Abstract: A method and arrangements for enabling authentication of a communication device is suggested, where a network node, capable of operating as an authentication server does not have to store all state related information relevant for a roundtrip of an authentication session. Instead of storing all this information, at least a part of it is provided to the authenticator or the communication unit, for later retrieval in a subsequent response. Based on the state related information provided in the response, the network node is capable of reproducing a state associated with a respective roundtrip. By repeating the mentioned process for a required number of roundtrips, an authentication session can be executed, where less state related information need to be stored at the mentioned network node.

Abstract: A mobile device and an authentication server are configured to re-establish a security context that was previously established using an Authentication Key Agreement (AKA) procedure. The re-establishment advantageously uses re-use information saved from the preceding AKA procedure, including using synchronization information for each such re-establishment that occurs between AKA procedures. The synchronization information particularly identifies each instance of re-establishment and depends on a sequence number assigned to the preceding AKA procedure and on any previous instances of re-establishing the security context.

Abstract: A first network device of a first communication network obtains a challenge, generates a first PFS parameter, obtains a first verification code for the first PFS parameter, and sends the challenge, the first PFS parameter and the first verification code to a communication device, which in turn receives the challenge, the first PFS parameter and the first verification code, forwards the challenge or a derivative thereof to an identity module, receives at least one result parameter as response from the identity module, determines, based on the result parameter, whether the first PFS parameter is authentic, and if the determination is positive generates and sends the second PFS parameter to the first network device, which in turn verifies the second PFS parameter.

Abstract: A method of authorizing a message received at a node in a wireless network is disclosed. The message from a sender device is formed by a plurality of symbols and includes a first message integrity indicator located at a predetermined distance from the start of the message such that further symbols of the message are included after the first message integrity indicator. The position of the first message integrity indicator in the message is determined, and a cryptographic operation is performed on at least some of the symbols of the message before the first message integrity indicator so as to generate a second message integrity indicator before the first message integrity indicator is received. The first and second message integrity indicators are compared, and an indication that the message is not authorized is provided if the second message integrity indicator does not match the first message integrity indicator.

Abstract: A user equipment receives an Extensible Authentication Protocol Authentication and Key Agreement Prime (EAP AKA?) message, from an authentication server related to the user equipment, in an authentication procedure being part of setting up a connection from the user equipment through an access network. The user equipment sets up an IP Security tunnel between the user equipment and an evolved Packet Data Gateway responsive to the EAP AKA? message indicating that the access network is untrusted.

Abstract: Methods and apparatus for encrypting and storing data. The methods and apparatus provide different levels of security and usability. The methods and apparatus generate two or more keys based on a shared secret made available to a user equipment and a server. The two or more keys comprise at least one perfect forward secrecy key, and at least one limited forward secrecy key. The methods and apparatus encrypt data using at least one of the two or more keys. The methods and apparatus store the encrypted data in a memory of the user equipment and/or transmit the data from the user equipment to the server.

Abstract: The disclosure relates to a method (20) for a serving device (3) of establishing a computational puzzle for use in communication between a client device (2) and the serving device (3). The method (20) comprises establishing (21), in the serving device (3), the computational puzzle (p) based on a key shared by the client device (2) and the serving device (3) and on a solution (s?, s?) to the computational puzzle (p). Further method (30) in a serving device is provided, methods (60, 70) for client devices (2), serving devices (3), client devices (2), computer programs and computer program products.

Abstract: Electronic devices (320) are provided which comprise a digital logic circuit (101) and a test module (322) adapted to receive test parameters from a remote test management device (310), generate test patterns based on the test parameters, apply the test patterns to the digital logic circuit, receive test responses from the digital logic circuit, compact the test responses into a test signature, and either transmit the test signature to the remote test management device or determine a test result based on a comparison of an expected signature received from the remote test management device with the test signature.

Abstract: When setting up communication from a user equipment UE (1), such as for providing IP access for the UE in order to allow it to use some service, information or an indication of at least one network property relating to a first network, e.g. the current access network (3, 3?), is sent to the UE from a node (13) in a second network such as the home network (5) of the subscriber of the UE. The information or indication can be sent in a first stage of an authentication procedure being part of the setting up of a connection from the UE. In particular, the network property can indicate whether the access network (3, 3?) is trusted or not.

Abstract: A Feedback Shift-Register (FSR) enabling improved testing, e.g., Built-In Self-Tests (BIST), is provided. Each cell of the FSR may either be an observable cell, associated with a non-trivial feedback function implemented by a combinational logic circuit, or a controllable cell, having an associated state variable which belongs to the dependence set of exactly one of the non-trivial feedback functions. Each controllable cell is provided with a multiplexer for selecting either a predecessor cell of the controllable cell or a test value as input. Thus, the sequential circuit of the FSR in an embodiment is tested using tests for combinational logic. The disclosed test procedures utilize a minimal set of test vectors and allow detection of all single stuck-at faults in the FSR. The resulting dynamic power dissipation during test can be considerably less than known BIST designs.

Abstract: The disclosure relates to a method (30) for a network node (6, 7, 8) of a wireless network (1) of providing a device (5, 9) access to the wireless network (1). The method (30) comprises receiving (31), from a device (5, 9), an access request comprising a preamble; establishing (32), in response to the access request, a computational puzzle based on the received preamble; and sending (33) the computational puzzle to the device (5, 9). A corresponding method in a device is also disclosed, as are a network node (6, 7, 8), device (5, 9), computer programs and computer program products.

