Asymmetric cryptography for wireless systems
First Claim
Patent Images
1. A method for authenticating messages in a communication network, the method comprising:
- forming a super message comprising a plurality of individual messages, wherein at least two of the individual messages are intended for separate receiving entities of a plurality of receiving entities;
creating a message authentication code (MAC) using a private key and a counter value comprising 4 least significant bits and a plurality of most significant bits, the 4 least significant bits of the counter value formed by a sequence number, the plurality of most significant bits of the counter value formed by a hyper frame number, wherein the MAC is configured to permit authentication of the super message using a public key and to protect confidentiality of a permanent user identity (IMSI) of each of the plurality of receiving entities; and
transmitting, to the plurality of receiving entities, the 4 least significant bits of the counter value to be used for authenticating the super message.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for authenticating messages in a communication network includes forming a super message having a plurality of individual messages such that at least two of the individual messages are intended for separate receiving entities. The method further includes creating a message authentication code (MAC) using a private key, such that the MAC is configured to permit authentication of the super message using a public key.
-
Citations
25 Claims
-
1. A method for authenticating messages in a communication network, the method comprising:
-
forming a super message comprising a plurality of individual messages, wherein at least two of the individual messages are intended for separate receiving entities of a plurality of receiving entities; creating a message authentication code (MAC) using a private key and a counter value comprising 4 least significant bits and a plurality of most significant bits, the 4 least significant bits of the counter value formed by a sequence number, the plurality of most significant bits of the counter value formed by a hyper frame number, wherein the MAC is configured to permit authentication of the super message using a public key and to protect confidentiality of a permanent user identity (IMSI) of each of the plurality of receiving entities; and transmitting, to the plurality of receiving entities, the 4 least significant bits of the counter value to be used for authenticating the super message. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for providing message protection, the method comprising:
-
receiving, in a receiving entity, a first data block from a transmitting entity, wherein the first data block comprises a first message authentication code (MAC), a second data block and only 4 least significant bits of a first counter value, the first counter value corresponding to the first data block and comprising a hyper frame number and a sequence number, wherein the 4 least significant bits of the first counter value correspond only to the sequence number, wherein 28 most significant bits of the counter value correspond only to the hyper frame number, and wherein the first MAC is configured to protect confidentiality of a permanent user identity (IMSI) of the receiving entity; generating a second MAC based upon least significant bits of a second counter value stored in the receiving entity, an integrity protection key, and the second data block; comparing the second MAC with the first MAC; and requesting retransmission of the second data block if the second MAC does not correspond to the first MAC. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method for providing message protection, the method comprising:
-
generating a message authentication code (MAC) based upon a counter value, an integrity protection key, and a first data block, wherein the counter value comprises 4 least significant bits and a plurality of most significant bits, the 4 least significant bits of the counter value formed by a sequence number, the plurality of most significant bits of the counter value formed by a hyper frame number; transmitting, to a receiving entity, the 4 least significant bits of the counter value to be used for authenticating a second data block; generating the second data block that is integrity protected, wherein the second data block comprises the MAC and the first data block, wherein the MAC is configured to permit a request for retransmission of the second data block upon detection of unsuccessful reception of the second data block at the receiving entity using the 4 least significant bits of the counter value and to protect confidentiality of a permanent user identity (IMSI) of the receiving entity; and transmitting the second data block to the receiving entity without using a cyclic redundancy code (CRC) with the second data block. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method for authenticating messages in a communication network, the method comprising:
-
receiving a public key in a first message from a first transmitting entity; and authenticating a second message received from a second transmitting entity based upon the first message, the public key, an authentication algorithm, and only 4 least significant bits of a counter value that comprises a hyper frame number and a sequence number, wherein the 4 least significant bits of the counter value correspond only to the sequence number, and wherein 28 most significant bits of the counter value correspond to the hyper frame number, wherein the public key and the second message are for protecting confidentiality of a permanent user identity (IMSI) of a receiving entity. - View Dependent Claims (18, 19)
-
-
20. A method for authenticating messages in a communication network, the method comprising:
-
receiving at least one broadcast message; receiving a public key in a secure message; receiving a message authentication code (MAC); receiving only 4 least significant bits of a counter value that comprises a hyper frame number and a sequence number, wherein the 4 least significant bits of the counter value correspond only to the sequence number, and wherein 28 most significant bits of the counter value correspond only to the hyper frame number; defining the 4 least significant bits of the counter value as a time difference between reception of the MAC and a timing reference; and authenticating the MAC using the 4 least significant bits of the counter value, the at least one broadcast message, an authentication algorithm, and the public key, wherein the public key and the MAC are for protecting confidentiality of a permanent user identity (IMSI) of a receiving entity. - View Dependent Claims (21, 22, 23, 24, 25)
-
Specification