[go: up one dir, main page]

WO2025156599A1 - Procédé, dispositif et produit-programme d'ordinateur pour communication sans fil - Google Patents

Procédé, dispositif et produit-programme d'ordinateur pour communication sans fil

Info

Publication number
WO2025156599A1
WO2025156599A1 PCT/CN2024/111141 CN2024111141W WO2025156599A1 WO 2025156599 A1 WO2025156599 A1 WO 2025156599A1 CN 2024111141 W CN2024111141 W CN 2024111141W WO 2025156599 A1 WO2025156599 A1 WO 2025156599A1
Authority
WO
WIPO (PCT)
Prior art keywords
message
aead
wireless communication
algorithm
mode
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/CN2024/111141
Other languages
English (en)
Inventor
Leyi Zhang
Ruiqi LIU
Shilin You
Yuze LIU
Peilin Liu
Zhen XING
Wei Ma
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to PCT/CN2024/111141 priority Critical patent/WO2025156599A1/fr
Publication of WO2025156599A1 publication Critical patent/WO2025156599A1/fr
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity

Definitions

  • This document is directed generally to wireless communications, and in particular to 5 th generation (5G) communications or 6 th generation (6G) communications.
  • Integrity and encryption protections in telecom are essential for securing data transmission across networks. Integrity protections ensure that the data sent is received unaltered, protecting against tampering and ensuring authenticity. Encryption protections, on the other hand, protect the confidentiality of the data by converting it into a coded format that can only be deciphered by authorized parties. Together, these protections form a critical part of telecom security protocols, safeguarding sensitive information and maintaining the trustworthiness of communication systems.
  • This document relates to methods, systems, and computer program products for a wireless communication.
  • the wireless communication method includes: transmitting, by a wireless communication terminal to a wireless communication node, a first message using an authenticated encryption with associated data, AEAD, mode according to an AEAD information carried by a second message from the wireless communication node.
  • the wireless communication method includes: receiving, by a wireless communication node from a wireless communication terminal, a first message using an authenticated encryption with associated data, AEAD, mode according to an AEAD information carried by a second message from the wireless communication node.
  • the wireless communication terminal includes a communication unit and a processor.
  • the processor is configured to: transmit, to a wireless communication node via the communication unit, a first message using an authenticated encryption with associated data, AEAD, mode according to an AEAD information carried by a second message from the wireless communication node.
  • the wireless communication node includes a communication unit and a processor.
  • the processor is configured to: receive, from a wireless communication terminal a communication unit, a first message using an authenticated encryption with associated data, AEAD, mode according to an AEAD information carried by a second message from the wireless communication node.
  • the AEAD information comprises at least one of:
  • the first message is transmitted using the AEAD mode in response to at least one of:
  • the second message comprising an AEAD indicator with a first value indicating the AEAD mode being used
  • the second message comprising an AEAD usage policy, and the AEAD usage policy indicating the AEAD mode being used or a first condition in the AEAD usage policy for using the AEAD mode being met;
  • the second message comprising an authenticated encryption algorithm.
  • the first message is transmitted without using the AEAD mode in response to:
  • the second message comprising an AEAD indicator with a second value indicating an AEAD mode not being used
  • the second message comprising an AEAD usage policy, and the AEAD usage policy indicating the AEAD mode not being used or a second condition in the AEAD usage policy for not using the AEAD mode being met;
  • the second message not comprising an authenticated encryption algorithm.
  • an integrity protection and ciphering for the first message is based on an authenticated encryption algorithm in response to the AEAD mode being used.
  • an integrity protection and ciphering for the second message is based on an authenticated encryption algorithm in response to the AEAD mode being used.
  • the wireless communication terminal performs at least one of:
  • the AEAD information indicates:
  • an authenticated encryption algorithm is based on an algorithm of a selected ciphering algorithm and a selected integrity algorithm
  • the AEAD mode is used and the select algorithm is based on an algorithm of a selected ciphering algorithm
  • the AEAD mode is used and the select algorithm is based on an algorithm of a selected integrity algorithm.
  • the wireless communication terminal transmits, to the wireless communication node, a third message comprising an authenticated encryption algorithm supported by the wireless communication terminal.
  • the first message comprises a Non-Access-stratum, NAS, Security Mode Complete message or an Access-stratum, AS, Security Mode Complete message;
  • the second message comprises a NAS Security Mode Command message or an AS Security Mode Command message
  • a third message comprising an authenticated encryption algorithm supported by the wireless communication terminal transmitted from the wireless communication terminal transmits to the wireless communication node is a registration request message.
  • the wireless communication method further comprising at least one of:
  • the wireless communication node being not supporting an authenticated encryption algorithm
  • a priority of an integrity algorithm or a ciphering algorithm is higher than a priority of an authenticated encryption algorithm.
  • the present disclosure relates to a computer program product comprising a computer-readable program medium code stored thereupon, the code, when executed by a processor, causing the processor to implement a wireless communication method recited in any one of foregoing methods.
  • the present disclosure is not limited to the exemplary embodiments and applications described and illustrated herein. Additionally, the specific order and/or hierarchy of steps or operations in the methods disclosed herein are merely exemplary approaches. Based upon design preferences, the specific order or hierarchy of steps or operations of the disclosed methods or processes can be re-arranged while remaining within the scope of the present disclosure. Thus, those of ordinary skill in the art will understand that the methods and techniques disclosed herein present various steps or operations in a sample order, and the present disclosure is not limited to the specific order or hierarchy presented unless expressly stated otherwise.
  • FIG. 1 shows a schematic diagram of a network according to an embodiment of the present disclosure.
  • FIG. 2 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 3 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 4 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 5 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 6 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 7 shows an example of a schematic diagram of a wireless communication terminal according to an embodiment of the present disclosure.
  • FIG. 8 shows an example of a schematic diagram of a wireless communication node according to an embodiment of the present disclosure.
  • FIGs. 9 and 10 show flowcharts of wireless communication methods according to some embodiments of the present disclosure.
  • the 256-bit cryptographic algorithms include 256-bit Integrity, Encryption, and Authenticated Encryption (AE) Algorithms for 5G Non-Access Stratum (NAS) and AS layers based on the Advanced Encryption Standard (AES) , the SNOW 5G, and the Zu Chongzhi (ZUC) .
  • the AE is an encryption scheme combining the functionalities of encryption and authentication into a single, efficient operation, providing confidentiality, integrity, and authenticity protection together.
  • the AE scheme allows messages to contain associated data, which needs to be authenticated but does not need to be kept confidential. This mode is called Authenticated encryption with the associated data (AEAD) .
  • the AEAD can provide the encryption and the integrity protection for messages and provide the integrity protection for associated data. If the message is NULL, the AEAD may only provide integrity protection for the associated data and can be regarded as an integrity protection algorithm.
  • the AEAD algorithms can be used in diverse scenarios including the integrity protection only and the encryption and integrity protection together, it can replace the integrity algorithms and encryption algorithms.
  • the AEAD mode shall not be used together with encryption and integrity algorithms.
  • Some embodiments of the present disclosure propose a mechanism to perform algorithm negotiation (e.g., in SMC procedures) between the UE (user equipment) and the 5GS (5G system) .
  • the UE and/or the 5GS may support the AEAD mode.
  • the authenticated encryption is a form of encryption that, in addition to providing confidentiality for the plaintext that is encrypted, provides a way to check its integrity and authenticity.
  • the Authenticated Encryption with Associated Data or the AEAD, adds the ability to check the integrity and authenticity of some Associated Data (AD) .
  • the AD is also called the “additional authenticated data” , that is not encrypted.
  • Some cryptographic applications require both confidentiality and message authentication.
  • the confidentiality is a security service that ensures that data is available only to those authorized to obtain it; usually it is realized through encryption.
  • the message authentication is the service that ensures that data has not been altered or forged by unauthorized entities; e.g., it can be achieved by using a Message Authentication Code (MAC) . This service is also called the data integrity.
  • Some applications use an encryption method and a MAC together to provide both of those security services, with each algorithm using an independent key.
  • both security services using a single crypto algorithm is provided.
  • the cipher and MAC may be replaced by an Authenticated Encryption with Associated Data (AEAD) algorithm.
  • AEAD Authenticated Encryption with Associated Data
  • some crypto algorithms that implement AEAD algorithms are defined, including block cipher modes of operation and dedicated algorithms.
  • the authenticated encryption operation has four inputs, each of which is an octet string:
  • a secret key K which may be generated in a way that is uniformly random or pseudorandom
  • a nonce N each nonce provided to distinct invocations of the Authenticated Encryption operation may be distinct, for any particular value of the key, unless each and every nonce is zero-length.
  • Applications that can generate distinct nonces may use a nonce formation method and may use any other method that meets the uniqueness requirement. Other applications may use zero-length nonces.
  • a plaintext P which contains the data to be encrypted and authenticated.
  • the associated data A which contains the data to be authenticated, but not encrypted.
  • a ciphertext C which is at least as long as the plaintext, or an indication that the requested encryption operation could not be performed.
  • the authenticated decryption operation has four inputs: K, N, A, and C, as described above.
  • the authenticated decryption operation has only a single output, either a plaintext value P or a special symbol FAIL that indicates that the inputs are not authentic.
  • a ciphertext C, a nonce N, and associated data A are authentic for key K, when the C is generated by the encrypt operation with inputs K, N, P, and A, for some values of N, P, and A.
  • the authenticated decrypt operation may, with high probability, return FAIL whenever the inputs N, P, and A were crafted by a nonce-respecting adversary that does not know the secret key (assuming that the AEAD algorithm is secure) .
  • the AEAD_AES_128_GCM authenticated encryption algorithm uses AES-128 as the block cipher, by providing the key, nonce, and plaintext, and associated data to that mode of operation.
  • An authentication tag with a length of 16 octets (128 bits) is used.
  • the AEAD_AES_128_GCM ciphertext is formed by appending the authentication tag provided as an output to the GCM (Galois Counter Mode) encryption operation to the ciphertext that is output by that operation.
