Patents by Inventor Mats Naslund

Mats Naslund has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11917073
    Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.
    Type: Grant
    Filed: March 29, 2022
    Date of Patent: February 27, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa Torvinen, Noamen Ben Henda, Qian Chen, Vesa Lehtovirta, Mats Näslund, Karl Norrman, Gang Ren, Mikael Wass, Monica Wifvesson
  • Patent number: 11722473
    Abstract: A communication device of a communication network receives, via a network, a challenge, generates a first Diffie Hellman, DH, parameter, a first verification code for the first DH parameter, forwards the challenge or a derivative thereof to an identity module, receives at least one result parameter as response from the identity module, determines, based on the result parameter, whether the first DH parameter is authentic, and if the first DH parameter is authentic, generates and sends a second DH parameter to the network device for session key generation based on the first DH parameter and the second DH parameter.
    Type: Grant
    Filed: February 23, 2021
    Date of Patent: August 8, 2023
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Mats Näslund, Bengt Sahlin, Karl Norrman, Jari Arkko
  • Patent number: 11658810
    Abstract: A method for cryptographic key management for managing access control is provided. A key is divided into a plurality of portions of the key. Pre-encryption contextual data is received for each of a plurality of devices. The pre-encryption contextual data indicates at least one attribute of a respective device of the plurality of devices before an encryption of the plurality of portions of the key is performed. The plurality of portions of the key are encrypted based at least on the pre-encryption contextual data of the plurality of devices to make the plurality of the portions of the key dependent at least on contextual data corresponding pre-encryption contextual data. Each of the plurality of encrypted portions of the key is distributed to a respective device of the plurality of devices for storage and retrieval.
    Type: Grant
    Filed: March 23, 2016
    Date of Patent: May 23, 2023
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Makan Pourzandi, Mats Näslund
  • Patent number: 11595822
    Abstract: A method performed by a resolver in a core network of a wireless communication system, where the method comprise: receiving, from a requester in the core network, a request to resolve a provided identifier that is one of a subscription identifier and a pseudonym identifier serving in the core network as a pseudonym for the subscription identifier; and transmitting, to the requester as a response to the request, a resolved identifier that is the other of the subscription identifier and the pseudonym identifier.
    Type: Grant
    Filed: October 4, 2018
    Date of Patent: February 28, 2023
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Prajwol Kumar Nakarmi, Mats Näslund, Karl Norrman
  • Publication number: 20220224543
    Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.
    Type: Application
    Filed: March 29, 2022
    Publication date: July 14, 2022
    Applicant: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Vesa Torvinen, Noamen Ben Henda, Qian Chen, Vesa Lehtovirta, Mats Näslund, Karl Norrman, Gang Ren, Mikael Wass, Monica Wifvesson
  • Patent number: 11296890
    Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.
    Type: Grant
    Filed: November 24, 2016
    Date of Patent: April 5, 2022
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa Torvinen, Noamen Ben Henda, Qian Chen, Vesa Lehtovirta, Mats Näslund, Karl Norrman, Gang Ren, Mikael Wass, Monica Wifvesson
  • Patent number: 11243744
    Abstract: A method (40) is provided for performing a trustworthiness test on a random number generator, RNG, (20) comprising a physical unclonable function, PUF-module (21). The trustworthiness test is implemented as a known answer test, KAT, and the method (40) comprises: receiving (41), in the PUF-module (21), an input based on test data, T, received from a verifier (11) provided with at least one test data-test result pair, (T, R), providing (42) an output from the PUF-module (21), determining (43) a test result, R?, based on the output from the PUF-module (21), and providing (44) the test result, R?, to the verifier (11). A random number generator (20), computer program and computer program products and a method performed by or in a verifier are also provided.
    Type: Grant
    Filed: November 15, 2016
    Date of Patent: February 8, 2022
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Mats Näslund, Elena Dubrova, Karl Norrman
  • Publication number: 20210194677
    Abstract: A method for cryptographic key management for managing access control is provided. A key is divided into a plurality of portions of the key. Pre-encryption contextual data is received for each of a plurality of devices. The pre-encryption contextual data indicates at least one attribute of a respective device of the plurality of devices before an encryption of the plurality of portions of the key is performed. The plurality of portions of the key are encrypted based at least on the pre-encryption contextual data of the plurality of devices to make the plurality of the portions of the key dependent at least on contextual data corresponding pre-encryption contextual data. Each of the plurality of encrypted portions of the key is distributed to a respective device of the plurality of devices for storage and retrieval.
