METHOD TO ESTABLISH A SECURE VOICE COMMUNICATION USING GENERIC BOOTSTRAPPING ARCHITECTURE

摘要

The present invention relates to a method to establish a secure voice communication session between two user equipments with the help of a dedicated Network Application Function (NAF) and at least one Bootstrapping Server Function. A session key is calculated from bootstrapping service derived external or internal NAF keys of the first and the second user equipments. A secured voice communication is established using the calculated session key.

主权项

1. A method to establish a secure voice communication session between two user equipments with the help of a dedicated Network Application Function (NAF) and at least one Bootstrapping Server Function, comprising the steps of:
for a first user equipment, sending a request for communication with a second user equipment and a request for security association to a dedicated Network Application Function (NAF), for the first user equipment, proceeding to a challenge procedure comprising:
for the first user equipment, establishing a link with a first Bootstrapping Server Function,for the first Bootstrapping Server Function, transmitting a challenge to the first user equipment,for the first user equipment, responding to the challenge transmitted by the first Bootstrapping Server Function,for the first Bootstrapping Server Function, verifying the challenge response, for the NAF, retrieving bootstrapping service derived NAF keys from the first Bootstrapping Server Function, for the second user equipment, receiving a request for communication with the first user equipment, for the second user equipment, sending a request for security association to a dedicated Network Application Function, for the second user equipment, proceeding to a challenge procedure (CH2) comprising:
for the second user equipment, establishing a link with a second Bootstrapping Server Function,for the second Bootstrapping Server Function, transmitting a challenge to the second user equipment,for the second user equipment, responding to a challenge transmitted by the second Bootstrapping Server Function,for the second Bootstrapping Server Function, verifying the challenge response, for the NAF, retrieving bootstrapping service derived external and internal NAF keys from the second Bootstrapping Server Function, the method further comprising the steps of:
calculating a session key from bootstrapping service derived external or internal NAF keys of the first and the second user equipments, andestablishing a secured voice communication using the calculated session key.