Verification of cell authenticity in a wireless network through traffic monitoring

US 10,200,862 B2
Filed: 12/19/2016
Issued: 02/05/2019
Est. Priority Date: 10/28/2016
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

an antenna;

a radio-frequency (RF) transceiver coupled to the antenna and configured to wirelessly transmit and receive RF signals via the antenna; and

a processor coupled to the RF transceiver and configured to;

cause the RF transceiver to tune to a control channel of a base station; and

process data encoded onto one or more RF signals transmitted on the control channel to detect presence of traffic between the base station and one or more other RF transceivers; and

wherein, when the presence of the traffic between the base station and the one or more other RF transceivers is not detected, the processor is configured to;

generate a system query including a first nonce;

operate the RF transceiver to transmit a first RF signal having encoded thereon the system query, the first RF signal being directed to the base station; and

process an acknowledgement encoded onto a second RF signal received by the RF transceiver in response to the first RF signal to test authenticity of the base station, the test of authenticity being performed using the first nonce.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

We disclose various embodiments that enable a mobile terminal to confirm authenticity of a base station before the mobile terminal proceeds to camp on the corresponding cell. In an example embodiment, the authentication processing includes the mobile terminal tuning to a selected control channel of the base station to monitor RF signals transmitted thereon. The base station is deemed to be authentic if the monitored RF signals indicate the presence of live traffic between the base station and one or more other mobile terminals. The control channel can be selected from a fixed set of uplink and/or downlink control channels that are typically used by a legitimate base station. The presence of live traffic on the selected control channel can be detected by detecting certain control messages that are typically transmitted on that control channel between the base station and one or more mobile terminals served by that base station.

30 Citations

View as Search Results

18 Claims

1. An apparatus comprising:
- an antenna;
  
  a radio-frequency (RF) transceiver coupled to the antenna and configured to wirelessly transmit and receive RF signals via the antenna; and
  
  a processor coupled to the RF transceiver and configured to;
  
  cause the RF transceiver to tune to a control channel of a base station; and
  
  process data encoded onto one or more RF signals transmitted on the control channel to detect presence of traffic between the base station and one or more other RF transceivers; and
  
  wherein, when the presence of the traffic between the base station and the one or more other RF transceivers is not detected, the processor is configured to;
  
  generate a system query including a first nonce;
  
  operate the RF transceiver to transmit a first RF signal having encoded thereon the system query, the first RF signal being directed to the base station; and
  
  process an acknowledgement encoded onto a second RF signal received by the RF transceiver in response to the first RF signal to test authenticity of the base station, the test of authenticity being performed using the first nonce.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The apparatus of claim 1, wherein, to perform the test of authenticity, the processor is configured to:
    - determine validity of a first digital signature included in the acknowledgement using a first security key; and
      
      compare a second nonce and the first nonce, the second nonce being a nonce included in the acknowledgement.
  - 3. The apparatus of claim 2, wherein, to perform the test of authenticity, the processor is further configured to determine validity of a second digital signature included in the acknowledgement using a second security key, wherein the second security key is included in the acknowledgement.
  - 4. The apparatus of claim 1, wherein the control channel is an uplink control channel.
  - 5. The apparatus of claim 1, wherein the control channel is a downlink control channel.
  - 6. The apparatus of claim 1, wherein the processor is configured to select the control channel from a set of control channels that includes a physical uplink control channel, a physical uplink shared channel, a physical downlink control channel, and a physical downlink shared channel.
  - 7. The apparatus of claim 1, wherein the processor is configured to detect the presence of the traffic between the base station and the one or more other RF transceivers using one or more of the following:
    - an acknowledgement encoded onto an RF signal transmitted by one of the one or more other RF transceivers in response to a downlink transmission by the base station;
      
      a scheduling request encoded onto an RF signal transmitted by one of the one or more other RF transceivers; and
      
      a channel-quality report encoded onto an RF signal transmitted by one of the one or more other RF transceivers in response to a downlink transmission by the base station.
  - 8. The apparatus of claim 1,wherein the antenna, the RF transceiver, and the processor are parts of a mobile terminal;
    - andwherein the mobile terminal is configured to camp on a cell corresponding to the base station when the presence of the traffic between the base station and the one or more other RF transceivers is detected.
  - 9. The apparatus of claim 1,wherein the antenna, the RF transceiver, and the processor are parts of a mobile terminal;
    - andwherein the one or more other RF transceivers include an RF transceiver of another mobile terminal.

