Secure device-to-device (D2D) communication

US 9,876,767 B2
Filed: 05/09/2014
Issued: 01/23/2018
Est. Priority Date: 05/09/2014
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a first user equipment, an encrypted message in a first frame over an air interface between the first user equipment and a second user equipment during device-to-device (D2D) communication with the second user equipment, wherein the encrypted message represents a plaintext message that is encrypted by applying a cryptographic function to the plaintext message, a security key, and a first frame number of the first frame; and

decrypting, at the first user equipment, the encrypted message to recover the plaintext message using the cryptographic function, the security key, and the first frame number.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

User equipment decrypt information received in a first frame over an air interface during device-to-device (D2D) communication with another user equipment. The information is decrypted using a cryptographic function that is applied to a security key and a first frame number of the first frame.

11 Citations

View as Search Results

22 Claims

1. A method comprising:
- receiving, at a first user equipment, an encrypted message in a first frame over an air interface between the first user equipment and a second user equipment during device-to-device (D2D) communication with the second user equipment, wherein the encrypted message represents a plaintext message that is encrypted by applying a cryptographic function to the plaintext message, a security key, and a first frame number of the first frame; and
  
  decrypting, at the first user equipment, the encrypted message to recover the plaintext message using the cryptographic function, the security key, and the first frame number.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising:
    - accessing the security key from a data structure stored in the first user equipment based on a D2D identifier associated with the D2D communication, wherein the data structure is to store a plurality of security keys associated with a corresponding plurality of D2D identifiers.
  - 3. The method of claim 2, wherein accessing the security key comprises accessing at least one of a unicast security key shared with the second user equipment, a groupcast security key shared with a group of user equipment comprising the first user equipment and the second user equipment, and a public key.
  - 4. The method of claim 3, further comprising:
    - decoding a scheduling assignment packet received by the first user equipment, wherein the scheduling assignment packet includes information indicating the D2D identifier associated with the D2D communication and resources allocated to subsequent data transmission comprising the first frame.
  - 5. The method of claim 1, further comprising:
    - encrypting information for transmission in a second frame over the air interface during D2D communication using the cryptographic function applied to the security key and a second frame number of the second frame.

6. A method comprising:
- determining, at a first user equipment, a first frame number of a first frame received over an air interface between the first user equipment and a second user equipment during device-to-device (D2D) communication with the second user equipment, wherein the first frame number is determined based on a reference frame number stored by the first user equipment, a corresponding reference time stored by the first user equipment, and a current time; and
  
  decrypting, at the first user equipment, information received in the first frame using a cryptographic function that is applied to a security key and a first frame number of the first frame.
- View Dependent Claims (7, 8, 9)
- - 7. The method of claim 6, further comprising:
    - storing the reference frame number, the corresponding reference time, and the security key during activation of the first user equipment.
  - 8. The method of claim 6, wherein determining the first frame number based on the current time comprises determining the first frame number based upon a current time indicated by at least one of a Global Positioning System (GPS) reference time, a Long Term Evolution (LTE) reference time, or a common reference time to discipline a local oscillator implemented in the first user equipment.
  - 9. The method of claim 8, further comprising:
    - determining at least one transmission time of at least one of a D2D synchronization signal or a scheduling assignment message based on the current time, the first frame number, and pre-configured values of at least one transmission period and at least one transmission offset that are stored in the first user equipment.

10. A first user equipment comprising:
- a receiver to receive an encrypted message in a first frame over an air interface between the first user equipment and a second user equipment during device-to-device (D2D) communication with the second user equipment, wherein the encrypted message represents a plaintext message that is encrypted by applying a cryptographic function to the plaintext message, a security key, and a first frame number of the first frame; and
  
