Abstract: There is provided mechanisms for enabling secure communication between a first communications device and a second communications device. A method is performed by the first communications device. The method comprises performing a network attachment procedure with an authentication server. The method comprises establishing, during the network attachment procedure, a shared secret between the first communications device and the authentication server. The shared secret is established by running an authentication and key agreement protocol as part of the network attachment procedure with a network access identity of the first communications device as input. The method comprises deriving an application level shared key for the first communications device from the shared secret. The shared key is to be used for secure communication between the first communications device and the second communications device.

Abstract: A method of establishing a session key at a communication device is disclosed, wherein the session key is to be shared between the communication device and a network application function (NAF) and wherein a service bootstrap key and an associated transaction identifier, previously derived by application of a general bootstrapping architecture (GBA) procedure, are shared between the communication device and a bootstrapping server function (BSF). The method comprises acquiring a NAF identifier associated with the NAF, deriving a NAF specific key based on the NAF identifier and the service bootstrap key, deriving the session key based on the NAF specific key and one or more key defining parameters, wherein the key defining parameters are accessible by the communication device and by the NAF and are non-accessible by the BSF, and transmitting an attach request message and the transaction identifier towards the NAF for establishment of the session key at the NAF.

Abstract: There is presented mechanisms for profile handling of a communications device (300). A method is performed by a local profile assistant (200a) of a proxy device (200). The method comprises obtaining an indication of handling a profile of the communications device (300). The method comprises establishing a first secure communications link with a local profile assistant of the communications device. The method comprises establishing a second secure communications link with a subscription management entity (430) of the communications device. The method comprises receiving information pertaining to handling of the profile by the local profile assistant of the communications device, the information being received from the subscription management entity over the second secure communications link. The method comprises providing the information to the local profile assistant of the communications device over the first secure communications link.

Abstract: Methods for communication for a device and a transport node are disclosed, the transport node facilitating communication between the device and a server. The method (100) for the device comprises assembling a message for sending to the server via the transport node (120), the message comprising a message payload, an application layer header, and a signature, wherein at least one of the message payload or a part of the application layer header is encrypted. The method further comprises retrieving a compression context identifier corresponding to the application layer header (130), replacing the application layer header in the message with the retrieved compression context identifier (140) and forwarding the message to the transport node (150). The method (200) for the transport node comprises retrieving an application layer header corresponding to the compression context identifier (220), and replacing the compression context identifier in the message with the retrieved application layer header (230).

Abstract: There is provided mechanisms for handling registration of data packet traffic for a wireless device in a communications network. A method is performed by a core network node. The method comprises registering an amount of data packet traffic in the communications network for the wireless device, wherein each data packet comprises an address of the wireless device, wherein the address is mapped to an identity of the wireless device, wherein the address comprises a first part defining an identity of a local network gateway of the wireless device and a second part defining the identity of the wireless device, and wherein selection of the second part is independent from the first part and the identity of the local network gateway. The method comprises mapping the amount of data packet traffic to the identity of the wireless device.

Abstract: This disclosure provides a method, performed in a wireless device, for obtaining initial access to a network in order to establish a connection to a server connected to the network. The wireless device stores a device public key and a device private key. The server stores the device public key. The method comprises transmitting an initial access request to a network node of the network and receiving an authentication request from the network node, the authentication request comprising a challenge. The method comprises generating a device authenticator based on the challenge and the device public key, and transmitting an authentication response to the network node. The authentication response comprises the device authenticator. The method comprises receiving an initial access response from the network node, the initial access response comprising an indicator of whether the initial access is granted or denied.

Abstract: There is provided a method for determining a need for a change in a pixel density requirement due to changing light conditions. The pixel density requirement specifies a pixel density which enables identification of an object in images captured by a camera. The method comprises receiving and monitoring (S02) a camera setting which is indicative of a light condition to which the camera is subjected and which affects the quality of images captured by the camera, and determining (S06) that there is a need for a change in the pixel density requirement upon detection (S04) of a change in the camera setting. The camera setting includes at least one of a gain and an exposure time used by the camera when capturing images.