    Type: Application
    Filed: March 23, 2016
    Publication date: June 24, 2021
    Inventors: Makan POURZANDI, Mats NÄSLUND
  • Patent number: 11039307
    Abstract: A wireless device (16) configured to receive from a network node (20) a page (18) that includes a paging identifier (18A) 4 for the wireless device (16). The paging identifier (18A) may identify as a target of the page (18) a wireless device (16) associated with a particular subscriber. In fact, in some embodiments, the paging identifier (18A) is based on an encrypted subscription identifier for the wireless device (16) or is a pseudonym subscription identifier for the wireless device (16). In any event, the wireless device (16) is also configured to transmit to the network node (20) a response (22) to the page (18) that indicates the wireless device (16) was paged but that includes an identifier for the wireless device (16) that is different than the paging identifier (18A) included in the page (18).
    Type: Grant
    Filed: December 29, 2017
    Date of Patent: June 15, 2021
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Prajwol Kumar Nakarmi, Enrique Cobo Jimenez, Mats Näslund, Karl Norrman
  • Publication number: 20210176227
    Abstract: A communication device of a communication network receives, via a network, a challenge, generates a first Diffie Hellman, DH, parameter, a first verification code for the first DH parameter, forwards the challenge or a derivative thereof to an identity module, receives at least one result parameter as response from the identity module, determines, based on the result parameter, whether the first DH parameter is authentic, and if the first DH parameter is authentic, generates and sends a second DH parameter to the network device for session key generation based on the first DH parameter and the second DH parameter.
    Type: Application
    Filed: February 23, 2021
    Publication date: June 10, 2021
    Inventors: Mats NÄSLUND, Bengt SAHLIN, Karl NORRMAN, Jari ARKKO
  • Patent number: 10965660
    Abstract: A communication device of a communication network receives, via a network, a challenge, generates a first Diffie Hellman, DH, parameter, a first verification code for the first DH parameter, forwards the challenge or a derivative thereof to an identity module, receives at least one result parameter as response from the identity module, determines, based on the result parameter, whether the first DH parameter is authentic, and if the first DH parameter is authentic, generates and sends a second DH parameter to the network device for session key generation based on the first DH parameter and the second DH parameter.
    Type: Grant
    Filed: September 3, 2019
    Date of Patent: March 30, 2021
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Mats Näslund, Bengt Sahlin, Karl Norrman, Jari Arkko
  • Patent number: 10931644
    Abstract: A method for a first network node may protect confidentiality of a first identifier associated by the first network node with a subscription used by a mobile entity. The communications network comprises a home network of the mobile entity and a serving network serving the mobile entity. The first network node, which is part of the home network may: receive, from a second network node which is part of the serving network, a first request for authentication information for the mobile entity, the first request comprising the first identifier; generate a first pseudonym associated with the first identifier; create a link between the first pseudonym and the first identifier; and send, to the second network node, the first pseudonym in response to the first request for authentication information for use as an identifier for the mobile entity in the serving network. A method for a second network node is also provided.
    Type: Grant
    Filed: June 23, 2015
    Date of Patent: February 23, 2021
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Karl Norrman, Yi Cheng, John Mattsson, Mats Näslund
  • Patent number: 10862690
    Abstract: A technique for handling data provided from a source node to a collecting node in a data network is described. As to a method aspect of the technique, the source node generates a sequence of values. The sequence is unrevealed in the data network by the source node in a time interval. An authentication of the sequence is triggered in the data network. The authentication associates the sequence with the source node. One or more signatures for one or more data sets to be sent in the time interval are computed using one or more values of the sequence. The one or more data sets in the time interval are sent from the source node to the collecting node. The source node further provides one or more of the signatures.
    Type: Grant
    Filed: September 30, 2014
    Date of Patent: December 8, 2020
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (publ)
    Inventors: Bernard Smeets, Mats Näslund
  • Patent number: 10855441
    Abstract: A method (40) of generating a pseudonym associated with a communication device (11) is disclosed. The method (40) is performed in a network node (13) of a communications system (10) and comprises generating (41) a pseudonym embryo based on one or more elements of a sequence (S1, S2, . . . , Sn), obtaining (42) the pseudonym as output of a masking operation applied to the pseudonym embryo, wherein the masking operation comprises a one-to-one mapping, and transmitting (43) the pseudonym to the communication device (11). A corresponding network node (13), computer program and computer program product are also disclosed.
    Type: Grant
    Filed: December 18, 2015
    Date of Patent: December 1, 2020
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Karl Norrman, Jari Arrko, Elena Dubrova, Mats Näslund
  • Publication number: 20200322160
    Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.
    Type: Application
    Filed: November 24, 2016
    Publication date: October 8, 2020
    Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa TORVINEN, Noamen BEN HENDA, Qian CHEN, Vesa LEHTOVIRTA, Mats NÄSLUND, Karl NORRMAN, Gang REN, Mikael WASS, Monica WIFVESSON
  • Patent number: 10740478
    Abstract: A method of performing an operation on a data storage for storing data being encrypted with a key KD associated with an owner of the data is provided. The method includes deriving, for each authorized client Cj, a first key KCj and a second key KTj, providing the client Cj with the first key KCj, and providing a Trusted Third Party (TTP) with the second key KTj. The method further includes, at a Policy Enforcement Point, receiving a request for performing the operation on the data storage from a client Ck of the authorized clients, acquiring a first key KCk from the client Ck, acquiring a second key KTk from the TTP, deriving the key KD from the first key KCk and the second key KTk, and performing the operation on the data storage using the derived key KD. The disclosed trust model uses two-part secret sharing.
    Type: Grant
    Filed: July 31, 2017
    Date of Patent: August 11, 2020
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Mats Näslund, Christian Schaefer
  • Patent number: 10735392
    Abstract: The disclosure relates to a method (20) for a serving device (3) of establishing a computational puzzle for use in communication between a client device (2) and the serving device (3). The method (20) comprises establishing (21), in the serving device (3), the computational puzzle (p) based on a key shared by the client device (2) and the serving device (3) and on a solution (s?, s?) to the computational puzzle (p). Further method (30) in a serving device is provided, methods (60, 70) for client devices (2), serving devices (3), client devices (2), computer programs and computer program products.
    Type: Grant
    Filed: April 16, 2015
    Date of Patent: August 4, 2020
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Göran Selander, Elena Dubrova, Fredrik Lindqvist, Mats Näslund
  • Publication number: 20200245139
    Abstract: A method performed by a resolver in a core network of a wireless communication system, where the method comprise: receiving, from a requester in the core network, a request to resolve a provided identifier that is one of a subscription identifier and a pseudonym identifier serving in the core network as a pseudonym for the subscription identifier; and transmitting, to the requester as a response to the request, a resolved identifier that is the other of the subscription identifier and the pseudonym identifier.
    Type: Application
    Filed: October 4, 2018
    Publication date: July 30, 2020
    Inventors: Prajwol Kumar Nakarmi, Mats Näslund, Karl Norrman
  • Publication number: 20200162900
    Abstract: A wireless device (16) configured to receive from a network node (20) a page (18) that includes a paging identifier (18A) 4 for the wireless device (16). The paging identifier (18A) may identify as a target of the page (18) a wireless device (16) associated with a particular subscriber. In fact, in some embodiments, the paging identifier (18A) is based on an encrypted subscription identifier for rI the wireless device (16) or is a pseudonym subscription identifier for the wireless device (16). In any event, the wireless device (16) is also configured to transmit to the network node (20) a response (22) to the page (18) that indicates the wireless device (16) was paged but that includes an identifier for the wireless device (16) that is different than the paging identifier (18A) included in the page (18).
    Type: Application
    Filed: December 29, 2017
    Publication date: May 21, 2020
    Inventors: Prajwol Kumar Nakarmi, Enrique Cobo Jimenez, Mats Näslund, Karl Norrman
  • Patent number: 10659447
    Abstract: A communication device of a communication network receives, via a network, a challenge, generates a first Diffie Hellman, DH, parameter, a first verification code for the first DH parameter, forwards the challenge or a derivative thereof to an identity module, receives at least one result parameter as response from the identity module, determines, based on the result parameter, whether the first DH parameter is authentic, and if the first DH parameter is authentic, generates and sends a second DH parameter to the network device for session key generation based on the first DH parameter and the second DH parameter.
    Type: Grant
    Filed: July 24, 2018
    Date of Patent: May 19, 2020
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Mats Näslund, Bengt Sahlin, Karl Norrman, Jari Arkko