Devices and method for MTC group key management

US 11,570,161 B2
Filed: 07/07/2014
Issued: 01/31/2023
Est. Priority Date: 07/31/2013
Status: Active Grant

First Claim

Patent Images

1. A group gateway in a group communication system including a User Equipment (UE), an independent node deployed in a node different from a node in which the group gateway is deployed, the independent node being a Mobility Management Entity (MME) or a Serving GPRS Support Node (SGSN), and a network server, the group gateway comprising:

a processor; and

a memory having stored thereon a set of instructions executable by the processor, wherein upon execution of the instructions the processor causes the group gateway to;

receive a group ID and a security related parameter from the network server;

derive a first key;

authenticate the UE based on a second key that is shared between the UE and the group gateway;

distribute, to the UE via the MME or the SGSN, the first key that is protected based on the second key; and

control a key lifetime for updating the first key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In order to improve security upon distributing a group key, there is provided a gateway (20) to a core network for a group of MTC devices (10_1-10_n) communicating with the core network. The gateway (20) protects confidentiality and integrity of a group key, and distributes the protected group key to each of the MTC devices (10_1-10_n). The protection is performed by using: a key (Kgr) that is preliminarily shared between the gateway (20) and each of the MTC devices (10_1-10_n), and that is used for the gateway (20) to authenticate each of the MTC devices (10_1-10_n) as a member of the group; or a key (K_iwf) that is shared between an MTC-IWF (50) and each of the MTC devices (10_1-10_n), and that is used to derive temporary keys for securely conducting individual communication between the MTC-IWF (50) and each of the MTC devices (10_1-10_n).

51 Citations

View as Search Results

8 Claims

1. A group gateway in a group communication system including a User Equipment (UE), an independent node deployed in a node different from a node in which the group gateway is deployed, the independent node being a Mobility Management Entity (MME) or a Serving GPRS Support Node (SGSN), and a network server, the group gateway comprising:
- a processor; and
  
  a memory having stored thereon a set of instructions executable by the processor, wherein upon execution of the instructions the processor causes the group gateway to;
  
  receive a group ID and a security related parameter from the network server;
  
  derive a first key;
  
  authenticate the UE based on a second key that is shared between the UE and the group gateway;
  
  distribute, to the UE via the MME or the SGSN, the first key that is protected based on the second key; and
  
  control a key lifetime for updating the first key.
- View Dependent Claims (2)
- - 2. The group gateway according to claim 1, wherein the network server is a Home Subscriber Server (HSS).

3. A method of a group gateway in a group communication system including a User Equipment (UE), an independent node deployed in a node different from a node in which the group gateway is deployed, the independent node being a Mobility Management Entity (MME) or a Serving GPRS Support Node (SGSN), and a network server, the method comprising:
- receiving a group ID and a security related parameter from the network server;
  
  deriving a first key;
  
  authenticating the UE based on a second key that is shared between the UE and the group gateway;
  
  distributing, to the UE via the MME or the SGSN, the first key that is protected based on the second key; and
  
  controlling a key lifetime for updating the first key.
- View Dependent Claims (4)
- - 4. The method according to claim 3, further comprising:
    - re-distributing an updated first key to the UE.

5. A User Equipment (UE) in a group communication system including an independent node deployed in a node different from a node in which the group gateway is deployed, the independent node being a Mobility Management Entity (MME) or a Serving GPRS Support Node (SGSN), a network server and a group gateway, the UE comprising:
- a processor; and
  
  a memory having stored thereon a set of instructions executable by the processor, wherein upon execution of the instructions the processor causes the UE to;
  
  cause the group gateway to authenticate the UE based on a second key that is shared between the UE and the group gateway;
  
  receive, from the group gateway via the MME or the SGSN, a first key protected based on the second key, wherein the group gateway receives a group ID and a security related parameter from the network server, derives the first key, and controls a key lifetime for updating the first key; and
  
  decrypt the protected first key using the second key.
- View Dependent Claims (6)
- - 6. The UE according to claim 5, wherein the network server is a Home Subscriber Server (HSS).

7. A method of a UE (User Equipment) in a group communication system including an independent node deployed in a node different from a node in which the group gateway is deployed, the independent node being a Mobility Management Entity (MME) or a Serving GPRS Support Node (SGSN), a network server and a group gateway, the method comprising:
- causing the group gateway to authenticate the UE based on a second key that is shared between the UE and the group gateway;
  
  receiving, from the group gateway via the MME or the SGSN, a first key protected based on the second key, wherein the group gateway receives a group ID and a security related parameter form the network server, derives the first key, and controls a key lifetime for updating the first key; and
  
  decrypting the protected first key using the second key.
- View Dependent Claims (8)
- - 8. The method according to claim 7, wherein the group gateway re-distributes an updated first key to the UE.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Corporation
Original Assignee
NEC Corporation
Inventors
Zhang, Xiaowei, Prasad, Anand Raghawa
Primary Examiner(s)
Simitoski, Michael

Application Number

US14/908,240
Publication Number

US 20160182477A1
Time in Patent Office

3,130 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2463/061   applying further key deriva...

H04L 2463/062   applying encryption of the ...

H04L 63/062   for key distribution, e.g. ...

H04L 63/065   for group communications cr...

H04L 63/083   using passwords cryptograph...

H04W 12/06   Authentication

H04W 12/50   Secure pairing of devices

H04W 4/08   User group management

H04W 4/70   Services for machine-to-mac...

H04W 88/16   Gateway arrangements

Devices and method for MTC group key management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

51 Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Devices and method for MTC group key management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links