Secure signaling before performing an authentication and key agreement
First Claim
1. A method of wireless communication at a wireless communication device, comprising:
- generating a secured query message based at least in part on a cryptography based security credential of the wireless communication device, wherein the secured query message comprises an indication of cipher suites supported by the wireless communication device and is generated prior to performing an authentication and key agreement (AKA) with a network;
transmitting, to a network device, the secured query message to the network prior to performing the AKA with the network;
receiving, from the network device, a response to the secured query message prior to performing the AKA with the network, wherein the response includes a network security credential;
transmitting, to the network device, a first message including an encrypted pre-master secret based at least in part on the network security credential;
receiving, from the network device, a second message based at least in part on the transmitted first message including the encrypted pre-master secret;
determining whether the wireless communication device and the network device derived the same session key based at least in part on the received second message; and
determining whether to perform the AKA with the network based at least in part on the determination of whether the wireless communication device and the network device derived the same session key.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are described for wireless communication. A wireless device may generate a secured query message based at least in part on a security credential of the wireless device. The secured query message may be generated prior to performing an authentication and key agreement (AKA) with a network. The wireless device may transmit the secured query message to the network, and receive a response to the secured query message. The wireless device may then determine whether or not to perform the AKA with the network based on the received response (e.g., the wireless device may determine whether or not the response is associated with the security credential of the wireless communication device and a network security credential of the network). The wireless device may establish a secure connection with the network or refrain from considering the response based on the determination.
28 Citations
30 Claims
-
1. A method of wireless communication at a wireless communication device, comprising:
-
generating a secured query message based at least in part on a cryptography based security credential of the wireless communication device, wherein the secured query message comprises an indication of cipher suites supported by the wireless communication device and is generated prior to performing an authentication and key agreement (AKA) with a network; transmitting, to a network device, the secured query message to the network prior to performing the AKA with the network; receiving, from the network device, a response to the secured query message prior to performing the AKA with the network, wherein the response includes a network security credential; transmitting, to the network device, a first message including an encrypted pre-master secret based at least in part on the network security credential; receiving, from the network device, a second message based at least in part on the transmitted first message including the encrypted pre-master secret; determining whether the wireless communication device and the network device derived the same session key based at least in part on the received second message; and determining whether to perform the AKA with the network based at least in part on the determination of whether the wireless communication device and the network device derived the same session key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for wireless communication at a network device, comprising:
-
receiving a secured query message over a network, from a wireless communication device, prior to performing an authentication and key agreement (AKA) with the wireless communication device, wherein the secured query message comprises an indication of cipher suites supported by the wireless communication device and is based at least in part on a cryptography based security credential of the wireless communication device; generating, in response to receiving the secured query message, a secured response message based at least in part on a network security credential of the network device; transmitting the secured response message to the wireless communication device prior to performing the AKA with the wireless communication device; receiving a first message including an encrypted pre-master secret based at least in part on the network security credential; and deriving a session key based at least in part on the encrypted pre-master secret; and transmitting a second message based at least in part on the derived session key. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. An apparatus for wireless communication, comprising:
-
a processor; memory in electronic communication with the processor; and the processor and the memory configured to; generate a secured query message based at least in part on a cryptography based security credential of the wireless communication apparatus, wherein the secured query message comprises an indication of cipher suites supported by the wireless communication apparatus and is generated prior to performing an authentication and key agreement (AKA) with a network; transmit, to a network device, the secured query message to the network prior to performing the AKA with the network; receive, from the network device, a response to the secured query message prior to performing the AKA with the network, wherein the response includes a network security credential; transmit, to the network device, a first message including an encrypted pre-master secret based at least in part on the network security credential; receive, from the network device, a second message based at least in part on the transmitted first message including the encrypted pre-master secret; determine whether the wireless communication apparatus and the network device derived the same session key based at least in part on the received second message; and determine whether to perform the AKA with the network based at least in part on the determination of whether the wireless communication apparatus and the network device derived the same session key.
-
-
30. A non-transitory computer-readable medium storing computer-executable code for wireless communication, the code comprising instructions executable to:
-
generate a secured query message based at least in part on a cryptography based security credential of a wireless communication device, wherein the secured query message comprises an indication of cipher suites supported by the wireless communication device and is generated prior to performing an authentication and key agreement (AKA) with a network; transmit, to a network device, the secured query message to the network prior to performing the AKA with the network; receive, from the network device, a response to the secured query message prior to performing the AKA with the network, wherein the response includes a network security credential; transmit, to the network device, a first message including an encrypted pre-master secret based at least in part on the network security credential; receive, from the network device, a second message based at least in part on the transmitted first message including the encrypted pre-master secret; determine whether the wireless communication apparatus and the network device derived the same session key based at least in part on the received second message; and determine whether to perform the AKA with the network based at least in part on the determination of whether the wireless communication apparatus and the network device derived the same session key.
-
Specification