Authentication and authorization in proximity based service communication using a group key
US-2024314112-A1 · Sep 19, 2024 · US
Method and apparatus for providing bootstrapping procedures in a communication network
US9300641B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9300641-B2 |
| Application number | US-35205806-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 10, 2006 |
| Priority date | Feb 11, 2005 |
| Publication date | Mar 29, 2016 |
| Grant date | Mar 29, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An approach is provided for performing authentication in a communication system. In one embodiment, a key is established with a terminal in a communication network according to a key agreement protocol. The agreed key is tied to an authentication procedure to provide a security association that supports reuse of the key. A master key is generated based on the agreed key. In another embodiment, digest authentication is combined with key exchange parameters (e.g., Diffie-Hellman parameters) in the payload of the digest message, in which a key (e.g., SMEKEY or MN-AAA) is utilized as a password. In yet another embodiment, an authentication algorithm (e.g., Cellular Authentication and Voice Encryption (CAVE)) is employed with a key agreement protocol with conversion functions to support bootstrapping.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: establishing a key with a terminal in a communication network according to a key agreement protocol, wherein the terminal is configured to operate using spread spectrum; tying the agreed key to an authentication procedure to provide a security association that supports reuse of the key; and generating a master key based on the agreed key; wherein the key agreement protocol is performed over a transport security (TLS) tunnel. 2. The method according to claim 1 , further comprising: generating a challenge message from the agreed key according to the authentication procedure. 3. The method according to claim 1 , further comprising: generating a challenge message from a key agreement message exchanged with the terminal according to the key agreement protocol. 4. The method according to claim 1 , wherein the key agreement protocol includes a Diffie-Hellman key exchange scheme. 5. The method according to claim 4 , wherein the terminal is configured to communicate using spread spectrum and to perform bootstrapping according to a generic authentication architecture. 6. The method according to claim 1 , wherein the authentication procedure includes a challenge handshake authentication protocol (CHAP). 7. A method for authenticating comprising: establishing a shared key with a network element in a communication network according to a key agreement protocol, wherein the network element is configured to tie the agreed key to an authentication procedure to provide a security association that supports reuse of the key; and generating a master key based on the agreed key; wherein the key agreement protocol is performed over a transport layer security (TLS) tunnel. 8. The method according to claim 7 , wherein the key agreement protocol includes a Diffie-Hellman key exchange scheme. 9. The method according to claim 7 , further comprising: communicating with the network element using Code Division Multiple Access (CDMA); and bootstrapping according to a generic authentication scheme. 10. The method according to claim 7 , wherein the authentication procedure includes a challenge handshake authentication protocol (CHAP). 11. An apparatus comprising: an authentication module configured to establish a shared key with a network element in a communication network according to a key agreement protocol, wherein the agreed key is tied to an authentication procedure to provide a security association that supports reuse of the key, the authentication module being further configured to generate a master key based on the agreed key; wherein the key agreement protocol is performed over a transport layer security (TLS) tunnel. 12. The apparatus according to claim 11 , wherein the key agreement protocol includes a Diffie-Hellman key exchange scheme. 13. The apparatus according to claim 11 , further comprising: a transceiver configured to communicate with the network element using spread spectrum, wherein the authentication module being further configured to perform bootstrapping according to a generic authentication architecture. 14. The apparatus according to claim 11 , wherein the authentication procedure includes a challenge handshake authentication protocol (CHAP).
Assignees
Inventors
Classifications
Authentication · CPC title
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title
Key management, e.g. using generic bootstrapping architecture [GBA] · CPC title
- H04L63/06Primary
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
- H04L9/0844Primary
with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9300641B2 cover?
- An approach is provided for performing authentication in a communication system. In one embodiment, a key is established with a terminal in a communication network according to a key agreement protocol. The agreed key is tied to an authentication procedure to provide a security association that supports reuse of the key. A master key is generated based on the agreed key. In another embodiment, …
- Who is the assignee on this patent?
- Laitinen Pekka, Ginzboorg Philip, Asokan Nadarajah, and 2 more
- What technology area does this patent fall under?
- Primary CPC classification H04L63/06. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 29 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).