10. A method of making a mobile terminal, the method comprising:
- coupling an antenna to a radio-frequency (RF) transceiver configured to wirelessly transmit and receive RF signals via the antenna;
  
  coupling a processor to the RF transceiver, the processor being configured to;
  
  cause the RF transceiver to tune to a control channel of a base station; and
  
  process data encoded onto one or more RF signals transmitted on the control channel to detect presence of traffic between the base station and one or more other RF transceivers; and
  
  configuring the processor to perform one or more of the following when the presence of the traffic between the base station and the one or more other RF transceivers is not detected;
  
  generate a system query including a first nonce;
  
  operate the RF transceiver to transmit a first RF signal having encoded thereon the system query, the first RF signal being directed to the base station; and
  
  process an acknowledgement encoded onto a second RF signal received by the RF transceiver in response to the first RF signal to test authenticity of the base station, the test of authenticity being performed using the first nonce.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, further comprising configuring the processor to perform the test of authenticity by:
    - validating a first digital signature included in the acknowledgement using a first security key; and
      
      comparing a second nonce and the first nonce, the second nonce being a nonce included in the acknowledgement.
  - 12. The method of claim 11, further comprising configuring the processor to perform the test of authenticity by validating a second digital signature included in the acknowledgement using a second security key, wherein the second security key is included in the acknowledgement.
  - 13. The method of claim 10, wherein the control channel is an uplink control channel.
  - 14. The method of claim 10, wherein the control channel is a downlink control channel.
  - 15. The method of claim 10, further comprising configuring the processor to select the control channel from a set of control channels that includes a physical uplink control channel, a physical uplink shared channel, a physical downlink control channel, and a physical downlink shared channel.
  - 16. The method of claim 10, further comprising configuring the processor to detect the presence of the traffic between the base station and the one or more other RF transceivers using one or more of the following:
    - an acknowledgement encoded onto an RF signal transmitted by one of the one or more other RF transceivers in response to a downlink transmission by the base station;
      
      a scheduling request encoded onto an RF signal transmitted by one of the one or more other RF transceivers; and
      
      a channel-quality report encoded onto an RF signal transmitted by one of the one or more other RF transceivers in response to a downlink transmission by the base station.
  - 17. The method of claim 10, further comprising configuring the mobile terminal to camp on a cell corresponding to the base station when the presence of the traffic between the base station and the one or more other RF transceivers is detected.
  - 18. The apparatus of claim 10, wherein the one or more other RF transceivers include an RF transceiver of another mobile terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia of America Corporation (Nokia Corporation)
Original Assignee
Nokia of America Corporation (Nokia Corporation)
Inventors
Nair, Suresh P., Mizikovsky, Semyon
Primary Examiner(s)
Mapa, Michael Y

Application Number

US15/383,725
Publication Number

US 20180124696A1
Time in Patent Office

778 Days
Field of Search

455410-411, 4554141, 455434, 4554351, 726 3, 726 22, 713168
US Class Current
CPC Class Codes

H01Q 1/243   with built-in antennas

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/122   Counter-measures against at...

H04W 12/63   Location-dependent; Proximi...

H04W 4/025   using location based inform...

H04W 48/20   Selecting an access point

H04W 72/20   Control channels or signall...

H04W 88/02   Terminal devices

Verification of cell authenticity in a wireless network through traffic monitoring

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Verification of cell authenticity in a wireless network through traffic monitoring

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links