  • the input and output lengths are as follows:
  • K_LEN 16 octets
  • P_MAX is 2 ⁇ 36 -31 octets
  • A_MAX is 2 ⁇ 61 -1 octets
  • N_MIN and N_MAX are both 12 octets
  • C_MAX is 2 ⁇ 36 -15 octets.
  • An AEAD_AES_128_GCM ciphertext is 16 octets longer than its corresponding plaintext.
  • K_LEN is 32 octets, instead of 16 octets, and AES-256 GCM is used instead of AES-128 GCM.
  • FIG. 1 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • the NAS SMC shown in FIG. 1 may be used to establish NAS Security context between the UE and the AMF (Access and Mobility Management Function) .
  • This procedure comprises a roundtrip of messages between the AMF and the UE.
  • the AMF sends the NAS Security Mode Command message to the UE and the UE replies with the NAS Security Mode Complete message.
  • the NAS SMC procedure is designed such that it protects the Registration Request against a man-in-the-middle attack where the attacker modifies the IEs (information elements) containing the UE security capabilities provided by the UE in the Registration Request. If the method completes successfully, the UE is attached to the network knowing that no bidding down attack has happened. In case a bidding down attack was attempted, the verification of the NAS SMC may fail, and the UE replies with a reject message meaning that the UE may not attach to the network.
  • the AMF activates the NAS integrity protection before sending the NAS Security Mode Command message.
  • the AMF sends the NAS Security Mode Command message to the UE.
  • the NAS Security Mode Command message may contain: the replayed UE security capabilities, the selected NAS algorithms, and the Key Set Identifier (ngKSI) for identifying the K AMF (e.g., a key of the AMF) .
  • the NAS Security Mode Command message may contain: K_AMF_change_flag (carried in the additional 5G security parameters IE) to indicate a new K AMF is calculated, a flag requesting the complete initial NAS message, Anti-Bidding down Between Architectures (ABBA) parameter.
  • K_AMF_change_flag may be included in the NAS Security Mode Command message.
  • This message may be integrity protected (but not ciphered) with the NAS integrity key based on the K AMF indicated by the ngKSI in the NAS Security Mode Command message (see FIG. 1) .
  • the AMF may also include the selected Evolved Packet System (EPS) NAS algorithms to be used after mobility to the EPS in the NAS Security Mode Command message.
  • EPS Evolved Packet System
  • the UE may store the algorithms for use after mobility to the EPS using the N26 interface between the MME and the AMF.
  • the AMF may store the selected EPS NAS algorithms in the UE security context.
  • the selected EPS NAS algorithms is included in the 5G UE security context and provided to the target AMF as part of the 5G UE security context.
  • the AMF activates the NAS uplink deciphering after sending the NAS Security Mode Command message.
  • the UE may verify the NAS Security Mode Command message. This includes checking that the UE security capabilities sent by the AMF match the ones stored in the UE to ensure that these were not modified by an attacker and verifying the integrity protection using the indicated NAS integrity algorithm and the NAS integrity key based on the K AMF indicated by the ngKSI.
  • the UE may derive a new K AMF and set the NAS COUNTs to zero.
  • the UE may start the NAS integrity protection and ciphering/deciphering with the security context indicated by the ngKSI.
  • the UE sends the NAS Security Mode Complete message to the AMF ciphered and integrity protected.
  • the NAS Security Mode Complete message may include the Permanent Equipment Identifier (PEI) in case the AMF requested it in the NAS Security Mode Command message.
  • PEI Permanent Equipment Identifier
  • the AMF may set the NAS COUNTs to zero if horizontal derivation of K AMF is performed.
  • the UE may include the complete initial NAS message.
  • the NAS Security Mode Reject message may be protected with the previous, if any, 5G NAS security context, i.e., the 5G NAS security context used prior to the failed NAS Security Mode Command message. If no 5G NAS security context existed prior to the NAS Security Mode Command message, the NAS Security Mode Reject message may remain unprotected.
  • the AMF may de-cipher and check the integrity protection on the NAS Security Mode Complete message using the key and algorithm indicated in the NAS Security Mode Command message.
  • NAS downlink ciphering at the AMF with this security context may start after receiving the NAS Security Mode Complete message.
  • the AMF activates NAS downlink ciphering.
  • the UE releases the NAS connection instead of sending the NAS Security Mode Reject message.
  • the AMF successfully validated the NAS SMC Complete message, the AMF has successfully confirmed the Subscription Permanent Identifier (SUPI) received from the home network and the SUPI used by the UE match.
  • SUPI Subscription Permanent Identifier
  • the integrity check failure of the NAS SMC Complete message at the AMF could have other causes than a mismatch of the SUPIs.
  • Each gNB (next generation Node B) or ng-eNB (next generation -evolved Node B) may be configured via network management with lists of algorithms which are allowed for usage. There may be one list for integrity algorithms, and one for ciphering algorithms. These lists may be ordered according to a priority decided by the operator.
  • the AMF may send the UE 5G security capabilities to the gNB/ng-eNB.
  • the gNB/ng-eNB may choose the ciphering algorithm which has the highest priority from its configured list and is also present in the UE 5G security capabilities.
  • FIG. 2 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • the AS (Access-stratum) SMC procedure is for the RRC (Radio Resource Control) and UP (User Plane) security algorithms negotiation and RRC security activation for the gNB/ng-eNB.
  • the AS SMC procedure can be triggered to establish a secure RRC signalling-only connection during UE registration or PDU session establishment. The activation of the UP security is as described.
  • the AS SMC procedure consists of a roundtrip of messages between the gNB/ng-eNB and the UE.
  • the gNB/ng-eNB sends the AS security mode command to the UE and the UE replies with the AS security mode complete message (see FIG. 2) .
  • the AS security mode command message sent from the gNB/ng-eNB to the UE may contain the selected RRC and/or UP encryption and integrity algorithms.
  • This AS security mode command message may be integrity protected with RRC integrity key based on the current K gNB .
  • K gNB is a key derived by the UE and AMF from K AMF .
  • K gNB is further derived by the UE and source gNB when performing horizontal or vertical key derivation. The K gNB is used as K eNB between the UE and ng-eNB.
  • the AS security mode complete message from UE to gNB/ng-eNB may be integrity protected with the selected RRC algorithm indicated in the AS security mode command message and RRC integrity key based on the current K gNB .
  • RRC downlink ciphering (encryption) at the gNB/ng-eNB may start after sending the AS security mode command message.
  • RRC uplink deciphering (decryption) at the gNB/ng-eNB may start after receiving and successful verification of the AS security mode complete message.
  • RRC uplink ciphering (encryption) at the UE may start after sending the AS security mode complete message.
  • RRC downlink deciphering (decryption) at the UE may start after receiving and successful verification of the AS security mode command message.
  • the UE may reply with an unprotected security mode failure message.
  • Ciphering and integrity protection of UP downlink and uplink, at the UE and the gNB/ng-eNB, may start as defined.
  • AS SMC may be used only during an initial context setup between the UE and the gNB/ng-eNB (i.e., to activate an initial K gNB at RRC_IDLE to RRC_CONNECTED state transition) .
  • devices and network elements of mixed cryptographic capabilities may co-exist.
  • some devices and network elements may support AE algorithms, some may just support ciphering and integrity algorithms (e.g., not support AEAD) .
  • ciphering algorithms and integrity algorithms are assigned with different identifier values, e.g., 128-bit SNOW 3G based integrity algorithm 128-NIA1 and ciphering algorithm 128-NEA1 are set to "0001 2 " , respectively.
  • After introducing authenticated encryption algorithms it is possible to assign identifier values to them, e.g., the 256-bit SNOW 5G based authenticated algorithm 256-NCA4 to be set to “0101” .
  • the algorithms can be indicated in the SMC message. In some embodiments, it is also possible that they are not assigned any values. In such cases, the selection of authenticated encryption algorithm cannot be indicated in the SMC message directly.
  • Some embodiments of the present disclosure provide methods for the first scenario that authenticated encryption algorithms are assigned values. Some embodiments of the present disclosure provide methods for the second scenario that authenticated encryption algorithms are not assigned any value.
  • FIG. 3 shows a schematic diagram of a procedure (e.g., a registration procedure) according to an embodiment of the present disclosure.
  • the UE may include all algorithms it supports in the Registration Request message and send it to the AMF.
  • the procedure may include at least one of the following operations.
  • the UE sends the registration request to the AMF forwarded by the gNB/ng-eNB, which performs an AMF selection to determine the AMF.
  • the message contains cleartext IEs and may contain non-cleartext IEs.
  • the UE may include the UE security capabilities as a cleartext IE, e.g., the UE security capabilities include the ciphering, integrity and/or authenticated encryption algorithms supported by the UE.
  • the UE may include only cleartext IEs in the message sends the registration request without integrity protection.
  • the UE uses the current 5G security context algorithms to protect the Registration Request message.
  • the message may be only integrity protected.
  • both cleartext IEs and non-cleartext IEs may be in the NAS message container IE, and the UE may cipher the value part of the NAS message container IE.
  • the UE may then send a registration request message containing the cleartext IEs and the NAS message container IE.
  • the message is protected as by using the ciphering algorithm and integrity algorithm.
  • the message may be protected by the chosen authenticated encryption algorithm, where the input plaintext “P” is the value part of the NAS message container IE, and the input associated data “A” is the cleartext IEs.
  • the output ciphertext “C” is both encrypted and integrity protected.
  • the UE does not need to send non-cleartext IEs, there is no NAS message container, and the input plaintext “P” is set to NULL.
  • the AMF requests the NAS security context from the last visited AMF.
  • the last visited AMF uses the selected algorithm in the NAS security context to verify the Registration Request message and provides the NAS security context to the AMF if the integrity check is successful.
  • the registration can be continued.
  • the AMF may select the algorithms with the highest priority in its locally configured list of algorithms that are also present in the received UE security capabilities.
  • the AMF may send a security message (e.g., a NAS Security Mode Command message, to facilitate the understanding, the NAS Security Mode Command message will be taken as an example in the present disclosure, but the present disclosure is not limited thereto) to the UE, including the selected algorithms, and a flag requesting the UE to send the complete initial NAS message in a response message (e.g., the NAS Security Mode Complete message, to facilitate the understanding, the NAS Security Mode Complete message will be taken as an example in the present disclosure, but the present disclosure is not limited thereto) due to the algorithm in the security context is not supported.
  • a security message e.g., a NAS Security Mode Command message, to facilitate the understanding, the NAS Security Mode Command message will be taken as an example in the present disclosure, but the present disclosure is not limited thereto
  • the AMF may select the algorithms with highest priority in its locally configured list of algorithms that are also present in the received UE security capabilities.
  • the AMF may include the selected algorithms in the NAS Security Mode Command message to the UE.
