US20080002829A1 - Identifiers in a communication system - Google Patents

Identifiers in a communication system Download PDF

Info

Publication number
US20080002829A1
US20080002829A1 US11/769,621 US76962107A US2008002829A1 US 20080002829 A1 US20080002829 A1 US 20080002829A1 US 76962107 A US76962107 A US 76962107A US 2008002829 A1 US2008002829 A1 US 2008002829A1
Authority
US
United States
Prior art keywords
identifier
network
entity
network entity
receiving
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US11/769,621
Inventor
Dan Forsberg
Valtteri Niemi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Vringo Infrastructure Inc
Original Assignee
Nokia Oyj
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Oyj filed Critical Nokia Oyj
Priority to US11/769,621 priority Critical patent/US20080002829A1/en
Assigned to NOKIA CORPORATION reassignment NOKIA CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: NIEMI, VALTTERI, FORSBERG, DAN
Publication of US20080002829A1 publication Critical patent/US20080002829A1/en
Assigned to VRINGO INFRASTRUCTURE INC. reassignment VRINGO INFRASTRUCTURE INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: NOKIA CORPORATION
Priority to US13/615,390 priority patent/US9344881B2/en
Assigned to VRINGO, INC. reassignment VRINGO, INC. SECURITY INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: VRINGO INFRASTRUCTURE, INC.
Assigned to IROQUOIS MASTER FUND, L.P. reassignment IROQUOIS MASTER FUND, L.P. ASSIGNMENT OF SECURITY INTEREST Assignors: VRINGO, INC.
Assigned to VRINGO, INC. reassignment VRINGO, INC. RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS). Assignors: SILICON VALLEY BANK
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0414Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]

