Telecommunications – Radiotelephone system – Security or fraud prevention
Reexamination Certificate
2001-08-16
2004-04-27
Urban, Edward F. (Department: 2685)
Telecommunications
Radiotelephone system
Security or fraud prevention
C455S410000, C455S412100, C455S422100, C455S403000
Reexamination Certificate
active
06728529
ABSTRACT:
BACKGROUND OF INVENTION
1. Field of the Invention
The present invention relates to security count values in a wireless communications system. In particular, the present invention discloses a method for ensuring that security counts generated by a hyper-frame number are re-used as little as possible over the lifetime of a security key.
2. Description of the Prior Art
Please refer to FIG.
1
.
FIG. 1
is a simplified block diagram of a prior art wireless communications system. The wireless communications system includes a first station
10
in wireless communications with a second station
20
. As an example, the first station
10
could be a mobile unit, such as a cellular telephone, and the second station
20
could be a base station. The first station
10
communicates with the second station
20
over a plurality of channels
12
. The second station
20
thus has corresponding channels
22
, one for each of the channels
12
. Each channel
12
has a receiving buffer
12
r
for holding protocol data units (PDUs)
11
r
received from the corresponding channel
22
of the second station
20
. Each channel
12
also has a transmitting buffer
12
t
for holding PDUs
11
t
that are awaiting transmission to the corresponding channel
22
of the second station
20
. A PDU
11
t
is transmitted by the first station
10
along a channel
12
and received by the second station
20
to generate a corresponding PDU
21
r
in the receiving buffer
22
r
of the corresponding channel
22
. Similarly, a PDU
21
t
is transmitted by the second station
20
along a channel
22
and received by the first station
10
to generate a corresponding PDU
11
r
in the receiving buffer
12
r
of the corresponding channel
12
.
For the sake of consistency, the data structures of each PDU
11
r
,
11
t
,
21
r
and
21
t
along corresponding channels
12
and
22
are identical. That is, a transmitted PDU
11
t
generates an identical corresponding received PDU
21
r
, and vice versa. Furthermore, both the first station
10
and the second station
20
use identical PDU
11
t
,
21
t
data structures. Although the data structure of each PDU
11
r
,
11
t
,
21
r
and
21
t
along corresponding channels
12
and
22
is identical, different channels
12
and
22
may use different PDU data structures according to the type of connection agreed upon along the corresponding channels
12
and
22
. In general, though, every PDU
11
r
,
11
t
,
21
r
and
21
t
will have a sequence number
5
r
,
5
t
,
6
r
,
6
t
. The sequence number
5
r
,
5
t
,
6
r
,
6
t
is an m-bit number that is incremented for each PDU
11
r
,
11
t
,
21
r
,
21
t
. The magnitude of the sequence number
5
r
,
5
t
,
6
r
,
6
t
thus indicates the sequential ordering of the PDU
11
r
,
11
t
,
21
r
,
21
t
in its buffer
12
r
,
12
t
,
22
r
,
22
t
. The sequence number
5
t
,
6
t
is often explicitly carried by the PDU
11
t
,
21
t
, but may also be implicitly assigned by the station
10
,
20
. For example, in an acknowledged mode setup for corresponding channels
12
and
22
, each transmitted PDU
11
t
, successful reception of which generates an identical corresponding PDU
21
r
, is explicitly confirmed by the second station
20
. A 12-bit sequence number
5
t
is explicitly carried by each PDU
11
t
. The second station
20
scans the sequence numbers
6
r
embedded within the received PDUs
21
r
to determine the sequential ordering of the PDUs
21
r
, and to determine if any PDUs
21
r
are missing. The second station
20
can then send a message to the first station
10
that indicates which PDUs
21
r
were received by using the sequence numbers
6
r
of each received PDU
21
r
, or may request that a PDU
11
t
be re-transmitted by specifying the sequence number
5
t
of the PDU
11
t
to be re-transmitted. Alternatively, in a so-called transparent transmission mode, data is never confirmed as successfully received. The sequence numbers
5
t
,
6
t
are not explicitly carried in the PDUs
11
t
,
21
t
. Instead, the first station
10
simply internally assigns a 7 bit sequence number
5
t
to each PDU
11
t
. Upon reception, the second station
20
similarly assigns a 7-bit sequence number
6
r
to each PDU
21
r
. Ideally, the sequence numbers
5
t
maintained by the first station
10
for the PDUs
11
t
are identical to the corresponding sequence numbers
6
r
for the PDUs
21
r
that are maintained by the second station
20
.
