专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2018127454A1 METHOD AND NETWORK NODE FOR PAGING IN A WIRELESS COMMUNICATION SYSTEM 审中-公开
公开(公告)号：WO2018127454A1
公开(公告)日：2018-07-12
申请号：PCT/EP2017/084789
申请日：2017-12-29
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： NAKARMI, Prajwol Kumar , NÄSLUND, Mats , NORRMAN, Karl , COBO JIMENEZ, Enrique
IPC分类号： H04L29/06 , H04W12/02 , H04W68/00
摘要： A wireless device (16) is configured for receiving a page (18) initiated by a network node (20), e.g., that lacks a security context for the wireless device (16). The wireless device (16) is configured to encrypt a subscription identifier for the wireless device (16) to obtain an encrypted subscription identifier, and transmit the encrypted subscription identifier to the network node (20). The wireless device (16) is also configured to receive a page (18) that is initiated by the network node (20) and that includes a paging identifier (18A). The wireless device (16) is configured to respond to or ignore the page (18) depending on whether the paging identifier (18A) is based on the encrypted subscription identifier.

2. 发明申请

WO2018127453A1 METHOD AND NETWORK NODE FOR PAGING IN A WIRELESS COMMUNICATION SYSTEM 审中-公开
公开(公告)号：WO2018127453A1
公开(公告)日：2018-07-12
申请号：PCT/EP2017/084788
申请日：2017-12-29
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： NAKARMI, Prajwol Kumar , NÄSLUND, Mats , NORRMAN, Karl , COBO JIMENEZ, Enrique
IPC分类号： H04L29/06 , H04W12/02 , H04W68/00
摘要： A wireless device (16) configured to receive from a network node (20) a page (18) that includes a paging identifier (18A) for the wireless device (16). The paging identifier (18A) may identify as a target of the page (18) a wireless device (16) associated with a particular subscriber. In fact, in some embodiments, the paging identifier (18A) is based on an encrypted subscription identifier for the wireless device (16) or is a pseudonym subscription identifier for the wireless device (16). In any event, the wireless device (16) is also configured to transmit to the network node (20) a response (22) to the page (18) that indicates the wireless device (16) was paged but that includes an identifier for the wireless device (16) that is different than the paging identifier (18A) included in the page (18).

3. 发明申请

WO2016177385A1 GENERATING CRYPTOGRAPHIC CHECKSUMS 审中-公开
标题翻译：生成CRYPTOGRAPHIC CHECKSUMS
公开(公告)号：WO2016177385A1
公开(公告)日：2016-11-10
申请号：PCT/EP2015/059482
申请日：2015-05-04
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： DUBROVA, Elena , MILDH, Gunnar , SELANDER, Göran , NÄSLUND, Mats
IPC分类号： H04L9/32
CPC分类号： H04L9/3242 , G06F11/1004 , H03M13/09 , H03M13/158 , H04L9/3236 , H04L2209/34
摘要： A method (400) of generating a cryptographic checksum for a message M( x ) is provided. The method is performed by a communication device, such as a sender or a receiver, and comprises calculating (405) the cryptographic checksum as a first function g of a division of a second function of M( x ), f (M( x )), modulo a generator polynomial p( x ) of degree n, g ( f (M( x )) mod p( x )). The generator polynomial is calculated (403) as p( x ) = (1 - x) ・ P 1 ( x ), and P 1 ( x ) is a primitive polynomial of degree n — 1. The primitive polynomial is selected (402), based on a first cryptographic key, from the set of primitive polynomials of degree n — 1 over a Galois Field. By replacing a standard checksum with a cryptographic checksum, an efficient message authentication is provided. The proposed cryptographic checksum may be used for providing integrity assurance on the message, i.e., for detecting random and intentional message changes, with a known level of security. The proposed checksum is capable of detecting double-bit errors which may be introduced by a Turbo code decoder.
摘要翻译：提供了生成消息M（x）的密码校验和的方法（400）。该方法由诸如发送器或接收器之类的通信设备执行，并且包括计算（405）加密校验和作为M（x），f（M（x））的第二函数的除法的第一函数g，），模数n的生成多项式p（x），g（f（M（x））mod p（x））。计算生成多项式（403）为p（x）=（1-x）·P 1（x），并且P1（x）是度数为n的原始多项式。选择原始多项式（402）基于第一密码密钥，从Galois域上的n-1级的原始多项式的集合。通过用加密校验和替换标准校验和，提供有效的消息认证。所提出的加密校验和可以用于提供消息的完整性保证，即用于以已知的安全级别检测随机和有意的消息改变。所提出的校验和能够检测可能由Turbo码解码器引入的双位错误。