Definitions

  • the invention relates to identifiers that are used in a communication system, and more particularly to identifiers that are at least partially encrypted.
  • An identifier may associate with a communication device to identify either the device, the user thereof (the “subscriber”) or both.
  • a communication device is a device that is typically used for communication via a communication system. The communication device enables the users of the device to receive and transmit communication such as speech and data.
  • a communication system can be seen as a facility that enables communication sessions between two or more entities such as the communication devices and/or other nodes associated with the communication system. Subscribers to a communication system may be offered and provided numerous services via their communication devices. Non-limiting examples of these services include two-way or multi-way calls, data communication or multimedia services or simply an access to a data communications network system, such as the Internet. The services may be offered by an operator of a network of the communication system or by an external service provider.
  • Examples of communication systems include fixed line communication systems, such as a public switched telephone network (PSTN), wireless or mobile communication systems, such as a public land mobile network (PLMN), and local area networks, fixed or wireless (e.g. LAN, WLAN and WiFi).
  • PSTN public switched telephone network
  • PLMN public land mobile network
  • WLAN local area networks
  • fixed or wireless e.g. LAN, WLAN and WiFi
  • a base station or similar access entity services a communication device via a wireless or air interface.
  • the communication on the wireless interface between the communication device and elements of the access system is based on an appropriate communication protocol.
  • the operation of the base station apparatus and other apparatus required for the communication can be controlled by one or several control entities.
  • the various control entities may be interconnected.
  • a feature of the wireless communication systems is that they provide mobility for the users thereof. That is, the user may roam within the service area of his home network from an access network to the other.
  • the users are also typically allowed to roam into other networks, thus enabling use of the communication device even when the user is not located within the service are of his/hers home network but is visiting another network.
  • Each network is typically provided with an entity for managing the mobility of the mobile users.
  • the location of this entity depends on the standard and system. For example, in a General Packet Radio Service (GPRS) based communication network this can be provided in association with a signalling GPRS support node (SGSN).
  • GPRS General Packet Radio Service
  • SGSN signalling GPRS support node
  • MME mobile management entity
  • a mobile management entity of the home network is called in the following a home mobile management entity.
  • a mobile management entity of the visited network is called in the following a visited mobile management entity.
  • One or more gateway nodes may be provided for connecting the network the user is using to other networks, for example to another mobile network, to a public switched telephone network (PSTN) and/or other communication networks such as an IP (Internet Protocol) and/or other data networks.
  • PSTN public switched telephone network
  • IP Internet Protocol
  • a communication device such as a mobile user equipment or a mobile station is typically provided with at least one permanent identifier.
  • the permanent identifiers include the international mobile subscriber identity (IMSI) and the international mobile equipment identity (IMEI).
  • IMSI is for identifying the user.
  • IMEI international mobile equipment identity
  • the IMSI is for identifying the particular device.
  • An identifier is typically formed of a number of subsections or parts.
  • IMSI international mobile subscriber identity
  • MCC mobile country code
  • MNC mobile network code
  • MSIN mobile subscriber identification number
  • the total maximum length of an IMSI is currently 15 digits. Of the total, the MCC is 3 digits and MNC 2 or 3 digits depending on the area.
  • the mobile subscriber identification number (MSIN) part is for identifying the individual subscriber. Thus, from the subscriber's privacy point of view, at least this part of the IMSI should be protected all the time to prevent possibility of misuse of the possibly sensitive information.
  • An air interface in a radio access network is vulnerable to attacks, and therefore the parts containing sensitive information should not be communicated unprotected in the over-the-air signalling.
  • subscribers should be protected against tracking of plain text i.e. unprotected IMSIs or other identifiers.
  • the credentials of a subscriber cannot typically be fetched before the subscriber has been reliably identified by the network. For this reason there is typically provided a secure data storage facility at the home network of the subscriber for maintaining information about the subscriber, for example information that may used to interpret the contents of a MSIN part of an IMSI.
  • Radio access networks or other network elements are allowed to enquire from a user equipment for the permanent identity associated with the user equipment. This may be allowed, for example, for authentication purposes in case the network does not have any identity, for example a temporary identity for the user equipment. This leaves open a possibility that an attacker uses a tracker the to obtain the permanent identity.
  • an IMSI catcher are known to have been developed for this purpose. These are typically based on the realisation that it is possible for an attacker to create a false base station to which a user equipment then attaches to. The false base station may then inform the user equipment that it does not have any temporary identities of any sort for the user equipment, thus requesting a plain text IMSI from the user equipment (UE).
  • a network element can thus claim not to have the permanent identity of a user equipment (UE).
  • UE user equipment
  • An attacker may try to fool the user equipment by pretending to be an element of the network and ask the IMSI directly from the user equipment.
  • the user equipment may have no option to deny the request, but will send the identity back in a non-protected format.
  • U.S. Pat. No. 6,373,949 discloses a way to protect the IMSI by encrypting the a mobile subscriber identification number (MSIN) part of the IMSI with a home operator public key.
  • MSIN mobile subscriber identification number
  • an identifier containing at least one encrypted part is received at a first network entity.
  • a second network entity may be determined based on the identifier.
  • a request for assistance in decryption of the identifier from the second network entity may be sent from the first entity.
  • a method comprising receiving an identifier containing at least one encrypted part at a first network entity, determining a second network entity based on the identifier, and requesting for assistance in decryption of the identifier from the second network entity.
  • An apparatus is provided in an embodiment, the apparatus being configured to receive an identifier containing at least one encrypted part, to determine a network entity based on the identifier, and to signal to the network entity a request for assistance in decryption of the identifier.
  • a more detailed embodiment further comprises receiving the identifier in a decrypted format at the first network entity from the second network entity.
  • Information may be received from the second network entity for use in decryption of the identifier.
  • the receiving may comprise receiving the identifier at a mobility management entity of a visited network.
  • the requesting may comprise requesting for decryption of the identifier from a mobility management entity of the home network of the identifier.
  • the determining may comprise determining a mobility management entity of the home network of the identifier based on a network specific part of the identifier.
  • An embodiment further comprises receiving a public key and secret key pair along with a key identifier from the second network entity.
  • a method comprising receiving a request for assistance in decryption of an identifier containing at least one encrypted part, decrypting the identifier, and sending the decrypted identifier to the requestor.
  • the receiving may comprise receiving at a mobility management entity of a home network the identifier from a mobility management entity of a visited network.
  • the method may further comprise sending a public key and secret key pair along with a key identifier.
  • the receiving of an identifier may comprise receiving an international mobile subscriber identity from a visited network.
  • the apparatus may comprise a mobility management entity of a visited network.
  • the apparatus may be configured to determine a mobility management entity of the home network of the identifier based on a network specific part of the identifier.
  • the apparatus may be configured to encrypt the identifier based on a key pair identifier of a public key and secret key pair.
  • the apparatus may be configured to process an international mobile subscriber identity from a visiting user equipment.
  • an apparatus configured to receive a request for assistance in decryption of an identifier containing at least one encrypted part, to decrypt the identifier, and to send the decrypted identifier to the requestor.
  • the apparatus may comprise a mobility management entity of a home network of a user equipment associated with the identifier.
  • the apparatus may be configured to send a public key and secret key pair along with a key identifier to the requestor.
  • a system may also be provided, the system comprising a first network entity provided in a first network and a second network entity provided in a second network, wherein the first network entity is configured to receive an identifier containing at least one encrypted part and to receive from the second network entity assistance in decryption of the identifier, and the second network entity is configured to send said assistance to the first network entity.
  • a communication device configured to send a message containing at least partially encrypted identifier and a identifier of a key for decryption of the at least partially encrypted identifier.
  • An embodiment provides a computer program comprising program code means adapted to perform a method comprising receiving an identifier containing at least one encrypted part at a first network entity, determining a second network entity based on the identifier, and requesting for assistance in decryption of the identifier from the second network entity when the program is run on a processor.
  • An embodiment provides a computer program comprising program code means adapted to perform a method comprising receiving a request for assistance in decryption of an identifier containing at least one encrypted part, decrypting the identifier, and sending the decrypted identifier to the requestor when the program is run on a processor.
  • the embodiments may provide a mechanism to improve the security in transmitting and processing identifiers.
  • FIG. 1 shows an example of an arrangement in which the embodiments may be implemented
  • FIGS. 2 and 3 are flowcharts illustrating certain embodiments.
  • FIGS. 4 to 6 are signaling flowcharts illustrating certain embodiments.
  • FIG. 1 showing schematically two mobile communication networks 32 and 42 .
  • a communication device 30 referred to in the following as the user equipment, is in wireless communications with a base station 31 of the network 32 .
  • the user equipment is roaming in the network 32 , i.e. only visiting network 32 , while it is a subscriber to the network 42 .
  • the network 42 is referred to below as the home network.
  • Each the visited and the home network is provided with an appropriate mobility management entity 33 and 43 , respectively.
  • the networks are connected via appropriate gateway nodes 34 and 44 .
  • a mobile network may comprise also other elements, such as various controller and signalling nodes than those shown. These, however, are not shown for clarity.
