Patents by Inventor Patrik Ekdahl
Patrik Ekdahl has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11943332Abstract: A substitution box, SBox, circuit that performs an SBox computational step when comprised in cryptographic circuitry. The SBox circuit comprises: a first circuit part comprising digital circuitry that generates a 4-bit first output signal (Y) from an 8-bit input signal (U); a second circuit part, configured to operate in parallel with the first circuit part and to generate a 32-bit second output signal (L) from the 8-bit input signal (U), wherein the 32-bit second output signal (L) consists of four 8-bit sub-results; and a third circuit part configured to produce four preliminary 8-bit results (K) by scalar multiplying each of the four 8-bit sub-results by a respective one bit of the 4-bit first output signal (Y), and to produce an 8-bit output signal (R) by summing the four preliminary 8-bit results (K).Type: GrantFiled: March 6, 2020Date of Patent: March 26, 2024Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Patrik Ekdahl, Alexander Maximov
-
Patent number: 11916923Abstract: Disclosed herein is a method of a communication device, wherein the communication device is configured to operate in connection with an access node associated with a wireless communication network. The method comprises receiving a first data packet comprising a write request for writing code and/or data to a non-volatile memory comprised in the communication device and determining whether a second data packet comprising an identifier associated with the first data packet is received. When it is determined that the second data packet comprising the identifier is received, the method comprises extracting the identifier from the second data packet, wherein the identifier is a radio access layer parameter, determining whether the identifier is trusted, determining whether the identifier is validated when it is determined that the identifier is trusted and accepting at least a subset of the write request when it is determined that the identifier is trusted and validated.Type: GrantFiled: December 22, 2017Date of Patent: February 27, 2024Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Patrik Ekdahl, Magnus Åström
-
Publication number: 20220278822Abstract: A substitution box, SBox, circuit that performs an SBox computational step when comprised in cryptographic circuitry. The SBox circuit comprises: a first circuit part comprising digital circuitry that generates a 4-bit first output signal (Y) from an 8-bit input signal (U); a second circuit part, configured to operate in parallel with the first circuit part and to generate a 32-bit second output signal (L) from the 8-bit input signal (U), wherein the 32-bit second output signal (L) consists of four 8-bit sub-results; and a third circuit part configured to produce four preliminary 8-bit results (K) by scalar multiplying each of the four 8-bit sub-results by a respective one bit of the 4-bit first output signal (Y), and to produce an 8-bit output signal (R) by summing the four preliminary 8-bit results (K).Type: ApplicationFiled: March 6, 2020Publication date: September 1, 2022Inventors: Patrik Ekdahl, Alexander Maximov
-
Patent number: 11316670Abstract: There is provided mechanisms for enabling secure communication between a first communications device and a second communications device. A method is performed by the first communications device. The method comprises performing a network attachment procedure with an authentication server. The method comprises establishing, during the network attachment procedure, a shared secret between the first communications device and the authentication server. The shared secret is established by running an authentication and key agreement protocol as part of the network attachment procedure with a network access identity of the first communications device as input. The method comprises deriving an application level shared key for the first communications device from the shared secret. The shared key is to be used for secure communication between the first communications device and the second communications device.Type: GrantFiled: July 3, 2017Date of Patent: April 26, 2022Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Per Stahl, Patrik Ekdahl, Petri Mikael Johansson, Bernard Smeets
-
Patent number: 11096058Abstract: There is provided mechanisms for handling a reconfiguration request for a communications device. A method is performed by the communications device. The method comprises wirelessly receiving the reconfiguration request from a radio access network node. The reconfiguration request originates from a server and is received together with digitally signed radio access layer information of the radio access network node. The method comprises verifying the digitally signed radio access layer information using an authorization process. The method comprises accepting the reconfiguration request only when having successfully verified the digitally signed radio access layer information.Type: GrantFiled: August 30, 2017Date of Patent: August 17, 2021Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Magnus Åström, Patrik Ekdahl, Bengt Lindoff
-
