ACCESS STRATUM (AS) SECURITY FOR A CENTRALIZED RADIO ACCESS NETWORK (C-RAN)

US 20190320352A1
Filed: 04/10/2019
Published: 10/17/2019
Est. Priority Date: 04/12/2018
Status: Active Application

First Claim

Patent Images

1. A method for wireless communication by a User Equipment (UE), comprising:

receiving a command to handover the UE from a source base station (BS) to a target BS, the command including at least an indication to generate at least one key specific to the target BS and a freshness parameter for generating the at least one key, wherein at least a portion of a control plane (CP) protocol layer is implemented at the target BS;

generating the at least one key based at least on the freshness parameter and a master key, the master key associated with a Radio Access Network (RAN) network entity controlling at least the source BS; and

exchanging control signaling with the target BS based on the CP protocol layer using the at least one key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for secure control plane communications between a User Equipment (UE) and a gNB are provided. A RAN network entity decides to handover a UE from a source base station (BS) to a target BS, wherein the RAN network entity controls a plurality of BSs including at least one of the source BS or the target BS, and wherein at least a portion of a control plane (CP) protocol layer is implemented at the target BS. The network entity generates at least one key specific to the target BS, based on a master key and a freshness parameter, the master key associated with the network entity. The network entity transmits an indication of the at least one key to the target BS, wherein the target BS exchanges control signaling with the UE based on the CP protocol layer using the at least one key.

12 Citations

View as Search Results

32 Claims

1. A method for wireless communication by a User Equipment (UE), comprising:
- receiving a command to handover the UE from a source base station (BS) to a target BS, the command including at least an indication to generate at least one key specific to the target BS and a freshness parameter for generating the at least one key, wherein at least a portion of a control plane (CP) protocol layer is implemented at the target BS;
  
  generating the at least one key based at least on the freshness parameter and a master key, the master key associated with a Radio Access Network (RAN) network entity controlling at least the source BS; and
  
  exchanging control signaling with the target BS based on the CP protocol layer using the at least one key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein generating the at least one key includes generating an intermediate key specific to the target BS, based on the master key and the freshness parameter.
  - 3. The method of claim 2, wherein generating the at least one key further includes generating a Radio Resource Control (RRC) encryption key (K_RRCenc) and a RRC integrity protection key (K_RRCint) based on the intermediate key.
  - 4. The method of claim 1, further comprising:
    - receiving a subsequent command to handover the UE from the target BS to a subsequent target BS, the subsequent command including an indication to generate a subsequent at least one key specific to the subsequent target BS and a subsequent freshness parameter; and
      
      exchanging signaling with the subsequent target BS based on the subsequent at least one key.
  - 5. The method of claim 4, wherein generating the subsequent at least one key includes:
    - generating a subsequent intermediate key for handover of the UE to the subsequent target BS, based on the intermediate key and the subsequent freshness parameter; and
      
      generating a Radio Resource Control (RRC) encryption key (K_RRCenc) and a RRC integrity protection key (K_RRCint) based on the subsequent intermediate key.
  - 6. The method of claim 1, wherein the network entity includes a central unit (CU) according to the 5^thGeneration (5G) New Radio (NR) Radio Access Network (RAN) architecture.
  - 7. The method of claim 6, wherein each of the source BS and the target BS includes a Distributed Unit (DU) according to the 5G NR RAN architecture.
  - 8. The method of claim 1, wherein the CP protocol layer includes Central Unit (CU)-CP (CU-CP) according to the 5G NR RAN architecture.
  - 9. The method of claim 8, wherein the portion of the CP protocol layer includes Packet Data Convergence Protocol (PDCP)-CP (PDCP-CP) according to the 5G NR RAN architecture.
  - 10. The method of claim 1, wherein control signaling includes Radio Resource Control (RRC) signaling.
  - 11. The method of claim 1, wherein the command to handover includes an indication to generate the master key, wherein the indication includes a freshness parameter to generate the master key.

12. A method for wireless communication by a Radio Access Network (RAN) network entity, comprising:
- deciding to handover a UE from a source base station (BS) to a target BS, wherein the RAN network entity controls a plurality of BSs including at least one of the source BS or the target BS, and wherein at least a portion of a control plane (CP) protocol layer is implemented at the target BS;
  
  generating at least one key specific to the target BS, based on a master key and a freshness parameter, the master key associated with the network entity; and
  