4. 发明申请

WO2016167694A1 METHOD IN A NETWORK NODE FOR PROVIDING A DEVICE ACCESS TO A NETWORK 审中-公开
标题翻译：用于提供设备访问网络的网络节点中的方法
公开(公告)号：WO2016167694A1
公开(公告)日：2016-10-20
申请号：PCT/SE2015/050440
申请日：2015-04-16
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： SELANDER, Göran , DUBROVA, Elena , LINDQVIST, Fredrik , NÄSLUND, Mats
IPC分类号： H04W74/08 , H04W72/02
CPC分类号： H04W48/06 , H04L9/0816 , H04L63/123 , H04L63/1458 , H04L2463/061 , H04W12/04 , H04W12/08 , H04W74/0841
摘要： The disclosure relates to a method (30) for a network node (6, 7, 8) of a wireless network (1) of providing a device (5, 9) access to the wireless network (1). The method (30) comprises receiving (31), from a device (5, 9), an access request comprising a preamble; establishing (32), in response to the access request, a computational puzzle based on the received preamble; and sending (33) the computational puzzle to the device (5, 9). A corresponding method in a device is also disclosed, as are a network node (6, 7, 8), device (5, 9), computer programs and computer program products.
摘要翻译：本公开涉及一种用于提供设备（5,9）接入无线网络（1）的无线网络（1）的网络节点（6,7,8）的方法（30）。方法（30）包括从设备（5,9）接收（31）包括前同步码的接入请求; 响应于所述访问请求建立（32）基于所接收的前同步码的计算难题; 并向计算机发送（33）计算难题（5,9）。还公开了设备中的相应方法，网络节点（6,7,8），设备（5,9），计算机程序和计算机程序产品也是公开的。

5. 发明申请

WO2010099823A1 IP MULTIMEDIA SECURITY 审中-公开
标题翻译： IP多媒体安全
公开(公告)号：WO2010099823A1
公开(公告)日：2010-09-10
申请号：PCT/EP2009/052560
申请日：2009-03-04
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , NÄSLUND, Mats , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , NORRMAN, Karl
发明人： NÄSLUND, Mats , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , NORRMAN, Karl
IPC分类号： H04L29/06 , H04W12/04
CPC分类号： H04L63/06 , H04L9/0844 , H04L2209/80 , H04W12/04
摘要： A method of establishing keys for at least partially securing media plane data exchanged between first and second end users via respective first and second media plane network nodes. The method comprises sending session set-up signalling from said first end point towards said second end point, said session set-up signalling including a session key generated by said first end point. The set-up signalling is intercepted at a first signalling plane network node and a determination made as to whether or not a signalling plane key has already been established for securing the signalling plane between said first end point and said first signalling plane network node. If a signalling plane key has already been established, then a media plane key is derived from that signalling plane key, and the media plane key sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node. If a signalling plane key has not already been established, then an alternative media plane key is derived from said session key and sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node.
摘要翻译：一种建立用于经由相应的第一和第二媒体平面网络节点至少部分地保护在第一和第二终端用户之间交换的媒体平面数据的密钥的方法。该方法包括从所述第一端点向所述第二端点发送会话建立信令，所述会话建立信令包括由所述第一端点产生的会话密钥。建立信令在第一信令平面网络节点被拦截，并且确定信令平面密钥是否已被建立用于在所述第一终端和所述第一信令平面网络节点之间保护信令平面。如果已经建立了信令平面密钥，则从该信令平面密钥导出媒体平面密钥，并且将媒体平面密钥发送到所述第一媒体平面网络节点，以将介质平面固定在所述第一终端用户和所述第一媒体之间平面网络节点。如果还没有建立信令平面密钥，则从所述会话密钥导出替代媒体平面密钥，并将其发送到所述第一媒体平面网络节点，以便在所述第一终端用户和所述第一媒体平面网络节点之间保护媒体平面。