Abstract: This disclosure provides a method, performed in a wireless device 60, for enabling a secure provisioning of a credential from a server 70. The wireless device 60 stores a device public key and a device private key. The server 70 stores the device public key. The method comprises receiving S1 an authentication request from the server 70; generating S2 a device authentication and integrity, DAI, indicator; and transmitting S3 an authentication response to the server 70. The authentication response comprises the DAI indicator. The method comprises receiving S4 a credential message from the server 70, the credential message comprising a server authentication and integrity, SAI, indicator. The SAI indicator provides a proof of the server's possession of the device public key. The method comprises verifying S5 the received credential message using the device public key.

Abstract: This disclosure provides a method, performed in a wireless device 60, for enabling a secure provisioning of a credential from a server 70. The wireless device 60 stores a device public key and a device private key. The server 70 stores the device public key. The method comprises receiving Si. an authentication request from the server 70; generating S2 a device authentication and integrity, DAI, indicator; and transmitting S3 an authentication response to the server 70. The authentication response comprises the DAI indicator. The method comprises receiving S4 a credential message from the server 70, the credential message comprising a server authentication and integrity, SAI, indicator. The SAI indicator provides a proof of the server's possession of the device public key. The method comprises verifying S5 the received credential message using the device public key.

Abstract: An exemplary method of maintaining secure time in a computing device is disclosed in which one or more processors implements a Rich Execution Environment (REE), and a separate Trusted Execution Environment (TEE). The TEE maintains a real-time clock (RTC) that provides a RTC time to the REE. A RTC offset is stored in non-volatile memory, with the RTC offset indicating a difference between the RTC time and a protected reference (PR) time. Responsive to a request from the REE to read the RTC time, a current RTC time is returned to the REE. Responsive to a request from the REE to adjust the RTC time, the RTC time and the corresponding RTC offset are adjusted by a same amount, such that the PR time is not altered by the RTC adjustment. An exemplary computing device operable to implement the method is also disclosed.

Abstract: There is provided a method for determining a need for a change in a pixel density requirement due to changing light conditions. The pixel density requirement specifies a pixel density which enables identification of an object in images captured by a camera. The method comprises receiving and monitoring (S02) a camera setting which is indicative of a light condition to which the camera is subjected and which affects the quality of images captured by the camera, and determining (S06) that there is a need for a change in the pixel density requirement upon detection (S04) of a change in the camera setting. The camera setting includes at least one of a gain and an exposure time used by the camera when capturing images.

Abstract: A method of authenticating an agent to a secure environment of a device, in a challenge-response authentication sys tem comprising the device, a remote authentication server and a connection path between the device and the remote authentication server, the method comprising: while the connection path is not established:—obtaining a predictable challenge based on at least a current value of a counter;—obtaining a response for the challenge; and,—authenticating the agent to the secure environment based on at least the response; and, wherein, upon successful authentication, the value of the counter is incremented. A challenge-response authentication system and an apparatus are also claimed.

Abstract: Systems and methods are provided for authenticating Internet Protocol (IP) Multimedia Subsystem (IMS) applications in a User Equipment (UE). A method includes: receiving a first Session Initiation Protocol (SIP) REGISTER message from an IMS application operating on the UE; transmitting a response message to the IMS application based on the received first SIP REGISTER message; receiving a second SIP REGISTER message from the IMS application operating on the UE; determining authentication for the IMS application based on the received second SIP REGISTER message from the IMS application operating on the UE; and based on the step of determining authentication for the IMS application, if the IMS application is authorized, then transmitting information associated with the first and second SIP REGISTER messages toward a SIP node or if the IMS application is unauthorized, then discarding data associated with the first and second SIP REGISTER messages.

