WO2002068418A3 - Authentication and distribution of keys in mobile ip network - Google Patents

Authentication and distribution of keys in mobile ip network Download PDF

Info

Publication number
WO2002068418A3
WO2002068418A3 PCT/IB2002/001658 IB0201658W WO02068418A3 WO 2002068418 A3 WO2002068418 A3 WO 2002068418A3 IB 0201658 W IB0201658 W IB 0201658W WO 02068418 A3 WO02068418 A3 WO 02068418A3
Authority
WO
WIPO (PCT)
Prior art keywords
message
domain
security association
mobile
serving
Prior art date
Application number
PCT/IB2002/001658
Other languages
French (fr)
Other versions
WO2002068418A2 (en
Inventor
Stefano Faccin
Franck Le
Original Assignee
Nokia Corp
Stefano Faccin
Franck Le
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Corp, Stefano Faccin, Franck Le filed Critical Nokia Corp
Priority to AU2002258068A priority Critical patent/AU2002258068A1/en
Publication of WO2002068418A2 publication Critical patent/WO2002068418A2/en
Publication of WO2002068418A3 publication Critical patent/WO2002068418A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

There is disclosed a method of establishing a connection between a mobile station and a serving domain, in which a first security association exists between the mobile node and an associated home domain, and a second security association exists between the serving domain and the home domain, the method comprising: transmitting a first message from the mobile node to the serving domain, the first message being encrypted in accordance with the first security association; transmitting the first message from the serving domain to the home domain; decrypting the first message in the home domain in accordance the first security association; transmitting a second message from the home domain to the serving domain, the second message being encrypted according to the first security association; transmitting the second message from the serving domain to the mobile node; decrypting the second message in the mobile node in accordance with the first security association.
PCT/IB2002/001658 2001-02-23 2002-02-25 Authentication and distribution of keys in mobile ip network WO2002068418A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002258068A AU2002258068A1 (en) 2001-02-23 2002-02-25 Authentication and distribution of keys in mobile ip network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/792,682 US20020120844A1 (en) 2001-02-23 2001-02-23 Authentication and distribution of keys in mobile IP network
US09/792,682 2001-02-23

Publications (2)

Publication Number Publication Date
WO2002068418A2 WO2002068418A2 (en) 2002-09-06
WO2002068418A3 true WO2002068418A3 (en) 2002-11-28

Family

ID=25157719

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2002/001658 WO2002068418A2 (en) 2001-02-23 2002-02-25 Authentication and distribution of keys in mobile ip network

Country Status (3)

Country Link
US (1) US20020120844A1 (en)
AU (1) AU2002258068A1 (en)
WO (1) WO2002068418A2 (en)

