Method for managing group traffic encryption key in wireless portable internet system
First Claim
1. A method for updating a group traffic encryption key (GTEK) for a group traffic service in a wireless portable Internet system, the method comprising:
- a) determining, at a base station, whether a lifetime of a current group key encryption key (GKEK) used for encrypting a current GTEK expires within a lifetime of the current GTEK;
b) when the lifetime of the current GKEK does expire within the lifetime of the current GTEK, generating, at the base station, a next GTEK and a next GKEK to be used for encrypting the next GTEK within the lifetime of the current GTEK and transmitting the next GTEK and the next GKEK to a subscriber station; and
c) when the lifetime of the current GKEK does not expire within the lifetime of the current GTEK, generating, at the base station, a next GTEK within the lifetime of the current GTEK and transmitting the next GTEK to the subscriber station, wherein the next GTEK is encrypted by using the current GKEK.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a method for managing a group traffic encryption key (GTEK) in a wireless portable Internet system. In the method, for higher security of a group traffic service such as a multicast service, a broadcast service, and a multicast-broadcast service (MBS), a base station periodically generates and distributes a GTEK to a subscriber station served with the group traffic service. A lifetime of a group key encryption key (GKEK) used for encrypting a GTEK is set greater than that of the GTEK. That is, the GKEK is updated once while the GTEK is updated several times. According to the present invention, security for the group traffic service is increased while reducing radio resource consumption.
-
Citations
21 Claims
-
1. A method for updating a group traffic encryption key (GTEK) for a group traffic service in a wireless portable Internet system, the method comprising:
-
a) determining, at a base station, whether a lifetime of a current group key encryption key (GKEK) used for encrypting a current GTEK expires within a lifetime of the current GTEK; b) when the lifetime of the current GKEK does expire within the lifetime of the current GTEK, generating, at the base station, a next GTEK and a next GKEK to be used for encrypting the next GTEK within the lifetime of the current GTEK and transmitting the next GTEK and the next GKEK to a subscriber station; and c) when the lifetime of the current GKEK does not expire within the lifetime of the current GTEK, generating, at the base station, a next GTEK within the lifetime of the current GTEK and transmitting the next GTEK to the subscriber station, wherein the next GTEK is encrypted by using the current GKEK. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for a base station to update a group traffic encryption key (GTEK) for a group traffic service in a wireless portable Internet system, the method comprising:
-
a) receiving, at the base station, a GTEK request through a key request message for encrypting a specific group traffic service from a subscriber station; b) determining, at the base station, whether a GTEK being used for the specific group traffic service exists; c) when a result of the determination shows that the GTEK being used for encrypting the specific group traffic service does not exist, generating, at the base station, an initial GTEK for encrypting traffic data of the specific group traffic service and an initial group key encryption key (GKEK) for encrypting the initial GTEK, and transmitting the initial GTEK and the initial GKEK to the subscriber station; and d) when a result of the determination shows that the GTEK being used for encrypting the specific group traffic service exists, transmitting, at the base station, a key reply message including the currently used GTEK and the currently used GKEK for encrypting the current GTEK to the subscriber station, wherein a lifetime of the initial GKEK generated in c) is set greater than that of the initial GTEK, and a lifetime of the GTEK transmitted to the subscriber station in d) and a lifetime of the GKEK respectively correspond to a remaining lifetime of each key. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification