Class / Patent application number | Description | Number of patent applications / Date published |
380273000 | Rekeying system | 29 |
20090086973 | Method and Apparatus for Authenticating Nodes in a Wireless Network - The invention includes a method and apparatus for authenticating a wireless node requesting to join a network. A method includes receiving an authentication request from the wireless node, negotiating at least one authentication parameter with the wireless node, deriving a first encryption key using the at least one authentication parameter, encrypting a second encryption key using the first encryption key, and propagating the encrypted second encryption key toward the wireless node, wherein the wireless node independently derives the first encryption key for use in decrypting the encrypted second encryption key received from the authentication server node. The wireless node decrypts the encrypted second encryption key and stores the second encryption key for use to securely communicate with other wireless nodes of the network. In one embodiment, the present invention may be implemented using a modified version of the EAP-TLS protocol, in which rather than a Pairwise Master Key (PMK) being sent from the authentication server node to the wireless node, the authentication server node and the wireless node each derive the PMK and the authentication server node securely provides a group encryption key to the wireless node by encrypting the group encryption key using the PMK. | 04-02-2009 |
20090169009 | WIRELESS COMMUNICATION SYSTEM AND WIRELESS COMMUNICATION DEVICE - A ciphering processing section that applies a deciphering process to ciphered packet data based on a deciphering key held by key holding part and a count value sequentially updated by counting part. The ciphering processing section further comprises success/failure determining part that determines success/failure of the deciphering process and query part that queries an opposing wireless communication device about a resynchronization count value when a failure of the deciphering process is determined and that receives the resynchronization count value from the opposing wireless communication device. The counting part sequentially updates the count value with the received resynchronization count value as an initial value. The ciphering processing section executes a deciphering process of packet data using the sequentially updated count value. | 07-02-2009 |
20090196422 | METHOD AND APPARATUS FOR MANAGING HYPER FRAME NUMBER FOR CIPHERING/DECIPHERING IN MOBILE COMMUNICATION SYSTEM - A method and an apparatus for managing an HFN for ciphering/deciphering at an RNC of a mobile communication system are provided. In the method, a Timing Adjustment (ToA) value is received from a base station, and a Connection Frame Number (CFN) is corrected. Whether correction of the CFN has been generated within the same cycle is determined by comparing the correction CFN with an absolute CFN serving as a reference. An HFN value is changed or maintained depending on whether the CFN correction has been generated within the same cycle. | 08-06-2009 |
20090245518 | SECURE COMMUNICATIONS IN COMPUTER CLUSTER SYSTEMS - A system to improve communication security in cluster machine processing may include interconnected computers that can jointly process data. The system may also include a shared secret key used by each of the interconnected computers to encrypt, decrypt, and/or authenticate data being sent, or received, from one of the interconnected computers to another of the interconnected computers. The system may further include a new shared secret key used by each of the interconnected computers to encrypt, decrypt, and/or authenticate data being sent, or received, from one of the interconnected computers to another of the interconnected computers. In addition, the new shared secret key may coexist with the shared secret key without adversely affecting the joint processing of data performed by the plurality of interconnected computers. | 10-01-2009 |
20090274303 | TOKEN PROVISIONING - A method for provisioning a device such as a token. The device issues a certificate request to a Certification Authority. The request includes a public cryptographic key uniquely associated with the device. The Certification Authority generates a symmetric cryptographic key for the device, encrypts it using the public key, and creates a digital certificate that contains the encrypted symmetric key as an attribute. The Certification Authority sends the digital certificate to the device, which decrypts the symmetric key using the device's private key, and stores the decrypted symmetric key. | 11-05-2009 |
20100014674 | SYSTEMS AND METHODS FOR AUTHORIZATION AND DATA TRANSMISSION FOR MULTICAST BROADCAST SERVICES - A method for a base station to provide multicast broadcast services (MBSs). The method includes: obtaining an MBS authorization key (MAK); generating a number as an MBS group traffic encryption key (MGTEK); using a service credit number (SCN) to count an amount of service time or MBS content data; generating an MBS traffic key (MTK) based on at least the MAK and the MGTEK; encrypting MBS content data with the MTK; and transmitting the encrypted MBS content data to provide the MBSs. | 01-21-2010 |
20100091993 | WIRELESS COMMUNICATION DEVICE AND ENCRYPTION KEY UPDATING METHOD - Provided are a wireless communication device capable of decoding received data even when receiving the data while the mismatching of an encryption key occurs due to updating of the encryption key; and an encryption updating method for the device. The wireless communication device comprises an encryption unit for encrypting transmission data with an encryption key, a decoding unit for decoding received data with the encryption key, a key replacing unit for generating a new encryption key to update an encryption key to be used in the encryption unit and the decoding unit to the new encryption key, and a key storing unit for storing the encryption key before being updated. The decoding unit decodes a received data with use of the old encryption key stored in the key storing unit when the received data cannot be decoded with use of the newly updated encryption key. | 04-15-2010 |
20100135495 | MAC LAYER PACKET DATA UNITS FOR WIRELESS COMMUNICATIONS - Technologies for wireless communications can include communicating connection information that specifies one or more parameters of a connection between a base station and a wireless device. The connection information can be indicative of one or more of: a station identifier, whether data packets associated with the connection include a cyclic redundancy check, and whether data packets associated with the connection include encrypted information. These technologies can include constructing, based on the connection information, a media access control (MAC) protocol data unit (PDU) that includes a header at a beginning portion of the MAC PDU. The header can include one or more of: a first flag that indicates a header type, a second flag that indicates whether there is a subheader inclusion following the header in the MAC PDU, a flow identifier that, together with the station identifier, identifies the connection, and a length value. | 06-03-2010 |
20100195833 | TELECOMMUNICATIONS DEVICE SECURITY - A mobile terminal for use with a cellular or mobile telecommunications network includes a normal execution environment (operating system) ( | 08-05-2010 |
20100284536 | SYSTEM AND METHOD FOR OBTAINING CERTIFICATE STATUS OF SUBKEYS - Systems and methods for updating status of digital certificate subkeys. A request is made to a key server to verify if a given key is revoked. If it is not, then the key with its subkeys is acquired from the key server. If one or more subkeys or signatures of the subkeys are different in the acquired key, then the key is replaced. | 11-11-2010 |
20100290622 | WIRELESS COMMUNICATION SYSTEM AND METHOD FOR AUTOMATIC NODE AND KEY REVOCATION - A wireless system and method to control the cryptographic keying material that has been compromised in the network; exclude captured nodes from the network; and update compromised keying material in uncompromised devices are described. This system and method is useful in alpha-secure key distribution systems comprising a multitude of alpha-secure keying material shares to be controlled, revoked or updated. | 11-18-2010 |
20110044454 | Method and apparatus for reducing overhead for integrity check of data in wireless communication system - A method and an apparatus reduce overhead for data integrity checks in a wireless communication system. When receiving a message, a first Integrity Check Value (ICV) is compared with a second ICV to detect an integrity error in the message. When the integrity error exists in the message, a frequency of the integrity error is counted. When the frequency of the integrity error is more than a threshold, a key update procedure is performed. Therefore, the overhead of the information for integrity check may be reduced in the wireless communication system. | 02-24-2011 |
20110096929 | ENCRYPTION KEY DISTRIBUTION METHOD IN MOBILE BROADCASTING SYSTEM, AND SYSTEM FOR THE SAME - An encryption key distribution method for service and content protection in a mobile broadcasting system, and a system for the same which includes generating, by a network, a first encryption key when the broadcast service is first provided; transmitting a generalized rights object message, which includes identification information for identifying the generated first encryption key, to the terminal; generating a second encryption key before the lifetime of the first encryption key expires; and transmitting the generalized rights object message, which includes identification information for identifying the generated second encryption key, to the terminal. | 04-28-2011 |
20110150223 | WIRELESS DEVICE AND METHOD FOR REKEYING WITH REDUCED PACKET LOSS FOR HIGH-THROUGHPUT WIRELESS COMMUNICATIONS - Embodiments of a wireless device and methods for rekeying with reduced packet loss in a wireless network are generally described herein. In some embodiments, during rekeying operations a new key for reception may be installed early (i.e., prior to receipt of a rekeying confirmation message). The use of the new key for transmission may be delayed until after receipt of the rekeying confirmation message. The early installation of the new key for reception may allow both the new key and old key to be active at the same time for use decrypting received packets to reduce packet loss during rekeying operations. The rekeying confirmation message may be the fourth message of a four-way handshake for rekeying. In some embodiments, two key identifiers may be alternated between four-way handshakes to prevent deletion of the old key. | 06-23-2011 |
20110274277 | METHOD FOR SECURELY TRANSMITTING PACKETS FOR WIRELESS TELECOMMUNICATIONS SYSTEM - The invention relates to a method for securely transmitting packets on a wireless link. This method advantageously uses a type II HARQ protocol. In a first step ( | 11-10-2011 |
20110299685 | SECURE MOBILE AD HOC NETWORK - Security in a mobile ad hoc network is maintained by using various forms of encryption, various encryption schemes, and various multi-phase keying techniques. In one configuration, an over the air, three-phase, re-keying technique is utilized to ensure that no authorized nodes are lost during re-keying and that nodes that are intended to be excluded from re-keying are excluded. In another configuration, an over the air, two-phase keying technique, is utilized to maintain backwards secrecy. | 12-08-2011 |
20120045059 | COMMUNICATION APPARATUS AND SECRET INFORMATION SHARING METHOD - A communication apparatus includes display control means for displaying a secret information image containing secret information, and secret information image generation means for, upon receiving a notification signal indicating that a preparation for shooting is completed from another communication apparatus, instructing the display control means to display the secret information image. Note that the display control means displays a predetermined dummy image, and the notification signal is a notification signal indicating that a shooting preparation has been completed based on the dummy image. Further, when the secret information image generation means receives a notification signal indicating that secret information contained in a secret information image is obtained from another communication apparatus, the secret information image generation means instructs the display control means to stop displaying the secret information image. | 02-23-2012 |
20120063599 | Key Agreement and Re-keying over a Bidirectional Communication Path - A key agreement method is carried out by a first system in conjunction with a second system over a bidirectional communication path, including generating a first key pair having a first public key and a first private key, sending the first public key to the second system, receiving a second public key generated by the second system, and calculating a master key based upon the first private key, the second public key, a long-term private key, and a long-term public key. The long-term private key was generated by the first system during a previous key-agreement method as part of a long-term key pair. The long-term public key was generated by the second system and received during the previous key-agreement method. The previous key-agreement method required a secret to be known to the first system and the second system, thus conferring authentication based on the secret to the long-term public key. | 03-15-2012 |
20120093317 | SYSTEM AND METHOD OF MOBILE CONTENT SHARING AND DELIVERY IN AN INTEGRATED NETWORK ENVIRONMENT - A system and method of mobile content sharing and delivery in an integrated network environment, comprising; a first mobile terminal serving as information provider, a home server, and a second mobile terminal serving as information receiver. The information of said first mobile terminal is transmitted to said second mobile terminal through said home server, and that information can be stored in said home server for direct downloading of file by said second mobile terminal in an asynchronous transmission manner; when said first mobile terminal moves and switches to another network environment, said second mobile terminal still can request and download said information through said home server. A double key protection scheme is further provided in safeguarding secure transaction of information. | 04-19-2012 |
20120183142 | METHOD AND APPARATUS FOR APPLYING A CIPHERING CONFIGURATION IN A WIRELESS COMMUNICATION NETWORK - Methods and devices are provided for applying a ciphering configuration in a wireless communication network. The method includes initiating an entity reset procedure by a first entity in the wireless communication network; synchronizing Hyper Frame Numbers (HFNs) associated with the first entity and a second entity, respectively, during the entity reset procedure; and applying a new ciphering configuration by the first entity and the second entity, upon completing the entity reset procedure, without updating the synchronized HFNs associated with the first entity and the second network, respectively. | 07-19-2012 |
20120308008 | Wireless Transmission of Protected Content - Protected content from a media source is transmitted via a wireless link using modified wireless encryption keys. Content to be delivered under a content protection scheme, e.g. High-bandwidth Digital Content Protection (HDCP), from a media source to a media sink is received at a wireless communication device. A content protection key, or a digital rights management (DRM) key, associated with the media sink is used to generate DRM modified wireless encryption keys. These modified wireless encryption keys are used to encrypt the wireless transmission using wireless encryption techniques, such an advanced encryption standard (AES) protocol, and transmit the encrypted content over a wireless link. The DRM modified keys can be used, for example to seed a Wi-Fi Protected Access (WPA) encryption engine in place of other keys normally used in the wireless encryption process, thereby effectively integrating the DRM content protection scheme with standard wireless encryption and transmission. | 12-06-2012 |