Abstract: A method (400) of generating a cryptographic checksum for a message M(x) is provided. The method is performed by a communication device, such as a sender or a receiver, and comprises calculating (405) the cryptographic checksum as a first function g of a division of a second function of M(x), f(M(x)), modulo a generator polynomial p(x) of degree n, g(f(M(x)) mod p(x)). The generator polynomial is calculated (403) as p(x)=(1?x)·P1(x), and P/(x) is a primitive polynomial of degree n?1. The primitive polynomial is selected (402), based on a first cryptographic key, from the set of primitive polynomials of degree n?1 over a Galois Field. By replacing a standard checksum with a cryptographic checksum, an efficient message authentication is provided. The proposed cryptographic checksum may be used for providing integrity assurance on the message, i.e., for detecting random and intentional message changes, with a known level of security.

Abstract: A technique for generating a keystream (128) for ciphering or deciphering a data stream (122) is provided. As to a method aspect of the technique, a nonlinear feedback shift register, NLFSR (112), including n register stages implemented in a Galois configuration is operated. At least one register stage of the implemented n register stages is representable by at least one register stage of a linear feedback shift register, LFSR. A first subset of the implemented n register stages is representable by a second subset of a second NLFSR. A number of register stages receiving a nonlinear feedback in the second NLFSR is greater than one and less than a number of register stages receiving a nonlinear feedback in the implemented NLFSR. The keystream (128) is outputted from a nonlinear output function (118). An input of the nonlinear output function (118) is coupled to at least two of the implemented n register stages of the NLFSR (112).

Abstract: A method of performing an operation on a data storage for storing data being encrypted with a key KD associated with an owner of the data is provided. The method includes deriving, for each authorized client Cj, a first key KCj and a second key KTj, providing the client Cj with the first key KCj, and providing a Trusted Third Party (TTP) with the second key KTj. The method further includes, at a Policy Enforcement Point, receiving a request for performing the operation on the data storage from a client Ck of the authorized clients, acquiring a first key KCk from the client Ck, acquiring a second key KTk from the TTP, deriving the key KD from the first key KCk and the second key KTk, and performing the operation on the data storage using the derived key KD. The disclosed trust model uses two-part secret sharing.

Abstract: A first network device of a first communication network obtains a challenge, generates a first PFS parameter, obtains a first verification code for the first PFS parameter, and sends the challenge, the first PFS parameter and the first verification code to a communication device, which in turn receives the challenge, the first PFS parameter and the first verification code, forwards the challenge or a derivative thereof to an identity module, receives at least one result parameter as response from the identity module, determines, based on the result parameter, whether the first PFS parameter is authentic, and if the determination is positive generates and sends the second PFS parameter to the first network device, which in turn verifies the second PFS parameter.

Abstract: A method of performing an operation on a data storage for storing data being encrypted with a key KD associated with an owner of the data is provided. The method includes deriving, for each authorized client Cj, a first key KCj and a second key KTj, providing the client Cj with the first key KCj, and providing a Trusted Third Party (TTP) with the second key KTj. The method further includes, at a Policy Enforcement Point, receiving a request for performing the operation on the data storage from a client Ck of the authorized clients, acquiring a first key KCk from the client Ck, acquiring a second key KTk from the TTP, deriving the key KD from the first key KCk and the second key KTk, and performing the operation on the data storage using the derived key KD. The disclosed trust model uses two-part secret sharing.

Abstract: This disclosure relates to methods and apparatuses for protection of control plane functionality of a network node of a communications network providing wireless communication to a mobile terminal. The network node is configured to support control plane signaling with the mobile terminal. A communication context for the mobile terminal is maintained, wherein the communication context is associated with a control signaling message exchange between the mobile terminal and the network node. One method includes establishing, for a received message, a communication context to which it belongs; determining, in relation to information in the established communication context, the received message to be a message conforming to a protection rule or a message violating a protection rule; and handling the message in accordance with rules of a protection policy. Related network nodes, computer programs, and computer program products are disclosed.

Abstract: A method and apparatus for key management in a communication network. A Key Management Server (KMS) receives from a first device a request for a token associated with a user identity, the user identity being associated with a second device. The KMS then sends the requested token and a user key associated with the user to the first device. The KMS subsequently receives the token from the second device. A second device key is generated using the user key and a modifying parameter associated with the second device. The modifying parameter is available to the first device for generating the second device key. The second device key is then sent from the KMS to the second device. The second device key can be used by the second device to authenticate itself to the first device, or for the first device to secure communications to the second device.

Abstract: A method (500) of generating a cryptographic checksum for a message M(x) is provided. The method comprises pseudo-randomly selecting (502) at least two irreducible polynomials pi(x). Each irreducible polynomial pi(x) is selected based on a first cryptographic key from the set of irreducible polynomials of degree ni over a Galois Field. The method further comprises calculating (503) a generator polynomial p(x) of degree n=formula (I) as a product of the N irreducible polynomials formula (II), and calculating (505) the cryptographic checksum as a first function g of a division of a second function of M(x), ƒ(M(x)), modulo p(x), i.e., g(ƒ(M(x)) mod p(x)). By replacing a standard checksum, such as a Cyclic Redundancy Check (CRC), with a cryptographic checksum, an efficient message authentication is provided. The proposed cryptographic checksum may be used for providing integrity assurance on the message, i.e., for detecting random and intentional message changes, with a known level of security.

Abstract: A technique for handling data provided from a source node to a collecting node in a data network is described. As to a method aspect of the technique, the source node generates a sequence of values. The sequence is unrevealed in the data network by the source node in a time interval. An authentication of the sequence is triggered in the data network. The authentication associates the sequence with the source node. One or more signatures for one or more data sets to be sent in the time interval are computed using one or more values of the sequence. The one or more data sets in the time interval are sent from the source node to the collecting node. The source node further provides one or more of the signatures.