TECHNIQUES FOR SECURE CHANNELIZATION BETWEEN UICC AND A TERMINAL

US 20090209232A1
Filed: 10/06/2008
Published: 08/20/2009
Est. Priority Date: 10/05/2007
Status: Active Grant

First Claim

Patent Images

1. A method for use by a wireless transmit/receive unit (WTRU) for establishing secure communication, the method comprising:

establishing a temporary secure channel between an internal key center (IKC) within the WTRU and a UMTS Integrated Circuit Card (UICC);

establishing a secure channel between the UICC and the IKC by performing a GBA_U process and a local-key set-up process over the established temporary secure channel.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is related to a wireless communication system. 3G UMTS mobile phone systems rely on a protected smart card called the UMTS integrated circuit card (UICC) that provides UMTS subscriber identity module (USIM) applications as a basis or root of various security measures protecting the communication path between the 3G mobile terminal and the UMTS wireless network (or UTRAN). Disclosed is a method by which the UICC exchanges information with a terminal, such as an Internal Key Center (IKC 1250) and a Bootstrapping Server Function (BSF 1270) enables a procedure where multiple local keys specific to applications and Network Application Functions (NAFs) (Ks_local) are used for authentication and to encrypt and decrypt messages.

187 Citations

21 Claims

1. A method for use by a wireless transmit/receive unit (WTRU) for establishing secure communication, the method comprising:
- establishing a temporary secure channel between an internal key center (IKC) within the WTRU and a UMTS Integrated Circuit Card (UICC);
  
  establishing a secure channel between the UICC and the IKC by performing a GBA_U process and a local-key set-up process over the established temporary secure channel.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein establishing a temporary secure channel includes:
    - establishing a secure tunnel between the IKC and the BSF;
      
      receiving a first key over the secured tunnel, wherein the temporary secure channel is established using the first key.
  - 3. The method of claim 1 wherein the secure tunnel is a transport layer security-pre-shared key (TLS-PSK) tunnel.
  - 4. The method of claim 1 wherein the temporary secure channel is a transport layer security-pre-shared key (TLS-PSK) tunnel.
  - 5. The method of claim 1 wherein the temporary secure channel is established using shared secrets.
  - 6. The method of claim 5 wherein the shared secrets are pre-provisioned in the IKC and the UICC.

7. A wireless transmit/receive unit (WTRU) configured to establish secure communication, the WTRU comprising:
- an internal key center (IKC) configured toestablish a temporary secure channel a UMTS Integrated Circuit Card (UICC), andto establish a secure channel between the UICC and the bootstrap server function (BSF) by performing a GBA_U process and a local-key set-up process over the established temporary secure channel.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The WTRU of claim 7 wherein the ICK is further configured to:
    - establish a secure tunnel between the IKC and the BSF;
      
      receive a first key over the secured tunnel, wherein the temporary secure channel is established using the first key.
  - 9. The WTRU of claim 8 wherein the secure tunnel is a transport layer security-pre-shared key (TLS-PSK) tunnel.
  - 10. The WTRU of claim 7 wherein the temporary secure channel is a transport layer security-pre-shared key (TLS-PSK) tunnel.
  - 11. The WTRU of claim 7 wherein the temporary secure channel is established using shared secrets.
  - 12. The WTRU of claim 11 wherein the shared secrets are pre-provisioned in the IKC and the UICC.

13. A method employed by an Internal Key Center (IKC) for a secure communication, the method comprising:
- establishing a first secured tunnel with a UMTS Integrated Circuit Card (UICC);
  
  establishing a second secured tunnel with a bootstrap server function (BSF); and
  
  providing security association information for at least two network applications functions to the UICC using said first and second tunnels.
- View Dependent Claims (14, 15)
- - 14. The method of claim 13, further comprising:
    - transferring a security association response from the UICC to the BSF using said first and second tunnels.
  - 15. The method of claim 13 wherein the said first and second tunnels are transport layer security-pre-shared key (TLS-PSK) tunnel.

16. A method, for use by a wireless transmit/receive unit (WTRU) including an internal key center (IKC), for establishing secure local keys, the method comprising:
- determining whether a valid key exists on a UMTS Integrated Circuit Card (UICC), and if soretrieving a bootstrapping transaction identifier (B-TID) and at least one network application function identifier (NAF-ID) from the UICC;
  
  sending an application request for keys to a bootstrap server function (BSF);
  
  receiving an application response including at least one key;
  
  generating a counter limit and deriving local keys from related parameter for the at least one NAF;
  
  sending a application request for key establishment to the UICC;
  
  receiving local deviation response indicating successful verification of the local keys; and
  
  storing local keys and all related parameters in the IKC.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The method of claim 16 wherein retrieving a bootstrapping transaction identifier (B-TID) and at least one network application function identifier (NAF-ID) from the UICC is done over a first secure tunnel.
  - 18. The method of claim 16 wherein sending an application request for keys to a bootstrap server function (BSF) is done over a second secure tunnel.
  - 19. The method of claim 18 wherein receiving an application response including at least one key is done over the second secure tunnel.
  - 20. The method of claim 19 wherein the first tunnel is a transport layer security-pre-shared key (TLS-PSK) tunnel.
  - 21. The method of claim 19 wherein the second tunnel is a transport layer security-pre-shared key (TLS-PSK) tunnel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Interdigital Technology Corporation (InterDigital, Inc.)
Original Assignee
Interdigital Technology Corporation (InterDigital, Inc.)
Inventors
Rathi, Chinmayee V., Cha, Inhyok, Guccione, Louis J., Schmidt, Andreas U., Shah, Yogendra C., Kuntze, Nicolai

Granted Patent

US 8,503,376 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/0853   using an additional device,...

H04W 12/0431   Key distribution or pre-dis...

TECHNIQUES FOR SECURE CHANNELIZATION BETWEEN UICC AND A TERMINAL

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

187 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

TECHNIQUES FOR SECURE CHANNELIZATION BETWEEN UICC AND A TERMINAL

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

187 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links