  • the AMF and the UE may continue the SMC procedure based on authenticated encryption algorithms. In some alternative embodiments, even if the AMF supports authenticated encryption algorithms, the AMF and the UE may continue the SMC procedure without using authenticated encryption algorithms (e.g., using ciphering and integrity protection algorithms) . Details in this regard will be described in the embodiments (e.g., embodiments described in Aspects 2 to 10) below.
  • the UE may send the NAS Security Mode Complete message to the network in response to a NAS Security Mode Command message.
  • the NAS Security Mode Complete message may be ciphered and integrity protected by the selected algorithms sent from the AMF.
  • the NAS Security Mode Complete message may include the complete initial NAS message in a NAS Container if either requested by the AMF or the UE sent the initial NAS message unprotected.
  • the AMF may use the complete initial NAS message that is in the NAS container as the message to respond to.
  • the AMF may send its Registration Accept message to the UE.
  • this message may be ciphered and integrity protected.
  • the NCA4 may be included in the request message.
  • the following parameters may be used as input for the NCE4.
  • the parameters include at least one of:
  • N a nonce as initialization vector.
  • P is the value part of the NAS message container IE
  • A is the cleartext IEs.
  • the AMF chooses ciphering algorithm, integrity algorithm, authentication algorithm, respectively.
  • the AMF uses an AEAD indicator to instruct the UE whether to use the AEAD mode.
  • FIG. 4 shows a schematic diagram of a NAS SMC procedure according to an embodiment of the present disclosure.
  • the procedure may include at least one of the following operations.
  • the AMF decides whether to use the AEAD mode for the NAS protection and activates the NAS integrity protection before sending a security message for the NAS security (e.g., the NAS Security Mode Command message) .
  • a security message for the NAS security e.g., the NAS Security Mode Command message
  • the AMF decides to use the AEAD mode for the NAS protection based on the local configuration that an authenticated encryption algorithm has the highest priority according to the configured lists.
  • the AMF sends a security message (e.g., the NAS Security Mode Command message) to the UE.
  • the security message may contain: the UE security capabilities (e.g., the replayed UE security capabilities sent by the UE to the AMF in previous procedures (e.g., sent via the registration request in the procedure described in embodiments in Aspect 1) ) , the selected NAS algorithms (e.g., including ciphering algorithm, integrity algorithm, and/or authenticated encryption algorithm) , and/or the ngKSI for identifying the K AMF .
  • an AEAD indicator is also included in the message to indicate the decision of AMF on whether to use AEAD mode for NAS protection. For example, the AEAD indicator is set to “1” when the AMF decides to use the AEAD mode, and the indicator is set to “0” when the AMF decides not to use the AEAD mode.
  • the security message (e.g., the NAS Security Mode Command message) may contain: K_AMF_change_flag to indicate a new K AMF is calculated, a flag requesting the complete initial NAS message, the Anti-Bidding down Between Architectures (ABBA) parameter (s) .
  • K_AMF_change_flag may be included in this security message (e.g., the NAS Security Mode Command message) .
  • the security message (e.g., the NAS Security Mode Command message) may contain: the NAS MAC (Message Authentication Code) .
  • the NAS MAC is used to authenticate a message and ensure its integrity.
  • the NAS MAC is the output of integrity protection algorithm (or authenticated encryption algorithm with plaintext setting to NULL) , while the input of the algorithm is the message and a key.
  • the input message is the parameters in the security message described above, including the UE security capabilities, the selected NAS algorithms, etc.
  • this security message (e.g., the NAS Security Mode Command message) may be integrity protected (but not ciphered) with the NAS integrity algorithm (e.g., with a NAS integrity key based on the K AMF indicated by the ngKSI in the security message (e.g., the NAS Security Mode Command message) ) or the NAS authenticated encryption algorithm (e.g., with a NAS authenticated encryption key based on the K AMF indicated by the ngKSI in the security message (e.g., the NAS Security Mode Command message) ) .
  • the NAS integrity algorithm or the NAS authenticated encryption algorithm for the integrity protection of the security message depends on whether to use the AEAD mode (e.g., whether the AEAD indicator indicate to use the AEAD) .
  • the AMF activates the NAS uplink deciphering after sending the security message (e.g., the NAS Security Mode Command message) .
  • the security message e.g., the NAS Security Mode Command message
  • the UE may verify the security message (e.g., the NAS Security Mode Command message) .
  • the verification includes checking that the UE security capabilities sent by the AMF match the ones stored in the UE to ensure that these UE security capabilities were not modified by an attacker and verifying the integrity protection.
  • the UE uses the indicated NAS authenticated encryption algorithm and the NAS authenticated encryption key to verify the integrity protection of the security message.
  • the UE uses the indicated NAS integrity algorithm and the NAS integrity key based on the K AMF indicated by the ngKSI to verify the integrity protection of the security message.
  • the UE may start the NAS integrity protection and ciphering/deciphering (e.g., the UE may decipher the subsequent encrypted NAS message sent after SMC, such as the registration accept message) with the security context indicated by the ngKSI (e.g., performing the NAS integrity and ciphering on the security message (e.g., the NAS Security Mode Complete message) to be sent to the AMF) .
  • the received AEAD indicator indicates that AEAD mode shall be used
  • the UE uses NAS authenticated encryption algorithm for the NAS integrity protection and ciphering/deciphering.
  • the UE uses NAS integrity algorithm and ciphering algorithm for the NAS integrity protection and ciphering/deciphering.
  • the UE sends a response message (e.g., the NAS Security Mode Complete message) to the AMF, in which the response message is ciphered and integrity protected.
  • a response message e.g., the NAS Security Mode Complete message
  • the UE uses authenticated encryption algorithm for ciphering and integrity protection.
  • the UE uses integrity algorithm for integrity protection and ciphering algorithm for ciphering.
  • the response message (e.g., the NAS Security Mode Complete message) may include the PEI in case the AMF requested the PEI in the security message (e.g., the NAS Security Mode Command message) .
  • the AMF may set the NAS COUNTs to zero if the horizontal derivation of K AMF is performed.
  • the UE may include the complete initial NAS message in the response message.
  • the UE may include the complete initial NAS message in the NAS container in the response message.
  • the UE may reply with a reject message (e.g., NAS Security Mode Reject message) .
  • the reject message e.g., NAS Security Mode Reject message
  • all subsequent NAS messages may be protected with the previous, if any, 5G NAS security context, e.g., the 5G NAS security context used prior to the failed security message (e.g., the NAS Security Mode Command message) .
  • the reject message e.g., NAS Security Mode Reject message
  • the AMF may decipher and check the integrity protection on the response message (e.g., the NAS Security Mode Complete message) using the key and algorithm indicated in the security message.
  • the NAS downlink ciphering at the AMF with this security context may start after receiving the response message (e.g., the NAS Security Mode Complete message) .
  • the response message (e.g., the NAS Security Mode Complete message) may contain: the NAS MAC.
  • the NAS MAC is used to authenticate a message and ensure its integrity.
  • the NAS MAC is the output of integrity protection algorithm (or authenticated encryption algorithm with plaintext setting to NULL) , while the input of the algorithm is the message and a key.
  • the input message may include the complete initial NAS message in NAS container.
  • the AMF activates NAS downlink ciphering.
  • the UE supports ciphering algorithm NEA0, NEA1, NEA2 and NEA4, supports integrity algorithm NIA0, NIA1, NIA2 and NIA4 and supports authenticated algorithm NCA4 and NCA5.
  • the AMF may select the algorithms with highest priority in its locally configured list of algorithms that are also present in the received UE security capabilities. For example, NEA1, NIA1 and NCA4.
  • the Security Mode Command message may contain the identifiers of NEA1, NIA1 and NCA4, also the AEAD indicator “1” .
  • the Security Mode Command message may contain the identifiers of NEA1, NIA1 and NCA4, also the AEAD indicator “0” .
  • FIG. 5 shows a schematic diagram of an AS SMC procedure according to an embodiment of the present disclosure.
  • the procedure may include at least one of the following operations.
  • the gNB/ng-eNB decides whether to use AEAD mode for the AS protection and starts the RRC integrity protection based on the chosen mode. In some embodiments, if the gNB/ng-eNB decides to use the AEAD mode, the authentication encryption algorithm may be used for integrity. Otherwise, the integrity algorithm is used. For example, the gNB/ng-eNB decides to use the AEAD mode based on the local configuration that an authenticated encryption algorithm has the highest priority according to the configured lists.
  • the gNB/ng-eNB sends a security message (e.g., the AS Security Mode Command message) to UE.
  • the message may contain the selected RRC and/or the UP encryption algorithms, integrity algorithms, and authenticated encryption algorithms.
  • an AEAD indicator is also includes in the message to indicates the decision of gNB/ng-eNB on whether to use AEAD mode for the AS protection. For example, the AEAD indicator is set to “1” when gNB/ng-eNB decide to use AEAD mode, and the indicator is set to “0” when the gNB/ng-eNB decides not to use AEAD mode.
  • this security message may be integrity protected with RRC integrity algorithm (e.g., with a RRC integrity key based on the current K gNB ) or RRC authenticated encryption algorithm (e.g., with a RRC authenticated encryption key based on the current K gNB ) .
  • whether to use integrity algorithm or authenticated encryption algorithm for the integrity protection of the security message depends on whether to use AEAD mode (e.g., whether the AEAD indicator indicates to use the AEAD) .
  • the security message (e.g., the AS Security Mode Command message) may contain: the MAC-I (message authentication code for integrity) .
  • the MAC-I is used to authenticate a message and ensure its integrity.
  • the MAC-I is the output of integrity protection algorithm (or authenticated encryption algorithm with plaintext setting to NULL) , while the input of the algorithm is the message and a key.
  • the input message is the parameters in the security message described above, including the selected RRC and/or the UP encryption algorithms, integrity algorithms, and authenticated encryption algorithms, etc.
  • the gNB/ng-eNB starts RRC downlink ciphering (encryption) after sending the security message.
  • the UE may verify the security message (e.g., the AS Security Mode Command message) .
  • the UE uses the indicated RRC authenticated encryption algorithm and the RRC authenticated encryption key to verify the integrity protection of the security message.
  • the UE uses the indicated RRC integrity algorithm and the RRC integrity key based on the K gNB to verify the integrity protection of the security message.
  • the UE may start RRC integrity protection and RRC downlink deciphering.
  • the UE uses RRC authenticated encryption algorithm for the RRC integrity protection and ciphering/deciphering (e.g., performing the RRC integrity and ciphering/deciphering on the response message (e.g., the AS Security Mode Complete message) to be sent to the gNB/ng-eNB) .
  • the UE uses RRC integrity algorithm and ciphering algorithm for the RRC integrity protection and ciphering/deciphering.
  • the UE sends a response message (e.g., the AS Security Mode Complete message) to the gNB/ng-eNB.
  • the message may be integrity protected with the selected RRC algorithm indicated in the security message described in operation 1b.
  • the UE uses RRC authenticated encryption algorithm for integrity protection.