  transmitting an indication of the at least one key to the target BS,wherein the target BS exchanges control signaling with the UE based on the CP protocol layer, wherein the control signaling is protected based on the at least one key.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 13. The method of claim 12, further comprising:
    - directing the source BS to transmit a handover command to the UE, the handover command including at least an indication to generate the at least one key and the freshness parameter for generating the at least one key.
  - 14. The method of claim 13, further comprising generating a Radio Resource Control (RRC) message including the handover command, wherein directing the source BS to transmit includes directing the source BS to forward the RRC message to the UE.
  - 15. The method of claim 13, further comprising transmitting the indication to generate and the freshness parameter to the source BS, for forwarding to the UE via an Radio Resource Control (RRC) message.
  - 16. The method of claim 12, wherein generating the at least one key includes:
    - generating an intermediate key specific to the target BS, based on the master key and the freshness parameter.
  - 17. The method of claim 16, wherein the indication includes an indication of the intermediate key.
  - 18. The method of claim 16, further comprising:
    - generating a subsequent intermediate key for handover of the UE to a subsequent target BS, based on the intermediate key and a subsequent freshness parameter.
  - 19. The method of claim 18, wherein generating the at least one key includes:
    - generating a Radio Resource Control (RRC) encryption key (K_RRCenc) and a RRC integrity protection key (K_RRCint) based on the subsequent intermediate key.
  - 20. The method of claim 19, wherein the indication includes an indication of the RRC encryption key (K_RRCenc) and the RRC integrity protection key (K_RRCint).
  - 21. The method of claim 12, wherein the network entity includes a central unit (CU) according to the 5^thGeneration (5G) New Radio (NR) Radio Access Network (RAN) architecture.
  - 22. The method of claim 21, wherein each of the source BS and the target BS includes a Distributed Unit (DU) according to the 5G NR RAN architecture.
  - 23. The method of claim 12, wherein the CP protocol layer includes a Control Unit (CU)-CP (CU-CP) according to the 5G NR RAN architecture.
  - 24. The method of claim 23, wherein the portion of the CP protocol layer includes Packet Data Convergence Protocol (PDCP)-CP (PDCP-CP) according to the 5G NR RAN architecture.
  - 25. The method of claim 12, wherein control signaling includes Radio Resource Control (RRC) signaling.
  - 26. The method of claim 12, wherein the freshness parameter includes at least one of a counter, a nonce, Physical Cell Identifier (PCI), or Absolute Radio Frequency Channel Number (ARFCN).

27. A User Equipment (UE), comprising:
- at least one processor configured to;
  
  receive a command to handover the UE from a source base station (BS) to a target BS, the command including at least an indication to generate at least one key specific to the target BS and a freshness parameter for generating the at least one key, wherein at least a portion of a control plane (CP) protocol layer is implemented at the target BS;
  
  generate the at least one key based at least on the freshness parameter and a master key, the master key associated with a Radio Access Network (RAN) network entity controlling at least the source BS; and
  
  exchange control signaling with the target BS based on the CP protocol layer using the at least one key; and
  
  a memory coupled to the at least one processor.
- View Dependent Claims (28, 29)
- - 28. The UE of claim 27, wherein the at least one processor is configured to generate an intermediate key specific to the target BS, based on the master key and the freshness parameter.
  - 29. The UE of claim 27, wherein the at least one processor is further configured to:
    - receive a subsequent command to handover the UE from the target BS to a subsequent target BS, the subsequent command including an indication to generate a subsequent at least one key specific to the subsequent target BS and a subsequent freshness parameter; and
      
      exchange signaling with the subsequent target BS based on the subsequent at least one key.

30. A Radio Access Network (RAN) network entity, comprising:
- at least one processor configured to;
  
  decide to handover a UE from a source base station (BS) to a target BS, wherein the RAN network entity controls a plurality of BSs including at least one of the source BS or the target BS, and wherein at least a portion of a control plane (CP) protocol layer is implemented at the target BS;
  
  generate at least one key specific to the target BS, based on a master key and a freshness parameter, the master key associated with the network entity; and
  
  transmit an indication of the at least one key to the target BS,wherein the target BS exchanges control signaling with the UE based on the CP protocol layer, wherein the control signaling is protected based on the at least one key; and
  
  a memory coupled to the at least one processor.
- View Dependent Claims (31, 32)
- - 31. The RAN network entity of claim 30, wherein the at least one processor is configured to:
    - generate an intermediate key specific to the target BS, based on the master key and the freshness parameter.
  - 32. The RAN network entity of claim 31, wherein the at least one processor is further configured to:
    - generate a subsequent intermediate key for handover of the UE to a subsequent target BS, based on the intermediate key and a subsequent freshness parameter.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
LEE, Soo Bum, HORN, Gavin Bernard

Application Number

US16/380,104
Publication Number

US 20190320352A1
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04W 12/041   Key generation or derivation

H04W 12/0471   Key exchange

H04W 36/0038   of security context informa...

H04W 36/0069   in case of dual connectivit...

H04W 36/08   Reselecting an access point

H04W 76/27   Transitions between radio r...

H04W 88/085   Access point devices with r...

ACCESS STRATUM (AS) SECURITY FOR A CENTRALIZED RADIO ACCESS NETWORK (C-RAN)

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

ACCESS STRATUM (AS) SECURITY FOR A CENTRALIZED RADIO ACCESS NETWORK (C-RAN)

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links