Unlock instant, AI-driven research and patent intelligence for your innovation.

Apparatus, system and method for sce

a technology of sce and apparatus, applied in the field of apparatus, a system and a method of sce, can solve the problems of high cost complex handover signalling, and high cost of (authentication and key agreement) procedure in terms of additional signalling load and complexity in ue implementation

Pending Publication Date: 2020-07-23
NEC CORP
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The present invention provides a solution to support separate ciphering at both the mobile network and the serving network, which helps to improve data security.

Problems solved by technology

This option could add key management related complexity in terms of managing different sets of keys for handover and dual connectivity.
MME and UE must maintain two active security contexts and handover signalling will also become complex.
AKA (Authentication and Key Agreement) procedure is expensive in terms of additional signalling load and complexity in UE implementation.
Other issues to be studied for all the options are handling of security capabilities, handover and key change on-the-fly.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Apparatus, system and method for sce
  • Apparatus, system and method for sce
  • Apparatus, system and method for sce

Examples

Experimental program
Comparison scheme
Effect test

first exemplary embodiment

[0064]In this exemplary embodiment, new keys for confidentially protecting the U-Plane traffic between the UE 10, and the MeNB 20 and the SeNB 30 (hereinafter, sometimes referred to as “UP keys”) are derived from the same KeNB. The MeNB 20 derives the UP key for the SeNB 30, and sends it to the SeNB 30.

[0065]There are two options as to how to derive the UP keys as follows.

(Option 1)

[0066]FIG. 3 shows key hierarchy in this option. The illustrated key hierarchy includes KeNB, KRRCenc, KRRCint, KUPint, KUPenc, and KUPenc-S.

[0067]Among them, the KeNB is a key shared upon communication between the UE 10 and the MeNB 20, and can be derived by the UE 10 and the MME 40 from KASME. The KRRCenc is a key which can be derived from the KeNB and used for protecting RRC (Radio Resource Control) traffic with a particular encryption algorithm. The KRRCint is a key which can be derived from the KeNB and used for protecting the RRC traffic with a particular integrity algorithm. The KUPint is a key whi...

second exemplary embodiment

KeNB

[0081]In this exemplary embodiment, UP keys are derived from different KeNB. There are two options as to how to derive the UP keys as follows.

(Option 1)

[0082]FIG. 6 shows key hierarchy in this option. The illustrated key hierarchy includes separate KeNB-M and KeNB-S. The KeNB-M is a key used for the MeNB 20 to derive the KRRCenc, the KRRCint, the KUPint and the KUPenc. On the other hand, the KeNB-S is a key used for the SeNB 30 to derive the KUPenc. The KUPenc derived by the MeNB 20 differs from that derived by the SeNB 30, because the KeNB-M and KeNB-S differ from each other.

[0083]In operations, as shown in FIG. 7, the MME 40 firstly derives the separate KeNB-M and KeNB-S from the KASME (step S21), and then sends the derived KeNB-M and KeNB-S to the MeNB 20 (step S22).

[0084]The SeNB 30 informs the MeNB 20 about the algorithm information, if necessary (step S23).

[0085]The MeNB 20 derives its own KUPenc from the received KeNB-M (step S24), and send the received KeNB-S to the SeNB...

fourth exemplary embodiment

[0103]FIG. 11 shows key hierarchy in this exemplary embodiment. The illustrated key hierarchy is different from that shown in FIG. 8, in that as a substituted for the KeNB**, KXX is derived from the KeNB-M, and that the KUPenc for the SeNB 30 is derived from the KXX. The KXX is sent from the MeNB 20 to the SeNB 30.

[0104]In operations, although the illustration is omitted, the MeNB 20 derives its own KUPenc, and derives the KXX from the KeNB-M. Then, the MeNB 20 sends the derived KXX to the SeNB 30.

[0105]The SeNB 30 derives its own KUPenc from the KXX.

[0106]In parallel with these processes, the MeNB 20 negotiates with the UE 10 such that the UE 10 can derive both KUPenc for the MeNB 20 and the SeNB 30. Specifically, the MeNB 20 sends to the UE 10 information necessary for deriving both KUPenc for the MeNB 20 and the SeNB 30, such as some parameters, indicators indicating encryption algorithms, and the like.

[0107]The UE 10 derives both KUPenc for the MeNB 20 and the SeNB 30 based on t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

In order for supporting separate ciphering at an MeNB (20) and an SeNB (30), the MeNB (20) derives separate first and second keys (KUPenc-M, KUPenc-S) from a third key (KeNB). The first key (KUPenc-M) is used for confidentially protecting first traffic transmitted over U-Plane between the MeNB (20) and a UE (10). The first key (KUPenc-M) may be the same as current KUPenc or a new key. The second key (KUPenc-S) is used for confidentially protecting second traffic transmitted over the U-Plane between the UE (10) and the SeNB (30). The MeNB (20) sends the second key (KUPenc-S) to the SeNB (30). The UE (10) negotiates with the MeNB (20), and derives the second key (KUPenc-S) based on a result of the negotiation.

Description

TECHNICAL FIELD[0001]The present invention relates to an apparatus, a system and a method for SCE (Small Cell Enhancement) or also called “dual connectivity”, and particularly to a technique to manage keys for SCE.BACKGROUND ART[0002]The protocol architecture for SCE has been studied by 3GPP (3rd Generation Partnership Project) as disclosed in NPLs 1 and 2.[0003]Further, for example, NPL 3 discloses that U-Plane (User-Plane) traffic is transmitted through an MeNB (Master evolved Node B) and an SeNB (Second eNB) in parallel for the purpose of offloading the MeNB.[0004]Furthermore, NPL 4 discloses that for U-Plane protocol architecture disclosed in NPL 3, support of separate ciphering at the MeNB and the SeNB is required.[0005]Note that LTE (Long Term Evolution) security specification is disclosed in NPL 5, for example.CITATION LISTNon Patent Literature[0006]NPL 1: 3GPP TR 36.842, “Evolved Universal Terrestrial Radio Access (E-UTRA); Study on Small Cell Enhancements for E-UTRA and E-U...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04W12/04H04W12/08
CPCH04W12/04H04W84/045H04W12/08H04L2463/061H04W12/04031H04W12/02H04W12/0431
Inventor ZHANG, XIAOWEIPRASAD, ANAND RAGHAWA
Owner NEC CORP