Publication number: 20200412742Abstract: Disclosed herein is a method of a communication device, wherein the communication device is configured to operate in connection with an access node associated with a wireless communication network. The method comprises receiving a first data packet comprising a write request for writing code and/or data to a non-volatile memory comprised in the communication device and determining whether a second data packet comprising an identifier associated with the first data packet is received. When it is determined that the second data packet comprising the identifier is received, the method comprises extracting the identifier from the second data packet, wherein the identifier is a radio access layer parameter, determining whether the identifier is trusted, determining whether the identifier is validated when it is determined that the identifier is trusted and accepting at least a subset of the write request when it is determined that the identifier is trusted and validated.Type: ApplicationFiled: December 22, 2017Publication date: December 31, 2020Inventors: Patrik Ekdahl, Magnus Åström
-
Publication number: 20200403780Abstract: There is provided mechanisms for enabling secure communication between a first communications device and a second communications device. A method is performed by the first communications device. The method comprises performing a network attachment procedure with an authentication server. The method comprises establishing, during the network attachment procedure, a shared secret between the first communications device and the authentication server. The shared secret is established by running an authentication and key agreement protocol as part of the network attachment procedure with a network access identity of the first communications device as input. The method comprises deriving an application level shared key for the first communications device from the shared secret. The shared key is to be used for secure communication between the first communications device and the second communications device.Type: ApplicationFiled: July 3, 2017Publication date: December 24, 2020Inventors: Per Ståhl, Patrik Ekdahl, Petri Mikael Johansson, Bernard Smeets
-
Publication number: 20200374693Abstract: There is provided mechanisms for handling a reconfiguration request for a communications device. A method is performed by the communications device. The method comprises wirelessly receiving the reconfiguration request from a radio access network node. The reconfiguration request originates from a server and is received together with digitally signed radio access layer information of the radio access network node. The method comprises verifying the digitally signed radio access layer information using an authorization process. The method comprises accepting the reconfiguration request only when having successfully verified the digitally signed radio access layer information.Type: ApplicationFiled: August 30, 2017Publication date: November 26, 2020Inventors: Magnus Åström, Patrik Ekdahl, Bengt Lindoff
-
Patent number: 10663556Abstract: A method performed in a server node associated with a cellular communication system is disclosed. The method is for validation of a first position indication of a wireless communication device, wherein the wireless communication device is adapted to operate in connection with the cellular communication system. The first position indication is obtained via the wireless communication device by a first positioning system. The method comprises obtaining a serving cell identification of the wireless communication device, obtaining a second position indication of the wireless communication device based on the serving cell identification, and determining whether the first position indication is valid based on whether a metric based on the first and second position indications meets a validation criterion.Type: GrantFiled: September 28, 2016Date of Patent: May 26, 2020Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Bengt Lindoff, Lars Andersson, Magnus Åström, Patrik Ekdahl, Fredrik Nordström, Andres Reial
-
Publication number: 20190271757Abstract: A method performed in a server node associated with a cellular communication system is disclosed. The method is for validation of a first position indication of a wireless communication device, wherein the wireless communication device is adapted to operate in connection with the cellular communication system. The first position indication is obtained via the wireless communication device by a first positioning system. The method comprises obtaining a serving cell identification of the wireless communication device, obtaining a second position indication of the wireless communication device based on the serving cell identification, and determining whether the first position indication is valid based on whether a metric based on the first and second position indications meets a validation criterion.Type: ApplicationFiled: September 28, 2016Publication date: September 5, 2019Inventors: Bengt Lindoff, Lars Andersson, Magnus Åström, Patrik Ekdahl, Fredrik Nordström, Andres Reial
-