20130003975 | COMMUNICATION APPARATUS AND METHOD AND COMMUNICATION SYSTEM - A communication apparatus that performs encrypted communication of data to an opposing apparatus, the communication apparatus comprising, a communication unit which uses an encryption key to perform encrypted communication of the data, a rekey unit which updates the encryption key; and a control unit which, after it is confirmed that communication using the encryption key after updating has been enabled, starts encrypted communication of the data using the encryption key after updating. | 01-03-2013 |
20140126722 | WIRELESS DEVICE AND METHOD FOR REKEYING WITH REDUCED PACKET LOSS FOR HIGH-THROUGHPUT WIRELESS COMMUNICATIONS - Embodiments of a wireless device and methods for rekeying with reduced packet loss in a wireless network are generally described herein. In some embodiments, during rekeying operations a new key for reception may be installed early (i.e., prior to receipt of a rekeying confirmation message). The use of the new key for transmission may be delayed until after receipt of the rekeying confirmation message. The early installation of the new key for reception may allow both the new key and old key to be active at the same time for use decrypting received packets to reduce packet loss during rekeying operations. The rekeying confirmation message may be the fourth message of a four-way handshake for rekeying. In some embodiments, two key identifiers may be alternated between four-way handshakes to prevent deletion of the old key. | 05-08-2014 |
20140140511 | METHOD AND APPARATUS FOR UPDATING A GROUP KEY IN A WIRELESS COMMUNICATION SYSTEM - The present invention relates to a method and apparatus for updating a key for encrypting multicast data in a wireless communication system. The method of the present invention is characterized by comprising: an information receiving step of receiving information on a group entry time and a group exit time from users who have newly entered an arbitrary group including at least one subgroup; a grouping step of grouping the users using the information on the group entry time and the group exit time; and a key transmission step of either transmitting, to the newly-entered users, keys related to the group and the subgroups, or updating, for the remaining users of the subgroups, both the key related to the subgroup to which the user exiting the group belongs and the key of the group and then transmitting the updated keys to the users of the subgroups. | 05-22-2014 |
20140192985 | IMPLICIT REKEYING MECHANISM - Certain aspects of the present disclosure provide methods and apparatus for secure transmission of packets with short headers. The methods may include temporarily suspending the use of packets that use a short MAC header (that lack a Key ID) during re-keying procedures and resuming the use of such packets after a new default Key ID is established via the re-keying procedures. | 07-10-2014 |
20140198916 | METHOD AND DEVICE FOR MANAGING ENCRYPTED GROUP REKEYING IN A RADIO NETWORK LINK LAYER ENCRYPTION SYSTEM - Disclosed is a radio system, method, and device for a mobile station to indicate to an authentication controller, in an authentication response message, which of a plurality of group key link layer encryption keys (GKEK)s it currently has in its possession, and to work with the authentication controller to more intelligently manage multiple GKEKs. The authentication controller can use the information obtained from the authentication response message to determine which of a plurality of GKEKs to advertise in a key announcement broadcast. Furthermore, individual requests for a future LLE key (LEK) to be used for link layer encryption (LLE) encrypting and decrypting inbound and outbound group communications between base station(s) and mobile station(s) are responded to with a broadcast GKEK-encrypted transmission including the future LEK. Only the requesting mobile station transmits an acknowledgment packet in response to the broadcast. | 07-17-2014 |
20160119139 | WIRELESS DEVICE AND METHOD FOR REKEYING WITH REDUCED PACKET LOSS FOR HIGH-THROUGHPUT WIRELESS COMMUNICATIONS - Embodiments of a wireless device and methods for rekeying with reduced packet loss in a wireless network are generally described herein. In some embodiments, during rekeying operations a new key for reception may be installed early (i.e., prior to receipt of a rekeying confirmation message). The use of the new key for transmission may be delayed until after receipt of the rekeying confirmation message. The early installation of the new key for reception may allow both the new key and old key to be active at the same time for use decrypting received packets to reduce packet loss during rekeying operations. The rekeying confirmation message may be the fourth message of a four-way handshake for rekeying. In some embodiments, two key identifiers may be alternated between four-way handshakes to prevent deletion of the old key. | 04-28-2016 |
20160157095 | SECURITY KEY REFRESH FOR DUAL CONNECTIVITY | 06-02-2016 |
20160255500 | Methods and Apparatuses Generating a Radio Base Station Key in a Cellular Radio System | 09-01-2016 |