Ciphering as a part of the multicast concept

US 8,549,287 B2
Filed: 08/14/2002
Issued: 10/01/2013
Est. Priority Date: 10/24/2001
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

encrypting a multicast message by using ciphering in a multicast service control device, wherein, for ciphering, a ciphering key is used;

sending the encrypted multicast message from the multicast service control device to a plurality of user entities;

sending, in a first message when a user entity from the plurality of user entities registers with a multicast service, a first part of a ciphering information to the user entity; and

sending, in a second message, a second part of the ciphering information to the user entity, when a multicast transmission of encrypted messages is activated by the multicast service control device;

wherein the ciphering information comprises at least one parameter from which the ciphering key is derived, wherein the ciphering key is derived by at least one of the plurality of user entities based on at least the first part of the ciphering information and the second part of the ciphering information forming the at least one parameter.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention proposes a method for transmitting a message to a plurality of user entities in a network by using a multicast service, comprising the steps of encrypting a multicast message by using ciphering, and sending the encrypted multicast message to the plurality of user entities simultaneously. The invention also proposes a corresponding multicast service control device and a corresponding user entity.

42 Citations

View as Search Results

55 Claims

1. A method, comprising:
- encrypting a multicast message by using ciphering in a multicast service control device, wherein, for ciphering, a ciphering key is used;
  
  sending the encrypted multicast message from the multicast service control device to a plurality of user entities;
  
  sending, in a first message when a user entity from the plurality of user entities registers with a multicast service, a first part of a ciphering information to the user entity; and
  
  sending, in a second message, a second part of the ciphering information to the user entity, when a multicast transmission of encrypted messages is activated by the multicast service control device;
  
  wherein the ciphering information comprises at least one parameter from which the ciphering key is derived, wherein the ciphering key is derived by at least one of the plurality of user entities based on at least the first part of the ciphering information and the second part of the ciphering information forming the at least one parameter.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method according to claim 1, wherein the first message comprises a service subscription/registration response message in a point-to-point connection.
  - 3. The method according to claim 1, wherein the second message comprises a joining response message sent subsequent to at least one of authorization and authentication of a subscriber.
  - 4. The method according to claim 1, wherein service information is sent with the first part of the ciphering information, but the service information is not sent with the second part of the ciphering information.
  - 5. The method according to claim 1, wherein a first part of the ciphering key derivation related parameter comprises the most significant bits or the least significant bits from the ciphering key derivation related parameter, and a second part of the ciphering key derivation related parameters comprises the remaining bits from the ciphering key derivation related parameters.
  - 6. The method according to claim 1, wherein the at least one parameter is sent with one of the first or the second part of the ciphering information, and a remaining one of the first or the second part of the ciphering information comprises an indication how the at least one parameter is to be used for calculating the ciphering key.
  - 7. The method according to claim 1, wherein the second part of the ciphering information is ciphered by using a value representative of a subscriber identity comprising an international mobile subscriber identification.
  - 8. The method according to claim 1,wherein the ciphering information is sent from the user entity to the multicast service control device, andwherein the ciphering information is used for authenticating the user entity by the multicast service control device.
  - 9. The method according to claim 8, wherein the ciphering information contains a service identification identifying a requested service.
  - 10. The method according to claim 8, wherein the ciphering information contains a service indication, which is a value allocated to a service identification identifying a requested service.
  - 11. The method according to claim 10, wherein the allocated value is changed dynamically.
  - 12. The method according to claim 10, wherein the allocated value is determined using a map.
  - 13. The method according to claim 10,wherein, the ciphering key is calculated using the service indication and a user identification value,and wherein, an authentication of the user entity is performed using the ciphering key.
  - 14. The method according to claim 13, wherein the user identification value is an international mobile subscriber identification.
  - 15. The method according to claim 8, wherein the ciphering information is sent to the multicast service control device in a message by using a channel not requiring a radio resource controller connection.

16. An apparatus, comprising:
- a physical encrypting processor configured to encrypt a multicast message by using ciphering, wherein, for ciphering, a ciphering key is used; and
  
  a physical transmitter configured to send the encrypted multicast message to a plurality of user entities,wherein the transmitter is further configured to send, in a first message when a user entity from the plurality of user entities registers with a multicast service, a first part of a ciphering information to the user entity, and to send, in a second message, a second part of the ciphering information to the user entity, when a multicast transmission of encrypted messages is activated by the multicast service;
  
  wherein the ciphering information comprises at least one parameter from which the ciphering key is derived, wherein the ciphering key is derived by at least one of the plurality of user entities based on at least the first part of the ciphering information and the second part of the ciphering information forming the at least one parameter.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The apparatus according to claim 16, wherein the first message comprises service subscription/registration response message in a point-to-point connection.
  - 18. The apparatus according to claim 16, wherein the second message comprises a joining response message sent subsequent to at least one of authorization and authentication of a subscriber.
  - 19. The apparatus according to claim 16, wherein the transmitter is further configured to send service information with the first part of the ciphering information, but to avoid sending the service information with the second part of the ciphering information.
  - 20. The apparatus according to claim 16, wherein a first part of the ciphering key derivation related parameter comprises the most significant bits or the least significant bits from the ciphering key derivation related parameter, and a second part of the ciphering key derivation related parameters comprises the remaining bits from the ciphering key derivation related parameters.
  - 21. The apparatus according to claim 16, wherein the physical transmitter is further configured to send the at least one parameter with one of the first or the second part of the ciphering information, and a remaining one of the first or the second part of the ciphering information comprises an indication how the at least one parameter is to be used for calculating the ciphering key.
  - 22. The apparatus according to claim 16, wherein the physical encryption unit is further configured to cipher a second part of the ciphering information by using a value representative of a subscriber identity comprising an international mobile subscriber identification.
  - 23. The apparatus according claim 16, further comprising:
    - a receiver configured to receive ciphering information from the user entity; and
      
      an authenticator configured to authenticate the user entity by using the ciphering information.
  - 24. The apparatus according to claim 23, wherein the ciphering information contains a service identification identifying a requested service.
  - 25. The apparatus according to claim 24, wherein the ciphering information contains a service indication, which is a value allocated to a service identification identifying the requested service.
  - 26. The apparatus according to claim 25, wherein the allocated value is changed dynamically.
  - 27. The apparatus according to claim 25, wherein the allocated value is determined using a map.
  - 28. The apparatus according to claim 25,wherein the apparatus further comprises a calculator configured to re-calculate the service indication and a user identification value from the ciphering key, andwherein the authenticator is further configured to authenticate the user based on the service indication and the user identification.
  - 29. The apparatus according to claim 28, wherein the user identification value is an international mobile subscriber identification.
  - 30. The apparatus according to claim 23, wherein the receiver is further configured to receive the ciphering information in a message by using a channel not requiring a radio resource controller connection.

31. An apparatus, comprising:
- a physical receiver configured to receive an encrypted multicast message transmitted to a plurality of user entities in a network by using a multicast service; and
  
  a physical decrypting processor configured to decrypt the encrypted multicast message by using ciphering, wherein, for ciphering, a ciphering key is used,wherein the receiver is further configured to receive, in a first message, a first part of ciphering information when a user entity from the plurality of user entities registers with a multicast service, and to receive, in a second message, a second part of the ciphering information when a multicast transmission of encrypted multicast messages is activated by the multicast service,wherein the ciphering information comprises at least one parameter from which the ciphering key is derived, wherein the ciphering key is derived by at least one of the plurality of user entities based on at least the first part of the ciphering information and the second part of the ciphering information forming the at least one parameter.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 32. The apparatus according to claim 31, wherein the physical receiver is further configured to receive the first part of the ciphering information in a service registration response message in a point-to-point connection.
  - 33. The apparatus according to claim 32, wherein the physical receiver is further configured to receive the second part of the ciphering information in a joining response message sent subsequent to at least one of authorization and authentication of a subscriber.
  - 34. The apparatus according to claim 31, wherein a first part of the ciphering key derivation related parameter comprises the most significant bits or the least significant bits from the ciphering key derivation related parameter, and a second part of the ciphering key derivation related parameters comprises the remaining bits from the ciphering key derivation related parameters.
  - 35. The apparatus according to claim 31, wherein the physical receiver is further configured to receive the at least one parameter with one of the first or the second part of the ciphering information, and a remaining one of the first or the second part of the ciphering information comprises an indication how the at least one parameter is to be used for calculating the ciphering key.
  - 36. The apparatus according to claim 31, wherein the physical decrypting processor is further configured to cipher the second part of the ciphering information by using a value representative of the subscriber identity comprising an international mobile subscriber identification.
  - 37. The apparatus according to claim 31, wherein the ciphering information contains a service indication, which is a value allocated to a service identification identifying a requested service.
  - 38. The apparatus according to claim 37, wherein the allocated value is changed dynamically.
  - 39. The apparatus according to claim 37, wherein the allocated value is determined using a map.
  - 40. The apparatus according to claim 37,wherein the apparatus further comprises a calculating processor configured to calculate the ciphering key based on the service indication and a user identification value, and to send the ciphering key to a multicast service control device as an authentication key.
  - 41. The apparatus according to claim 40, wherein the user identification value is an international mobile subscriber identification.
  - 42. The apparatus according to claim 31, further comprising a transmitter configured to send the ciphering information to the multicast service control device in a message by using a channel not requiring a radio resource controller connection.

43. A system, comprising:
- a multicast service control node, wherein the multicast service control node further comprises;
  
  a physical encrypting processor configured to encrypt a multicast message by using ciphering, wherein, for ciphering, a ciphering key is used, anda physical transmitter configured to send the encrypted multicast message to a plurality of user entities; and
  
  a user entity from the plurality of user entities wherein the user entity further comprisesa receiver configured to receive the encrypted multicast message transmitted to the plurality of user entities in a network by using a multicast service, anda physical decrypting processor configured to decrypt the encrypted multicast message by using ciphering and the ciphering key,wherein the physical transmitter is further configured to send, in a first message, a first part of ciphering information to the user entity when the user entity registers with the multicast service, and to send, in a second message, a second part of the ciphering information to the user entity when a multicast transmission of encrypted multicast messages is activated by the multicast service,wherein the receiver is further configured to receive the first part of the ciphering information when the user entity registers with the multicast service, and to receive the second part of the ciphering information when a multicast transmission of encrypted multicast messages is activated,wherein the ciphering information comprises at least one parameter from which the ciphering parameter is derived, wherein the ciphering key is derived by at least one of the plurality of user entities based on at least the first part of the ciphering information and the second part of the ciphering information forming the at least one parameter.

44. A method, comprising:
- receiving, at a physical receiver, an encrypted multicast message encrypted using a ciphering key and transmitted to a plurality of user entities in a network by using a multicast service;
  
  decrypting the encrypted multicast message by using ciphering;
  
  receiving, in a first message, when a user entity from the plurality of user entities registers with the multicast service, a first part of ciphering information; and
  
  receiving, in a second message, a second part of the ciphering information, when a multicast transmission of encrypted messages is activated by the multicast service,wherein the ciphering information comprises at least one parameter from which the ciphering key is derived, wherein the ciphering key is derived by at least one of the plurality of user entities based on at least the first part of the ciphering information and the second part of the ciphering information forming the at least one parameter.
- View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55)
- - 45. The method according to claim 44, wherein the receiving the first part of the ciphering information further comprises receiving the first part of the ciphering information in a service registration response message in a point-to-point connection.
  - 46. The method according to claim 45, wherein the receiving the second part of the ciphering information further comprises receiving the second part of the ciphering information in a joining response message.
  - 47. The method according to claim 44, wherein a first part of the ciphering key derivation related parameter comprises the most significant bits or the least significant bits from the ciphering key derivation related parameter, and a second part of the ciphering key derivation related parameters comprises the remaining bits from the ciphering key derivation related parameters.
  - 48. The method according to claim 44, further comprising receiving the at least one parameter with one of the first or the second part of the ciphering information, and a remaining one of the first or the second part of the ciphering information comprises an indication how the at least one parameter is to be used for calculating the ciphering key.
  - 49. The method according to claim 44, wherein the decrypting the encrypted multicast message further comprises ciphering the second part of the ciphering information by using a value representative of the subscriber identity comprising an international mobile subscriber identification.
  - 50. The method according to claim 44, wherein the ciphering information contains a service indication, which is a value allocated to a service identification identifying a requested service.
  - 51. The method according to claim 50, wherein the allocated value is changed dynamically.
  - 52. The method according to claim 50, wherein the allocated value is determined using a map.
  - 53. The method according to claim 50, wherein the method further comprises:
    - calculating the ciphering key based on the service indication and a user identification value; and
      
      sending the ciphering key to a multicast service control device as an authentication key.
  - 54. The method according to claim 53, wherein the user identification value is an international mobile subscriber identification.
  - 55. The method according to claim 44, further comprising sending the ciphering information to the multicast service control device in a message by using a channel not requiring a radio resource controller connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Sarkkinen, Sinikka, Kettunen, Kimmo, Karhuluoma, Niina, Vainio, Antti-Pentti, Niemi, Valtteri, Kall, Jan
Primary Examiner(s)
LE, CHAU D

Application Number

US10/493,209
Publication Number

US 20050015583A1
Time in Patent Office

4,066 Days
Field of Search

713/150, 713/163, 713/168, 713/170, 713/179
US Class Current

713/163
CPC Class Codes

H04L 12/185   with management of multicas...

H04L 12/1859   adapted to provide push ser...

H04L 12/189   in combination with wireles...

H04L 2209/80   Wireless network architectu...

H04L 2463/061   applying further key deriva...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/065   for group communications cr...

H04L 63/068   using time-dependent keys, ...

H04L 63/104   Grouping of entities

H04L 63/18   using different networks or...

H04L 9/0866   involving user or device id...

H04L 9/0891   Revocation or update of sec...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

H04W 12/04   Key management, e.g. using ...

Ciphering as a part of the multicast concept

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

42 Citations

55 Claims

Specification

Solutions

Use Cases

Quick Links

Ciphering as a part of the multicast concept

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

55 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links