  a processor to decrypt the encrypted message to recover the plaintext message using the cryptographic function, the security key, and the first frame number.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The first user equipment of claim 10, wherein the processor is to determine the first frame number based upon a current time indicated by at least one of a Global Positioning System (GPS) reference time, a Long Term Evolution (LTE) reference time, or a common reference time to discipline a local oscillator implemented in the first user equipment.
  - 12. The first user equipment of claim 11, wherein the processor is to determine at least one transmission time of at least one of a D2D synchronization signal or a scheduling assignment message based on the current time, the first frame number, and pre-configured values of at least one transmission period and at least one transmission offset that are stored in the first user equipment.
  - 13. The first user equipment of claim 10, further comprising:
    - at least one data structure to store a plurality of security keys associated with a corresponding plurality of D2D identifiers, wherein the processor is to access the security key from the data structure based on a D2D identifier associated with the D2D communication.
  - 14. The first user equipment of claim 13, wherein the security key comprises at least one of a unicast security key shared with the second user equipment, a groupcast security key shared with a group of user equipment comprising the first user equipment and the second user equipment, and a public key.
  - 15. The first user equipment of claim 13, wherein the processor is to decode a scheduling assignment packet received by the first user equipment, wherein the scheduling assignment packet includes information indicating the D2D identifier associated with the D2D communication and resources allocated to subsequent data transmission comprising the first frame.
  - 16. The first user equipment of claim 10, wherein the processor is to encrypt information for transmission in a second frame over the air interface during D2D communication using the cryptographic function applied to the security key and a second frame number of the second frame.

17. An apparatus comprising:
- a processor to determine a first frame number of a first frame received over an air interface between the first user equipment and a second user equipment during device-to-device (D2D) communication with the second user equipment, wherein the processor determines the first frame number based on a reference frame number stored by the first user equipment, a corresponding reference time stored by the first user equipment, and a current time, andwherein the processor is to decrypt information received by the first user equipment in the first frame using a cryptographic function that is applied to a security key and a first frame number of the first frame.
- View Dependent Claims (18)
- - 18. The apparatus of claim 17, further comprising:
    - at least one memory element to store the reference frame number, the corresponding reference time, and the security key during activation of the first user equipment.

19. A non-transitory computer readable storage medium embodying a set of executable instructions, the set of executable instructions to manipulate at least one processor to:
- receive an encrypted message at a first user equipment in a first frame over an air interface between the first user equipment and a second user equipment during device-to-device (D2D) communication with the second user equipment, wherein the encrypted message represents a plaintext message that is encrypted by applying a cryptographic function to the plaintext message, a security key, and a first frame number of the first frame.
- View Dependent Claims (20, 21)
- - 20. The non-transitory computer readable storage medium of claim 19, wherein the set of executable instructions is to manipulate the at least one processor to store a plurality of security keys associated with a corresponding plurality of D2D identifiers in a data structure in the first user equipment and access the security key from the data structure based on a D2D identifier associated with the D2D communication.
  - 21. The non-transitory computer readable storage medium of claim 19, wherein the set of executable instructions is to manipulate the at least one processor to encrypt information for transmission in a second frame over the air interface during D2D communication using the cryptographic function applied to the security key and a second frame number of the second frame.

22. A non-transitory computer readable store medium embodying a set of executable instructions, the set of executable instructions to manipulate at least one processor to:
- determine a first frame number of a first frame received over an air interface between the first user equipment and a second user equipment during device-to-device (D2D) communication with the second user equipment, wherein the first frame number is determined based on a reference frame number stored by the first user equipment, a corresponding reference time stored by the first user equipment, and a current time; and
  
  wherein the set of executable instructions is to manipulate the at least one processor to decrypt information received at the first user equipment in the first frame using a cryptographic function that is applied to a security key and a first frame number of the first frame.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent SA (Nokia Corporation)
Original Assignee
Alcatel-Lucent SA (Nokia Corporation)
Inventors
Cheng, Fang-Chen, Tatesh, Said
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US14/274,012
Publication Number

US 20150326537A1
Time in Patent Office

1,355 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/0428   wherein the data content is...

H04L 9/0833   involving conference or gro...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/12   Transmitting and receiving ...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

H04W 12/0471   Key exchange

H04W 4/08   User group management

H04W 4/80   Services using short range ...

H04W 76/14   Direct-mode setup

Secure device-to-device (D2D) communication

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secure device-to-device (D2D) communication

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links