于在基于LTE的WWAN内的敏感信息的通信的附加安全性。 在一个示例中，通信设备被配备为基于移动性管理实体 - 用户设备（MME-UE）密钥，非接入层（NAS）消息计数值和与信息元素相关联的上下文字符串来生成密钥流 ，以及上下文信息，并使用生成的密钥流密码地处理信息元素。 在这种示例中，通信设备可以是UE，MME等

公开(公告)号：US09065632B2

公开(公告)日：2015-06-23

申请号：US13771531

申请日：2013-02-20

Applicant: QUALCOMM Incorporated

Inventor： Billy B. Brumley ,  Alexander W. Dent

IPC: H04L9/32 ,  H04L9/06 ,  H04L29/06 ,  H04W12/10 ,  H04W88/02

CPC classification number: H04L9/0643 ,  H04L9/065 ,  H04L9/3242 ,  H04L63/123 ,  H04L2209/80 ,  H04W12/10 ,  H04W88/02

Abstract: A method for authenticating a message by a wireless device is described. The wireless device obtains the input message. The wireless device generates a keystream. The wireless device computes a message authentication code using the keystream and a universal hash function. The universal hash function is computed using carryless multiplication.

Abstract translation: 描述了一种由无线设备认证消息的方法。 无线设备获得输入消息。 无线设备生成密钥流。 无线设备使用密钥流和通用散列函数来计算消息认证码。 通用哈希函数使用无花果乘法计算。

公开(公告)号：US20140112474A1

公开(公告)日：2014-04-24

申请号：US13655884

申请日：2012-10-19

Applicant: QUALCOMM INCORPORATED

Inventor： Adrian Edward Escott ,  Michaela Vanderveen ,  Alexander W. Dent

IPC: H04K1/00

CPC classification number: H04W12/04 ,  H04L63/18 ,  H04W76/14

Abstract: A method, an apparatus, and a computer program product for wireless communication are provided in connection with facilitating secure D2D communications in a LTE based WWAN. In one example, a UE is equipped to send a shared key request using a first non-access stratum (NAS) message to a MME, calculate a first UE key based on a MME-first UE key, an uplink count value, and at least a portion of contextual information, receive a second NAS message from the MME, and calculate a final UE key based at least on the first UE key. In another example, a MME is equipped to receive a NAS message such as the message send by the first UE, calculate a first UE key, receive a message at least indicating successful contact with the second UE, and send a second NAS message to the first UE indicating the successful contact.

Abstract translation: 提供了一种用于无线通信的方法，装置和计算机程序产品，用于促进基于LTE的WWAN中的安全的D2D通信。 在一个示例中，UE被配备为使用第一非接入层（NAS）消息向MME发送共享密钥请求，基于MME第一UE密钥，上行链路计数值，以及 至少一部分上下文信息，从MME接收第二NAS消息，并且至少基于第一UE密钥来计算最终UE密钥。 在另一示例中，MME被配备为接收诸如由第一UE发送的消息的NAS消息，计算第一UE密钥，接收至少指示与第二UE成功联系的消息，并向第二UE发送第二NAS消息 第一个UE指示成功的联系。