  • the mobility management entities 33 and 43 are provided with appropriate data processing element 35 and 45 and data storages 36 and 46 for enabling them to perform the operations of the embodiments as described below with reference to FIGS. 2 and 3 .
  • FIG. 2 illustrates a method that may be performed at an entity of the visited network, for example at the mobile management entity (MME) 33 of FIG. 1 .
  • a network entity receives an identifier containing at least one encrypted part from a user equipment. If it is detected by a data processing capability of the entity at step 102 that the entity is capable of decrypting the identifier, it is then decrypted at step 103 .
  • An intended operation for example an authentication procedure, then follows at step 110 .
  • the network entity may then determine, at 104 , necessary details of a second network entity that maintains information that is needed in the decryption.
  • the second entity would be the MME 43 of the home network 42 .
  • the determination may be based on information the entity can gather from the identifier that was received from the user equipment at 100 .
  • the first entity can then ask for assistance at step 106 from the second entity.
  • a processor of the second or home entity may then decrypt the message based on information stored in a data storage thereof and return the identifier in decrypted format to the requesting entity.
  • the home entity only sends back information that is required in the decryption by the requesting entity at step 108 .
  • FIG. 3 illustrates an example for operation at an entity that maintains information enabling decryption of encrypted identifiers of a particular user equipment.
  • this entity would equal the MME 43 of the home network 42 .
  • the entity receives a request for assistance in decryption of the identifier at step 200 . Since it possesses the required details for decryption, for example this information is stored in a memory thereof, and the request comes from a trusted entity (such as the MME 32 of FIG. 1 ), a processor of the entity decrypts the identifier at 202 .
  • the decrypted identifier is then sent in clear format to the requestor at 204 for use e.g. in authentication of a visiting user equipment. Alternatively, it is possible to send back only information that could then be used by the requesting entity to decrypt the identifier.
  • a possible messaging procedure in accordance with an embodiment is shown in detail in the flowcharts of FIGS. 4 and 5 .
  • a user equipment indicates its willingness to use communication services provided by a network.
  • the MME of the network then sends a message 1 to the user equipment to request for a user identity.
  • This message may be triggered, for example, because the MME has not allocated any temporary mobile subscriber identity (TMSI) to the user equipment.
  • TMSI temporary mobile subscriber identity
  • the user equipment responds by returning a message 2 including an IMSI and IMEI associated with the user equipment. Other information, such as information about public key identifiers may also be included in the response.
  • the user equipment sends at least a part of the identifiers encrypted. For example, at least the mobile subscriber identification number (MSIN) part of the IMSI may be transmitted as encrypted over the air interface.
  • MSIN mobile subscriber identification number
  • the MME detects that the user is a non-roaming user, or that it has otherwise the required details for decryption, then the MME itself can decrypt the MSIN part. For example, the MME may decrypt the encrypted part based on a secret key stored therein. This possibility is shown in FIG. 5 .
  • the mobile management entity may realise that the user equipment is a roaming user equipment, and/or that it does not posses enough information to decrypt the encrypted portions of the IMSI identifier.
  • the mobile management entity can nevertheless determine the home network of the user equipment sending message 2 based on information available to it and request for assistance in the decryption by contacting the home operator mobile management entity by means of message 3 .
  • the visited mobile management entity asks the home mobile management entity to decrypt the IMSI on its behalf. This relieves the visited mobile management entity from the burden of storing or obtaining details about the secret keys of other operators.
  • the legacy interfaces between the entities involved may be used as such.
  • various nodes such as the mobile management entities/signalling GPRS support nodes (MME/SGSN) and home location registers/home subscriber servers (HLR/HSS) of the networks.
  • MME/SGSN mobile management entities/signalling GPRS support nodes
  • HLR/HSS home location registers/home subscriber servers
  • the required interfaces are controlled and run by the network operators and well protected from outsiders than the air, thus offering a secure channel for communication of sensitive information between the network entities.
  • the visited mobile management entity may resolve the necessary details of the home mobile management entity by analysing a network specific information part of message 2 .
  • the visited mobile management entity may analyse the mobile country code (MCC) and/or mobile network code (MNC) of the IMSI to see if it is acting as a visited mobile management entity or the home mobile management entity for the user equipment, and if not, which network it should contact for help.
  • MCC mobile country code
  • MNC mobile network code
  • the home mobile management entity can then decrypt the MSIN part and send the IMSI in a clear text format back in message 4 to the visited mobile management entity.
  • the visited mobile management entity may then continue the intended operation, for example by sending a request for authentication data in message 5 to an appropriate register maintaining subscriber data.
  • a valid public key and secret key pair along with a key identifier may be sent in message 4 to the requesting mobile management entity.
  • the public key and secret key pairs are identified so that the correct secret key can be used to decrypt the IMSI.
  • the user equipment provides public key identifier along with the encrypted IMSI (e.g. similar to the key set identifier, KSI). This public key identifier is not specific to the particular user equipment.
  • Other information such as information related to validity periods, possibly associated with operator identities, may also be provided in message 4 .
  • the public key and secret key pairs are provided with an identifier.
  • the user equipment may then send the identifier with the encrypted IMSI to the visited mobile management entity, and the decryption can be accomplished on these basis.
  • These public key and secret key pairs can be operator specific. For example, these can be specific for a given MCC and MNC.
  • the visited mobile management entity may be provided with this information at an appropriate stage, for example in response to detection that the user equipment has entered the network. Key identifiers can be provided always together with the keys to mobile management entities.
  • a possibility to enhance protection of the identifier is to allow the user equipment to send the IMSI to the network only as long as the user equipment does not have a valid public key with a valid validity period (e.g. non-expired lifetime).
  • a validly authenticated network can then update the user equipment with a valid new public key, key identifier and other information with a validity period.
  • Updating the public key can also be based on a higher layer protocol or application for remote management of a user equipment.
  • a user equipment may authenticate the network (AUTN parameter) based on an authentication and key agreement (AKA).
  • AKA authentication and key agreement
  • the user equipment can accept public key update requests from the network after the network has been authenticated and when the communication channel is at least integrity protected. This may provide a viable solution to provide a public key from a mobile management entity to a user equipment.
  • Certain communication standards do not necessarily distinguish between visited and home networks in all occasions, for example in the context of authentication and key agreement (AKA) procedures.
  • AKA authentication and key agreement
  • a user equipment may not be able to verify if it is communicating securely with its home network or with some other network.
  • the user equipment can accept new keys along with identifiers from the home network after it has been authenticated with the AKA procedure and with quintets that are marked to be used only in the home network. For example, the user equipment can use this information to verify that the network it is attached to is really a home network.
  • These public keys belong to the same MCC and MNC as the user equipment's IMSI.
  • a solution to this is to use an authentication management field (AMF) in AKA, to mark the generated quintets to be used only within the home network. By means of this it is possible to ensure that the marked quintets are not delivered out of the home network. This way the user equipment can verify if a network can be trusted to update the keys in the user equipment, as it only receives keys from a network that has been authenticated with a quintet that has “H(ome)” bit set in the AMF field.
  • AMF authentication management field
  • a yet further possibility for decrypting the IMSI is that the MME uses the encrypted IMSI when contacting a home HLR/HSS.
  • the HLR may be provided with the corresponding secret key to decrypt the IMSI. This may, however, in certain situations have the drawback that the MME may not be able to select the correct HLR/HSS because the MSIN is decrypted in case the MSIN is used to select the HLR.
  • Key revocation may not be needed if the used public keys have a validity period. After the lifetime expires the public key is considered to be invalid and user equipment may delete it. It is possible for the network to provide, after the authentication, information about revoked keys and new keys to the user equipment if key revocation procedure is seen necessary.
  • One option is to pre-configure the public key into the user equipment (e.g. in the xSIM or in the phone memory) with an appropriate mechanism.
  • a public key can be configured when the subscription is purchased. It is not crucial how the public key is configured into the terminal as long as the terminal can answer network enquiries with an encrypted IMSI and be sure that the used public key is valid and that the network has a mechanism to decrypt the IMSI.
  • the required data processing functions in various entities may be provided by means of one or more data processors.
  • An appropriately adapted computer program code product may be used for implementing the embodiments, when loaded to a computing device comprising such a processor.
  • the program code product for providing the operation may be stored on and provided by means of a carrier medium such as a carrier disc, card or tape.
  • a possibility is to download the program code product via a data network.
  • Implementation may be provided with appropriate executable codes in the processor provided in the network entities, such as in the processors 35 and 45 of FIG. 1 and in a processor of a mobile communication device.
  • HLR/HSS Existing algorithms and interfaces that are used to select HLR/HSS can be used in the embodiments since the visited MME can be provided with a decrypted IMSI by the home MME. Certain embodiments may mitigate the threat of IMSI catching attack as the user equipment does not have to respond with a plain IMSI if it has a valid public key. If the user equipment does not have a valid public key it can use plain text IMSI to identify itself to the network. However, when the network has been authenticated, the user equipment gets a valid public key if it supports the usage of public keys. Certain embodiments enable update of the public keys in the user equipment.
  • embodiments of the present invention have been described in relation to communication devises such as mobile user equipments, embodiments of the present invention are applicable to any other suitable type of communication devices.