Patent number: 9927995Abstract: A method and an integrated circuit (100) for executing a trusted application within a trusted runtime environment (103) of the integrated circuit (100) are disclosed. The integrated circuit (100) comprises an internal memory (101) and the integrated circuit (100) is connected to an external memory (102). The trusted runtime environment (103) is restricted to use the internal memory (101) and the external memory (102). The integrated circuit (100) identifies (201) a call, by the trusted application, to a command of the trusted runtime environment (103). The trusted runtime environment (103) allows the command to be executed when the trusted application resides in the internal memory (101) only. Next, the integrated circuit (100) executes (204) the command while using the internal memory (101) only.Type: GrantFiled: June 19, 2013Date of Patent: March 27, 2018Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Patrik Ekdahl, Arash Vahidi
-
Publication number: 20170147320Abstract: A method performed by a network node for determining interoperability of an updated version of a piece of software with a device. The network node and the device operate in a network. The network node obtains information about software and hardware comprised in the device. The software comprises the piece of software to be updated. The network node updates the information about software and hardware with the updated version of the piece of software. The network node determines the interoperability of the updated version of the piece of software with the device based on a result of an interoperability test of the piece of software in an emulated environment corresponding to the device and created using updated information about software and hardware comprised in the device.Type: ApplicationFiled: April 23, 2015Publication date: May 25, 2017Inventors: Per Persson, Patrik Ekdahl
-
Patent number: 9588776Abstract: Disclosed herein is a processing device comprising a secured execution environment comprising means for bringing the processing device into a predetermined operational state; and a timer; a communication interface for data communication between the processing device and a remote device management system external to the processing device; wherein the secured execution environment is configured, responsive to an expiry of the timer, to bring the processing device into said predetermined operational state; and responsive to a receipt, from the remote device management system via said communications interface, of a predetermined signal, to restart the timer.Type: GrantFiled: May 23, 2011Date of Patent: March 7, 2017Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Bernard Smeets, Patrik Ekdahl
-
Publication number: 20160139846Abstract: A method and an integrated circuit (100) for executing a trusted application within a trusted runtime environment (103) of the integrated circuit (100) are disclosed. The integrated circuit (100) comprises an internal memory (101) and the integrated circuit (100) is connected to an external memory (102). The trusted runtime environment (103) is restricted to use the internal memory (101) and the external memory (102). The integrated circuit (100) identifies (201) a call, by the trusted application, to a command of the trusted runtime environment (103). The trusted runtime environment (103) allows the command to be executed when the trusted application resides in the internal memory (101) only. Next, the integrated circuit (100) executes (204) the command while using the internal memory (101) only.Type: ApplicationFiled: June 19, 2013Publication date: May 19, 2016Applicant: Telefonaktiebolaget L M Ericsson (publ)Inventors: Patrik EKDAHL, Arash VAHIDI
-
Publication number: 20150033004Abstract: Disclosed herein is a processing device comprising a secured execution environment comprising means for bringing the processing device into a predetermined operational state; and a timer; a communication interface for data communication between the processing device and a remote device management system external to the processing device; wherein the secured execution environment is configured, responsive to an expiry of the timer, to bring the processing device into said predetermined operational state; and responsive to a receipt, from the remote device management system via said communications interface, of a predetermined signal, to restart the timer.Type: ApplicationFiled: May 23, 2011Publication date: January 29, 2015Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Bernard Smeets, Patrik Ekdahl
-
Patent number: 8938780Abstract: Security can be improved in electronic devices that use authentication images and trusted user interfaces (TUIs), and it can still be easy for users to see the TUIs by making more dynamic use of the authentication images and possibly adding color effects.Type: GrantFiled: March 27, 2012Date of Patent: January 20, 2015Assignee: Telefonaktiebolaget L M Ericsson (Publ)Inventor: Patrik Ekdahl
-
Publication number: 20130263215Abstract: Security can be improved in electronic devices that use authentication images and trusted user interfaces (TUIs), and it can still be easy for users to see the TUIs by making more dynamic use of the authentication images and possibly adding color effects.Type: ApplicationFiled: March 27, 2012Publication date: October 3, 2013Applicant: TELEFONAKTIEBOLAGET L M ERICSSON (PUBL)Inventor: Patrik Ekdahl