Patents by Inventor Frank Fransen
Frank Fransen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11799650Abstract: The invention relates to a method and system for key distribution and encryption/decryption. An encryption key (Kenc) is derived in a terminal. The encryption key is applied by the terminal for encrypting at least a part of data included in an application message for an application server transmitted over a network. The terminal and the network both have access to a first key (K1). The terminal and the server both have access to a second key (K2). The encryption key is derived at the terminal using the first key and the second key. The first key or the derivative thereof is received at the server. The encryption key for decrypting the application message encrypted by the terminal is derived in the server using the shared second key and the received first key of the derivative thereof.Type: GrantFiled: September 17, 2018Date of Patent: October 24, 2023Assignees: Koninklijke KPN N.V., Nerderlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventor: Frank Fransen
-
Patent number: 10958631Abstract: The disclosure relates to a security method in a radio access network system. A shared secret key is stored in both a user device and a core network system. A further secret key is received from the core network system, wherein the further secret key has been derived using the shared secret key stored in the core network system. One or more values are provided over the radio interface to the user device to derive the further secret key in the user device from at least the shared secret key stored in the user device and one or more of the one or more values provided over the radio interface. An authentication procedure and/or a key agreement procedure is performed for the user device over the wireless radio interface using the received further secret key in the radio access network system and the derived further secret key in the user device.Type: GrantFiled: February 6, 2019Date of Patent: March 23, 2021Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventor: Frank Fransen
-
Patent number: 10659960Abstract: The disclosure relates to a security method and system in a telecommunications network comprising a radio access network system and a core network system. The radio access network system is configured to provide a wireless radio interface for at least one user device, wherein a shared secret key is stored in both the user device and the core network system. At least one vector is received from the core network system comprising one or more values derived from the shared secret key. At least one of an authentication procedure and a key agreement procedure is performed in the radio access network system for the user device over the wireless radio interface using the one or more values of the received vector for establishing a connection between the user device and the radio access network system.Type: GrantFiled: April 20, 2018Date of Patent: May 19, 2020Assignees: KONINKLIJKE KPN N.V., NEDERLANDSE ORGANISATIE VOOR TOEGEPASTNATUURWETENSCHAPPELIJK ONDERZOEK TNOInventor: Frank Fransen
-
Publication number: 20190174313Abstract: The disclosure relates to a security method in a radio access network system. A shared secret key is stored in both a user device and a core network system. A further secret key is received from the core network system, wherein the further secret key has been derived using the shared secret key stored in the core network system. One or more values are provided over the radio interface to the user device to derive the further secret key in the user device from at least the shared secret key stored in the user device and one or more of the one or more values provided over the radio interface. An authentication procedure and/or a key agreement procedure is performed for the user device over the wireless radio interface using the received further secret key in the radio access network system and the derived further secret key in the user device.Type: ApplicationFiled: February 6, 2019Publication date: June 6, 2019Applicants: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast- Natuurwetenschappelijk Onderzoek TNOInventor: Frank Fransen
-
Patent number: 10299119Abstract: The disclosure relates to a security method in a radio access network system. A shared secret key is stored in both a user device and a core network system. A further secret key is received from the core network system, wherein the further secret key has been derived using the shared secret key stored in the core network system. One or more values are provided over the radio interface to the user device to derive the further secret key in the user device from at least the shared secret key stored in the user device and one or more of the one or more values provided over the radio interface. An authentication procedure and/or a key agreement procedure is performed for the user device over the wireless radio interface using the received further secret key in the radio access network system and the derived further secret key in the user device.Type: GrantFiled: May 1, 2015Date of Patent: May 21, 2019Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventor: Frank Fransen
-
Patent number: 10237718Abstract: The invention enables a device to discover one or more other devices within range for a device-to-device mode of communication. This proximity discovery may trigger a target device, e.g. to start listening to signals from a source device or perform any other action based on the proximity discovery like e.g. charging at a toll gate. A source device that wants to be discovered broadcasts a message including an identifier or a representation of the identifier. This identifier may be an identifier of the target device to be contacted or of the source device or a derivation thereof or a common security association used by a set of peers. The target device compares the broadcast identifier with a known identifier to establish proximity discovery.Type: GrantFiled: October 17, 2017Date of Patent: March 19, 2019Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventors: Frank Fransen, Peter Veugen, Sander de Kievit, Maarten Everts
-
Publication number: 20190036694Abstract: The invention relates to a method and system for key distribution and encryption/decryption. An encryption key (Kenc) is derived in a terminal. The encryption key is applied by the terminal for encrypting at least a part of data included in an application message for an application server transmitted over a network. The terminal and the network both have access to a first key (K1). The terminal and the server both have access to a second key (K2). The encryption key is derived at the terminal using the first key and the second key. The first key or the derivative thereof is received at the server. The encryption key for decrypting the application message encrypted by the terminal is derived in the server using the shared second key and the received first key of the derivative thereof.Type: ApplicationFiled: September 17, 2018Publication date: January 31, 2019Applicants: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventor: Frank Fransen
