Key derivation for a module using an embedded universal integrated circuit card

US 9,319,223 B2
Filed: 11/19/2013
Issued: 04/19/2016
Est. Priority Date: 09/10/2013
Status: Active Grant

First Claim

Patent Images

1. A method for a module using an embedded universal integrated circuit card (eUICC) to derive a first shared secret key and a second shared secret key, the method comprising the module:

storing a network public key and a module identity in the eUICC, wherein the module uses the network public key to authenticate an eUICC subscription manager;

receiving a token for a key derivation function from the authenticated eUICC subscription manager;

deriving a module private key and a module public key, wherein the module sends the derived module public key and the module identity to the eUICC subscription manager;

deriving the first shared secret key using the key derivation function and a set of cryptographic parameters, wherein the key derivation function uses as input at least (i) the derived module private key, (ii) the set of cryptographic parameters, and (iii) the received token;

deriving the second shared secret key using (i) a shared secret algorithm and (ii) the derived first shared secret key as a random number for the shared secret algorithm, wherein the shared secret algorithm uses a secure hash algorithm; and

receiving an eUICC profile, wherein the eUICC uses the derived second shared secret key to decrypt the eUICC profile.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A module with an embedded universal integrated circuit card (eUICC) can include a first eUICC profile and a set of cryptographic algorithms. The first eUICC profile can include an initial shared secret network key K for authentication with a wireless network. The module can receive a key K network token from, and send a key K module token to, an eUICC subscription manager (eUICC-SM). The module can use the key K network token, a derived module private key, a key derivation function, and a shared secret algorithm to derive a shared secret key that supports communication with the UICC-SM. eUICC-SM can use the received key K module token, a private key, the key derivation function, and the shared secret algorithm in order to derive the same shared secret key derived by the module. The module can subsequently receive a second eUICC profile encrypted using the derived shared secret key.

194 Citations

20 Claims

1. A method for a module using an embedded universal integrated circuit card (eUICC) to derive a first shared secret key and a second shared secret key, the method comprising the module:
- storing a network public key and a module identity in the eUICC, wherein the module uses the network public key to authenticate an eUICC subscription manager;
  
  receiving a token for a key derivation function from the authenticated eUICC subscription manager;
  
  deriving a module private key and a module public key, wherein the module sends the derived module public key and the module identity to the eUICC subscription manager;
  
  deriving the first shared secret key using the key derivation function and a set of cryptographic parameters, wherein the key derivation function uses as input at least (i) the derived module private key, (ii) the set of cryptographic parameters, and (iii) the received token;
  
  deriving the second shared secret key using (i) a shared secret algorithm and (ii) the derived first shared secret key as a random number for the shared secret algorithm, wherein the shared secret algorithm uses a secure hash algorithm; and
  
  receiving an eUICC profile, wherein the eUICC uses the derived second shared secret key to decrypt the eUICC profile.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the module derives the module private key and the module public key using a key pair generation algorithm and the received token.
  - 3. The method of claim 1, wherein the module uses the network public key to encrypt the derived module public key sent to the eUICC subscription manager.
  - 4. The method of claim 1, further comprising deriving the module private key and module public key using an elliptic curve cryptography (ECC) algorithm, wherein the key derivation function comprises an elliptic curve Diffie Hellman key exchange.
  - 5. The method of claim 1, further comprising the eUICC subscription manager deriving the first shared secret key using the key derivation function, the set of cryptographic parameters, and the module public key.
  - 6. The method of claim 1, further comprising authenticating with a wireless network using the decrypted eUICC profile, wherein the module (i) sends a network module identity, (ii) receives a challenge (RAND), (iii) uses the RAND, a key K from the decrypted eUICC profile, and a set of cryptographic algorithms to calculate a response (RES), and (iv) sends the RES to the wireless network.
  - 7. The method of claim 1, wherein the decrypted eUICC profile includes a network module identity, a set of network parameters, and a key K, and wherein the module stores the decrypted eUICC profile in a protected memory.
  - 8. The method of claim 7, further comprising:
    - reading the module identity from the protected memory; and
      
      sending the module identity to the eUICC subscription manager before receiving the token.

9. A method for a module using an embedded integrated circuit card (eUICC) to support authentication, the method comprising the module:
- reading a module identity from a protected memory and sending the module identity to an eUICC subscription manager;
  
  receiving a first profile for the eUICC, wherein the first profile includes a first network module identity and a first key K;
  
  using the eUICC, the first network module identity, and the first key K to authenticate with a first wireless network,sending to an eUICC subscription manager an algorithm token for a shared secret algorithm after authenticating with the first key K, wherein the module uses an asymmetric ciphering algorithm to encrypt the algorithm token;
  
  deriving a shared secret key using the algorithm token and the shared secret algorithm, wherein the shared secret algorithm includes a secure hash algorithm and a component parameter;
  
  receiving a second profile for the eUICC, wherein the module decrypts the second profile using the derived shared secret key, wherein the decrypted second profile includes a second network module identity and a second key K; and
  
  authenticating with a second wireless network using the second network module identity and the second key K.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, further comprising:
    - reading an eUICC subscription manager public key from the protected memory;
      
      authenticating the eUICC subscription manager using the eUICC subscription manager public key; and
      
      ,sending the module identity to the eUICC subscription manager before receiving the first profile.
  - 11. The method of claim 10, wherein the module uses an elliptic curve cryptography (ECC) algorithm with the eUICC subscription manager public key, and wherein the module uses a symmetric ciphering algorithm with the shared secret key to decrypt the second encrypted profile.
  - 12. The method of claim 9, further comprising authenticating with the second wireless network using the decrypted eUICC profile, wherein the module (i) sends the second network module identity, (ii) receives a random number (RAND), (iii) uses the RAND, the second key K, and a set of cryptographic algorithms to calculate a response (RES), and (iv) sends the RES to the second wireless network.
  - 13. The method of claim 9, wherein the first profile includes a first set of cryptographic parameters and the second profile includes a second set of cryptographic parameters, and wherein the module uses (i) the first set of cryptographic parameters to authenticate with the first wireless network and (ii) the second set of cryptographic parameters to authenticate with the second wireless network.
  - 14. The method of claim 9, wherein the first network module identity used with the first key K comprises a first international mobile subscriber identity (IMSI), and wherein the second network module identity used with the second key K comprises a second IMSI.

15. A method for a module to send a sensor measurement, the method comprising the module:
- recording in a protected memory a first module private key, a first module public key, a server public key, and a module identity;
  
  sending (i) the module identity and (ii) a module digital signature to a server for an embedded universal integrated circuit card (eUICC) subscription manager, wherein the module uses the first module private key for the module digital signature, and wherein the module sends from an Internet Protocol address and port (IP;
  
  port) number;
  
  receiving a response at the IP;
  
  port number, wherein the response includes a server digital signature and a first shared secret key, wherein the module verifies the server digital signature using the server public key, wherein the first shared secret key is decrypted with an asymmetric ciphering algorithm and the first module private key;
  
  deriving a second shared secret key using (i) a shared secret algorithm and (ii) the received first shared secret key as a random number for the shared secret algorithm, wherein the shared secret algorithm uses a secure hash algorithm;
  
  receiving (i) a set of cryptographic parameters, and (ii) a profile for an eUICC, wherein the profile is decrypted using the derived second shared secret key;
  
  deriving a second module public key and a second module private key using the set of cryptographic parameters;
  
  selecting the received profile before authenticating with a wireless network;
  
  sending a message with the second module public key and the module identity, wherein the module authenticates using the first module private key; and
  
  ,sending the sensor measurement in a module encrypted data, wherein the module uses the second module private key to encrypt the module encrypted data.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the module encrypts the module encrypted data using a symmetric key and the second module private key, and further comprising one of:
    - (i) receiving the symmetric key, and decrypting the symmetric key using the second module private key,(ii) sending the symmetric key, and(iii) deriving the symmetric key from (a) a key derivation algorithm, and (b) at least, in part, the second module private key.
  - 17. The method of claim 15, wherein the module sends the server a nonce with the module identity, and wherein the module verifies the server digital signature using the nonce.
  - 18. The method of claim 15, the module uses at least one component parameter and the first shared secret key with the shared secret algorithm in order to derive the second shared secret key.
  - 19. The method of claim 15, further comprising (i) receiving a response after sending the sensor measurement, wherein the response includes a security token and a module instruction for the module to derive a third private key and third public key, wherein the module sends the third module public key, and wherein the module authenticates the third module public key with the second module public key.
  - 20. The method of claim 15, wherein the module uses a sensor in order to generate a random number, wherein a key pair generation algorithm uses the random number, and wherein the module uses the key pair generation algorithm to derive the second module private key and the second module public key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
John A. Nix
Original Assignee
M2M and IoT Technologies LLC
Inventors
Nix, John A.
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US14/084,141
Publication Number

US 20150143125A1
Time in Patent Office

882 Days
Field of Search

713/171, 380/44
US Class Current

1/1
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/445   by mutual authentication, e...

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2107   File encryption

G06F 2221/2115   Third party

H04J 11/00   Orthogonal multiplex system...

H04L 12/2854   Wide area networks, e.g. pu...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/72   Signcrypting, i.e. digital ...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0272   Virtual private networks

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/045   wherein the sending and rec...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/123   received data contents, e.g...

H04L 63/166   at the transport layer

H04L 67/04   specially adapted for termi...

H04L 9/006 : involving public key infras...

H04L 9/0816 : Key establishment, i.e. cry...

H04L 9/0841 : involving Diffie-Hellman or...

H04L 9/085 : Secret sharing or secret sp...

H04L 9/0861 : Generation of secret inform...

H04L 9/088 : Usage controlling of secret...

H04L 9/0894 : Escrow, recovery or storing...

H04L 9/14 : using a plurality of keys o...

H04L 9/30 : Public key, i.e. encryption...

H04L 9/3066 : involving algebraic varieti...

H04L 9/32 : including means for verifyi...

H04L 9/321 : involving a third party or ...

H04L 9/3239 : involving non-keyed hash fu...

H04L 9/3247 : involving digital signatures

H04L 9/3249 : using RSA or related signat...

H04L 9/3263 : involving certificates, e.g...

H04W 12/02 : Protecting privacy or anony...

H04W 12/033 : of the user plane, e.g. use...

H04W 12/04 : Key management, e.g. using ...

H04W 12/06 : Authentication

H04W 12/069 : using certificates or pre-s...

H04W 12/40 : Security arrangements using...

H04W 4/70 : Services for machine-to-mac...

H04W 40/005 : Routing actions in the pres...

H04W 52/0216 : using a pre-established act...

H04W 52/0235 : where the received signal i...

H04W 52/0277 : according to available powe...

H04W 76/27 : Transitions between radio r...

H04W 8/082 : for traffic bypassing of mo...

H04W 80/04 : Network layer protocols, e....

H04W 84/12 : WLAN [Wireless Local Area N...

H04W 88/12 : Access point controller dev...

H05K 999/99 : dummy group

Y02D 30/70 : in wireless communication n...

View All

Key derivation for a module using an embedded universal integrated circuit card

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

194 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Key derivation for a module using an embedded universal integrated circuit card

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

194 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links