会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 66. 发明申请
    • METHOD AND APPARATUS FOR DELIVERING KEYING INFORMATION
    • 提供密钥信息的方法和设备
    • WO2007062882A3
    • 2007-12-13
    • PCT/EP2006064107
    • 2006-07-11
    • ERICSSON TELEFON AB L MNORRMAN KARLBLOM ROLFLINDHOLM FREDRIK
    • NORRMAN KARLBLOM ROLFLINDHOLM FREDRIK
    • H04W12/02H04W12/04
    • H04W12/02H04L63/0272H04L63/062H04L63/08H04L63/164H04L65/1016H04W12/04
    • A method of delivering an application key or keys to an application server for use in securing data exchanged between the application server and a user equipment, the user equipment accessing a communications network via an access domain. The method comprises running an Authentication and Key Agreement procedure between the user equipment and a home domain in order to make keying material available to the user equipment and to an access enforcement point. At least a part of said keying material is used to secure a communication tunnel between the user equipment and the access enforcement point, and one or more application keys are derived within the home domain using at least part of said keying material. Said application key(s) is(are) provided to said application server, and the same application key(s) derived at the user equipment, wherein said access enforcement point is unable to derive or have access to said application key(s).
    • 一种向应用服务器传递一个或多个应用密钥以用于保护在应用服务器和用户设备之间交换的数据的方法,该用户设备经由接入域接入通信网络。 该方法包括在用户设备和归属域之间运行认证和密钥协商程序,以便使密钥材料对于用户设备和访问执行点可用。 所述密钥资料的至少一部分用于保护用户设备和接入强制执行点之间的通信隧道,并且使用所述密钥资料的至少一部分在本地域内导出一个或多个应用密钥。 所述应用密钥被提供给所述应用服务器,并且在用户设备处导出相同的应用密钥,其中所述接入实施点不能导出或访问所述应用密钥。
    • 67. 发明申请
    • METHOD AND APPARATUS FOR DELIVERING KEYING INFORMATION
    • 交付关键信息的方法和装置
    • WO2007062882A2
    • 2007-06-07
    • PCT/EP2006/064107
    • 2006-07-11
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)NORRMAN, KarlBLOM, RolfLINDHOLM, Fredrik
    • NORRMAN, KarlBLOM, RolfLINDHOLM, Fredrik
    • H04L9/08
    • H04W12/02H04L63/0272H04L63/062H04L63/08H04L63/164H04L65/1016H04W12/04
    • A method of delivering an application key or keys to an application server for use in securing data exchanged between the application server and a user equipment, the user equipment accessing a communications network via an access domain. The method comprises running an Authentication and Key Agreement procedure between the user equipment and a home domain in order to make keying material available to the user equipment and to an access enforcement point. At least a part of said keying material is used to secure a communication tunnel between the user equipment and the access enforcement point, and one or more application keys are derived within the home domain using at least part of said keying material. Said application key(s) is(are) provided to said application server, and the same application key(s) derived at the user equipment, wherein said access enforcement point is unable to derive or have access to said application key(s).
    • 将应用密钥或密钥递送到应用服务器以用于保护在应用服务器和用户设备之间交换的数据的方法,所述用户设备经由接入域访问通信网络。 该方法包括在用户设备和归属域之间运行认证和密钥协商过程,以使密钥材料可用于用户设备和访问执行点。 所述密钥材料的至少一部分用于确保用户设备和访问执行点之间的通信隧道,并且使用至少部分所述密钥材料在归属域内导出一个或多个应用密钥。 所述应用密钥被提供给所述应用服务器,以及在用户设备导出的相同应用密钥,其中所述访问执行点不能导出或访问所述应用密钥。
    • 68. 发明申请
    • IMPROVED KEY DISTRIBUTION IN SYSTEMS FOR SELECTIVE ACCESS TO INFORMATION
    • 改进系统选择性访问信息的关键分配
    • WO2006054927A1
    • 2006-05-26
    • PCT/SE2004/001676
    • 2004-11-16
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)LINDHOLM, FredrikKREITZ, Gunnar
    • LINDHOLM, FredrikKREITZ, Gunnar
    • H04L9/08H04L29/06
    • H04L9/0891H04L9/0836H04L63/065
    • The invention proposes a powerful and inventive combination of stateless and state-full techniques to enable reduced overall key management messages. A set of encryption keys is created based on a stateless subset cover scheme, where each user is associated with a leaf in the subset cover scheme. A basic idea according to the invention is then to establish a state key and a corresponding state representing a subset of users that have the state key and a subset of users that do not have the state key, and determine a subset cover based on information representative of the established state. Finally, a group key management message can be determined at least partly based on the calculated subset cover. The introduced state opens up for efficient subset cover calculation, reducing the size of the key management message.
    • 本发明提出了无状态和状态完整技术的强大和创造性的组合,以实现减少的总体密钥管理消息。 基于无状态子集覆盖方案创建一组加密密钥,其中每个用户与子集覆盖方案中的叶相关联。 然后,根据本发明的基本思想是建立状态密钥和表示具有状态密钥的用户子集的对应状态和不具有状态密钥的用户子集,并且基于信息代表确定子集覆盖 的已建立国家。 最后,可以至少部分地基于所计算的子集覆盖来确定组密钥管理消息。 引入状态打开了有效的子集覆盖计算,减少了密钥管理消息的大小。
    • 69. 发明申请
    • EFFICIENT MANAGEMENT OF CRYPTOGRAPHIC KEY GENERATIONS
    • 加密密钥生成的有效管理
    • WO2005038818A1
    • 2005-04-28
    • PCT/SE2004/001466
    • 2004-10-13
    • SELANDER, GöranLINDHOLM, FredrikNYSTRÖM, Magnus
    • SELANDER, GöranLINDHOLM, FredrikNYSTRÖM, Magnus
    • G21C7/113
    • H04L9/0861H04L9/0891H04L2209/38
    • The invention generally relates to management of cryptographic key generations in an information environment comprising a key-producing side generating and distributing key information to a key-consuming side. A basic concept of the invention is to define, by means of a predetermined one-way key derivation function, a relationship between generations of keys such that earlier generations of keys efficiently may be derived from later ones but not the other way around. A basic idea according to the invention is therefore to replace, at key update, key information of an older key generation by the key information of the new key generation on the key-consuming side. Whenever necessary, the key-consuming side iteratively applies the predetermined one-way key derivation function to derive key information of at least one older key generation from the key information of the new key generation. In this way, storage requirements on the key-consuming side can be significantly reduced.
    • 本发明总体上涉及信息环境中的密码密钥世代的管理,该信息环境包括产生密钥信息并将密钥信息分发给密钥消费端的密钥产生端。 本发明的基本概念是通过预定的单向密钥导出函数来定义密钥生成之间的关系,以使得可以从较晚的密钥有效地导出较早的密钥世代,而不是以其他方式导出密钥。 因此,根据本发明的基本思想是在密钥更新处将旧密钥生成的密钥信息替换为密钥消费侧的新密钥生成的密钥信息。 在必要时,密钥消费方迭代地应用预定单向密钥导出函数以从新密钥生成的密钥信息导出至少一个较旧密钥代的密钥信息。 通过这种方式,可以显着减少关键消费方的存储需求。
    • 70. 发明申请
    • AUTHENTICATION METHOD
    • 认证方法
    • WO2004093381A1
    • 2004-10-28
    • PCT/SE2003/000631
    • 2003-04-16
    • TELEFONAKTIEBOLAGET LM ERICSSON (publ)LINDHOLM, FredrikNÄSLUND, Mats
    • LINDHOLM, FredrikNÄSLUND, Mats
    • H04L9/32
    • H04L63/083H04L9/0833H04L9/3226H04L9/3234H04L9/3273H04L63/0435H04L63/0869H04L63/104H04L2209/80
    • The invention relates to password-based authentication in group networks. Each device (42) has an authentication token irreversibly based on the password. The authentication involves a first device (42-1) at which the password P is entered and a second device (42-2) towards which the authentication occurs. The first device determines a check token M j for the second based on the password and its own authentication token R I and this check token is sent to the second device, where it is compared with the athentication token of that device. The procedure may include update of a device to exclude a non-trusted device from the group or change the password. Advantageous features are that the information in one device does not allow retrieval of the password and that the password is only exposed at one device, and only temporarily, during the authentication.
    • 本发明涉及组网中的基于密码的认证。 每个设备(42)基于密码不可逆地具有认证令牌。 认证涉及输入密码P的第一设备(42-1)和发生认证的第二设备(42-2)。 第一设备基于密码和其自己的认证令牌RI来确定第二个检查令牌Mj,并且将该检查令牌发送到第二设备,在该位置与该设备的认证令牌进行比较。 该过程可以包括更新设备以从组中排除不可信设备或更改密码。 有利的功能是,一个设备中的信息不允许检索密码,并且该密码仅在一个设备上公开,并且仅在临时认证期间暴露。