Hyper-frame numbers (HFNs) are also maintained by the first station
10
and the second station
20
. Hyper-frame numbers may be thought of as high-order bits of the sequence numbers
5
t
,
6
t
that are never physically transmitted with the PDUs
11
t
,
21
t
, except in rare cases of special signaling PDUs
11
t
,
21
t
that are used for synchronization. And in these cases, the HFNs are not carried as part of the sequence number
11
t
,
21
t
, but instead are carried in fields of the data payload of the signaling PDU
11
t
,
21
t
, and thus are more properly signaling data. As each transmitted PDU
11
t
,
21
t
generates a corresponding received PDU
21
r
,
11
r
, hyper-frame numbers are also maintained for received PDUs
11
r
,
21
r
. Each channel
12
of the first station
10
thus has a receiving hyper-frame number (HFN
R
)
13
r
and a transmitting hyper-frame number (HFN
T
)
13
t
. Similarly, the corresponding channel
22
on the second station
20
has a HFN
R
23
r
and a HFN
T
23
t
. When the first station
10
detects roll-over of the sequence numbers
5
r
of PDUs
11
r
in the receiving buffer
12
r
, the first station
10
increments the HFN
R
13
r
. On roll-over of sequence numbers
5
t
of transmitted PDUs
11
t
, the first station
10
increments the HFN
T
13
t
. A similar process occurs on the second station
20
for the HFN
R
23
r
and HFN
T
23
t
. The HFN
R
13
r
of the first station
10
should thus be synchronized with (i.e., identical to) the HFN
T
23
t
of the second station
20
. Similarly, the HFN
T
13
t
of the first station
10
should be synchronized with (i.e., identical to) the HFN
R
23
r
of the second station
20
.
The PDUs
11
t
and
21
t
are not transmitted “out in the open”. A security engine
14
on the first station, and a corresponding security engine
24
on the second station
20
, are together used to ensure secure and private exchanges of data exclusively between the first station
10
and the second station
20
. The security engine
14
,
24
has two primary functions. The first is the obfuscation (i.e., ciphering, or encryption) of data held within a PDU
11
t
,
21
t
so that the PDU
11
t
,
21
t
presents a meaningless collection of random numbers to an eavesdropper. The second is to verify the integrity of data contained within the PDUs
11
r
,
21
r
. This is used to prevent another, improper, station from masquerading as either the first station
10
or the second station
20
. By verifying data integrity, the first station
10
can be certain that a PDU
11
r
was, in fact, transmitted by the second station
20
, and vice versa. For a PDU
11
t
to be transmitted, the security engine
14
uses, amongst other inputs, an n-bit security count
14
c
and a key
14
k
to perform the ciphering functions to the PDU
11
t
. To properly decipher the corresponding PDU
21
r
, the security engine
24
must use an identical security count
24
c
and key
24
k
. Similarly, data integrity checking on the first station
10
uses an n-bit security count that must be synchronized with a corresponding security count on the second station
20
. As the data integrity security count is generated in a manner similar to that for the ciphering security count
14
c
,
24
c
, and as ciphering is more frequently applied, the ciphering security count
14
c
,
24
c
is considered in the following. The keys
14
k
and
24
k
remain constant across all PDUs
11
t
and
21
t
(and thus corresponding PDUs
21
r
and
11
r
), until explicitly changed by both the first station
10
and the second station
20
. The security counts
14
c
and
24
c
,
Ho Chi-Fong
Jiang Sam Shiaw-Shiang
Kuo Richard Lee-Chee
AsusTek Computer Inc.
Hsu Winston
Le Duy K
Urban Edward F.
LandOfFree
Preventing excessive use of security keys in a wireless... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Preventing excessive use of security keys in a wireless..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Preventing excessive use of security keys in a wireless... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3187423