Method and apparatus for security protection of an original user identity in an initial signaling message

US 8,412,157 B2
Filed: 06/15/2007
Issued: 04/02/2013
Est. Priority Date: 06/19/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method for security protection of a user identity (ID) in an initial connection signaling message, the method comprising:

activating a control plane (C-plane) packet data convergence protocol (C-PDCP) layer upon power up of a wireless transmit/receive unit (WTRU);

generating initial security parameters from system information received by the WTRU upon the power up of the WTRU;

loading the initial security parameters to the C-PDCP layer;

ciphering the initial connection signaling message including the user ID usingthe initial security parameters, an f8 algorithm being used for the ciphering and the initial security parameters including a ciphering key (CK), a COUNT-C value, a bearer ID, a direction value, and a length value, the COUNT-C value being a pre-arranged value; and

transmitting the ciphered initial connection signaling message and the user ID, the initial connection signaling message including a public land mobile network (PLMN) identity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A wireless transmit/receive unit (WTRU) includes a control plane (C-plane) packet data convergence protocol (C-PDCP) layer which performs ciphering of a signaling message. The C-PDCP layer is activated upon power up of the WTRU and initial security parameters are loaded to the C-PDCP layer. An initial connection signaling message and a user identity are ciphered using the initial security parameters even before the WTRU is authenticated. The initial security parameters including a ciphering key (CK) may be generated from system information broadcast from the network. The CK may be a public key for asymmetric encryption, and may be selected from a public key set broadcast by or derived from the network system information. An index of the selected public key may be separately encoded. Alternatively, the index may be communicated by using a Diffie-Hellman key exchange method.

37 Citations

View as Search Results

68 Claims

1. A method for security protection of a user identity (ID) in an initial connection signaling message, the method comprising:
- activating a control plane (C-plane) packet data convergence protocol (C-PDCP) layer upon power up of a wireless transmit/receive unit (WTRU);
  
  generating initial security parameters from system information received by the WTRU upon the power up of the WTRU;
  
  loading the initial security parameters to the C-PDCP layer;
  
  ciphering the initial connection signaling message including the user ID usingthe initial security parameters, an f8 algorithm being used for the ciphering and the initial security parameters including a ciphering key (CK), a COUNT-C value, a bearer ID, a direction value, and a length value, the COUNT-C value being a pre-arranged value; and
  
  transmitting the ciphered initial connection signaling message and the user ID, the initial connection signaling message including a public land mobile network (PLMN) identity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 2. The method of claim 1 wherein the initial security parameters are loaded to a universal subscriber identity module (USIM).
  - 3. The method of claim 1 wherein the system information includes at least one public key or information for deriving a public key.
  - 4. The method of claim 1 further comprising:
    - receiving an authentication request message to the WTRU including a random number and an authentication token;
      
      authenticating the network based on the random number and the authentication token;
      
      computing session keys and a response (RES);
      
      sending an authentication response message including the RES to the network; and
      
      receiving a security mode command message to the WTRU.
  - 5. The method of claim 4 wherein the authentication response message is protected by using the initial security parameters.
  - 6. The method of claim 4 wherein a network ciphers a downlink control message including the security mode command message with a key used for ciphering the initial connection signaling message using a symmetric encryption algorithm.
  - 7. The method of claim 4 further comprising:
    - configuring a user plane (U-plane) PDCP layer with a new session key for U-plane data ciphering.
  - 8. The method of claim 1 wherein the COUNT-C value is a computed value by the WTRU and a network.
  - 9. The method of claim 1 wherein the bearer ID is a signaling radio bearer ID number.
  - 10. The method of claim 1 wherein the bearer ID is a pre-arranged value.
  - 11. The method of claim 1 wherein the direction value is set to ‘
    - 0’
      
      for uplink.
  - 12. The method of claim 1 wherein an asymmetric encryption algorithm is used for ciphering.
  - 13. The method of claim 12 wherein the ciphering algorithm uses a ciphering key (CK) which is a pre-arranged public/private key-pair.
  - 14. The method of claim 13 wherein the public key is broadcast via system information.
  - 15. The method of claim 14 wherein the public key from a public key set comprising a plurality of public keys.
  - 16. The method of claim 15 wherein an international mobile subscriber identity (IMSI) value is used to select an index into the public key set to select a public key.
  - 17. The method of claim 15 wherein a FRESH value is used to select an index into the public key set to select a public key.
  - 18. The method of claim 17 wherein the index is encrypted with a pre-agreed public key and the encrypted index is included in the initial connection signaling message.
  - 19. The method of claim 15 wherein the system information includes a first key index seed and the connection request message includes a second key index seed, and the public key is selected using a Diffie-Hellman key exchange method.
  - 20. The method of claim 1 wherein an f9 algorithm is used, and the initial security parameters include an integrity key (IK), a COUNT-I value, a message, a direction value, and a FRESH value.
  - 21. The method of claim 20 wherein the IK is generated using a random number received via system information and a shared secret key K.
  - 22. The method of claim 21 wherein the IK is generated by using f4 algorithm.
  - 23. The method of claim 20 wherein the COUNT-I value is a pre-arranged value.
  - 24. The method of claim 20 wherein the COUNT-I value is set to a START value stored in a universal subscriber identity module (USIM) combined with a pre-agree value.
  - 25. The method of claim 24 wherein the pre-agreed value is a non-access stratum (NAS) layer sequence number.
  - 26. The method of claim 20 wherein the COUNT-I value is a computed value.
  - 27. The method of claim 20 wherein the direction value is set to ‘
    - 0’
      
      for uplink.
  - 28. The method of claim 20 wherein the message is a radio bearer ID plus a first non-access stratum (NAS) message.
  - 29. The method of claim 20 wherein the FRESH value is selected from a set of pre-arranged FRESH values.
  - 30. The method of claim 29 wherein the IK is used to compute an index for the FRESH value.
  - 31. The method of claim 20 wherein the FRESH value is generated by using a FRESH value generation algorithm with a random number broadcast via system information and a shared secret key K.
  - 32. The method of claim 1 wherein the wireless communication system is a third generation (3G) long term evolution (LTE).

33. A method for security protection of a user identity (ID) in an initial connection signaling message, the method comprising:
- activating a control plane (C-plane) packet data convergence protocol (C-PDCP) layer upon power up of a wireless transmit/receive unit (WTRU);
  
  receiving system information upon the power up of the WTRU;
  
  generating initial security parameters from the system information;
  
  loading the initial security parameters to the C-PDCP layer;
  
  ciphering the initial connection signaling message including the user ID using the initial security parameters and an f8 ciphering algorithm, the initial security parameters including a ciphering key (CK), a COUNT-C value, a bearer ID, a direction value, and a length value, and the COUNT-C value being a START value stored in a universal subscriber identity module (USIM) combined with a pre-agreed value; and
  
  transmitting the ciphered initial connection signaling message and the user ID, the initial connection signaling message including a public land mobile network (PLMN) identity.
- View Dependent Claims (34)
- - 34. The method of claim 33 wherein the pre-agreed value is a non-access stratum (NAS) layer sequence number.

35. A wireless transmit/receive unit (WTRU) for security protection of a user identity (ID) in an initial connection signaling message, the WTRU comprising:
- a non-access stratum (NAS) layer configured to generate a first control signaling message and trigger a connection to a network;
  
  a radio resource control (RRC) layer configured to generate a second control signaling message and perform integrity protection of the first and second control signaling messages; and
  
  a control plane (C-plane) packet data convergence protocol (C-PDCP) layer configured to perform ciphering of at least one of the first and second control signaling messages including an initial connection signaling message and the user ID using initial security parameters that are loaded to the C-PDCP layer upon power up of the WTRU and send the ciphered initial connection signaling message and the user ID to a network, the initial security parameters generated from system information received by the WTRU upon the power up of the WTRU, an f8 algorithm being used for the ciphering and the initial security parameters including a ciphering key (CK), a COUNT-C value, a bearer ID, a direction value, and a length value, the COUNT-C value being a pre-arranged value and the initial connection signaling message including a public land mobile network (PLMN) identity.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66)
- - 36. The WTRU of claim 35 wherein the initial security parameters are loaded to a universal subscriber identity module (USIM).
  - 37. The WTRU of claim 35 wherein the system information includes at least one public key or information for deriving a public key.
  - 38. The WTRU of claim 35 wherein the NAS layer is configured to authenticate the network based on a random number and an authentication token included in an authentication request message from the network, and compute session keys and send an authentication response message including a response (RES) to the network so that the network authenticates the WTRU using the RES.
  - 39. The WTRU of claim 38 wherein the authentication response message is protected by using the initial security parameters.
  - 40. The WTRU of claim 38 further comprising:
    - a user plane (U-plane) PDCP layer for processing U-plane data, the RRC layer loads a new session key to the U-plane PDCP layer for U-plane ciphering.
  - 41. The WTRU of claim 35 wherein the COUNT-C value is a computed value by the WTRU and the network.
  - 42. The WTRU of claim 35 wherein the bearer ID is a signaling radio bearer ID number.
  - 43. The WTRU of claim 35 wherein the bearer ID is a pre-arranged value between the WTRU and the network.
  - 44. The WTRU of claim 35 wherein the direction value is set to ‘
    - 0’
      
