Communication protocol for secure communications systems
US-9143321-B2 · Sep 22, 2015 · US
System and method of lawful access to secure communications
US9871827B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9871827-B2 |
| Application number | US-201615225543-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 1, 2016 |
| Priority date | Jan 12, 2012 |
| Publication date | Jan 16, 2018 |
| Grant date | Jan 16, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present disclosure relates to systems and methods for secure communications. In some aspects, a method of signalling an interception time period is described. At least one keying information used by a KMF to regenerate a key is stored. A start_interception message is signaled from an ADMF to a CSCF. A halt_message is signaled from the ADMF to the CSCF.
First claim
Opening claim text (preview).
The invention claimed is: 1. A call session control function (CSCF), comprising: a memory; and at least one hardware processor communicatively coupled with the memory and configured to: receive a start_interception message from an administration function (ADMF) in a network node over a X1_1 interface, wherein the start_interception message indicates a starting time for an interception time period of a lawful interception; in response to receiving the start_interception message, initiate a request to a key management service (KMS) to regenerate a key based on stored keying information, wherein the regenerated key is used to decrypt one or more intercepted packets during the interception time period; and receive a halt_message from the ADMF, wherein the halt_message indicates that the lawful interception is to be stopped. 2. The CSCF of claim 1 , wherein the halt_message includes a target user identifier. 3. The CSCF of claim 1 , wherein the key is regenerated using at least one keying information included in a TRANSFER_INIT message. 4. The CSCF of claim 1 , wherein the key is regenerated using at least one keying information included in a TRANSFER_RESP message. 5. The CSCF of claim 1 , wherein the key is regenerated using at least one of RANDRi, RANDRr, Initiator's Identity (IDRi), Responder's Identity (IDRr), crypto session identity (CS ID), modifier (MOD), header payload (HDR), key data transport payload (KEMAC), traffic encryption key (TEK) generation key (TGK), or TEK generation key (TGK). 6. The CSCF of claim 1 , wherein the halt_message is received over the X1_1 interface. 7. A non-transitory computer-readable medium containing instructions which, when executed, cause a computing device to perform operations comprising: receiving, at a call session control function (CSCF), a start_interception message from an administration function (ADMF) in a network node over a X1_1 interface, wherein the start_interception message indicates a starting time for an interception time period of a lawful interception, in response to receiving the start_interception message, initiating a request to a key management service (KMS) to regenerate a key based on stored keying information, wherein the regenerated key is used to decrypt one or more intercepted packets during the interception time period; and receiving, at the CSCF, a halt_message from the ADMF, wherein the halt_message indicates that the lawful interception is to be stopped. 8. The non-transitory computer-readable medium of claim 7 , wherein the halt_message includes a target user identifier. 9. The non-transitory computer-readable medium of claim 7 , wherein the key is regenerated using at least one keying information included in a TRANSFER_INIT message. 10. The non-transitory computer-readable medium of claim 7 , wherein the key is regenerated using at least one keying information included in a TRANSFER_RESP message. 11. The non-transitory computer-readable medium of claim 7 , wherein the key is regenerated using at least one of RANDRi, RANDRr, Initiator's Identity (IDRi), Responder's Identity (IDRr), crypto session identity (CS ID), modifier (MOD), header payload (HDR), key data transport payload (KEMAC), traffic encryption key (TEK) generation key (TGK), or TEK generation key (TGK). 12. The non-transitory computer-readable medium of claim 7 , wherein the halt_message is received over the X1_1 interface. 13. A method, comprising: receiving, at a call session control function (CSCF), a start_interception message from an administration function (ADMF) in a network node over a X1_1 interface, wherein the start_interception message indicates a starting time for an interception time period of a lawful interception; in response to receiving the start_interception message, initiating a request to a key management service (KMS) to regenerate a key based on stored keying information; decrypting the one or more intercepted packets during the interception time period using the regenerated key; and receiving, at the CSCF, a halt_message from the ADMF, wherein the halt_message indicates that the lawful interception is to be stopped. 14. The method of claim 13 , wherein the halt_message includes a target user identifier. 15. The method of claim 13 , wherein the key is regenerated using at least one keying information included in a TRANSFER_INIT message. 16. The method of claim 13 , wherein the key is regenerated using at least one keying information included in a TRANSFER_RESP message. 17. The method of claim 13 , wherein the key is regenerated using at least one of RANDRi, RANDRr, Initiator's Identity (IDRi), Responder's Identity (IDRr), crypto session identity (CS ID), modifier (MOD), header payload (HDR), key data transport payload (KEMAC), traffic encryption key (TEK) generation key (TGK), or TEK generation key (TGK).
Assignees
Inventors
Classifications
Wireless · CPC title
- H04L63/306Primary
intercepting packet switched data communications, e.g. Web, Internet or IMS communications · CPC title
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9871827B2 cover?
- The present disclosure relates to systems and methods for secure communications. In some aspects, a method of signalling an interception time period is described. At least one keying information used by a KMF to regenerate a key is stored. A start_interception message is signaled from an ADMF to a CSCF. A halt_message is signaled from the ADMF to the CSCF.
- Who is the assignee on this patent?
- Blackberry Ltd, Certicom Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L63/306. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jan 16 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).