Local security key generation
First Claim
1. A method, comprising:
- obtaining, by a calling device, a first calling security parameter by registering with a network;
obtaining, by the calling device, a second calling security parameter in response to causing an application authentication architecture of the network to verify that the calling device is authorized to access a network service corresponding to a communication application stored by the calling device;
communicating the first calling security parameter and the second calling security parameter to a called device;
receiving a first called security parameter and a second called security parameter from the called device in response to communicating the first calling security parameter and the second calling security parameter;
generating a security key based on the first calling security parameter, the second calling security parameter, the first called security parameter, and the second called security parameter; and
using the security key to encrypt or decrypt communication between the calling device and the called device.
1 Assignment
0 Petitions
Accused Products
Abstract
A calling device may obtain a first calling security parameter by registering with a network and obtain a second calling security parameter in response to causing an application authentication architecture of the network to verify that that the calling device is authorized to access a network service corresponding to a communication application stored by the calling device. The calling device may communicate the first and second calling security parameters to a called device and receive first and second called security parameters from the called device in response to communicating the first and second calling security parameters. The calling device may generate a security key based on the first calling security parameter, the second calling security parameter, first called security parameter, and the second called security parameter, and use the security key to encrypt or decrypt communication between the calling device and the called device.
42 Citations
22 Claims
-
1. A method, comprising:
-
obtaining, by a calling device, a first calling security parameter by registering with a network; obtaining, by the calling device, a second calling security parameter in response to causing an application authentication architecture of the network to verify that the calling device is authorized to access a network service corresponding to a communication application stored by the calling device; communicating the first calling security parameter and the second calling security parameter to a called device; receiving a first called security parameter and a second called security parameter from the called device in response to communicating the first calling security parameter and the second calling security parameter; generating a security key based on the first calling security parameter, the second calling security parameter, the first called security parameter, and the second called security parameter; and using the security key to encrypt or decrypt communication between the calling device and the called device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A first device, comprising:
-
a memory to; store a communication application to enable the first device to establish a first communication session with a second device using a selected network service, and store a first key generation function to enable the first device to generate a security key; and a processor, connected to the memory, to; register the first device with a network, where registering with the network comprises receiving a first network session identifier from the network, communicate with an application authentication architecture of the network to demonstrate that the first device is authorized to use the selected network service, where communicating with the application authentication architecture comprises receiving a first transaction identifier from the application authentication architecture, communicate the first network session identifier and the first transaction identifier to the second device, receive a second network session identifier and a second transaction identifier from the second device, and execute the first key generation function to generate a security key based on the first network session identifier, the first transaction identifier, the second network session identifier, and the second transaction identifier. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium storing a program for causing a first device to perform a method, the method comprising:
-
obtaining a first security parameter by communicating with a generic bootstrapping architecture (GBA) to demonstrate that the first device is authorized to use a selected network communication service for establishing a communication session within a network, where the first security parameter is generated by the GBA to associate the first device with a first GBA authentication process; obtaining a second security parameter from a second device in response to communicating the first security parameter to the second device, where the second security parameter is obtained by the second device by communicating with the GBA to demonstrate that the second device is authorized to use the selected network communication service, where the second security parameter is generated by the GBA to associate the second device with a second GBA authentication process; generating a security key based on the first security parameter and the second security parameter; and using the security key to establish an encrypted communication session, using the selected network communication service, with the second device. - View Dependent Claims (21, 22)
-
Specification