System for ensuring encrypted communication after handover
DCFirst Claim
Patent Images
1. An apparatus, comprising:
- a receiver, of a radio access network, configured to receive via a radio interface an unprotected signaling message including information about encryption algorithms supported by a multimode mobile station in a further radio access network, the further radio access network being different from the radio access network;
wherein said radio access network is configured to compose an integrity protected command message including information relating to the encrypting algorithms supported by the multimode mobile station in said further radio access network, said integrity protected command message comprising a payload and a message authentication code; and
a sender configured to send said integrity protected command message to said multimode mobile station.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
During connection setup with a first radio access network, a multimode mobile station sends an unprotected initial signaling message that includes information about those encryption algorithms that the multimode mobile station supports when it communicates in a second radio access network. The first radio access network saves some or all the information. Then it composes and sends an integrity-protected message that includes information about the encryption algorithms supported by the multimode mobile station in the second radio access network.
50 Citations
47 Claims
-
1. An apparatus, comprising:
-
a receiver, of a radio access network, configured to receive via a radio interface an unprotected signaling message including information about encryption algorithms supported by a multimode mobile station in a further radio access network, the further radio access network being different from the radio access network; wherein said radio access network is configured to compose an integrity protected command message including information relating to the encrypting algorithms supported by the multimode mobile station in said further radio access network, said integrity protected command message comprising a payload and a message authentication code; and a sender configured to send said integrity protected command message to said multimode mobile station. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus comprising:
-
a sender, of a multimode mobile station, configured to send to a first radio access network an unprotected signaling message including information about encryption algorithms supported by the multimode mobile station in a second radio access network, a receiver configured to receive from the first radio access network an integrity protected command message including information relating to said encryption algorithms supported by the multimode mobile station in the second radio access network, said integrity protected command message comprising a payload and a message authentication code, and wherein said mobile station is configured to conclude whether said information relating to said encryption algorithms in said integrity protected command message corresponds to said information about said encryption algorithms in said unprotected signaling message. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system, comprising:
-
a radio access network comprising a receiver configured to receive via a radio interface an unprotected signaling message including information about encryption algorithms supported by a multimode mobile station in a further radio access network, the further radio access network being different from the radio access network, the radio access network being configured to compose an integrity protected command message including information relating to the encrypting algorithms supported by the multimode mobile station in said further radio access network, said integrity protected command message comprising a payload and a message authentication code, and the radio access network also comprises a sender configured to send said integrity protected command message to said multimode mobile station; and
a core network for receiving information about file encryption algorithms supported by the multimode mobile station in said further radio access network. - View Dependent Claims (23, 24)
-
-
25. A method comprising:
-
receiving from a multimode mobile station via a radio interface of a first radio access network an unprotected signaling message including information about encryption algorithms supported by the multimode mobile station in a second radio access network; composing an integrity protected command message including information relating to the encrypting algorithms supported by the multimode mobile station in said second radio access network, said integrity protected command message including a payload and a message authentication code; and sending said integrity protected command message to said multimode mobile station. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. An apparatus comprising:
-
receiving means for receiving via a radio interface an unprotected signaling message including information about encryption algorithms supported by a multimode mobile station in a further radio access network; wherein a first radio access network is configured for composing an integrity protected command message including information relating to the encrypting algorithms supported by the multimode mobile station in said farther radio access network, said integrity protected command message comprising a payload and a message authentication code; sending means for sending said integrity protected command message to said multimode mobile station; and providing means for providing multimode mobile stations with access to at least one core network.
-
-
38. A method, comprising:
-
sending from a multimode mobile station to a first radio access network an unprotected signaling message including information about encryption algorithms supported by the multimode mobile station in a second radio access network; receiving at the multimode mobile station from the first radio access network an integrity protected command message including information relating to the encrypting algorithms supported by the multimode mobile station in said second radio access network, said integrity protected command message comprising a payload and a message authentication code; and concluding whether the information relating to the encryption algorithms in the integrity protected command message corresponds to the information about the encryption algorithms in the unprotected signaling message. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. An apparatus, comprising:
-
sending means for sending from a multimode mobile station to a first radio access network an unprotected signaling message including information about encryption algorithms supported by the multimode mobile station in a second radio access network; receiving means for receiving at the multimode mobile station from the first radio access network an integrity protected command message including information relating to the encrypting algorithms supported by the multimode mobile station in said second radio access network, said integrity protected command message comprising a payload and a message authentication code; and wherein said mobile station is configured to conclude whether the information relating to the encryption algorithms in the integrity protected command message corresponds to the information about the encryption algorithms in the unprotected signaling message.
-
Specification