Abstract

An identifier containing at least one encrypted part is received at a first network entity. A second network entity may then be determined based on the identifier. A request for assistance in decryption of the identifier from the second network entity may be sent from the first entity to the second network entity. The second network entity may then assist the first networks entity in an appropriate manner.

Description

    FIELD OF THE INVENTION
  • The invention relates to identifiers that are used in a communication system, and more particularly to identifiers that are at least partially encrypted.
    • BACKGROUND
  • An identifier may associate with a communication device to identify either the device, the user thereof (the “subscriber”) or both. A communication device is a device that is typically used for communication via a communication system. The communication device enables the users of the device to receive and transmit communication such as speech and data. A communication system can be seen as a facility that enables communication sessions between two or more entities such as the communication devices and/or other nodes associated with the communication system. Subscribers to a communication system may be offered and provided numerous services via their communication devices. Non-limiting examples of these services include two-way or multi-way calls, data communication or multimedia services or simply an access to a data communications network system, such as the Internet. The services may be offered by an operator of a network of the communication system or by an external service provider.
  • Examples of communication systems include fixed line communication systems, such as a public switched telephone network (PSTN), wireless or mobile communication systems, such as a public land mobile network (PLMN), and local area networks, fixed or wireless (e.g. LAN, WLAN and WiFi). In the mobile system, the users are allowed an access to the communication system via a radio access network. For example, in cellular and wireless local systems, a base station (BS) or similar access entity services a communication device via a wireless or air interface. The communication on the wireless interface between the communication device and elements of the access system is based on an appropriate communication protocol. The operation of the base station apparatus and other apparatus required for the communication can be controlled by one or several control entities. The various control entities may be interconnected.
  • A feature of the wireless communication systems is that they provide mobility for the users thereof. That is, the user may roam within the service area of his home network from an access network to the other. The users are also typically allowed to roam into other networks, thus enabling use of the communication device even when the user is not located within the service are of his/hers home network but is visiting another network.
  • Each network is typically provided with an entity for managing the mobility of the mobile users. The location of this entity depends on the standard and system. For example, in a General Packet Radio Service (GPRS) based communication network this can be provided in association with a signalling GPRS support node (SGSN). For clarity, and regardless of the used terminology of a particular standard and system, these entities will be referred to in the following by the term mobile management entity (MME). A mobile management entity of the home network is called in the following a home mobile management entity. A mobile management entity of the visited network is called in the following a visited mobile management entity.
  • One or more gateway nodes may be provided for connecting the network the user is using to other networks, for example to another mobile network, to a public switched telephone network (PSTN) and/or other communication networks such as an IP (Internet Protocol) and/or other data networks.
  • A communication device such as a mobile user equipment or a mobile station is typically provided with at least one permanent identifier. Non-limiting examples of the permanent identifiers include the international mobile subscriber identity (IMSI) and the international mobile equipment identity (IMEI). The IMSI is for identifying the user. The the international mobile equipment identity is for identifying the particular device.
  • An identifier is typically formed of a number of subsections or parts. For example, the international mobile subscriber identity (IMSI) currently consists of a mobile country code (MCC), a mobile network code (MNC) and a mobile subscriber identification number (MSIN). The total maximum length of an IMSI is currently 15 digits. Of the total, the MCC is 3 digits and MNC 2 or 3 digits depending on the area.
  • The mobile subscriber identification number (MSIN) part is for identifying the individual subscriber. Thus, from the subscriber's privacy point of view, at least this part of the IMSI should be protected all the time to prevent possibility of misuse of the possibly sensitive information.
  • An air interface in a radio access network is vulnerable to attacks, and therefore the parts containing sensitive information should not be communicated unprotected in the over-the-air signalling. For example, subscribers should be protected against tracking of plain text i.e. unprotected IMSIs or other identifiers.
  • On the other hand, the credentials of a subscriber cannot typically be fetched before the subscriber has been reliably identified by the network. For this reason there is typically provided a secure data storage facility at the home network of the subscriber for maintaining information about the subscriber, for example information that may used to interpret the contents of a MSIN part of an IMSI.
  • Certain radio access networks or other network elements are allowed to enquire from a user equipment for the permanent identity associated with the user equipment. This may be allowed, for example, for authentication purposes in case the network does not have any identity, for example a temporary identity for the user equipment. This leaves open a possibility that an attacker uses a tracker the to obtain the permanent identity. For example, an IMSI catcher are known to have been developed for this purpose. These are typically based on the realisation that it is possible for an attacker to create a false base station to which a user equipment then attaches to. The false base station may then inform the user equipment that it does not have any temporary identities of any sort for the user equipment, thus requesting a plain text IMSI from the user equipment (UE).
  • A network element can thus claim not to have the permanent identity of a user equipment (UE). An attacker may try to fool the user equipment by pretending to be an element of the network and ask the IMSI directly from the user equipment. The user equipment may have no option to deny the request, but will send the identity back in a non-protected format.
  • To illustrate this threat further, lets consider a case where a short range IMSI catcher is used together with some kind of user identification system, for example based on a credit card or similar. This enables an attacker to collect pairs of user identities and IMSIs. Attacker could also add IMSI catchers to certain locations to collect history of pass by IMSIs.
  • U.S. Pat. No. 6,373,949 discloses a way to protect the IMSI by encrypting the a mobile subscriber identification number (MSIN) part of the IMSI with a home operator public key. However, this still leaves a problem of protecting an IMSI that is send in clear text format over an air interface from a user equipment to the network. This type of transmission may be needed in occasions where the network does not know how to decrypt the encrypted MSIN part. In other words, an entity managing the mobility of a mobile user may not know where the secret key of the corresponding public key is located.
    • SUMMARY
  • In accordance with an embodiment an identifier containing at least one encrypted part is received at a first network entity. A second network entity may be determined based on the identifier. A request for assistance in decryption of the identifier from the second network entity may be sent from the first entity.
  • In accordance with an embodiment there is provided a method comprising receiving an identifier containing at least one encrypted part at a first network entity, determining a second network entity based on the identifier, and requesting for assistance in decryption of the identifier from the second network entity.
  • An apparatus is provided in an embodiment, the apparatus being configured to receive an identifier containing at least one encrypted part, to determine a network entity based on the identifier, and to signal to the network entity a request for assistance in decryption of the identifier.
  • A more detailed embodiment further comprises receiving the identifier in a decrypted format at the first network entity from the second network entity. Information may be received from the second network entity for use in decryption of the identifier.
  • The receiving may comprise receiving the identifier at a mobility management entity of a visited network. The requesting may comprise requesting for decryption of the identifier from a mobility management entity of the home network of the identifier. The determining may comprise determining a mobility management entity of the home network of the identifier based on a network specific part of the identifier.
  • An embodiment further comprises receiving a public key and secret key pair along with a key identifier from the second network entity.
  • In accordance with another embodiment there is provided a method comprising receiving a request for assistance in decryption of an identifier containing at least one encrypted part, decrypting the identifier, and sending the decrypted identifier to the requestor. The receiving may comprise receiving at a mobility management entity of a home network the identifier from a mobility management entity of a visited network. The method may further comprise sending a public key and secret key pair along with a key identifier. The receiving of an identifier may comprise receiving an international mobile subscriber identity from a visited network.
  • The apparatus may comprise a mobility management entity of a visited network. The apparatus may be configured to determine a mobility management entity of the home network of the identifier based on a network specific part of the identifier. The apparatus may be configured to encrypt the identifier based on a key pair identifier of a public key and secret key pair. The apparatus may be configured to process an international mobile subscriber identity from a visiting user equipment.
  • According to a yet another embodiment there is provided an apparatus configured to receive a request for assistance in decryption of an identifier containing at least one encrypted part, to decrypt the identifier, and to send the decrypted identifier to the requestor. The apparatus may comprise a mobility management entity of a home network of a user equipment associated with the identifier. The apparatus may be configured to send a public key and secret key pair along with a key identifier to the requestor.
  • A system may also be provided, the system comprising a first network entity provided in a first network and a second network entity provided in a second network, wherein the first network entity is configured to receive an identifier containing at least one encrypted part and to receive from the second network entity assistance in decryption of the identifier, and the second network entity is configured to send said assistance to the first network entity.
  • In accordance with a yet further embodiment there is provided a communication device configured to send a message containing at least partially encrypted identifier and a identifier of a key for decryption of the at least partially encrypted identifier.
  • An embodiment provides a computer program comprising program code means adapted to perform a method comprising receiving an identifier containing at least one encrypted part at a first network entity, determining a second network entity based on the identifier, and requesting for assistance in decryption of the identifier from the second network entity when the program is run on a processor.
  • An embodiment provides a computer program comprising program code means adapted to perform a method comprising receiving a request for assistance in decryption of an identifier containing at least one encrypted part, decrypting the identifier, and sending the decrypted identifier to the requestor when the program is run on a processor.
  • The embodiments may provide a mechanism to improve the security in transmitting and processing identifiers.
  • It shall be appreciated that these issues are not limited to any particular communication environment, but may occur in any appropriate communication system.
  • Various other aspects, exemplifying embodiments and advantages are described in the following detailed description and in the attached claims.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Certain embodiments will now be described in further detail, by way of example only, with reference to the following examples and accompanying drawings, in which:
  • FIG. 1 shows an example of an arrangement in which the embodiments may be implemented;
  • FIGS. 2 and 3 are flowcharts illustrating certain embodiments; and
  • FIGS. 4 to 6 are signaling flowcharts illustrating certain embodiments.
    • DETAILED DESCRIPTION OF CERTAIN EMBODIMENTS