-
Patent number: 10103887Abstract: The invention relates to a method and system for key distribution and encryption/decryption. An encryption key (Kenc) is derived in a terminal. The encryption key is applied by the terminal for encrypting at least a part of data included in an application message for an application server transmitted over a network. The terminal and the network both have access to a first key (K1). The terminal and the server both have access to a second key (K2). The encryption key is derived at the terminal using the first key and the second key. The first key or the derivative thereof is received at the server. The encryption key for decrypting the application message encrypted by the terminal is derived in the server using the shared second key and the received first key of the derivative thereof.Type: GrantFiled: December 6, 2011Date of Patent: October 16, 2018Assignees: Koninklijke KPN N.V., Nederlandse Organisatie Voor Toegepast-Natuurwetenschappelijk Onderzoek TNONInventor: Frank Fransen
-
Publication number: 20180242147Abstract: The disclosure relates to a security method and system in a telecommunications network comprising a radio access network system and a core network system. The radio access network system is configured to provide a wireless radio interface for at least one user device, wherein a shared secret key is stored in both the user device and the core network system. At least one vector is received from the core network system comprising one or more values derived from the shared secret key. At least one of an authentication procedure and a key agreement procedure is performed in the radio access network system for the user device over the wireless radio interface using the one or more values of the received vector for establishing a connection between the user device and the radio access network system.Type: ApplicationFiled: April 20, 2018Publication date: August 23, 2018Applicants: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast- Natuurwetenschappelijk Onderzoek TNOInventor: Frank Fransen
-
Patent number: 9986432Abstract: The disclosure relates to a security method and system in a telecommunications network comprising a radio access network system and a core network system. The radio access network system is configured to provide a wireless radio interface for at least one user device, wherein a shared secret key is stored in both the user device and the core network system. At least one vector is received from the core network system comprising one or more values derived from the shared secret key. At least one of an authentication procedure and a key agreement procedure is performed in the radio access network system for the user device over the wireless radio interface using the one or more values of the received vector for establishing a connection between the user device and the radio access network system.Type: GrantFiled: December 23, 2014Date of Patent: May 29, 2018Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzgek TNOInventor: Frank Fransen
-
Publication number: 20180041887Abstract: The invention enables a device to discover one or more other devices within range for a device-to-device mode of communication. This proximity discovery may trigger a target device, e.g. to start listening to signals from a source device or perform any other action based on the proximity discovery like e.g. charging at a toll gate. A source device that wants to be discovered broadcasts a message including an identifier or a representation of the identifier. This identifier may be an identifier of the target device to be contacted or of the source device or a derivation thereof or a common security association used by a set of peers. The target device compares the broadcast identifier with a known identifier to establish proximity discovery.Type: ApplicationFiled: October 17, 2017Publication date: February 8, 2018Inventors: Frank Fransen, Peter Veugen, Sander de Kievit, Maarten Everts
-
Patent number: 9820134Abstract: The invention enables a device to discover one or more other devices within range for a device-to-device mode of communication. This proximity discovery may trigger a target device, e.g. to start listening to signals from a source device or perform any other action based on the proximity discovery like e.g. charging at a toll gate. A source device that wants to be discovered broadcasts a message including an identifier or a representation of the identifier. This identifier may be an identifier of the target device to be contacted or of the source device or a derivation thereof or a common security association used by a set of peers. The target device compares the broadcast identifier with a known identifier to establish proximity discovery.Type: GrantFiled: January 23, 2014Date of Patent: November 14, 2017Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventors: Frank Fransen, Peter Veugen, Sander de Kievit, Maarten Everts
-
Patent number: 9699820Abstract: A method is disclosed for establishing a device-to-device communication session between mobile devices which are mutually connectable via a D2D communication channel (DDC) and individually connectable to a mobile network (MN), including preloading an initiation key on each of the mobile devices, the initiation key being associated with a validity period; and on each of the mobile devices: verifying a validity of the initiation key based on a current time; if the initiation key is deemed valid, generating a session key using the initiation key by using the initiation key in performing a key agreement procedure between the mobile devices over the D2D communication channel (DDC), the key agreement procedure resulting in the session key if the initiation key used by each of the mobile devices matches; and establishing the D2D communication session over the D2D communication channel (DDC) based on the session key.Type: GrantFiled: August 10, 2016Date of Patent: July 4, 2017Assignees: KONINKLIJKE KPN N.V., NEDERLANDSE ORGANISATIE VOOR TOEGEPAST-NATUURWETENSCHAPPELIJK ONDERZOEK TNOInventors: Antonius Norp, Frank Fransen, Sander De Kievit
-
Publication number: 20170055153Abstract: The disclosure relates to a security method in a radio access network system. A shared secret key is stored in both a user device and a core network system. A further secret key is received from the core network system, wherein the further secret key has been derived using the shared secret key stored in the core network system. One or more values are provided over the radio interface to the user device to derive the further secret key in the user device from at least the shared secret key stored in the user device and one or more of the one or more values provided over the radio interface. An authentication procedure and/or a key agreement procedure is performed for the user device over the wireless radio interface using the received further secret key in the radio access network system and the derived further secret key in the user device.Type: ApplicationFiled: May 1, 2015Publication date: February 23, 2017Applicants: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventor: Frank Fransen