  • the UE uses RRC integrity algorithm for integrity protection.
  • the response message may contain: the MAC-I.
  • the MAC-I is used to authenticate a message and ensure its integrity.
  • the MAC-I is the output of integrity protection algorithm (or authenticated encryption algorithm with plaintext setting to NULL) , while the input of the algorithm is the message and a key. In this scenario, the input message is the response message described above.
  • the UE starts the RRC uplink ciphering (encryption) .
  • the gNB/ng-eNB starts the RRC uplink deciphering (decryption) .
  • another NAS SMC procedure is provided.
  • This procedure has many aspects substantially identical to the NAS SMC procedure in Aspect 2.
  • the AMF sends the AEAD usage policy instead of an indicator to the UE in the security message (e.g., the NAS Security Mode Command message) .
  • the security message contains the UE security capabilities (e.g., the replayed UE security capabilities sent by the UE to the AMF in previous procedures (e.g., sent via the registration request in the procedure described in embodiments in Aspect 1) ) , the selected NAS ciphering algorithm, integrity algorithm, authenticated encryption algorithm, the ngKSI for identifying the K AMF , and/or an AEAD usage policy.
  • the AEAD usage policy is to indicate the decision of the AMF on whether and/or how to use the AEAD mode for the NAS protection.
  • the AMF decides whether to use the AEAD mode for the NAS protection and activates the NAS integrity protection before sending a security message for the NAS security (e.g., the NAS Security Mode Command message) . Details of this operation can be ascertained by referring to the operation 1a in Aspect 2, and will not be repeated herein.
  • the AMF sends a security message (e.g., the NAS Security Mode Command message) to the UE.
  • the security message may contain: the UE security capabilities (e.g., the replayed UE security capabilities sent by the UE to the AMF in previous procedures (e.g., sent via the registration request in the procedure described in embodiments in Aspect 1) ) , the selected NAS algorithms (e.g., including ciphering algorithm, integrity algorithm, and/or authenticated encryption algorithm) , and/or the ngKSI for identifying the K AMF .
  • an AEAD usage policy is also included in the message to indicate the decision of the AMF on whether and/or how to use the AEAD mode for the NAS protection. Details of this operation can be ascertained by referring to the operation 1b in Aspect 2, and will not be repeated herein.
  • the AEAD usage policy can indicate the authenticated encryption algorithm is always used. In some embodiments, for example, the AEAD usage policy can indicate the authenticated encryption algorithm is used when the message requires both encryption and integrity protections, and the integrity algorithm is used when the message requires only integrity protection. In some embodiments, for example, the AEAD usage policy can indicate the authenticated encryption algorithm is not used.
  • the AMF activates the NAS uplink deciphering after sending the security message.
  • the UE may verify the security message. In some embodiments, the verification includes checking that the UE security capabilities sent by the AMF match the ones stored in the UE to ensure that these UE security capabilities were not modified by an attacker and verifying the integrity protection. In some embodiments, the UE verifies the security message based on the AEAD usage policy in the security message.
  • the UE when the UE receives the security message (e.g., the NAS Security Mode Command message) , the UE verifies the security message using the authenticated encryption algorithm. Similarly, the UE transmits the response message (e.g., the NAS Security Mode Complete message) ciphered and integrity protected by using the authenticated encryption algorithm.
  • the security message e.g., the NAS Security Mode Command message
  • the response message e.g., the NAS Security Mode Complete message
  • the AEAD usage policy indicates that the authenticated encryption algorithm is used when the message requires both encryption and integrity protections and the integrity algorithm is used when the message requires only integrity protection.
  • the UE receives the security message (e.g., the NAS Security Mode Command message)
  • the UE verifies the security message using the integrity algorithm in response to that the security message has only integrity protection.
  • the UE transmits the response message ciphered and integrity protected by using the authenticated encryption algorithm in response to that the response message requires both encryption and integrity protections.
  • the UE may start the NAS integrity protection and ciphering/deciphering with the security context indicated by the ngKSI (e.g., performing the NAS integrity and ciphering on the security message (e.g., the NAS Security Mode Complete message) to be sent to the AMF) .
  • the security context indicated by the ngKSI e.g., performing the NAS integrity and ciphering on the security message (e.g., the NAS Security Mode Complete message) to be sent to the AMF.
  • the UE uses NAS authenticated encryption algorithm for the NAS integrity protection and ciphering/deciphering. In some embodiments, based on the AEAD usage policy, if AEAD mode shall not be used, the UE uses NAS integrity algorithm and ciphering algorithm for the NAS integrity protection and ciphering/deciphering.
  • the UE sends a response message (e.g., the NAS Security Mode Complete message) to the AMF, in which the response message is ciphered and integrity protected.
  • a response message e.g., the NAS Security Mode Complete message
  • the UE uses authenticated encryption algorithm for ciphering and integrity protection.
  • the UE uses integrity algorithm for integrity protection and ciphering algorithm for ciphering.
  • the UE may reply with a reject message (e.g., NAS Security Mode Reject message) if the verification of the security message (e.g., the NAS Security Mode Command message) is not successful by the UE.
  • a reject message e.g., NAS Security Mode Reject message
  • the AMF may decipher and check the integrity protection on the response message (e.g., the NAS Security Mode Complete message) .
  • the AMF activates NAS downlink ciphering.
  • another AS SMC procedure is provided.
  • This procedure has many aspects substantially identical to the AS SMC procedure in Aspect 3.
  • the gNB/ng-eNB sends the AEAD usage policy instead of an indicator to the UE in the security message (e.g., the AS Security Mode Command message) .
  • the security message sent from gNB/ng-eNB to UE may contain the selected RRC and/or UP encryption algorithm, integrity algorithms authenticated encryption algorithms, and/or an AEAD usage policy.
  • the AEAD usage policy is to indicate the decision of the gNB/ng-eNB on whether and how to use AEAD mode for the RRC and/or the UP protection.
  • the UE’s algorithm selection may follow the AEAD usage policy sent by gNB/ng-eNB.
  • the gNB/ng-eNB decides whether to use AEAD mode for the AS protection and starts the RRC integrity protection based on the chosen mode. Details of this operation can be ascertained by referring to the operation 1a in Aspect 3, and will not be repeated herein.
  • the gNB/ng-eNB sends a security message (e.g., the AS Security Mode Command message) to UE.
  • the message may contain the selected RRC and/or the UP encryption algorithms, integrity algorithms, and authenticated encryption algorithms.
  • an AEAD usage policy is also includes in the message to indicates the decision of gNB/ng-eNB on whether and/or how to use the AEAD mode for the AS protection. Details of this operation can be ascertained by referring to the operation 1b in Aspect 3, and will not be repeated herein.
  • the AEAD usage policy can indicate the authenticated encryption algorithm is always used. In some embodiments, for example, the AEAD usage policy can indicate the authenticated encryption algorithm is used when the message requires both encryption and integrity protections, and the integrity algorithm is used when the message requires only integrity protection. In some embodiments, for example, the AEAD usage policy can indicate the authenticated encryption algorithm is not used.
  • the gNB/ng-eNB starts RRC downlink ciphering (encryption) after sending the security message.
  • the UE may verify the security message (e.g., the AS Security Mode Command message) . In some embodiments, the UE verifies the security message based on the AEAD usage policy in the security message.
  • the security message e.g., the AS Security Mode Command message
  • the UE when the UE receives the security message (e.g., the AS Security Mode Command message) , the UE verifies the security message using the authenticated encryption algorithm. Similarly, the UE transmits the response message ciphered and integrity protected by using the authenticated encryption algorithm.
  • the security message e.g., the AS Security Mode Command message
  • the AEAD usage policy indicates that the authenticated encryption algorithm is used when the message requires both encryption and integrity protections and the integrity algorithm is used when the message requires only integrity protection.
  • the UE receives the security message (e.g., the AS Security Mode Command message)
  • the UE verifies the security message using the integrity algorithm in response to that the security message has only integrity protection.
  • the UE transmits the response message (e.g., the AS Security Mode Complete message) ciphered and integrity protected by using the authenticated encryption algorithm in response to that the response message requires both encryption and integrity protections.
  • the UE uses the indicated RRC authenticated encryption algorithm and the RRC authenticated encryption key to verify the integrity protection of the security message. In some embodiments, based on the received AEAD usage policy, if the AEAD mode shall not be used, the UE uses the indicated RRC integrity algorithm and the RRC integrity key based on the K gNB to verify the integrity protection of the security message.
  • the UE may start RRC integrity protection and RRC downlink deciphering.
  • the UE uses RRC authenticated encryption algorithm for the RRC integrity protection and ciphering/deciphering (e.g., performing the RRC integrity and ciphering on the security message (e.g., the AS Security Mode Complete message) to be sent to the gNB/ng-eNB) .
  • the UE uses RRC integrity algorithm and ciphering algorithm for the RRC integrity protection and ciphering/deciphering.
  • the UE After RRC integrity protection and RRC downlink deciphering, the UE sends a response message (e.g., the AS Security Mode Complete message) to the gNB/ng-eNB.
  • the message may be integrity protected with the selected RRC algorithm based on the received AEAD usage policy in the security message.
  • the UE based on the received AEAD usage policy, if the AEAD mode is used, the UE uses RRC authenticated encryption algorithm for integrity protection.
  • the UE based on the received AEAD usage policy, if the AEAD mode is not used, the UE uses RRC integrity algorithm for integrity protection. Details of these operations can be ascertained by referring to the operation 2b in Aspect 3, and will not be repeated herein.
  • the UE After sending the response message, the UE starts the RRC uplink ciphering (encryption) .
  • the gNB/ng-eNB After receiving the response message, the gNB/ng-eNB starts the RRC uplink deciphering (decryption) .
  • FIG. 6 shows a schematic diagram of a NAS SMC procedure according to an embodiment of the present disclosure.
  • the AMF chooses ciphering algorithm and integrity algorithm, or authentication algorithm.
  • the UE decides whether to use the AEAD mode based on the receiving algorithms.
  • the procedure may include at least one of the following operations.
  • the AMF decides whether to use the AEAD mode for the NAS protection and activates the NAS integrity protection before sending a security message for the NAS security (e.g., the NAS Security Mode Command message) .
  • a security message for the NAS security e.g., the NAS Security Mode Command message
  • the AMF decides to use the AEAD mode for the NAS protection based on the local configuration that an authenticated encryption algorithm has the highest priority according to the configured lists.
  • the AMF sends a security message (e.g., the NAS Security Mode Command message) to the UE.