  • Certain embodiments for new mechanisms for processing at least partially protected identifiers will now be described by way of example with reference to an exemplifying mobile communication system. It is noted that the embodiments are examples only, and that the invention may be embodied in any other suitable form of a communication system. Also, although the following example is given in relation to identifiers such as the international mobile subscriber identity (IMSI) and the international mobile equipment identity (IMEI), the embodiments are also applicable to other identifiers.
  • A reference is first made to FIG. 1 showing schematically two mobile communication networks 32 and 42. A communication device 30, referred to in the following as the user equipment, is in wireless communications with a base station 31 of the network 32. The user equipment is roaming in the network 32, i.e. only visiting network 32, while it is a subscriber to the network 42. Hence the network 42 is referred to below as the home network. Each the visited and the home network is provided with an appropriate mobility management entity 33 and 43, respectively. The networks are connected via appropriate gateway nodes 34 and 44. It is understood that a mobile network may comprise also other elements, such as various controller and signalling nodes than those shown. These, however, are not shown for clarity.
  • The mobility management entities 33 and 43 are provided with appropriate data processing element 35 and 45 and data storages 36 and 46 for enabling them to perform the operations of the embodiments as described below with reference to FIGS. 2 and 3.
  • FIG. 2 illustrates a method that may be performed at an entity of the visited network, for example at the mobile management entity (MME) 33 of FIG. 1. At step 100 a network entity receives an identifier containing at least one encrypted part from a user equipment. If it is detected by a data processing capability of the entity at step 102 that the entity is capable of decrypting the identifier, it is then decrypted at step 103. An intended operation, for example an authentication procedure, then follows at step 110.
  • However, it can be detected that decryption is not possible. The network entity may then determine, at 104, necessary details of a second network entity that maintains information that is needed in the decryption. In FIG. 1 the second entity would be the MME 43 of the home network 42. The determination may be based on information the entity can gather from the identifier that was received from the user equipment at 100.
  • The first entity can then ask for assistance at step 106 from the second entity. A processor of the second or home entity may then decrypt the message based on information stored in a data storage thereof and return the identifier in decrypted format to the requesting entity. Alternatively, the home entity only sends back information that is required in the decryption by the requesting entity at step 108. Once the requesting entity is in the possession of the identifier in decrypted format, the user equipment is served by the visited network at 110 in usual manner.
  • FIG. 3 illustrates an example for operation at an entity that maintains information enabling decryption of encrypted identifiers of a particular user equipment. In FIG. 1 this entity would equal the MME 43 of the home network 42. The entity receives a request for assistance in decryption of the identifier at step 200. Since it possesses the required details for decryption, for example this information is stored in a memory thereof, and the request comes from a trusted entity (such as the MME 32 of FIG. 1), a processor of the entity decrypts the identifier at 202. The decrypted identifier is then sent in clear format to the requestor at 204 for use e.g. in authentication of a visiting user equipment. Alternatively, it is possible to send back only information that could then be used by the requesting entity to decrypt the identifier.
  • A possible messaging procedure in accordance with an embodiment is shown in detail in the flowcharts of FIGS. 4 and 5. In here a user equipment indicates its willingness to use communication services provided by a network. The MME of the network then sends a message 1 to the user equipment to request for a user identity. This message may be triggered, for example, because the MME has not allocated any temporary mobile subscriber identity (TMSI) to the user equipment.
  • The user equipment responds by returning a message 2 including an IMSI and IMEI associated with the user equipment. Other information, such as information about public key identifiers may also be included in the response. The user equipment sends at least a part of the identifiers encrypted. For example, at least the mobile subscriber identification number (MSIN) part of the IMSI may be transmitted as encrypted over the air interface.
  • If the MME detects that the user is a non-roaming user, or that it has otherwise the required details for decryption, then the MME itself can decrypt the MSIN part. For example, the MME may decrypt the encrypted part based on a secret key stored therein. This possibility is shown in FIG. 5.
  • However, the mobile management entity may realise that the user equipment is a roaming user equipment, and/or that it does not posses enough information to decrypt the encrypted portions of the IMSI identifier. The mobile management entity can nevertheless determine the home network of the user equipment sending message 2 based on information available to it and request for assistance in the decryption by contacting the home operator mobile management entity by means of message 3. In accordance with an embodiment the visited mobile management entity asks the home mobile management entity to decrypt the IMSI on its behalf. This relieves the visited mobile management entity from the burden of storing or obtaining details about the secret keys of other operators.
  • The legacy interfaces between the entities involved may be used as such. For example, there is no need for any changes in the interfaces between various nodes such as the mobile management entities/signalling GPRS support nodes (MME/SGSN) and home location registers/home subscriber servers (HLR/HSS) of the networks. The required interfaces are controlled and run by the network operators and well protected from outsiders than the air, thus offering a secure channel for communication of sensitive information between the network entities.
  • The visited mobile management entity may resolve the necessary details of the home mobile management entity by analysing a network specific information part of message 2. For example, the visited mobile management entity may analyse the mobile country code (MCC) and/or mobile network code (MNC) of the IMSI to see if it is acting as a visited mobile management entity or the home mobile management entity for the user equipment, and if not, which network it should contact for help.
  • In response to message 3 the home mobile management entity can then decrypt the MSIN part and send the IMSI in a clear text format back in message 4 to the visited mobile management entity. The visited mobile management entity (MME) may then continue the intended operation, for example by sending a request for authentication data in message 5 to an appropriate register maintaining subscriber data.
  • In certain embodiments a valid public key and secret key pair along with a key identifier may be sent in message 4 to the requesting mobile management entity. The public key and secret key pairs are identified so that the correct secret key can be used to decrypt the IMSI. In this option the user equipment provides public key identifier along with the encrypted IMSI (e.g. similar to the key set identifier, KSI). This public key identifier is not specific to the particular user equipment. Other information such as information related to validity periods, possibly associated with operator identities, may also be provided in message 4.
  • In accordance with an embodiment the public key and secret key pairs are provided with an identifier. The user equipment may then send the identifier with the encrypted IMSI to the visited mobile management entity, and the decryption can be accomplished on these basis. These public key and secret key pairs can be operator specific. For example, these can be specific for a given MCC and MNC. The visited mobile management entity may be provided with this information at an appropriate stage, for example in response to detection that the user equipment has entered the network. Key identifiers can be provided always together with the keys to mobile management entities.
  • It is also possible to update at lest part of the key information at the user equipment. The general principle of updating the user equipment in this regard is shown in FIG. 6.
  • A possibility to enhance protection of the identifier is to allow the user equipment to send the IMSI to the network only as long as the user equipment does not have a valid public key with a valid validity period (e.g. non-expired lifetime). A validly authenticated network can then update the user equipment with a valid new public key, key identifier and other information with a validity period.
  • Updating the public key can also be based on a higher layer protocol or application for remote management of a user equipment. A user equipment may authenticate the network (AUTN parameter) based on an authentication and key agreement (AKA). Thus the user equipment can accept public key update requests from the network after the network has been authenticated and when the communication channel is at least integrity protected. This may provide a viable solution to provide a public key from a mobile management entity to a user equipment.
  • Certain communication standards do not necessarily distinguish between visited and home networks in all occasions, for example in the context of authentication and key agreement (AKA) procedures. Thus a user equipment may not be able to verify if it is communicating securely with its home network or with some other network. In accordance with an embodiment the user equipment can accept new keys along with identifiers from the home network after it has been authenticated with the AKA procedure and with quintets that are marked to be used only in the home network. For example, the user equipment can use this information to verify that the network it is attached to is really a home network. These public keys belong to the same MCC and MNC as the user equipment's IMSI. A solution to this is to use an authentication management field (AMF) in AKA, to mark the generated quintets to be used only within the home network. By means of this it is possible to ensure that the marked quintets are not delivered out of the home network. This way the user equipment can verify if a network can be trusted to update the keys in the user equipment, as it only receives keys from a network that has been authenticated with a quintet that has “H(ome)” bit set in the AMF field.
  • A yet further possibility for decrypting the IMSI is that the MME uses the encrypted IMSI when contacting a home HLR/HSS. The HLR may be provided with the corresponding secret key to decrypt the IMSI. This may, however, in certain situations have the drawback that the MME may not be able to select the correct HLR/HSS because the MSIN is decrypted in case the MSIN is used to select the HLR.
  • Key revocation may not be needed if the used public keys have a validity period. After the lifetime expires the public key is considered to be invalid and user equipment may delete it. It is possible for the network to provide, after the authentication, information about revoked keys and new keys to the user equipment if key revocation procedure is seen necessary.
  • One option is to pre-configure the public key into the user equipment (e.g. in the xSIM or in the phone memory) with an appropriate mechanism. For example, a public key can be configured when the subscription is purchased. It is not crucial how the public key is configured into the terminal as long as the terminal can answer network enquiries with an encrypted IMSI and be sure that the used public key is valid and that the network has a mechanism to decrypt the IMSI.
  • The required data processing functions in various entities may be provided by means of one or more data processors. An appropriately adapted computer program code product may be used for implementing the embodiments, when loaded to a computing device comprising such a processor. The program code product for providing the operation may be stored on and provided by means of a carrier medium such as a carrier disc, card or tape. A possibility is to download the program code product via a data network. Implementation may be provided with appropriate executable codes in the processor provided in the network entities, such as in the processors 35 and 45 of FIG. 1 and in a processor of a mobile communication device.
  • Existing algorithms and interfaces that are used to select HLR/HSS can be used in the embodiments since the visited MME can be provided with a decrypted IMSI by the home MME. Certain embodiments may mitigate the threat of IMSI catching attack as the user equipment does not have to respond with a plain IMSI if it has a valid public key. If the user equipment does not have a valid public key it can use plain text IMSI to identify itself to the network. However, when the network has been authenticated, the user equipment gets a valid public key if it supports the usage of public keys. Certain embodiments enable update of the public keys in the user equipment.
  • Whilst embodiments of the present invention have been described in relation to communication devises such as mobile user equipments, embodiments of the present invention are applicable to any other suitable type of communication devices.
  • It is also noted herein that while the above describes exemplifying embodiments of the invention, there are several variations and modifications which may be made to the disclosed solution without departing from the scope of the present invention.