Families Citing this family (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002069560A1 (en) * 2001-02-23 2002-09-06 Nokia Inc. System and method for strong authentication achieved in a single round trip
US20020147820A1 (en) * 2001-04-06 2002-10-10 Docomo Communications Laboratories Usa, Inc. Method for implementing IP security in mobile IP networks
US20020157024A1 (en) * 2001-04-06 2002-10-24 Aki Yokote Intelligent security association management server for mobile IP networks
US7900242B2 (en) * 2001-07-12 2011-03-01 Nokia Corporation Modular authentication and authorization scheme for internet protocol
JP4386732B2 (en) * 2002-01-08 2009-12-16 セブン ネットワークス, インコーポレイテッド Mobile network connection architecture
US20030211842A1 (en) * 2002-02-19 2003-11-13 James Kempf Securing binding update using address based keys
CN1268093C (en) * 2002-03-08 2006-08-02 华为技术有限公司 Distribution method of wireless local area network encrypted keys
FR2837336B1 (en) * 2002-03-15 2006-03-03 Oberthur Card Syst Sa METHOD OF EXCHANGING AUTHENTICATION INFORMATION BETWEEN A COMMUNICATION ENTITY AND A SERVER-OPERATOR
US7418596B1 (en) 2002-03-26 2008-08-26 Cellco Partnership Secure, efficient, and mutually authenticated cryptographic key distribution
US8195940B2 (en) * 2002-04-05 2012-06-05 Qualcomm Incorporated Key updates in a mobile wireless system
US7529933B2 (en) * 2002-05-30 2009-05-05 Microsoft Corporation TLS tunneling
EP1518183A2 (en) * 2002-06-28 2005-03-30 Nokia Corporation Method of registering home address of a mobile node with a home agent
US20040043756A1 (en) * 2002-09-03 2004-03-04 Tao Haukka Method and system for authentication in IP multimedia core network system (IMS)
US7475241B2 (en) * 2002-11-22 2009-01-06 Cisco Technology, Inc. Methods and apparatus for dynamic session key generation and rekeying in mobile IP
US7350077B2 (en) * 2002-11-26 2008-03-25 Cisco Technology, Inc. 802.11 using a compressed reassociation exchange to facilitate fast handoff
US7870389B1 (en) 2002-12-24 2011-01-11 Cisco Technology, Inc. Methods and apparatus for authenticating mobility entities using kerberos
CA2528787A1 (en) * 2003-06-18 2004-12-23 Telefonaktiebolaget Lm Ericsson (Publ) Method, system and apparatus to support mobile ip version 6 services
JP4305087B2 (en) * 2003-07-28 2009-07-29 日本電気株式会社 Communication network system and security automatic setting method thereof
CN100450000C (en) * 2003-08-20 2009-01-07 华为技术有限公司 Method for realizing share of group safety alliance
US8296558B1 (en) 2003-11-26 2012-10-23 Apple Inc. Method and apparatus for securing communication between a mobile node and a network
US7802085B2 (en) * 2004-02-18 2010-09-21 Intel Corporation Apparatus and method for distributing private keys to an entity with minimal secret, unique information
CN1969526B (en) * 2004-04-14 2010-10-13 北方电讯网络有限公司 Securing home agent to mobile node communication with HA-MN key
EP2698965A1 (en) * 2004-04-14 2014-02-19 Microsoft Corporation Mobile IPV6 authentication and authorization
KR100693603B1 (en) * 2004-06-29 2007-03-14 주식회사 팬택 Method for authentication of mobile ip service
US8611536B2 (en) * 2004-09-08 2013-12-17 Qualcomm Incorporated Bootstrapping authentication using distinguished random challenges
US7639802B2 (en) * 2004-09-27 2009-12-29 Cisco Technology, Inc. Methods and apparatus for bootstrapping Mobile-Foreign and Foreign-Home authentication keys in Mobile IP
US7502331B2 (en) * 2004-11-17 2009-03-10 Cisco Technology, Inc. Infrastructure-less bootstrapping: trustless bootstrapping to enable mobility for mobile devices
FI20050384A0 (en) * 2005-04-14 2005-04-14 Nokia Corp Use of generic authentication architecture for distribution of Internet protocol keys in mobile terminals
US7907948B2 (en) * 2005-04-22 2011-03-15 Telefonaktiebolaget L M Ericsson (Publ) Providing anonymity to a mobile node in a session with a correspondent node
US7783041B2 (en) * 2005-10-03 2010-08-24 Nokia Corporation System, method and computer program product for authenticating a data agreement between network entities
US7626963B2 (en) * 2005-10-25 2009-12-01 Cisco Technology, Inc. EAP/SIM authentication for mobile IP to leverage GSM/SIM authentication infrastructure
DE102006009726A1 (en) 2005-11-04 2007-05-10 Siemens Ag Method and server for providing a mobility key
DE102006008745A1 (en) * 2005-11-04 2007-05-10 Siemens Ag Method and server for providing a mobility key
US8015594B2 (en) * 2006-03-17 2011-09-06 Cisco Technology, Inc. Techniques for validating public keys using AAA services
US8239671B2 (en) * 2006-04-20 2012-08-07 Toshiba America Research, Inc. Channel binding mechanism based on parameter binding in key derivation
KR100860404B1 (en) * 2006-06-29 2008-09-26 한국전자통신연구원 Device authenticaton method and apparatus in multi-domain home networks
WO2008002081A1 (en) * 2006-06-29 2008-01-03 Electronics And Telecommunications Research Institute Method and apparatus for authenticating device in multi domain home network environment
DE102006038037A1 (en) * 2006-08-14 2008-02-21 Siemens Ag Method and system for providing an access-specific key
EP1895798A1 (en) * 2006-08-29 2008-03-05 Axalto SA Ascertaining the authentication of a roaming subscriber
FI20070157A0 (en) * 2007-02-23 2007-02-23 Nokia Corp Fast authentication of update messages with key differentiation on mobile IP systems
CA2590989C (en) * 2007-06-05 2014-02-11 Diversinet Corp. Protocol and method for client-server mutual authentication using event-based otp
US7984486B2 (en) * 2007-11-28 2011-07-19 Nokia Corporation Using GAA to derive and distribute proxy mobile node home agent keys
US20120189122A1 (en) * 2011-01-20 2012-07-26 Yi-Li Huang Method with dynamic keys for mutual authentication in wireless communication environments without prior authentication connection
KR20130031660A (en) * 2011-09-21 2013-03-29 삼성전자주식회사 Network apparatus based contents name and method for generate and authenticate contents name
US10333696B2 (en) 2015-01-12 2019-06-25 X-Prime, Inc. Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency
WO2020146998A1 (en) * 2019-01-15 2020-07-23 Zte Corporation Method and device for preventing user tracking, storage medium and electronic device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000067446A1 (en) * 1999-05-03 2000-11-09 Nokia Corporation SIM BASED AUTHENTICATION MECHANISM FOR DHCRv4/v6 MESSAGES