  • the security message may contain: the UE security capabilities (e.g., the replayed UE security capabilities sent by the UE to the AMF in previous procedures (e.g., sent via the registration request in the procedure described in embodiments in Aspect 1) ) , the selected NAS algorithms (e.g., including either ciphering algorithm and integrity algorithm, or authenticated encryption algorithm) , and/or the ngKSI for identifying the K AMF .
  • the AMF decides to use the AEAD mode, only authenticated encryption algorithm may be sent.
  • the security message may contain: K_AMF_change_flag to indicate a new K AMF is calculated, a flag requesting the complete initial NAS message, Anti-Bidding down Between Architectures (ABBA) parameter.
  • ABBA Anti-Bidding down Between Architectures
  • K_AMF_change_flag may be included in the security message.
  • the security message e.g., the NAS Security Mode Command message
  • the NAS MAC may contain: the NAS MAC. Details of the NAS MAC can be ascertained by referring to the embodiments in Aspect 2 above and will not be repeated herein.
  • the security message may be integrity protected with the authenticated encryption algorithm (e.g., with a NAS authenticated encryption key) . If not, this security message may be integrity protected with the NAS integrity key (e.g., with a NAS integrity key) .
  • the AMF activates NAS uplink deciphering after sending the security message.
  • the UE may verify the security message. This includes checking that the UE security capabilities sent by the AMF match the ones stored in the UE to ensure that these were not modified by an attacker and verifying the integrity protection.
  • the authenticated encryption algorithm e.g., it may indicate the AEAD mode is used
  • the UE uses the indicated NAS authenticated encryption algorithm and the NAS authenticated encryption key to verify the integrity protection of the security message.
  • the integrity algorithm e.g., it may indicate the AEAD mode is not used
  • the UE uses the indicated NAS integrity algorithm and the NAS integrity key based on the K AMF indicated by the ngKSI to verify the integrity protection of the security message.
  • the UE may start the NAS integrity protection and ciphering/deciphering with the security context indicated by the ngKSI (e.g., performing the NAS integrity and ciphering on the security message (e.g., the NAS Security Mode Complete message) to be sent to the AMF) .
  • the authenticated encryption algorithm or the ciphering algorithm and integrity algorithm on the NAS integrity protection and ciphering/deciphering depends on the algorithm it received in the security message. For example, when the UE receives the authenticated encryption algorithm in the security message, the UE use the authenticated encryption algorithm on the NAS integrity protection and ciphering/deciphering. When the UE receives the ciphering algorithm and integrity algorithm in the security message, the UE use the ciphering algorithm and integrity algorithm on the NAS integrity protection and ciphering/deciphering.
  • the UE sends a response message (e.g., NAS Security Mode Complete message) to the AMF, in which the response message is ciphered and integrity protected.
  • a response message e.g., NAS Security Mode Complete message
  • the UE uses the authenticated encryption algorithm for ciphering and integrity protection.
  • the UE uses the integrity algorithm for the integrity protection and the ciphering algorithm for ciphering.
  • the NAS Security Mode Complete message may include the PEI in case the AMF requested it in the NAS Security Mode Command message.
  • the AMF may set the NAS COUNTs to zero if the horizontal derivation of K AMF is performed.
  • the UE may include the complete initial NAS message.
  • the verification of the security message may reply with a reject message (e.g., the NAS Security Mode Reject message) if the verification of the security message is not successful in the UE, it may reply with a reject message (e.g., the NAS Security Mode Reject message) .
  • the reject message and all subsequent NAS messages may be protected with the previous, if any, 5G NAS security context, i.e., the 5G NAS security context used prior to the failed security message.
  • the reject message may remain unprotected.
  • the AMF may decipher and check the integrity protection on the response message using the key and algorithm indicated in the security message.
  • the NAS downlink ciphering at the AMF with this security context may start after receiving the response message.
  • the response message (e.g., the NAS Security Mode Complete message) may contain: the NAS MAC. Details of the NAS MAC can be ascertained by referring to the embodiments in Aspect 2 above and will not be repeated herein.
  • the AMF activates NAS downlink ciphering.
  • the UE supports the ciphering algorithm NEA0, NEA1, NEA2 and NEA4, supports the integrity algorithm NIA0, NIA1, NIA2 and NIA4 and supports the authenticated algorithm NCA4 and NCA5.
  • the AMF may select the algorithms with highest priority in its locally configured list of algorithms that are also present in the received UE security capabilities. For example, NEA1, NIA1 and NCA4.
  • the Security Mode Command message may contain the identifiers of NCA4.
  • the Security Mode Command message may contain the identifiers of NEA1, NIA1.
  • AS SMC procedure has many aspects substantially identical to the AS SMC procedure in Aspect 3. The difference is, in this AS SMC procedure, instead of using the AEAD indicator, the gNB/ng-eNB sends the selected RRC and/or UP encryption and integrity algorithms or the gNB/ng-eNB sends the selected RRC and/or UP authenticated encryption algorithms to indicate whether to use AEAD mode.
  • the security message (e.g., the AS Security Mode Command message) sent from gNB/ng-eNB to UE contains the selected RRC and/or UP encryption and integrity algorithms or contains the selected RRC and/or UP authenticated encryption algorithms.
  • the selected RRC and/or UP authenticated encryption algorithms may be included in the message.
  • the gNB/ng-eNB decides to use the AEAD mode, only authenticated encryption algorithm may be sent. If the gNB/ng-eNB decides to refrain from using the AEAD mode, only ciphering algorithm and integrity algorithm may be sent.
  • the UE may check whether the RRC and/or UP authenticated encryption algorithm is included. If the RRC and/or UP authenticated encryption algorithm is included, the UE may use the authenticated encryption algorithm for RRC and/or UP protection. If the RRC and/or UP authenticated encryption algorithm is absent from the security message, the UE may use the selected RRC and/or UP encryption and integrity algorithms for ciphering/deciphering and integrity protection.
  • the gNB/ng-eNB decides whether to use AEAD mode for the AS protection and starts the RRC integrity protection based on the chosen mode. Details of this operation can be ascertained by referring to the operation 1a in Aspect 3, and will not be repeated herein.
  • the gNB/ng-eNB sends a security message (e.g., the AS Security Mode Command message) to UE.
  • security message contains the selected RRC and/or UP encryption and integrity algorithms or contains the selected RRC and/or UP authenticated encryption algorithms.
  • the gNB/ng-eNB decides to use the AEAD mode, only RRC and/or UP authenticated encryption algorithms may be sent. If the gNB/ng-eNB decides to refrain from using the AEAD mode, only the selected RRC and/or UP encryption and integrity algorithms may be sent. Details of this operation can be ascertained by referring to the operation 1b in Aspect 3, and will not be repeated herein.
  • the gNB/ng-eNB starts RRC downlink ciphering (encryption) after sending the security message.
  • the UE may verify the security message (e.g., the AS Security Mode Command message) . In some embodiments, the UE verifies the security message based on the algorithm (s) in the security message. In some embodiments, the UE may check whether the RRC and/or UP authenticated encryption algorithm is included in the security message. If the RRC and/or UP authenticated encryption algorithm is included (it may indicate AEAD mode shall be used) , the UE uses the indicated RRC authenticated encryption algorithm and the RRC authenticated encryption key to verify the integrity protection of the security message.
  • the security message e.g., the AS Security Mode Command message
  • the UE verifies the security message based on the algorithm (s) in the security message.
  • the UE may check whether the RRC and/or UP authenticated encryption algorithm is included in the security message. If the RRC and/or UP authenticated encryption algorithm is included (it may indicate AEAD mode shall be used) , the UE uses the indicated RRC authenticated encryption algorithm and the RRC authenticated encryption key to verify
  • the UE uses the indicated RRC integrity algorithm and the RRC integrity key based on the K gNB to verify the integrity protection of the security message.
  • the UE may start RRC integrity protection and RRC downlink deciphering.
  • the UE uses RRC authenticated encryption algorithm for the RRC integrity protection and ciphering/deciphering (e.g., performing the RRC integrity and ciphering on the security message (e.g., the AS Security Mode Complete message) to be sent to the gNB/ng-eNB) .
  • the UE uses RRC integrity algorithm and ciphering algorithm for the RRC integrity protection and ciphering/deciphering.
  • the UE After RRC integrity protection and RRC downlink deciphering, the UE sends a response message (e.g., the AS Security Mode Complete message) to the gNB/ng-eNB.
  • the message may be integrity protected with the selected RRC algorithm based on the algorithm (s) in the security message.
  • the UE based on the algorithm (s) in the security message, if the AEAD mode shall be used, the UE uses RRC authenticated encryption algorithm for integrity protection.
  • the UE based on the algorithm (s) in the security message, if the AEAD mode shall not be used, the UE uses RRC integrity algorithm for integrity protection. Details of these operations can be ascertained by referring to the operation 2b in Aspect 3, and will not be repeated herein.
  • the UE After sending the response message, the UE starts the RRC uplink ciphering (encryption) .
  • the gNB/ng-eNB After receiving the response message, the gNB/ng-eNB starts the RRC uplink deciphering (decryption) .
  • another NAS SMC procedure is provided.
  • This procedure has many aspects substantially identical to the NAS SMC procedure in Aspect 6. The difference is, in this NAS SMC procedure, the ciphering and integrity algorithm may always be sent, while in embodiments in Aspect 6, the ciphering and integrity algorithm may be sent to UE only if it is decided to be used.
  • the AMF may send the security message to the UE containing: the UE security capabilities (e.g., the replayed UE security capabilities sent by the UE to the AMF in previous procedures (e.g., sent via the registration request in the procedure described in embodiments in Aspect 1) ) , the selected ciphering algorithm, integrity algorithm, and the ngKSI for identifying the K AMF .
  • the NAS Security Mode Command message may contain: K_AMF_change_flag to indicate a new K AMF is calculated, a flag requesting the complete initial NAS message, Anti-Bidding down Between Architectures (ABBA) parameter.
  • ABBA Anti-Bidding down Between Architectures
  • the selected NAS authenticated encryption algorithm may also be included in the message.
  • the UE may verify the security message. Upon receiving the security message, the UE may check whether the NAS authenticated encryption algorithm is included. If the NAS authenticated encryption algorithm is included (it may indicate the AEAD mode shall be used) , the UE may use the authenticated encryption algorithm for NAS protection. If the NAS authenticated encryption algorithm is absent from the security message (it may indicate the AEAD mode shall not be used) , the UE may use the selected ciphering algorithm and integrity algorithm.
  • the AMF decides whether to use the AEAD mode for the NAS protection and activates the NAS integrity protection before sending a security message for the NAS security (e.g., the NAS Security Mode Command message) . Details of this operation can be ascertained by referring to the operation 1a in Aspect 6, and will not be repeated herein.
  • the AMF sends a security message (e.g., the NAS Security Mode Command message) to the UE.
  • the security message may contain: the UE security capabilities (e.g., the replayed UE security capabilities sent by the UE to the AMF in previous procedures (e.g., sent via the registration request in the procedure described in embodiments in Aspect 1) ) , the selected NAS algorithms (e.g., including ciphering algorithm and integrity algorithm) , and/or the ngKSI for identifying the K AMF .