Claims (30)

1. A method comprising:
receiving an identifier containing at least one encrypted part at a first network entity;
determining a second network entity based on the identifier; and
requesting for assistance in decryption of the identifier from the second network entity.
2. The method as claimed in claim 1, further comprising, subsequent to requesting for assistance, receiving the identifier in a decrypted format at the first network entity from the second network entity.
3. The method as claimed in claim 1, further comprising receiving information from the second network entity for use in decryption of the identifier and decrypting of the identifier based on said information.
4. The method as claimed in claim 1, wherein the receiving comprises receiving the identifier at a mobility management entity of a visited network.
5. The method as claimed in claim 1, wherein the requesting comprises requesting for decryption of the identifier from a mobility management entity of the home network of the identifier.
6. The method as claimed in claim 1, wherein the determining comprises determining a mobility management entity of the home network of the identifier based on a network specific part of the identifier.
7. The method as claimed in claim 1, comprising receiving a public key and secret key pair along with a key identifier from the second network entity.
8. The method as claimed in claim 1, wherein the receiving of an identifier comprises receiving an international mobile subscriber identity from a visiting user equipment.
9. A method comprising:
receiving a request for assistance in decryption of an identifier containing at least one encrypted part;
decrypting the identifier; and
sending the decrypted identifier to the requester.
10. The method as claimed in claim 9, wherein the receiving comprises receiving at a mobility management entity of a home network the identifier from a mobility management entity of a visited network.
11. The method as claimed in claim 9, comprising sending a public key and secret key pair along with a key identifier.
12. The method as claimed in claim 9, wherein the receiving of an identifier comprises receiving an international mobile subscriber identity from a visited network.
13. An apparatus configured to:
receive an identifier containing at least one encrypted part;
determine a network entity based on the identifier; and
signal to the network entity a request for assistance in decryption of the identifier.
14. The apparatus as claimed in claim 13, the apparatus being configured to receive the identifier in a decrypted format from the second network entity.
15. The apparatus claimed in claim 13, the apparatus being configured to decrypt the identifier based on information from the second network entity.
16. The apparatus as claimed in claim 13, comprising a mobility management entity of a visited network.
17. The apparatus as claimed in claim 13, the apparatus being configured to determine a mobility management entity of the home network of the identifier based on a network specific part of the identifier.
18. The apparatus as claimed in claim 13, the apparatus being configured to encrypt the identifier based on a key pair identifier of a public key and secret key pair.
19. The apparatus as claimed in claim 13, the apparatus being configured to process an international mobile subscriber identity from visiting user equipment.
20. An apparatus configured to:
receive a request for assistance in decryption of an identifier containing at least one encrypted part;
decrypt the identifier; and
send the decrypted identifier to the requestor.
21. The apparatus as claimed in claim 20, comprising a mobility management entity of a home network of a user equipment associated with the identifier.
22. The apparatus as claimed in claim 20, configured to send a public key and secret key pair along with a key identifier to the requester.
23. A system comprising:
a first network entity provided in a first network, and
a second network entity provided in a second network
wherein the first network entity is configured to receive an identifier containing at least one encrypted part and to receive from the second network entity assistance in decryption of the identifier, and the second network entity is configured to send said assistance to the first network entity.
24. The system as claimed in claim 23, wherein the second network entity is configured to decrypt the identifier in response to the request by the first network entity.
25. The system as claimed in claim 23, wherein the second network entity is configured to send information for use in decryption of the identifier in response to the request by the first network entity
26. A method comprising
receiving a request for assistance in decryption of an identifier containing at least one encrypted part,
decrypting the identifier, and
sending the decrypted identifier to the requester.
27. The method as claimed in claim 26, comprising receiving the identifier at a mobility management entity of a home network.
28. A communication device configured to send a message containing at least partially encrypted identifier and an identifier of a key for decryption of the at least partially encrypted identifier.
29. A computer program embodied on a computer-readable medium, the computer program configured to provide a method comprising:
receiving an identifier containing at least one encrypted part at a first network entity;
determining a second network entity based on the identifier; and
requesting for assistance in decryption of the identifier from the second network entity.
30. A computer program embodied on a computer-readable medium, the computer program configured to provide a method comprising:
receiving a request for assistance in decryption of an identifier containing at least one encrypted part,
decrypting the identifier, and
sending the decrypted identifier to the requestor.
US11/769,621 2006-06-27 2007-06-27 Identifiers in a communication system Abandoned US20080002829A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US11/769,621 US20080002829A1 (en) 2006-06-27 2007-06-27 Identifiers in a communication system
US13/615,390 US9344881B2 (en) 2006-06-27 2012-09-13 Identifiers in a communication system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US81674006P 2006-06-27 2006-06-27
US11/769,621 US20080002829A1 (en) 2006-06-27 2007-06-27 Identifiers in a communication system

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US13/615,390 Continuation US9344881B2 (en) 2006-06-27 2012-09-13 Identifiers in a communication system

Publications (1)

Publication Number Publication Date
US20080002829A1 true US20080002829A1 (en) 2008-01-03

Family

ID=38543920

Family Applications (2)

Application Number Title Priority Date Filing Date
US11/769,621 Abandoned US20080002829A1 (en) 2006-06-27 2007-06-27 Identifiers in a communication system
US13/615,390 Active US9344881B2 (en) 2006-06-27 2012-09-13 Identifiers in a communication system

Family Applications After (1)

Application Number Title Priority Date Filing Date
US13/615,390 Active US9344881B2 (en) 2006-06-27 2012-09-13 Identifiers in a communication system

Country Status (2)

Country Link
US (2) US20080002829A1 (en)
EP (1) EP1873998B1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080130898A1 (en) * 2006-10-16 2008-06-05 Nokia Corporation Identifiers in a communication system
US20100037052A1 (en) * 2008-08-07 2010-02-11 Gilat Satellite Networks, Ltd. Network Binding
US20100202618A1 (en) * 2007-09-28 2010-08-12 Huawei Technologies Co., Ltd. Method and apparatus for updating key in an active state
US20120076082A1 (en) * 2010-09-29 2012-03-29 Cassidian Sas Method for attachment and authentication of a user terminal with a visited network
US20120214486A1 (en) * 2006-06-14 2012-08-23 Nec Corporation Communication system, operation control method, and location management server
US20120230488A1 (en) * 2011-03-13 2012-09-13 At&T Intellectual Property I, Lp Authenticating network elements in a communication system
US20130170643A1 (en) * 2010-09-01 2013-07-04 Huawei Technologies Co., Ltd. Method and system for transmitting subscriber identity information, user equipment, network device

