发明名称 |
Internet key exchange protocol using security associations |
摘要 |
The invention relates to a method of authenticating a user equipment in a communications network. The method involves sending a message from a network entity to the user equipment. This message includes a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity; said options including a “shared key”-based authentication procedure. The method also involves selecting an option from the set. In the event that the “shared-key”-based authentication procedure is selected, a shared secret from a security key established in a generic bootstrapping architecture (GBA) is generated over a second interface between the user equipment and a bootstrapping service function. The shared secret is then used to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface. |
申请公布号 |
US9231759(B2) |
申请公布日期 |
2016.01.05 |
申请号 |
US201313933543 |
申请日期 |
2013.07.02 |
申请人 |
Core Wireless Licensing S.a.r.l. |
发明人 |
Chan Tat Keung;Bajko Gabor |
分类号 |
H04L9/32;G06F7/04;H04L9/08;H04L29/06;H04W12/04;H04W12/06;H04W88/02 |
主分类号 |
H04L9/32 |
代理机构 |
Core Wireless Licensing |
代理人 |
Core Wireless Licensing |
主权项 |
1. A method of authenticating a user equipment in a communications network, the method comprising:
sending a message from a network entity to the user equipment including a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity said options including a “shared key”-based authentication procedure; selecting an option from the set and in the event that the “shared-key”-based authentication procedure is selected, generating a shared secret from a security key established in a generic bootstrapping architecture (GBA) over a second interface between the user equipment and a bootstrapping service function; and using the shared secret to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface. |
地址 |
Luxembourg LU |