-
Publication number: 20160353505Abstract: A method is disclosed for establishing a device-to-device communication session between mobile devices which are mutually connectable via a D2D communication channel (DDC) and individually connectable to a mobile network (MN), including preloading an initiation key on each of the mobile devices, the initiation key being associated with a validity period; and on each of the mobile devices: verifying a validity of the initiation key based on a current time; if the initiation key is deemed valid, generating a session key using the initiation key by using the initiation key in performing a key agreement procedure between the mobile devices over the D2D communication channel (DDC), the key agreement procedure resulting in the session key if the initiation key used by each of the mobile devices matches; and establishing the D2D communication session over the D2D communication channel (DDC) based on the session key.Type: ApplicationFiled: August 10, 2016Publication date: December 1, 2016Inventors: Antonius Norp, Frank Fransen, Sander De Kievit
-
Publication number: 20160323737Abstract: The disclosure relates to a security method and system in a telecommunications network comprising a radio access network system and a core network system. The radio access network system is configured to provide a wireless radio interface for at least one user device, wherein a shared secret key is stored in both the user device and the core network system. At least one vector is received from the core network system comprising one or more values derived from the shared secret key. At least one of an authentication procedure and a key agreement procedure is performed in the radio access network system for the user device over the wireless radio interface using the one or more values of the received vector for establishing a connection between the user device and the radio access network system.Type: ApplicationFiled: December 23, 2014Publication date: November 3, 2016Applicants: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurweten schappelijk Onderzoek TNOInventor: Frank Fransen
-
Patent number: 9444851Abstract: Mobile network (MN) for mobile devices (UE1, UE2), the mobile devices being arranged for exchanging communication data via the mobile network or, by selection, via a Device-To-Device [D2D] communication channel, the mobile network comprising a base station (ENB1) and a controller (010), wherein the controller (010) is arranged for: i) receiving an interception request from a lawful intercept controller (020), the interception request being indicative of a subscriber; ii) determining whether a target device associated with the subscriber participates in the D2D communication channel (D2D) based on D2D control data; and iii) if the target device is deemed to participate in the D2D communication channel (D2D), requesting the base station (ENB1) to intercept the communication data exchanged via the D2D communication channel (D2D); and wherein the base station (ENB1) is arranged for, in response to a request from the controller, intercepting radio signals (RS) of the D2D communication channel based on the D2D contType: GrantFiled: October 25, 2013Date of Patent: September 13, 2016Assignees: Koninklijke KPN N.V., Nederlandse Organisatie Voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventors: Frank Fransen, Antonius Norp, Ljupco Jorguseski
-
Patent number: 9438572Abstract: A method is disclosed for establishing a device-to-device communication session between mobile devices (MD1, MD2) which are mutually connectable via a D2D communication channel (DDC) and individually connectable to a mobile network (MN), comprising: preloading (120) an initiation key on each of the mobile devices (MD1, MD2), the initiation key being associated with a validity period; and on each of the mobile devices (MD1, MD2), verifying (140) a validity of the initiation key based on a current time; if the initiation key is deemed valid, generating (160) a session key using the initiation key by using the initiation key in performing (164, 166) a key agreement procedure between the mobile devices (MD1, MD2) over the D2D communication channel (DDC), the key agreement procedure resulting in the session key if the initiation key used by each of the mobile devices matches; and establishing (180) the D2D communication session over the D2D communication channel (DDC) based on the session key.Type: GrantFiled: August 29, 2013Date of Patent: September 6, 2016Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventors: Antonius Norp, Frank Fransen, Sander De Kievit
-
Publication number: 20160198341Abstract: A system is described for communicating with a mobile telecommunications device (201) in a telecommunications network (207). The mobile telecommunications device (201) comprises first and second security applications. The second security application (209) is comprised in a smart card (204), typically the UICC of the mobile device (201). There is a secure logical channel between the first and second security applications which stops any malicious software resident on the device from interfering with communication between the first and second security applications. The telecommunications network (207) produces data and signals it to the mobile telecommunications device (201) which stores the data in the second security application (209) for access by the first security application (208).Type: ApplicationFiled: December 10, 2013Publication date: July 7, 2016Applicants: Koninklijke KPN N.V., NEDERLANDSE ORGANISATIE VOOR TOEGEPAST- NATUURWETENSCHAPPELIJK ONDERZOEK TNOInventor: Frank Fransen
-
Patent number: 9344884Abstract: At least a method for verifying the authenticity of one or more authentication messages in an authentication procedure between a network and a mobile device is described wherein the method comprises: sending an authentication request through a first radio access node to a said mobile device, said radio access node being associated with first location information; said mobile device generating second location information associated with the location of said mobile device; and, verifying the authenticity of the origin of said authentication request by checking if said second location information comprises said first location information.Type: GrantFiled: December 20, 2012Date of Patent: May 17, 2016Assignees: Koninklijke KPN N.V., Nederlandse Organisatie voor Toegepast-Natuurwetenschappelijk Onderzoek TNOInventors: Frank Muller, Frank Fransen