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3143785B1 (en) * 2014-05-12 2018-10-24 Nokia Technologies Oy Securing device-to-device communication in a wireless network
CN106576237B (en) * 2014-07-21 2020-10-16 宇龙计算机通信科技(深圳)有限公司 Mobile management entity, home server, terminal, identity authentication system and method
FR3057134A1 (en) * 2016-10-04 2018-04-06 Orange METHOD FOR RECORDING USER EQUIPMENT IN A COMMUNICATION NETWORK
US11792172B2 (en) 2017-05-05 2023-10-17 Nokia Technologies Oy Privacy indicators for controlling authentication requests
US20200068391A1 (en) * 2017-05-09 2020-02-27 Intel IP Corporation Privacy protection and extensible authentication protocol authentication and autorization in cellular networks
US10574457B2 (en) * 2017-05-12 2020-02-25 Nokia Technologies Oy Indicator for determination of key for processing message in communication system
ES2928428T3 (en) 2017-05-16 2022-11-17 Nokia Technologies Oy Privacy Protection Capabilities
EP4297340A3 (en) * 2017-07-25 2024-04-17 Telefonaktiebolaget LM Ericsson (publ) Subscription concealed identifier
CA3078785A1 (en) 2017-10-10 2019-04-18 Ntt Docomo, Inc. Security establishment method, terminal device, and network device
EP4240043A3 (en) * 2017-11-16 2023-11-15 Nokia Technologies Oy Privacy managing entity selection in communication system
KR102345830B1 (en) * 2018-01-12 2021-12-30 텔레폰악티에볼라겟엘엠에릭슨(펍) Identifier Privacy Management
EP3738329B1 (en) * 2018-01-12 2024-01-31 Telefonaktiebolaget LM Ericsson (publ) Validation of subscription concealed identifiers in mobile networks
CN111615847B (en) * 2018-01-15 2022-06-21 瑞典爱立信有限公司 Network function instance selection
RU2020130791A (en) * 2018-02-21 2022-03-21 Телефонактиеболагет Лм Эрикссон (Пабл) PRIVACY FOR THE FUTURE

Citations (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5455865A (en) * 1989-05-09 1995-10-03 Digital Equipment Corporation Robust packet routing over a distributed network containing malicious failures
US5889861A (en) * 1995-01-12 1999-03-30 Kokusai Denshin Denwa Co., Ltd Identity confidentiality method in radio communication system
US6144949A (en) * 1998-02-12 2000-11-07 Motorola, Inc. Radio frequency communication system with subscribers arranged to authenticate a received message
US6373949B1 (en) * 1997-04-16 2002-04-16 Nokia Networks Oy Method for user identity protection
US20020080752A1 (en) * 2000-12-22 2002-06-27 Fredrik Johansson Route optimization technique for mobile IP
WO2002067486A2 (en) * 2001-02-16 2002-08-29 Motorola, Inc. Method and apparatus for storing and distributing encryption keys
US6584310B1 (en) * 1998-05-07 2003-06-24 Lucent Technologies Inc. Method and apparatus for performing authentication in communication systems
US6671377B1 (en) * 1999-03-18 2003-12-30 Ericsson Inc. System and method for downloading network information to mobile stations for location calculation
US6674860B1 (en) * 1998-07-17 2004-01-06 Nokia Mobile Phones Ltd. Method and arrangement for managing a service in a mobile communications system
US20040179690A1 (en) * 2003-03-13 2004-09-16 New Mexico Technical Research Foundation Dynamic security authentication for wireless communication networks
US20050010774A1 (en) * 2003-07-08 2005-01-13 Rose Gregory Gordon Apparatus and method for a secure broadcast system
US20050050318A1 (en) * 2003-07-30 2005-03-03 International Business Machines Corporation Profiled access to wireless LANs
US20050117747A1 (en) * 2003-12-02 2005-06-02 Melodeo, Inc. Secure digital content trading systems and methods
US20060143132A1 (en) * 2004-11-30 2006-06-29 Valenti William L Method and apparatus to enable a market in used digital content
US20060189319A1 (en) * 2003-03-15 2006-08-24 Houldsworth Richard J Control of a conditional access mechanism
US20060189298A1 (en) * 2003-03-06 2006-08-24 Maurizio Marcelli Method and software program product for mutual authentication in a communications network
US20060204003A1 (en) * 2005-02-28 2006-09-14 Osamu Takata Cryptographic communication system and method
US20060209843A1 (en) * 2005-02-25 2006-09-21 Kan Zhang Secure spontaneous associations between networkable devices
US20070101139A1 (en) * 1999-08-02 2007-05-03 Leonard Bayer System for protecting information over the internet
US7406594B2 (en) * 2001-10-31 2008-07-29 Yamaha Corporation Method and apparatus for certification and authentication of users and computers over networks
US20100014661A1 (en) * 2003-11-05 2010-01-21 Nokia Corporation Apparatus, system, method and computer program product for distributing service information and digital rights for broadcast data
US7707405B1 (en) * 2004-09-21 2010-04-27 Avaya Inc. Secure installation activation
US7707406B2 (en) * 2002-11-08 2010-04-27 General Instrument Corporation Certificate renewal in a certificate authority infrastructure

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2724796B1 (en) 1994-09-15 1996-12-27 Inst Eurecom METHOD FOR VERIFYING A PREDETERMINED CRITERION RELATING TO A CALLING UNIT BY AN INTERMEDIATE UNIT WITH AN AFFILIATION UNIT AND DEVICE FOR IMPLEMENTING IT, PARTICULARLY IN TELEPHONY
CA2276872A1 (en) 1998-08-28 2000-02-28 Lucent Technologies Inc. Method for protecting mobile anonymity
US7185362B2 (en) * 2001-08-20 2007-02-27 Qualcomm, Incorporated Method and apparatus for security in a data processing system
US7322043B2 (en) * 2002-06-20 2008-01-22 Hewlett-Packard Development Company, L.P. Allowing an electronic device accessing a service to be authenticated
FR2845222B1 (en) 2002-09-26 2004-11-19 Gemplus Card Int IDENTIFICATION OF A TERMINAL WITH A SERVER
JP2008034891A (en) * 2004-11-24 2008-02-14 Matsushita Electric Ind Co Ltd Encrypted content reproduction device, encrypted content reproduction method and recording medium stored with program thereof