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0673178B1 (en) * 1994-03-17 2005-02-16 Kokusai Denshin Denwa Co., Ltd Authentication method for mobile communications
FI102235B (en) * 1996-01-24 1998-10-30 Nokia Telecommunications Oy Management of authentication keys in a mobile communication system
JP2877199B2 (en) * 1996-06-21 1999-03-31 日本電気株式会社 Roaming method
JP3651721B2 (en) * 1996-11-01 2005-05-25 株式会社東芝 Mobile computer device, packet processing device, and communication control method
FI20000760A0 (en) * 2000-03-31 2000-03-31 Nokia Corp Authentication in a packet data network
US6766453B1 (en) * 2000-04-28 2004-07-20 3Com Corporation Authenticated diffie-hellman key agreement protocol where the communicating parties share a secret key with a third party
US6950521B1 (en) * 2000-06-13 2005-09-27 Lucent Technologies Inc. Method for repeated authentication of a user subscription identity module

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000067446A1 (en) * 1999-05-03 2000-11-09 Nokia Corporation SIM BASED AUTHENTICATION MECHANISM FOR DHCRv4/v6 MESSAGES

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
LA PORTA T F ET AL: "Mobile IP and wide area wireless data", WIRELESS COMMUNICATIONS AND NETWORKING CONFERENCE, 1999. WCNC. 1999 IEEE NEW ORLEANS, LA, USA 21-24 SEPT. 1999, PISCATAWAY, NJ, USA,IEEE, US, 21 September 1999 (1999-09-21), pages 1528 - 1532, XP010353715, ISBN: 0-7803-5668-3 *
YAIR FRANKEL ET AL: "SECURITY ISSUES IN A CDPD WIRELESS NETWORK", IEEE PERSONAL COMMUNICATIONS, IEEE COMMUNICATIONS SOCIETY, US, vol. 2, no. 4, 1 August 1995 (1995-08-01), pages 16 - 27, XP000517586, ISSN: 1070-9916 *

Also Published As

Publication number Publication date
WO2002068418A2 (en) 2002-09-06
AU2002258068A1 (en) 2002-09-12
US20020120844A1 (en) 2002-08-29

Similar Documents

Publication Publication Date Title
WO2002068418A3 (en) Authentication and distribution of keys in mobile ip network
US7783756B2 (en) Protection for wireless devices against false access-point attacks
WO2001026322A3 (en) Key exchange for a network architecture
WO2007063420A3 (en) Authentication in communications networks
WO2002025962A3 (en) Secured map messages for telecommunications networks
AU2001272601A1 (en) Arranging data ciphering in a wireless telecommunication system
WO2002043333A3 (en) Administrative domains for personal area networks
WO2002062024A3 (en) Method for adding a new device to a wireless network
CA2255285A1 (en) Enhanced subscriber authentication protocol
CA2264809A1 (en) Method and apparatus for encrypting radio traffic in a telecommunications network
WO1999027678A3 (en) Security of data connections
TW431106B (en) Method for transferring sensitive information using initially unsecured communication
AU2003255093A1 (en) A method for the access of the mobile terminal to the wlan and for the data communication via the wireless link securely
CN105577680A (en) Key generation method, encrypted data analyzing method, devices and key managing center
AU2003304649A1 (en) Network and node for providing a secure transmission of mobile application part messages
WO2001084765A3 (en) Method and system for transmission of access and application information over public ip networks
AU5223400A (en) Arranging authentication and ciphering in mobile communication system
WO2007107708A3 (en) Establishing communications
TW200511793A (en) System and method for secure remote access
WO2004051964A3 (en) Tunneled authentication protocol for preventing man-in-the-middle attacks
KR101431777B1 (en) Power distribution system secure access communication system and method
AU5718599A (en) Efficient authentication with key update
TW431108B (en) Method for establishing a key using over-the-air communication and password protocol and password protocol
EP1610489B1 (en) Method for negotiating weakened keys in encryption systems
WO2007127547A4 (en) Method and system for propagating mutual authentication data in wireless communication networks

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP