Secure network connection allowing choice of a suitable security algorithm

US 9,027,081 B2
Filed: 06/23/2010
Issued: 05/05/2015
Est. Priority Date: 06/29/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A method for use in a mobile radio communications device network connection procedure, the method comprising:

at a network, sending to a mobile radio communications device a first list of a plurality of security algorithms supported in the network including both an Access-Stratum (AS) and Non-Access-Stratum (NAS) security container, the network being an upgraded network and the mobile radio communications device being a non-upgraded device;

at the mobile radio communications device, in response to receiving the first list of the plurality of security algorithms supported in the network, sending an AS confirmation message, which is not integrity protected, and subsequently sending a NAS registration update message and a second list including supported security algorithms and unsupported security algorithms in the mobile radio communications device, the unsupported security algorithms being indicated separately from the supported security algorithms; and

at the network, generating and sending an AS security mode command message upon receipt of the NAS registration message based on the second list provided to the network.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides for a method for use in a mobile radio communications device network connection procedure and including the step of, at a network, sending to a mobile radio communications device a list of a plurality of security algorithms supported in the network and so as to allow choice of a suitable algorithm irrespective of the degree of update that the device may have experienced.

7 Citations

View as Search Results

15 Claims

1. A method for use in a mobile radio communications device network connection procedure, the method comprising:
- at a network, sending to a mobile radio communications device a first list of a plurality of security algorithms supported in the network including both an Access-Stratum (AS) and Non-Access-Stratum (NAS) security container, the network being an upgraded network and the mobile radio communications device being a non-upgraded device;
  
  at the mobile radio communications device, in response to receiving the first list of the plurality of security algorithms supported in the network, sending an AS confirmation message, which is not integrity protected, and subsequently sending a NAS registration update message and a second list including supported security algorithms and unsupported security algorithms in the mobile radio communications device, the unsupported security algorithms being indicated separately from the supported security algorithms; and
  
  at the network, generating and sending an AS security mode command message upon receipt of the NAS registration message based on the second list provided to the network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method as claimed in claim 1, wherein the first list comprises a prioritized list.
  - 3. A method as claimed in claim 1, wherein the first list includes a prioritized list of security algorithms, and an indication of a security algorithm as selected from the prioritized list at the mobile radio communications device is indicated to the network.
  - 4. A method as claimed in claim 3, wherein said indication is included within a handover confirm signal.
  - 5. A method as claimed in claim 4, wherein the handover confirm signal is unciphered and integrity protected with the selected security algorithm.
  - 6. A method as claimed in claim 3, wherein an indication of the selected security algorithm is included within registration update request signaling if the mobile radio communication device does not support an old security algorithm.
  - 7. A method as claimed in claim 6, wherein the registration update request signaling is integrity protected with the selected security algorithm.
  - 8. A method as claimed in claim 1, wherein registration update request signaling is employed to include said second list comprising the supported security algorithms if the mobile radio communications device supports an old security algorithm.
  - 9. A method as claimed in claim 8, further including the step of selecting, at the network, a security algorithm indicated in the mobile radio communications device signaling as a supported algorithm.
  - 10. A method as claimed in claim 9, wherein the algorithm selected at the network is indicated within security mode signaling to the mobile radio communications device.
  - 11. A method as claimed in claim 1, wherein the second list expressly indicates the unsupported security algorithms.

12. A mobile radio communications device, comprising:
- a processor configured to;
  
  receive, from a network, a first list of security algorithms supported by the network including both an Access-Stratum (AS) and Non-Access-Stratum (NAS) security container, the network being an upgraded network and the mobile radio communications device being a non-upgraded device;
  
  send an AS confirmation message, which is not integrity protected, and subsequently sending a NAS registration update message and a second list including supported security algorithms and unsupported security algorithms in the mobile radio communications device in response to receiving the first list of a plurality of security algorithms supported in the network, the unsupported security algorithms being indicated separately from the supported security algorithms; and
  
  receive an AS security mode command message upon receipt of the NAS registration message based on the second list provided to the network.
- View Dependent Claims (13)
- - 13. A mobile radio communications of claim 12, wherein the second list expressly indicates the unsupported security algorithms.

14. A mobile radio communications network device, comprising:
- a processor configured to;
  
  signal to a mobile radio communications device arranged to operate within the network a first list of supported security algorithms including both an Access-Stratum (AS) and Non-Access-Stratum (NAS) security container, the network being an upgraded network and the mobile radio communications device being a non-upgraded device; and
  
  receive an AS confirmation message, which is not integrity protected, and subsequently sending a NAS registration update message and a second list including supported security algorithms and unsupported security algorithms in the mobile radio communications device, the unsupported security algorithms being indicated separately from the supported security algorithms; and
  
  generate and send an AS security mode command message upon receipt of the NAS registration message based on the second list provided to the network.
- View Dependent Claims (15)
- - 15. A mobile radio communications of claim 14, wherein the second list expressly indicates the unsupported security algorithms.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo Innovations Ltd Hong Kong (Lenovo Group Ltd.)
Original Assignee
Lenovo Innovations Ltd Hong Kong (Lenovo Group Ltd.)
Inventors
Jactat, Caroline, Roger, Vincent, Vallee, Antoine, Prasad, Anand Raghawa
Primary Examiner(s)
POWERS, WILLIAM S

Application Number

US13/381,274
Publication Number

US 20120117619A1
Time in Patent Office

1,777 Days
Field of Search
US Class Current

726/2
CPC Class Codes

H04L 63/205   involving negotiation or de...

H04W 12/02   Protecting privacy or anony...

H04W 12/037   of the control plane, e.g. ...

H04W 12/10   Integrity

Secure network connection allowing choice of a suitable security algorithm

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

7 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Secure network connection allowing choice of a suitable security algorithm

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others