      for uplink.
  - 45. The WTRU of claim 35 wherein the ciphering algorithm is an asymmetric encryption algorithm.
  - 46. The WTRU of claim 45 wherein the ciphering algorithm uses a ciphering key (CK) which is a pre-arranged public/private key-pair between the WTRU and the network.
  - 47. The WTRU of claim 46 wherein the public key is broadcast via system information.
  - 48. The WTRU of claim 47 wherein the C-PDCP layer selects a public key from a public key set comprising a plurality of public keys.
  - 49. The WTRU of claim 48 wherein the system information includes a first key index seed and the connection request message includes a second key index seed, wherein the public key is selected using a Diffie-Hellman key exchange method.
  - 50. The WTRU of claim 47 wherein the C-PDCP layer uses the user ID to select an index into the public key set.
  - 51. The WTRU of claim 47 wherein the C-PDCP layer uses a FRESH value to select an index into the public key set.
  - 52. The WTRU of claim 51 wherein the C-PDCP layer encrypts the index with a pre-agreed public key and includes the encrypted index in the connection request message.
  - 53. The WTRU of claim 35 wherein an f9 algorithm is used, and the initial security parameters include an integrity key (IK), a COUNT-I value, a message, a direction value, and a FRESH value.
  - 54. The WTRU of claim 53 wherein the IK is generated by the WTRU using a random number received via system information and a shared secret key K.
  - 55. The WTRU of claim 54 wherein the IK is generated by using an f4 algorithm.
  - 56. The WTRU of claim 53 wherein the COUNT-I value is a pre-arranged value known to the WTRU and the network.
  - 57. The WTRU of claim 53 wherein the COUNT-I value is set to a START value stored in a universal subscriber identity module (USIM) combined with a pre-agree value known between the WRU and the network.
  - 58. The WTRU of claim 57 wherein the pre-agreed value is a non-access stratum (NAS) layer sequence number.
  - 59. The WTRU of claim 53 wherein the COUNT-I value is a computed value by the WTRU and the network.
  - 60. The WTRU of claim 53 wherein the direction value is set to ‘
    - 0’
      
      for uplink.
  - 61. The WTRU of claim 53 wherein the message is a radio bearer ID plus a first non-access stratum (NAS) message.
  - 62. The WTRU of claim 53 wherein the FRESH value is selected from a set of pre-arranged FRESH values between the WTRU and the network.
  - 63. The WTRU of claim 62 wherein the IK is used to compute an index for the FRESH value.
  - 64. The WTRU of claim 53 wherein the FRESH value is generated by using a FRESH value generation algorithm with a random number broadcast via system information and a shared secret key K.
  - 65. The WTRU of claim 35 wherein the wireless communication system is a third generation (3G) long term evolution (LTE).
  - 66. The WTRU of claim 35 wherein the network ciphers a downlink control message with a key used for ciphering the initial connection signaling message using a symmetric encryption algorithm.

67. A wireless transmit/receive unit (WTRU) for security protection of a user identity (ID) in an initial connection signaling message, the WTRU comprising:
- a non-access stratum (NAS) layer configured to generate a first control signalingmessage and trigger a connection to a network;
  
  a radio resource control (RRC) layer configured to generate a second controlsignaling message and perform integrity protection of the first and second control signaling messages; and
  
  a control plane (C-plane) packet data convergence protocol (C-PDCP) layerconfigured, at least in part, to;
  
  perform ciphering of at least one of the first and second control signalingmessages including an initial connection signaling message and the user ID using an f8 algorithm and initial security parameters, the initial security parameters being generated from system information received upon a power up of the WTRU, and the initial security parameters being loaded to the C-PDCP layer; and
  
  send the ciphered initial connection signaling message and the user ID to a network, the initial security parameters including at least one of a ciphering key (CK), a COUNT-C value, a bearer ID, a direction value, and a length value, and the COUNT-C value being a START value stored in a universal subscriber identity module (USIM) combined with a pre-agreed value, the initial connection signaling message including a public land mobile network (PLMN) identity.
- View Dependent Claims (68)
- - 68. The WTRU of claim 67 wherein the pre-agreed value is a non-access stratum (NAS) layer sequence number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Interdigital Technology Corporation (InterDigital, Inc.)
Original Assignee
Interdigital Technology Corporation (InterDigital, Inc.)
Inventors
Wang, Peter S., Guccione, Louis J., Terry, Stephen E.
Primary Examiner(s)
Hu, Jinsong
Assistant Examiner(s)
TAYLOR, NATHAN SCOTT

Application Number

US11/763,855
Publication Number

US 20070297367A1
Time in Patent Office

2,118 Days
Field of Search

455410-411, 380/247, 380/255, 380270-282, 726/5, 726/51
US Class Current

455/411
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/0414   during transmission, i.e. p...

H04L 63/0442   wherein the sending and rec...

H04L 63/12   Applying verification of th...

H04L 63/1441   Countermeasures against mal...

H04L 9/0833   involving conference or gro...

H04L 9/0844   with user authentication or...

H04L 9/3234   involving additional secure...

H04L 9/3273   for mutual authentication n...

H04W 12/106   Packet or message integrity

H04W 12/126   Anti-theft arrangements, e....

Method and apparatus for security protection of an original user identity in an initial signaling message

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

37 Citations

68 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for security protection of an original user identity in an initial signaling message

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

68 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links