Patent Citations (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5455865A (en) * 1989-05-09 1995-10-03 Digital Equipment Corporation Robust packet routing over a distributed network containing malicious failures
US5889861A (en) * 1995-01-12 1999-03-30 Kokusai Denshin Denwa Co., Ltd Identity confidentiality method in radio communication system
US6373949B1 (en) * 1997-04-16 2002-04-16 Nokia Networks Oy Method for user identity protection
US6144949A (en) * 1998-02-12 2000-11-07 Motorola, Inc. Radio frequency communication system with subscribers arranged to authenticate a received message
US6584310B1 (en) * 1998-05-07 2003-06-24 Lucent Technologies Inc. Method and apparatus for performing authentication in communication systems
US6674860B1 (en) * 1998-07-17 2004-01-06 Nokia Mobile Phones Ltd. Method and arrangement for managing a service in a mobile communications system
US6671377B1 (en) * 1999-03-18 2003-12-30 Ericsson Inc. System and method for downloading network information to mobile stations for location calculation
US20070101139A1 (en) * 1999-08-02 2007-05-03 Leonard Bayer System for protecting information over the internet
US20020080752A1 (en) * 2000-12-22 2002-06-27 Fredrik Johansson Route optimization technique for mobile IP
WO2002067486A2 (en) * 2001-02-16 2002-08-29 Motorola, Inc. Method and apparatus for storing and distributing encryption keys
US7406594B2 (en) * 2001-10-31 2008-07-29 Yamaha Corporation Method and apparatus for certification and authentication of users and computers over networks
US7707406B2 (en) * 2002-11-08 2010-04-27 General Instrument Corporation Certificate renewal in a certificate authority infrastructure
US20060189298A1 (en) * 2003-03-06 2006-08-24 Maurizio Marcelli Method and software program product for mutual authentication in a communications network
US7233664B2 (en) * 2003-03-13 2007-06-19 New Mexico Technical Research Foundation Dynamic security authentication for wireless communication networks
US20040179690A1 (en) * 2003-03-13 2004-09-16 New Mexico Technical Research Foundation Dynamic security authentication for wireless communication networks
US20060189319A1 (en) * 2003-03-15 2006-08-24 Houldsworth Richard J Control of a conditional access mechanism
US20050010774A1 (en) * 2003-07-08 2005-01-13 Rose Gregory Gordon Apparatus and method for a secure broadcast system
US20050050318A1 (en) * 2003-07-30 2005-03-03 International Business Machines Corporation Profiled access to wireless LANs
US20100014661A1 (en) * 2003-11-05 2010-01-21 Nokia Corporation Apparatus, system, method and computer program product for distributing service information and digital rights for broadcast data
US20050117747A1 (en) * 2003-12-02 2005-06-02 Melodeo, Inc. Secure digital content trading systems and methods
US7707405B1 (en) * 2004-09-21 2010-04-27 Avaya Inc. Secure installation activation
US20060143132A1 (en) * 2004-11-30 2006-06-29 Valenti William L Method and apparatus to enable a market in used digital content
US20060209843A1 (en) * 2005-02-25 2006-09-21 Kan Zhang Secure spontaneous associations between networkable devices
US20060204003A1 (en) * 2005-02-28 2006-09-14 Osamu Takata Cryptographic communication system and method

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120214486A1 (en) * 2006-06-14 2012-08-23 Nec Corporation Communication system, operation control method, and location management server
US11368832B2 (en) 2006-06-14 2022-06-21 Nec Corporation Communication system, operation control method, and location management server
US10785633B2 (en) 2006-06-14 2020-09-22 Nec Corporation Communication system, operation control method, and location management server
US10111083B2 (en) 2006-06-14 2018-10-23 Nec Corporation Communication system, operation control method, and location management server
US9768961B2 (en) * 2006-10-16 2017-09-19 Nokia Technologies Oy Encrypted indentifiers in a wireless communication system
US8347090B2 (en) * 2006-10-16 2013-01-01 Nokia Corporation Encryption of identifiers in a communication system
US20080130898A1 (en) * 2006-10-16 2008-06-05 Nokia Corporation Identifiers in a communication system
US20130080779A1 (en) * 2006-10-16 2013-03-28 Silke Holtmanns Indentifiers in a communication system
US10057769B2 (en) * 2007-09-28 2018-08-21 Huawei Technologies Co., Ltd. Method and apparatus for updating a key in an active state
US20110080875A1 (en) * 2007-09-28 2011-04-07 Huawei Technologies Co., Ltd. Method and apparatus for updating a key in an active state
US20120307803A1 (en) * 2007-09-28 2012-12-06 Huawei Technologies Co., Ltd. Method and apparatus for updating a key in an active state
US10999065B2 (en) 2007-09-28 2021-05-04 Huawei Technologies Co., Ltd. Method and apparatus for updating a key in an active state
US8023658B2 (en) * 2007-09-28 2011-09-20 Huawei Technologies Co., Ltd. Method and apparatus for updating a key in an active state
US20100202618A1 (en) * 2007-09-28 2010-08-12 Huawei Technologies Co., Ltd. Method and apparatus for updating key in an active state
US8300827B2 (en) * 2007-09-28 2012-10-30 Huawei Technologies Co., Ltd. Method and apparatus for updating key in an active state
US8144877B2 (en) 2007-09-28 2012-03-27 Huawei Technologies Co., Ltd. Method and apparatus for updating a key in an active state
US9031240B2 (en) * 2007-09-28 2015-05-12 Huawei Technologies Co., Ltd. Method and apparatus for updating a key in an active state
US20150208240A1 (en) * 2007-09-28 2015-07-23 Huawei Technologies Co.,Ltd. Method and apparatus for updating a key in an active state
US8516246B2 (en) * 2008-08-07 2013-08-20 Gilat Satellite Networks Ltd. Network binding
US20100037052A1 (en) * 2008-08-07 2010-02-11 Gilat Satellite Networks, Ltd. Network Binding
US20130170643A1 (en) * 2010-09-01 2013-07-04 Huawei Technologies Co., Ltd. Method and system for transmitting subscriber identity information, user equipment, network device
US20120076082A1 (en) * 2010-09-29 2012-03-29 Cassidian Sas Method for attachment and authentication of a user terminal with a visited network
US10028138B2 (en) * 2010-09-29 2018-07-17 Cassidian Sas Method for attachment and authentication of a user terminal with a visited network
US8559636B2 (en) * 2011-03-13 2013-10-15 At&T Intellectual Property I, Lp Authenticating network elements in a communication system
US20120230488A1 (en) * 2011-03-13 2012-09-13 At&T Intellectual Property I, Lp Authenticating network elements in a communication system

Also Published As

Publication number Publication date
EP1873998B1 (en) 2018-09-19
US20130003971A1 (en) 2013-01-03
US9344881B2 (en) 2016-05-17
EP1873998A1 (en) 2008-01-02

Similar Documents

Publication Publication Date Title
US9344881B2 (en) Identifiers in a communication system
US8347090B2 (en) Encryption of identifiers in a communication system
US7461248B2 (en) Authentication and authorization in heterogeneous networks
US7088989B2 (en) Mobile user location privacy solution based on the use of multiple identities
US8261078B2 (en) Access to services in a telecommunications network
US10887300B2 (en) Operation related to user equipment using secret identifier
JP7139420B2 (en) Method for transmitting an encrypted subscription identifier stored in a security element to a physical or virtual element of a telecommunications network, the corresponding security element, the physical or virtual element and a terminal cooperating with this security element
CN102415119B (en) Managing undesired service requests in a network
US11330428B2 (en) Privacy key in a wireless communication system
CN110754101B (en) Methods, systems, and computer-readable storage media for protecting subscriber information associated with user equipment
EP3488627B1 (en) Proof-of-presence indicator
KR100968522B1 (en) Mobile Authentication Method for Strengthening the Mutual Authentication and Handover Security

Legal Events

Date Code Title Description
AS Assignment

Owner name: NOKIA CORPORATION, FINLAND

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:FORSBERG, DAN;NIEMI, VALTTERI;REEL/FRAME:019836/0653;SIGNING DATES FROM 20070807 TO 20070813

Owner name: NOKIA CORPORATION, FINLAND

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:FORSBERG, DAN;NIEMI, VALTTERI;SIGNING DATES FROM 20070807 TO 20070813;REEL/FRAME:019836/0653

AS Assignment

Owner name: VRINGO INFRASTRUCTURE INC., NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:NOKIA CORPORATION;REEL/FRAME:028948/0500

Effective date: 20120910

AS Assignment

Owner name: VRINGO, INC., NEW YORK

Free format text: SECURITY INTEREST;ASSIGNOR:VRINGO INFRASTRUCTURE, INC.;REEL/FRAME:035585/0371

Effective date: 20150504

AS Assignment

Owner name: IROQUOIS MASTER FUND, L.P., NEW YORK

Free format text: ASSIGNMENT OF SECURITY INTEREST;ASSIGNOR:VRINGO, INC.;REEL/FRAME:035624/0710

Effective date: 20150404

AS Assignment

Owner name: VRINGO, INC., NEW YORK

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:SILICON VALLEY BANK;REEL/FRAME:038380/0956

Effective date: 20160406

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION