Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security framework for msg3 and msg4 in early data transmission

a security framework and data transmission technology, applied in the field of radio access networks, can solve problems such as corrupted packets, enb may not provide ncc_1 to the ue, and ue and enb may be out of syn

Inactive Publication Date: 2019-07-04
APPLE INC
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The patent text describes a system for improving security in network communication by using a combination of LTE / 4G and NG network functions. The system includes a network function for authentication, authorization, and mobility management, which is independent of the access technologies. The system also allows for separate scaling and distribution of resources for the control plane and user plane, and includes various network functions such as a session management function, policy control function, application function, and user data management function. The technical effects of the patent text include improved security and efficiency in network communication.

Problems solved by technology

However, when the UE is suspended by a legacy eNB that does not support EDT and resumes in an eNB that supports EDT to initiate EDT, the UE derives new keys based on the currently stored value of NCC before sending Msg3. The UE and eNB may be out-of-sync if the legacy eNB has an unused NCC.
However, because the eNB does not support EDT, the eNB may not provide the NCC_1 to the UE during the suspend procedure (prior to the RACH transmission).
In this case, deciphering of UL data can result in a corrupted packet due to the differences between the NCC used by the eNB and that used by the UE.
In some cases, the eNB may reject the EDT request of the UE if the MME is down, the AS security context has been lost or there is network congestion.
If the eNB rejects the RRCConnectionResumeRequest message from the UE due to network congestion or AS security context being lost, the eNB may be unable to derive any keys.
When using same key, however, there is risk of a replay attack as the UE uses the same resume ID and shortResumeMAC-I in Msg3 in the next resume procedure.
In particular, when a UE initiates EDT by using a PRACH resource corresponding to EDT and receives a legacy UL grant in RAR for the legacy Msg3, the UE may be unable to send UL data.
However, when the UL grant is not sufficient, the UE may fall back to the legacy procedure.
In another fallback scenario, the UE may fall back due to a change in the coverage enhancement (CE) level during power ramping.
Other issues may involve handling different AS security context in the UP EDT process.
In some cases, after deriving new key for EDT procedure, the resume procedure may fail due to cell reselection, which may lead to the MAC being reset.
However, if the UE resumes in a different eNB than the eNB where the UE was previously suspended and resume failure happens due to cell reselection, there is risk of keys mismatch between the UE and eNB as same key cannot be used in two different eNBs.
The UE may move to IDLE without a suspend indication with a release cause “other” or “RRC connection failure”.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security framework for msg3 and msg4 in early data transmission
  • Security framework for msg3 and msg4 in early data transmission
  • Security framework for msg3 and msg4 in early data transmission

Examples

Experimental program
Comparison scheme
Effect test

first embodiment

[0061]In the latter scenario, various embodiments may be considered. In a first embodiment, if the UE resumes in the same cell where the UE was previously suspended, the resumption is handled by the source eNB. If the eNB is unable to verify that Msg4 for EDT is successfully received by the UE, the eNB may attempt with both the new and old KRRCint (assuming new NCC provided in Msg4 for EDT is either received or not) to verify shortResumeMAC-I in the next resume procedure. In this case, the resume procedure for EDT may be considered failure and the UE may delete the new security context corresponding to the new KRRCint that was derived after the calculation of the shortResumeMAC-I. The UE may then return to the IDLE mode with a suspend indication.

second embodiment

[0062]In a second embodiment, if the UE resumes in a different cell than the cell where the UE was previously suspended, the UE may enter the RRC IDLE mode without a suspend indication with a release cause “other” or “RRC connection failure.” In this case, the UE may either use a control plane (CP) solution for EDT or initiate the legacy RRC connection establishment procedure next time.

[0063]Alternatively, for both the first and second embodiment, the UE may enter the RRC_IDLE mode without a suspend indication with release cause “other” or “RRC connection failure.” In this case, the UE may either use a CP solution for EDT or initiate the legacy RRC connection establishment procedure next time.

[0064]FIG. 5 illustrates a resumption procedure in accordance with some embodiments. In particular, FIG. 5 illustrates various messages between the UE, the eNB, the MME and S-GW in a EDT resumption procedure with new and old NCC handling. As shown in FIG. 5, when the eNB completes the EDT in Ms...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Systems and methods of a security framework for an RRC connection are described. The UE receives a release message that comprises a current Next Hop Chaining Counter (NCC). The UE derives a new KeNB* using the current NCC and transmits an EDT RA preamble to same or a different base station. After receiving an RAR with an uplink allocation, the UE transmits a RRCConnectionResumeRequest message. The UE transmits uplink data encrypted using KeNB* if the uplink allocation includes a data allocation sufficient for the data, fall backs to a legacy RRC connection procedure in which the stored KeNB* is discarded and then KeNB* is re-derived if the data allocation is insufficient for the data due to a CE level change, and fall backs to a legacy RRC connection procedure in which the stored KeNB* is used instead of discarding KeNB* if the uplink allocation excludes the data allocation.

Description

PRIORITY CLAIM[0001]This application claims the benefit of priority under 35 U.S.C. 119(e) to U.S. Provisional Patent Application Ser. No. 62 / 644,102, filed on Mar. 16, 2018, U.S. Provisional Patent Application Ser. No. 62 / 677,994, filed May 30, 2018, U.S. Provisional Patent Application Ser. No. 62 / 716,440, filed Aug. 9, 2018, and U.S. Provisional Patent Application Ser. No. 62 / 753,841, filed Oct. 31, 2018, each which is incorporated herein by reference in its entirety.TECHNICAL FIELD[0002]Embodiments pertain to radio access networks (RANs). Some embodiments relate to cellular networks, including Third Generation Partnership Project Long Term Evolution (3GPP LTE) networks and LTE advanced (LTE-A) networks, 4th generation (4G) networks and 5th generation (5G) or next generation (NG) networks. Some embodiments relate to a security framework for network connectivity.BACKGROUND[0003]The use of various types of systems has increased due to both an increase in the types of devices user eq...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): H04W12/00H04W12/04H04L9/08
CPCH04W12/001H04W12/0401H04L9/0861H04L2209/80H04W84/042H04L9/3242H04L2209/805H04W76/30H04W74/0833H04W12/03H04W12/041
Inventor SHRESTHA, BHARATLIM, SEAU S.GUO, YI
Owner APPLE INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com