  • the selected NAS algorithms e.g., including ciphering algorithm and integrity algorithm
  • the ngKSI for identifying the K AMF .
  • the selected NAS authenticated encryption algorithm may also be included in the security message. If the AMF decides to refrain from using the AEAD mode, the selected NAS authenticated encryption algorithm may be absent from the security message. Details of this operation can be ascertained by referring to the operation 1b in Aspect 6, and will not be repeated herein.
  • the AMF activates the NAS uplink deciphering after sending the security message.
  • the UE may verify the security message. In some embodiments, the verification includes checking that the UE security capabilities sent by the AMF match the ones stored in the UE to ensure that these UE security capabilities were not modified by an attacker and verifying the integrity protection. In some embodiments, the UE verifies the security message based on the received algorithm (s) in the security message.
  • the UE verifies the security message using the authenticated encryption algorithm. If the selected NAS authenticated encryption algorithm is absent from the security message, the UE verifies the security message using the integrity algorithm. Details of the verification can be ascertained by referring to the operation 2a in Aspect 6, and will not be repeated herein.
  • the UE may start the NAS integrity protection and ciphering/deciphering with the security context indicated by the ngKSI (e.g., performing the NAS integrity and ciphering on the security message (e.g., the NAS Security Mode Complete message) to be sent to the AMF) .
  • the security context indicated by the ngKSI e.g., performing the NAS integrity and ciphering on the security message (e.g., the NAS Security Mode Complete message) to be sent to the AMF.
  • the UE uses NAS authenticated encryption algorithm for the NAS integrity protection and ciphering/deciphering. In some embodiments, based on the received algorithm (s) in the security message, if AEAD mode shall not be used, the UE uses NAS integrity algorithm and ciphering algorithm for the NAS integrity protection and ciphering/deciphering.
  • the UE sends a response message (e.g., the NAS Security Mode Complete message) to the AMF, in which the response message is ciphered and integrity protected.
  • a response message e.g., the NAS Security Mode Complete message
  • the UE uses authenticated encryption algorithm for ciphering and integrity protection.
  • the UE uses integrity algorithm for integrity protection and ciphering algorithm for ciphering.
  • the UE may reply with a reject message (e.g., NAS Security Mode Reject message) if the verification of the security message (e.g., the NAS Security Mode Command message) is not successful by the UE.
  • a reject message e.g., NAS Security Mode Reject message
  • the AMF may decipher and check the integrity protection on the response message (e.g., the NAS Security Mode Complete message) .
  • the AMF activates NAS downlink ciphering.
  • the UE supports ciphering algorithm NEA0, NEA1, NEA2 and NEA4, supports integrity algorithm NIA0, NIA1, NIA2 and NIA4 and supports authenticated algorithm NCA4 and NCA5.
  • the AMF may select the algorithms with highest priority in its locally configured list of algorithms that are also present in the received UE security capabilities. For example, NEA2, NIA1 and NCA4.
  • the Security Mode Command message may contain the identifiers of NEA1, NIA1, NCA4.
  • the Security Mode Command message may contain the identifiers of NEA1, NIA1.
  • AS SMC procedure has many aspects substantially identical to the AS SMC procedure in Aspect 7. The difference is, in this AS SMC procedure, the ciphering and integrity algorithm may always be sent, while in embodiments in Aspect 7, the ciphering and integrity algorithm may be sent to UE only if it is decided to be used.
  • the security message (e.g., the AS Security Mode Command message) sent from the gNB/ng-eNB to the UE may contain the selected RRC and/or UP encryption algorithm, integrity algorithms.
  • the selected RRC and/or UP authenticated encryption algorithms may also be included in the security message.
  • the gNB/ng-eNB decides to use the AEAD mode, all ciphering algorithm, integrity algorithm and authenticated encryption algorithm may be sent. If the gNB/ng-eNB decides to refrain from using the AEAD mode, only ciphering algorithm and integrity algorithm may be sent.
  • the UE may check whether the RRC and/or the UP authenticated encryption algorithm is included. In some embodiments, if the RRC and/or the UP authenticated encryption algorithm is included (it may indicate the AEAD mode shall be used) , the UE may use the authenticated encryption algorithm for RRC and/or UP protection. In some embodiments, if the RRC and/or the UP authenticated encryption algorithm is absent from the security message (it may indicate the AEAD mode shall not be used) , the UE may use the selected RRC and/or UP encryption and integrity algorithms.
  • the gNB/ng-eNB decides whether to use AEAD mode for the AS protection and starts the RRC integrity protection based on the chosen mode. Details of this operation can be ascertained by referring to the operation 1a in Aspect 7, and will not be repeated herein.
  • the gNB/ng-eNB sends a security message (e.g., the AS Security Mode Command message) to UE.
  • the security message contains the selected RRC and/or UP encryption and integrity algorithms.
  • the security message further contains the selected RRC and/or UP authenticated encryption algorithms.
  • the selected RRC and/or UP authenticated encryption algorithms are included in the security message.
  • the selected RRC and/or UP authenticated encryption algorithms are absent from the security message.
  • the gNB/ng-eNB starts RRC downlink ciphering (encryption) after sending the security message.
  • the UE may verify the security message (e.g., the AS Security Mode Command message) . In some embodiments, the UE verifies the security message based on the algorithm (s) in the security message. In some embodiments, the UE may check whether the RRC and/or UP authenticated encryption algorithm is included in the security message. If the RRC and/or UP authenticated encryption algorithm is included (it may indicate AEAD mode shall be used) , the UE uses the indicated RRC authenticated encryption algorithm and the RRC authenticated encryption key to verify the integrity protection of the security message.
  • the security message e.g., the AS Security Mode Command message
  • the UE verifies the security message based on the algorithm (s) in the security message.
  • the UE may check whether the RRC and/or UP authenticated encryption algorithm is included in the security message. If the RRC and/or UP authenticated encryption algorithm is included (it may indicate AEAD mode shall be used) , the UE uses the indicated RRC authenticated encryption algorithm and the RRC authenticated encryption key to verify
  • the UE uses the indicated RRC integrity algorithm and the RRC integrity key based on the K gNB to verify the integrity protection of the security message.
  • the UE may start RRC integrity protection and RRC downlink deciphering.
  • the UE uses RRC authenticated encryption algorithm for the RRC integrity protection and ciphering/deciphering (e.g., performing the RRC integrity and ciphering on the security message (e.g., the AS Security Mode Complete message) to be sent to the gNB/ng-eNB) .
  • the UE uses RRC integrity algorithm and ciphering algorithm for the RRC integrity protection and ciphering/deciphering.
  • the UE After RRC integrity protection and RRC downlink deciphering, the UE sends a response message (e.g., the AS Security Mode Complete message) to the gNB/ng-eNB.
  • the message may be integrity protected with the selected RRC algorithm based on the algorithm (s) in the security message.
  • the UE based on the algorithm (s) in the security message, if the AEAD mode shall be used, the UE uses RRC authenticated encryption algorithm for integrity protection.
  • the UE based on the algorithm (s) in the security message, if the AEAD mode shall not be used, the UE uses RRC integrity algorithm for integrity protection. Details of these operations can be ascertained by referring to the operation 2b in Aspect 7, and will not be repeated herein.
  • the UE After sending the response message, the UE starts the RRC uplink ciphering (encryption) .
  • the gNB/ng-eNB After receiving the response message, the gNB/ng-eNB starts the RRC uplink deciphering (decryption) .
  • This embodiment may be applied when there is no new identifier introduced for the Authenticated Algorithm.
  • another indicator is introduced to the security message (e.g., the Security Mode Command message) indicate that whether AEAD mode (e.g., the authenticated encryption algorithm) is used.
  • the AMF sends the security message to the UE.
  • the security message may contain: the UE security capabilities (e.g., the replayed UE security capabilities sent by the UE to the AMF in previous procedures (e.g., sent via the registration request in the procedure described in embodiments in Aspect 1) ) , the selected ciphering algorithm, integrity algorithm, and the ngKSI for identifying the K AMF .
  • the security message may contain: K_AMF_change_flag to indicate a new K AMF is calculated, a flag requesting the complete initial NAS message, Anti-Bidding down Between Architectures (ABBA) parameter.
  • ABBA Anti-Bidding down Between Architectures
  • an AEAD mode indicator may also be included in the message to indicate whether the AEAD mode is used, i.e., whether to use the authenticated encryption algorithm and which authenticated encryption algorithm is used to protect the NAS message.
  • the selected ciphering algorithm and the integrity algorithm are NEA4 and NIA4, which are both 256-bit SNOW 5G based algorithms, and the AEAD indicator indicates that the AEAD mode is used.
  • the selected algorithm to be used for NAS protection is 256-bit SNOW 5G based authenticated encryption algorithm, i.e., NCA4.
  • the AEAD indicator can indicate that the AEAD mode is used and the select algorithm is based on the same algorithm with the selected ciphering algorithm.
  • the selected ciphering algorithm and integrity algorithm are NEA4 and NIA5, where NEA4 is SNOW 5G based ciphering algorithm and NIA5 is AES based integrity algorithm, and the AEAD indicator indicates that the AEAD mode is used.
  • the selected algorithm to be used for NAS protection is 256-bit SNOW 5G based authenticated encryption algorithm, i.e., NCA4.
  • the AEAD indicator can indicate that the AEAD mode is used and the select algorithm is based on the same algorithm with the selected integrity algorithm.
  • the selected ciphering algorithm and integrity algorithm are NEA4 and NIA5, where NEA4 is SNOW 5G based ciphering algorithm and NIA5 is AES based integrity algorithm, and the AEAD indicator indicates that the AEAD mode is used.
  • the selected algorithm to be used for NAS protection is 256-bit AES based authenticated encryption algorithm, i.e., NCA5.
  • the AEAD indicator described above can be applied to the embodiments in Aspect 2, 4, 6, or 8.
  • said AEAD indicator can replace the AEAD indicator in Aspect 2.
  • said AEAD indicator may be included in the security message 4, 6, or 8. Details in this regard can be ascertained by referring to the embodiments above, and will not be repeated herein.
  • the AEAD indicator described above can be applied to the embodiments in Aspect 3. That is, the security message described in Aspect 3 may contain an AEAD mode indicator indicating whether the AEAD mode is used and which authenticated encryption algorithm is used to protect the AS message.
  • the AEAD indicator described above can be applied to the embodiments in Aspect 3, 5, 7, or 9.
  • said AEAD indicator can replace the AEAD indicator in Aspect 3.
  • said AEAD indicator may be included in the security message in Aspect 5, 7, or 9. Details in this regard can be ascertained by referring to the embodiments above, and will not be repeated herein.
  • Some embodiments of the present disclosure provide a mechanism for the UE and the 5GS supporting the AEAD mode to negotiate on the algorithm they used for the NAS and the AS protection.
  • the UE may include the algorithms it supported in the registration request message sent to the AMF.
  • the AMF may select the algorithms to be used for the NAS protection, and the gNB/ng-eNB may select the algorithms to be used for the AS protection.