6. 发明申请

WO2010053416A1 METHOD AND APPARATUS FOR FORWARDING DATA PACKETS USING AGGREGATING ROUTER KEYS 审中-公开
标题翻译：使用聚集路由器进行数据包的方法和装置
公开(公告)号：WO2010053416A1
公开(公告)日：2010-05-14
申请号：PCT/SE2008/051281
申请日：2008-11-07
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ) , CSÁSZÁR, András , MAGNUSSON, Lars G , NÄSLUND, Mats , WESTBERG, Lars
发明人： CSÁSZÁR, András , MAGNUSSON, Lars G , NÄSLUND, Mats , WESTBERG, Lars
IPC分类号： H04L12/56
CPC分类号： H04L45/00 , H04L63/0227
摘要： Method and apparatus for supporting the forwarding of received data packets in a router (402,702) of a packet- switched network. A forwarding table (706a) is configured in the router based on aggregating router keys and associated aggregation related instructions received from a key manager (400,700). Each aggregating router key represents a set of destinations. When a data packet (P) is received comprising an ingress tag derived from a sender key or router key, the ingress tag is matched with entries in the forwarding table. An outgoing port is selected for the packet according to a found matching table entry that further comprises an associated aggregation related instruction. An egress tag is then created according to the aggregation related instruction, and the packet with the created egress tag attached is sent from the selected outgoing port to a next hop router.
摘要翻译：用于支持在分组交换网络的路由器（402,702）中转发所接收的数据分组的方法和装置。基于从密钥管理器（400,700）接收的聚合路由器密钥和相关联的聚合相关指令，在路由器中配置转发表（706a）。每个聚合路由器密钥代表一组目的地。当接收到包含从发送方密钥或路由器密钥导出的入口标签的数据分组（P）时，入口标签与转发表中的条目匹配。根据发现的匹配表条目，为分组选择输出端口，进一步包括相关联的聚合相关指令。然后根据聚合相关指令创建出口标签，并将附加了创建的出口标签的数据包从所选出口端口发送到下一跳路由器。

7. 发明申请

WO2009065923A2 METHOD AND APPARATUS FOR USE IN A COMMUNICATIONS NETWORK 审中-公开
标题翻译：在通信网络中使用的方法和装置
公开(公告)号：WO2009065923A2
公开(公告)日：2009-05-28
申请号：PCT/EP2008/065967
申请日：2008-11-21
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , HADDAD, Wassim , NÄSLUND, Mats
发明人： HADDAD, Wassim , NÄSLUND, Mats
IPC分类号： H04W12/04 , H04W80/04
CPC分类号： H04W12/04 , H04L9/3239 , H04L63/0823 , H04L2209/80 , H04L2463/081 , H04W8/082 , H04W12/06 , H04W80/04 , H04W88/02 , H04W88/182
摘要： A method and apparatus for establishing a cryptographic relationship between a first node and a second node in a communications network. The first node receives at least part of a cryptographic attribute of the second node, uses the received at least part of the cryptographic attribute to generate an identifier for the first node. The cryptographic attribute may a public key belonging to the second node, and the identifier may be a Cryptographically Generated IP address. The cryptographic relationship allows the second node to establish with a third node that it is entitled to act on behalf of the first node.
摘要翻译：一种在通信网络中建立第一节点和第二节点之间的密码关系的方法和装置。第一节点接收第二节点的加密属性的至少一部分，使用所接收的至少部分密码属性来生成第一节点的标识符。加密属性可以是属于第二节点的公共密钥，并且该标识符可以是加密生成的IP地址。加密关系允许第二节点与第三节点建立它有权代表第一节点行动。

8. 发明申请

WO2008115126A2 PREFIX REACHABILITY DETECTION IN A COMMUNICATION 审中-公开
标题翻译：通信中的前缀可访问性检测
公开(公告)号：WO2008115126A2
公开(公告)日：2008-09-25
申请号：PCT/SE2008/050209
申请日：2008-02-26
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , HADDAD, Wassim , NÄSLUND, Mats
发明人： HADDAD, Wassim , NÄSLUND, Mats
IPC分类号： H04L29/06 , G06F21/00
CPC分类号： H04L63/1416 , H04L9/30 , H04L63/061 , H04L63/123 , H04L63/1466 , H04L2209/24
摘要： There is disclosed a method, and a communication system, and a communication node for implementing the claimed method, for attempting to enhance legitimacy assessment and thwart a man-in-the middle or similar false-location attack by evaluating the topology of a communication-session requesting node relative to the proposed communication path through a network between the requesting node and the requested node. Upon receiving the request,a PRD (Prefix Reachability Detection) protocol is initiated, either after or during a secure key exchange, if any, which if performed preferably includes an ART (address reachability text). The PRD is executed by sending a message to the communication node challenging the location-authenticity of the requesting device. The communication node, which may be for example an access router through which the requesting node accesses the network, determines if the requesting node is positioned behind the communication node topologically, and reports the result to the requested node. The requested node may then make a decision on whether to permit the communication. If so, the PRD may be repeated one or more times while the communication session is in progress.
摘要翻译：公开了一种用于实现所要求保护的方法的方法，通信系统和通信节点，用于通过评估通信的拓扑来尝试增强合法性评估并阻止中间或类似的假位置攻击中的人员，会话请求节点相对于所提出的通信路径通过请求节点和请求节点之间的网络。在接收到请求后，在安全密钥交换之后或期间，如果执行了PRD（前缀可达性检测）协议，如果执行的话，优先包括ART（地址可达性文本）。通过向通信节点发送消息来执行请求设备的位置真实性来执行PRD。通信节点，其可以是例如请求节点访问网络的接入路由器，确定请求节点是否在拓扑结构中位于通信节点后面，并将结果报告给所请求的节点。所请求的节点然后可以决定是否允许通信。如果是，则通信会话正在进行时，PRD可以重复一次或多次。

9. 发明申请

WO2005032201A1 ENHANCED SECURITY DESIGN FOR CRYPTOGRAPHY IN MOBILE COMMUNICATION SYSTEMS 审中-公开
标题翻译：增强移动通信系统中的拼接安全设计
公开(公告)号：WO2005032201A1
公开(公告)日：2005-04-07
申请号：PCT/SE2004/001300
申请日：2004-09-10
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ)
发明人： BLOM, Rolf , NÄSLUND, Mats , ARKKO, Jari
IPC分类号： H04Q7/38
CPC分类号： H04W12/04 , H04L9/0844 , H04L9/3273 , H04L63/0428 , H04L63/06 , H04L2209/80 , H04W12/02 , H04W12/06
摘要： A basic idea according to the invention is to enhance or update the basic cryptographic security algorithms by an algorithm-specific modification of the security key information generated in the normal key agreement procedure of the mobile communication system. For communication with the mobile terminal, the network side normally selects an enhanced version of one of the basic cryptographic security algorithms supported by the mobile, and transmits information representative of the selected algorithm to the mobile terminal. The basic security key resulting from the key agreement procedure (AKA, 10) between the mobile terminal and the network is then modified (22) in dependence on the selected algorithm to generate an algorithm-specific security key. The basic security algorithm (24) is then applied with this algorithm-specific security key as key input to enhance security for protected communication in the mobile communications network.
摘要翻译：根据本发明的基本思想是通过对在移动通信系统的正常密钥协商过程中生成的安全密钥信息的特定于算法的修改来增强或更新基本密码安全性算法。为了与移动终端进行通信，网络侧通常选择由移动台支持的基本密码安全算法之一的增强版本，并将表示所选算法的信息发送到移动终端。然后根据所选择的算法修改（22）移动终端和网络之间的密钥协商过程（AKA，10）产生的基本安全密钥，以生成特定于算法的安全密钥。然后将基本的安全性算法（24）应用于该特定于算法的安全密钥作为关键输入，以增强移动通信网络中受保护通信的安全性。

10. 发明申请

WO2017163109A1 CYBER-PHYSICAL CONTEXT-DEPENDENT CRYPTOGRAPHY 审中-公开
标题翻译：网络物理上下文相关密码
公开(公告)号：WO2017163109A1
公开(公告)日：2017-09-28
申请号：PCT/IB2016/051662
申请日：2016-03-23
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： POURZANDI, Makan , NÄSLUND, Mats
IPC分类号： H04L9/08
摘要： A method for cryptographic key management for managing access control is provided. A key is divided into a plurality of portions of the key. Pre-encryption contextual data is received for each of a plurality of devices. The pre-encryption contextual data indicates at least one attribute of a respective device of the plurality of devices before an encryption of the plurality of portions of the key is performed. The plurality of portions of the key are encrypted based at least on the pre-encryption contextual data of the plurality of devices to make the plurality of the portions of the key dependent at least on contextual data corresponding pre-encryption contextual data. Each of the plurality of encrypted portions of the key is distributed to a respective device of the plurality of devices for storage and retrieval.
摘要翻译：提供了一种用于管理访问控制的密码密钥管理方法。密钥被分成密钥的多个部分。预加密上下文数据被接收用于多个设备中的每一个。预加密上下文数据指示在执行密钥的多个部分的加密之前多个设备中的相应设备的至少一个属性。至少基于多个设备的预加密上下文数据对密钥的多个部分进行加密，以使得密钥的多个部分至少依赖于与加密前上下文数据相对应的上下文数据。密钥的多个加密部分中的每一个被分配给多个设备中的相应设备以便存储和检索。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式