Local security key generation

US 10,142,305 B2
Filed: 02/22/2016
Issued: 11/27/2018
Est. Priority Date: 06/30/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

obtaining, by a calling device, calling security parameters;

sending, by the calling device and to a called device, a first message that includes the calling security parameters, wherein the first message includes a session initiation protocol (SIP) message that has been modified using session description protocol (SDP) to include the calling security parameters;

receiving, at the calling device and from the called device, a second message that includes called security parameters, wherein the second message includes a SIP message that has been modified using SDP to include the called security parameters;

deriving, by the calling device, a security key using the calling security parameters and the called security parameters;

receiving, at the calling device and from the called device, an acknowledgement message in response to the first message; and

using, by the calling device, the derived security key to encrypt and decrypt communications between the calling device and the called device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A calling device may obtain a first calling security parameter by registering with a network and obtain a second calling security parameter in response to causing an application authentication architecture of the network to verify that that the calling device is authorized to access a network service corresponding to a communication application stored by the calling device. The calling device may communicate the first and second calling security parameters to a called device and receive first and second called security parameters from the called device in response to communicating the first and second calling security parameters. The calling device may generate a security key based on the first calling security parameter, the second calling security parameter, first called security parameter, and the second called security parameter, and use the security key to encrypt or decrypt communication between the calling device and the called device.

40 Citations

20 Claims

1. A method comprising:
- obtaining, by a calling device, calling security parameters;
  
  sending, by the calling device and to a called device, a first message that includes the calling security parameters, wherein the first message includes a session initiation protocol (SIP) message that has been modified using session description protocol (SDP) to include the calling security parameters;
  
  receiving, at the calling device and from the called device, a second message that includes called security parameters, wherein the second message includes a SIP message that has been modified using SDP to include the called security parameters;
  
  deriving, by the calling device, a security key using the calling security parameters and the called security parameters;
  
  receiving, at the calling device and from the called device, an acknowledgement message in response to the first message; and
  
  using, by the calling device, the derived security key to encrypt and decrypt communications between the calling device and the called device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the first message includes a SIP INVITE message.
  - 3. The method of claim 1, wherein the second message includes a SIP RINGING message.
  - 4. The method of claim 1, wherein deriving the security key includes calculating the security key using a key derivation function based on the calling security parameters and the called security parameters.
  - 5. The method of claim 1, further comprising:
    - sending a SIP provisional acknowledgement (PRACK) message in response to receiving the second message.
  - 6. The method of claim 5, further comprising:
    - receiving, from the called device, an acknowledgement in response to sending the SIP PRACK message.
  - 7. The method of claim 1, wherein obtaining the calling security parameters includes triggering a generic bootstrap architecture (GBA) function to obtain GBA parameters.

8. A non-transitory computer-readable medium storing instructions, the instructions comprising:
- one or more instructions that, when executed by a processor, cause the processor to;
  
  receive, from a calling device, a first message that includes calling security parameters, wherein the first message includes a session initiation protocol (SIP) message that has been modified using session description protocol (SDP) to include the calling security parameters;
  
  obtain called security parameters;
  
  send, to the calling device, a second message that includes the called security parameters, wherein the second message includes a SIP message that has been modified using SDP to include the called security parameters;
  
  derive a security key using the calling security parameters and the called security parameters;
  
  send, to the calling device, an acknowledgement message in response to the first message; and
  
  use the derived security key to encrypt and decrypt communications between the calling device and the called device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The non-transitory computer-readable medium of claim 8, wherein the first message includes a SIP INVITE message.
  - 10. The non-transitory computer-readable medium of claim 8, wherein the second message includes a SIP RINGING message.
  - 11. The non-transitory computer-readable medium of claim 8, wherein the one or more instructions that cause the processor to derive the security key include one or more instructions that cause the processor to calculate the security key using a key derivation function based on the calling security parameters and the called security parameters.
  - 12. The non-transitory computer-readable medium of claim 8, wherein the instructions further comprise:
    - one or more instructions that cause the processor to receive, from the calling device, a SIP provisional acknowledgement (PRACK) message in response to sending the second message.
  - 13. The non-transitory computer-readable medium of claim 12, wherein the instructions further comprise:
    - one or more instructions that cause the processor to send, to the calling device, an acknowledgement in response to receiving the SIP PRACK message.
  - 14. The non-transitory computer-readable medium of claim 8, wherein the one or more instructions that cause the processor to obtain the called security parameters include one or more instructions that cause the processor to trigger a generic bootstrap architecture (GBA) function to obtain GBA parameters.

15. A device comprising:
- one or more processors configured to;
  
  obtain calling security parameters;
  
  send, to a called device, a first message that includes the calling security parameters, wherein the first message includes a session initiation protocol (SIP) message that has been modified using session description protocol (SDP) to include the calling security parameters;
  
  receive, from the called device, a second message that includes called security parameters, wherein the second message includes a SIP message that has been modified using SDP to include the called security parameters;
  
  derive a security key using the calling security parameters and the called security parameters;
  
  receive, from the called device, an acknowledgement message in response to the first message; and
  
  use the derived security key to encrypt and decrypt communications between the calling device and the called device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The device of claim 15, wherein the first message includes a SIP INVITE message.
  - 17. The device of claim 15, wherein the second message includes a SIP RINGING message.
  - 18. The device of claim 15, wherein, when deriving the security key, the one or more processors are further configured to calculate the security key using a key derivation function based on the calling security parameters and the called security parameters.
  - 19. The device of claim 15, wherein the one or more processors are further configured to:
    - send a SIP provisional acknowledgement (PRACK) message in response to receiving the second message; and
      
      receive, from the called device, an acknowledgement in response to sending the SIP PRACK message.
  - 20. The device of claim 15, wherein, when obtaining the calling security parameters, the one or more processors are further configured to trigger a generic bootstrap architecture (GBA) function to obtain GBA parameters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
King, William C., Lau, Priscilla, Lee, Kwai Yeung
Primary Examiner(s)
Johnson, Terrell S

Application Number

US15/049,407
Publication Number

US 20160173463A1
Time in Patent Office

1,009 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 9/0866   involving user or device id...

Local security key generation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Local security key generation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links