  • the AMF, gNB, or ng-eNB may always send the selected ciphering algorithm, integrity algorithm, and authenticated encryption algorithms to the UE.
  • the AMF, gNB, or ng-eNB can send at least one of:
  • an AEAD usage policy indicates when the authenticated encryption algorithm is used.
  • the AMF, gNB, or ng-eNB may not always send the selected authenticated encryption algorithm.
  • the AMF, gNB, or ng-eNB may send the selected ciphering algorithm and integrity algorithm or authenticated encryption algorithms to the UE. If the AEAD mode is decided to be used, the AMF, gNB, or ng-eNB may send the authenticated encryption algorithm and may not send the ciphering algorithm and integrity algorithm. If the AEAD mode is decided not to be used, the AMF, gNB, or ng-eNB may send the selected ciphering algorithm and integrity algorithm and may not send the authenticated encryption algorithm.
  • the AMF, gNB, or ng-eNB may send the authenticated encryption algorithm together with the ciphering algorithm and integrity algorithm. In some embodiments, if the authenticated encryption algorithm is received, the UE may use it to protect the message.
  • a new indicator is designed to indicate whether the AEAD mode is used.
  • the select authenticated encryption algorithm is based on the same algorithm with the selected ciphering and/or integrity algorithm.
  • FIG. 7 relates to a diagram of a wireless communication terminal 30 according to an embodiment of the present disclosure.
  • the wireless communication terminal 30 may be a tag, a mobile phone, a laptop, a tablet computer, an electronic book or a portable computer system and is not limited herein.
  • the wireless communication terminal 30 may be used to implement the UE described in this disclosure.
  • the wireless communication terminal 30 may include a processor 300 such as a microprocessor or Application Specific Integrated Circuit (ASIC) , a storage unit 310 and a communication unit 320.
  • the storage unit 310 may be any data storage device that stores a program code 312, which is accessed and executed by the processor 300.
  • Embodiments of the storage unit 310 include but are not limited to a subscriber identity module (SIM) , read-only memory (ROM) , flash memory, random-access memory (RAM) , hard-disk, and optical data storage device.
  • SIM subscriber identity module
  • ROM read-only memory
  • RAM random-access memory
  • the communication unit 320 may a transceiver and is used to transmit and receive signals (e.g., messages or packets) according to processing results of the processor 300.
  • the communication unit 320 transmits and receives the signals via at least one antenna 322 or via wiring.
  • the storage unit 310 and the program code 312 may be omitted and the processor 300 may include a storage unit with stored program code.
  • the processor 300 may implement any one of the steps or operations in exemplified embodiments on the wireless communication terminal 30, e.g., by executing the program code 312.
  • the communication unit 320 may be a transceiver.
  • the communication unit 320 may as an alternative or in addition be combining a transmitting unit and a receiving unit configured to transmit and to receive, respectively, signals to and from a wireless communication node.
  • the wireless communication terminal 30 may be used to perform the operations of the UE described in this disclosure.
  • the processor 300 and the communication unit 320 collaboratively perform the operations described in this disclosure. For example, the processor 300 performs operations and transmit or receive signals, message, and/or information through the communication unit 320.
  • FIG. 8 relates to a diagram of a wireless communication node 40 according to an embodiment of the present disclosure.
  • the wireless communication node 40 may be a satellite, a base station (BS) (e.g., a gNB or a ng-eNB) , a network entity, a Domain Name System (DNS) server, a Mobility Management Entity (MME) , Serving Gateway (S-GW) , Packet Data Network (PDN) Gateway (P-GW) , a radio access network (RAN) (e.g., a next generation RAN (NG-RAN) ) , a data network, a core network, a communication node in the core network, or a Radio Network Controller (RNC) , and is not limited herein.
  • BS base station
  • NG-RAN next generation RAN
  • RNC Radio Network Controller
  • the wireless communication node 40 may include (perform) at least one network function such as an access and mobility management function (AMF) , a session management function (SMF) , a user place function (UPF) , a policy control function (PCF) , an application function (AF) , etc.
  • the wireless communication node 40 may be used to implement the base station described in this disclosure.
  • the wireless communication node 40 may include a processor 400 such as a microprocessor or ASIC, a storage unit 410 and a communication unit 420.
  • the storage unit 410 may be any data storage device that stores a program code 412, which is accessed and executed by the processor 400.
  • the storage unit 410 examples include but are not limited to a SIM, ROM, flash memory, RAM, hard-disk, and optical data storage device.
  • the communication unit 420 may be a transceiver and is used to transmit and receive signals (e.g., messages or packets) according to processing results of the processor 400. In an embodiment, the communication unit 420 transmits and receives the signals via at least one antenna 422 or via wiring.
  • the storage unit 410 and the program code 412 may be omitted.
  • the processor 400 may include a storage unit with stored program code.
  • the processor 400 may implement any steps or operations described in exemplified embodiments on the wireless communication node 40, e.g., via executing the program code 412.
  • the communication unit 420 may be a transceiver.
  • the communication unit 420 may as an alternative or in addition be combining a transmitting unit and a receiving unit configured to transmit and to receive, respectively, signals, messages, or information to and from a wireless communication node or a wireless communication terminal.
  • the wireless communication node 40 may be used to perform the operations of the AMF, gNB, or ng-eNB described in this disclosure.
  • the processor 400 and the communication unit 420 collaboratively perform the operations described in this disclosure. For example, the processor 400 performs operations and transmit or receive signals through the communication unit 420.
  • a wireless communication method is also provided according to an embodiment of the present disclosure.
  • the wireless communication method may be performed by using a wireless communication terminal (e.g., a UE) .
  • the wireless communication terminal may be implemented by using the wireless communication terminal 30 described in this disclosure, but is not limited thereto.
  • the wireless communication method includes: transmitting, by a wireless communication terminal to a wireless communication node, a first message using an authenticated encryption with associated data, AEAD, mode according to an AEAD information carried by a second message from the wireless communication node.
  • the wireless communication method may be performed by using a wireless communication node (e.g., AMF, gNB, or ng-eNB) .
  • the wireless communication node may be implemented by using the wireless communication node 40 described in this disclosure, but is not limited thereto.
  • the wireless communication method includes: receiving, by a wireless communication node from a wireless communication terminal, a first message using an authenticated encryption with associated data, AEAD, mode according to an AEAD information carried by a second message from the wireless communication node.
  • the AEAD information may include at least one of the AEAD indicator, the AEAD usage policy, and/or the authenticated encryption algorithm described above.
  • the wireless communication terminal used in the present disclosure may indicate the UE described above.
  • the wireless communication node used in the present disclosure may indicate the node, AMF, gNB, or ng-eNB described above.
  • a and/or B and/or C includes any and all combinations of one or more of A, B, and C, including A, B, C, A and B, A and C, B and C, and a combination of A and B and C.
  • A/B/C includes any and all combinations of one or more of A, B, and C, including A, B, C, A and B, A and C, B and C, and a combination of A and B and C.
  • any reference to an element herein using a designation such as “first, “ “second, “ and so forth does not generally limit the quantity or order of those elements. Rather, these designations can be used herein as a convenient means of distinguishing between two or more elements or instances of an element. Thus, a reference to first and second elements does not mean that only two elements can be employed, or that the first element must precede the second element in some manner.
  • any one of the various illustrative logical blocks, units, processors, means, circuits, methods and functions described in connection with the aspects disclosed herein can be implemented by electronic hardware (e.g., a digital implementation, an analog implementation, or a combination of the two) , firmware, various forms of program or design code incorporating instructions (which can be referred to herein, for convenience, as "software” or a “software unit” ) , or any combination of these techniques.
  • a processor, device, component, circuit, structure, machine, unit, etc. can be configured to perform one or more of the functions described herein.
  • IC integrated circuit
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the logical blocks, units, and circuits can further include antennas and/or transceivers to communicate with various components within the network or within the device.
  • a general-purpose processor can be a microprocessor, but in the alternative, the processor can be any conventional processor, controller, or state machine.
  • a processor can also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other suitable configuration to perform the functions described herein. If implemented in software, the functions can be stored as one or more instructions or code on a computer-readable medium. Thus, the steps or operations of a method or algorithm disclosed herein can be implemented as software stored on a computer-readable medium.
  • Computer-readable media includes both computer storage media and communication media including any medium that can be enabled to transfer a computer program or code from one place to another.
  • a storage media can be any available media that can be accessed by a computer.
  • such computer-readable media can include RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer.
  • unit refers to software, firmware, hardware, and any combination of these elements for performing the associated functions described herein. Additionally, for purpose of discussion, the various units are described as discrete units; however, as would be apparent to one of ordinary skill in the art, two or more units may be combined to form a single unit that performs the associated functions according to embodiments of the present disclosure.
  • memory or other storage may be employed in embodiments of the present disclosure.
  • memory or other storage may be employed in embodiments of the present disclosure.
  • any suitable distribution of functionality between different functional units, processing logic elements or domains may be used without detracting from the present disclosure.
  • functionality illustrated to be performed by separate processing logic elements, or controllers may be performed by the same processing logic element, or controller.
  • references to specific functional units are only references to a suitable means for providing the described functionality, rather than indicative of a strict logical or physical structure or organization.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Un procédé de communication sans fil est divulgué. Le procédé comprend la transmission, par un terminal de communication sans fil à un nœud de communication sans fil, d'un premier message à l'aide d'un chiffrement authentifié avec un mode de données associées, AEAD, selon une information AEAD portée par un second message provenant du nœud de communication sans fil.
PCT/CN2024/111141 2024-08-09 2024-08-09 Procédé, dispositif et produit-programme d'ordinateur pour communication sans fil Pending WO2025156599A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2024/111141 WO2025156599A1 (fr) 2024-08-09 2024-08-09 Procédé, dispositif et produit-programme d'ordinateur pour communication sans fil

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2024/111141 WO2025156599A1 (fr) 2024-08-09 2024-08-09 Procédé, dispositif et produit-programme d'ordinateur pour communication sans fil

Publications (1)

Publication Number Publication Date
WO2025156599A1 true WO2025156599A1 (fr) 2025-07-31

Family

ID=96544366

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2024/111141 Pending WO2025156599A1 (fr) 2024-08-09 2024-08-09 Procédé, dispositif et produit-programme d'ordinateur pour communication sans fil

Country Status (1)

Country Link
WO (1) WO2025156599A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016131056A1 (fr) * 2015-02-13 2016-08-18 Visa International Service Association Gestion de communications confidentielles
CN110365482A (zh) * 2019-08-01 2019-10-22 江苏恒宝智能系统技术有限公司 一种数据通信方法和装置
WO2023066689A1 (fr) * 2021-10-19 2023-04-27 Mercedes-Benz Group AG Procédé de cryptage de texte en clair
CN116700772A (zh) * 2022-02-28 2023-09-05 中移物联网有限公司 固件包制作方法及装置、固件包升级方法及装置、终端

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016131056A1 (fr) * 2015-02-13 2016-08-18 Visa International Service Association Gestion de communications confidentielles
CN110365482A (zh) * 2019-08-01 2019-10-22 江苏恒宝智能系统技术有限公司 一种数据通信方法和装置
WO2023066689A1 (fr) * 2021-10-19 2023-04-27 Mercedes-Benz Group AG Procédé de cryptage de texte en clair
CN116700772A (zh) * 2022-02-28 2023-09-05 中移物联网有限公司 固件包制作方法及装置、固件包升级方法及装置、终端

Similar Documents

Publication Publication Date Title
CN102100030B (zh) 加密控制信号的方法
EP3499840B1 (fr) Sécurité du plan usager pour les réseaux cellulaires de nouvelle génération
CN107018676B (zh) 用户设备与演进分组核心之间的相互认证
JP5479474B2 (ja) 選択的な制御信号暗号化方法
JP4002035B2 (ja) 機密を要する情報を最初は機密化されてない通信を用いて伝送するための方法
CN101926188B (zh) 对通信终端的安全策略分发
CN101512537A (zh) 在自组无线网络中安全处理认证密钥资料的方法和系统
WO2010030127A2 (fr) Procédé destiné à chiffrer de manière sélective un signal de commande
AU2010201991A1 (en) Method and apparatus for security protection of an original user identity in an initial signaling message
KR102818272B1 (ko) 데이터 전송 방법 및 시스템, 전자 장치 및 컴퓨터 판독 가능 저장 매체
EP3231151B1 (fr) Mise en service de dispositifs dans un réseau
CN108880813A (zh) 一种附着流程的实现方法及装置
EP3892022B1 (fr) Méthode et appareils pour la garantie de fixation sécurisée dans des protocoles d'authentification limités par la taille
WO2007139706A2 (fr) Authentification d'un module inviolable dans un routeur de station de base
CN114980089A (zh) 组播或广播业务数据的安全保护方法及装置
CN110495153A (zh) 在预关联的状态中加密数据
WO2025156599A1 (fr) Procédé, dispositif et produit-programme d'ordinateur pour communication sans fil
US20250008321A1 (en) A method for operating a cellular network
Moroz et al. Methods for ensuring data security in mobile standards
Wei-min et al. A simple key management scheme based on WiMAX
CN117692902B (zh) 一种基于嵌入式家庭网关的智能家居的交互方法及系统
Khan et al. Retrofitting mutual authentication to GSM using RAND hijacking
EP3231207A1 (fr) Échange de messages sécurisé dans un réseau
CN121126335A (zh) 一种通信网络密钥的生成方法、装置、设备、介质及产品
Nagesha et al. A Survey on Wireless Security Standards and Future Scope.

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 24919681

Country of ref document: EP

Kind code of ref document: A1