Who is the assignee on this patent?

Verón Christian Herrero, Wifvesson Monica, ERICSSON TELEFON AB L M (publ)

What technology area does this patent fall under?

Primary CPC classification H04L9/14. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jun 13 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Method for handling ciphering keys in a mobile station

US9681292B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9681292-B2
Application number	US-201013388890-A
Country	US
Kind code	B2
Filing date	Aug 17, 2010
Priority date	Aug 17, 2009
Publication date	Jun 13, 2017
Grant date	Jun 13, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques for handling ciphering keys in a mobile station comprising a mobile equipment (ME) and a Universal Subscriber Identity Module (USIM) are disclosed. An example method includes obtaining a UMTS cipher key (CK), integrity key (IK), and ciphering key sequence number (CKSN) from the USIM, deriving a 128-bit ciphering key (Kc-128) from the CK and the IK, and storing the Kc-128 and the CKSN on the mobile equipment, separate from the USIM. The stored CKSN is associated with the stored Kc-128, so that the Kc-128's correspondence to the most current UMTS security context can be tracked. This example method applies to the generation and storage of a 128-bit ciphering key for either the packet-switched or circuit-switched domains. A corresponding user equipment apparatus is also disclosed.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for handling, ciphering keys in a mobile station comprising a mobile equipment (ME) and a Universal Subscriber Identity Module (USIM), the method comprising: obtaining, by a processing circuit, a Universal Mobile Telecommunications System (UMTS) cipher key (CK), a UMTS integrity key (IK), and a UMTS ciphering key sequence number (CKSN) from the USIM; generating, by the processing circuit, a 128-bit ciphering key (Kc-128) from the UMTS CK and the UMTS IK; storing, by the processing circuit, the Kc-128 and the UMTS CKSN on the mobile equipment, separate from the USIM, wherein the stored UMTS CKSN is associated with the stored Kc-128; determining, by the processing circuit, that a ciphering algorithm requiring a 128-bit ciphering key is to be taken into use for operation in one of a packet-switched domain and a circuit-switched domain; prior to applying the stored Kc-128 to the ciphering algorithm, verifying a validity of the stored Kc-128 by: obtaining, by the processing circuit, a most recent UMTS CKSN from the USIM; and comparing the most recent UMTS CKSN to the stored UMTS CKSN to verify a match; and applying, by the processing circuit, the stored Kc-128 to the ciphering algorithm responsive to verifying the validity of the Kc-128. 2. The method of claim 1 wherein the UMTS CK and the UMTS IK are for operation in the packet-switched domain. 3. The method of claim 1 wherein the UMTS CK and the UMTS IK are for operation in the circuit-switched domain. 4. The method of claim 3 : wherein said obtaining, generating, and storing are performed by the processing circuit in response to said determining. 5. The method of claim 1 : further comprising determining, by the processing circuit, that a new UMTS security context has been established; wherein said obtaining, generating, and storing are performed by the processing circuit in response to said determining. 6. The method of claim 1 : further comprising determining, by the processing circuit, that the USIM has generated a 64-bit ciphering key; wherein said obtaining, generating, and storing are performed by the processing circuit in response to said determining. 7. The method of claim 1 further comprising: determining, by the processing circuit, that a ciphering algorithm requiring a 128-bit ciphering key is to be taken into use; obtaining, by the processing circuit, a most recent UMTS CKSN from the USIM and comparing the most recent UMTS CKSN to the stored UMTS CKSN; in response to determining that the most recent UMTS CKSN does not match the stored CKSN: obtaining, by the processing circuit, a new UMTS CK, new UMTS IK, and new UMTS CKSN from the USIM; generating, by the processing circuit, a new Kc-128 from the new UMTS CK and the new UMTS IK; storing, by the processing circuit, the new Kc-128 and the new UMTS CKSN on the mobile equipment. 8. The method of claim 1 further comprising: obtaining, by the processing circuit, a new CK, new UMTS IK, and new UMTS CKSN from the USIM; generating, by the processing circuit, a new Kc-128 from the new UMTS CK and the new UMTS IK; storing, by the processing circuit, the new Kc-128 and the new UMTS CKSN on the mobile equipment, in addition to the previously stored Kc-128 and UMTS CKSN. 9. The method of claim 8 further comprising: determining, by the processing circuit, whether ciphering algorithm requiring a 128-bit ciphering key is to be activated; in response to determining that the ciphering algorithm requiring a 128-bit ciphering key is to be activated, overwriting the previously stored Kc-128 and UMTS CKSN with the new Kc-128 and new UMTS CKSN. 10. The method of claim 1 further comprising deleting the stored Kc-128 in response to determining that the stored Kc-128 is invalid. 11. The method of claim 10 wherein determining, by the processing circuit, whether the stored Kc-128 is invalid comprises at least one of: detecting, by the processing circuit, that the corresponding UMTS CKSN on the USIM has been or is to be deleted; detecting, by the processing circuit, that an update status on USIM for circuit-switched services is changed to “U2 NOT UPDATED,” “U3 ROAMING NOT ALLOWED,” or “U4UPDATING DISABLED”; detecting, by the processing circuit, that an update status on USIM for packet-switched services is changed to “GU2 NOT UPDATED” or “GU3 ROAMING NOT ALLOWED”; detecting, by the processing circuit, that the USIM has been disabled. 12. A mobile station, comprising: a Universal Subscriber Identity Module (USIM); and a mobile equipment (ME) coupled to the USIM via a USIM interface: wherein the ME comprises one or more processing circuits configured to: obtain a Universal Mobile Telecommunications System (UMTS) cipher key (CK), a UMTS integrity key (IK), and a UMTS ciphering key sequence number (CKSN) from the USIM; generate a 128-bit ciphering key (Kc-128) from the UMTS CK and the UMTS IK; store the Kc-128 and the CKSN on the mobile equipment, separate from the USIM, wherein the stored UMTS CKSN is associated with the stored Kc-128; determine that a ciphering algorithm requiring a 128-bit ciphering key is to be taken into use for operation in one of a packet-switched domain and a circuit-switched domain; prior to applying the stored Kc-128 to the ciphering algorithm, verify a validity of the stored Kc-128 by: obtaining a most recent UMTS CKSN from the USIM; and comparing the most recent UMTS CKSN to the stored UMTS CKSN to verify a match; and responsive to verifying the validity of the stored Kc-128, apply the stored Kc-128 to the ciphering algorithm. 13. The mobile station of claim 12 wherein the UMTS CK and the UMTS IK are for operation in the packet-switched domain. 14. The mobile station of claim 12 wherein the UMTS CK and the UMTS IK are for operation in the circuit-switched domain. 15. The mobile station of claim 14 wherein, in response to said determining, the one or more processing circuits are further configured to: obtain the UMTS CK, the UMTS IK, and the UMTS CKSN from the USIM; generate the Kc-128 from the UMTS CK and the UMTS IK; and store the Kc-128 and the CKSN on the mobile equipment separate from the USIM. 16. The mobile station of claim 12 wherein, in response to said determining, the one or more processing circuits are further configured to: determine that a new UMTS security context has been established; obtain the UMTS CK, the UMTS IK, and the UMTS CKSN from the USIM; generate the Kc-128 from the UMTS CK and the UMTS IK; and store the Kc-128 and the CKSN on the mobile equipment separate from the USIM. 17. The mobile station of claim 12 wherein, in response to said determining, the one or more processing circuits are further configured to: determine that the USIM has generated a 64-bit ciphering key (Kc-64); obtain the UMTS CK, the UMTS IK, and the UMTS CKSN from the USIM; generate the Kc-128 from the UMTS CK and the UMTS IK; and store the Kc-128 and the CKSN on the mobile equipment separate from the USIM. 18. The mobile station of claim 12 wherein, in response to determining that the most recent UMTS CKSN does not match the stored UMTS CKSN, the one or more processing circuits are further configured to: obtain a new UMTS CK, new UMTS IK, and new UMTS CKSN from the USIM; generate a new Kc-128 from the new UMTS CK and the new UMTS IK; store the new Kc-128 and the new UMTS CKSN on the mobile equipment. 19. The mobile station of claim 12 wherein the one or more processing circuits are further configured

Assignees

Inventors

Classifications

H04L9/32
including means for verifying the identity or authority of a user of the system {or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials} · CPC title
H04L9/14Primary
using a plurality of keys or algorithms · CPC title
H04L2463/061
applying further key derivation, e.g. deriving traffic keys from a pair-wise master key · CPC title
H04L63/00
Network architectures or network communication protocols for network security (cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00; network architectures or network communication protocols for wireless network security H04W12/00; security arrangements for protecting computers or computer systems against unauthorised activity G06F21/00) · CPC title
H04W12/02Primary
Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII] · CPC title

Patent family

Related publications grouped by family.

View patent family 43348519

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9681292B2 cover?: Techniques for handling ciphering keys in a mobile station comprising a mobile equipment (ME) and a Universal Subscriber Identity Module (USIM) are disclosed. An example method includes obtaining a UMTS cipher key (CK), integrity key (IK), and ciphering key sequence number (CKSN) from the USIM, deriving a 128-bit ciphering key (Kc-128) from the CK and the IK, and storing the Kc-128 and the CKSN…
Who is the assignee on this patent?: Verón Christian Herrero, Wifvesson Monica, ERICSSON TELEFON AB L M (publ)
What technology area does this patent fall under?: Primary CPC classification H04L9/14. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jun 13 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).