Abstract: A temporary anti-rollback table—which is cryptographically signed, unique to a specific device, and includes a version number—is provided to an electronic device requiring a replacement anti-rollback table. The table is verified by the device, and loaded to memory following a reboot. The memory image of the table is used to perform anti-rollback verification of all trusted software components as they are loaded. After booting, the memory image of the table is written in a secure manner to non-volatile memory as a replacement anti-rollback table, and the temporary anti-rollback table is deleted. The minimum required table version number in OTP memory is incremented. The temporary anti-rollback table is created and signed using a private key at authorized service centers; a corresponding public key in the electronic device verifies its authenticity.

Abstract: An exemplary method of maintaining secure time in a computing device is disclosed in which one or more processors implements a Rich Execution Environment (REE), and a separate Trusted Execution Environment (TEE). The TEE maintains a real-time clock (RTC) that provides a RTC time to the REE. A RTC offset is stored in non-volatile memory, with the RTC offset indicating a difference between the RTC time and a protected reference (PR) time. Responsive to a request from the REE to read the RTC time, a current RTC time is returned to the REE. Responsive to a request from the REE to adjust the RTC time, the RTC time and the corresponding RTC offset are adjusted by a same amount, such that the PR time is not altered by the RTC adjustment. An exemplary computing device operable to implement the method is also disclosed.

Abstract: Systems and methods are provided for authenticating Internet Protocol (IP) Multimedia Subsystem (IMS) applications in a User Equipment (UE). A method includes: receiving a first Session Initiation Protocol (SIP) REGISTER message from an IMS application operating on the UE; transmitting a response message to the IMS application based on the received first SIP REGISTER message; receiving a second SIP REGISTER message from the IMS application operating on the UE; determining authentication for the IMS application based on the received second SIP REGISTER message from the IMS application operating on the UE; and based on the step of determining authentication for the IMS application, if the IMS application is authorized, then transmitting information associated with the first and second SIP REGISTER messages toward a SIP node or if the IMS application is unauthorized, then discarding data associated with the first and second SIP REGISTER messages.

Abstract: A composite customer ID (CCID) is stored in the OTP memory of integrated circuit chipsets used by a number of different customers. The CCID includes individual customer IDs (CIDs) at defined index positions, each corresponding to a different customer. Each chipset allows or disallows software booting, based reading a certificate index value from a given customer's certificate, reading an OTP CID from OTP, as pointed to the by certificate index value, and evaluating the OTP CID with a certificate CID read from the certificate. Thus, while CCID carries information for a plurality of customers, each customer's certificate points only to that customer's OTP CID, which can be changed to revoke that customer's certificate without revoking the other customers' certificates. The CCID also may include a version number, where the chipsets allow or disallow software booting based on evaluating the certificate version number in view of the CCID version number.

Abstract: An electronic device requires valid control keys to change any usage restriction setting. The device is provided control keys, a secret key, and a signed software object including a batch ID and a hash of the secret key. For each control key, the device generates a cryptographic footprint bound to the device and the secret key. A message authentication code (MAC) of each usage restriction setting is generated, the MAC bound to the device and a control key. To change a usage restriction, the device receives a control key, validates it against the stored footprint, changes the usage restriction settings, and generates a new usage restriction setting MAC. The control key footprints are bound to the secret key, but the device retains only a hash of the secret key.

Abstract: Methods and apparatus for verifying that an electronic device has been disabled are disclosed. An exemplary electronic device includes a communications interface, a secure memory, storing a secret key, and a cryptographic circuit configured to calculate a verification token from the secret key, using a first cryptographic operation. The cryptographic circuit is further configured to calculate an identification token from the verification token, using a second cryptographic operation. The cryptographic circuit is further configured to output the identification token in response to a first command received via the communications interface. The verification token is output to the communications interface only if a predetermined functionality of the electronic device has been disabled. The electronic device may further comprise a disabling circuit configured to disable the predetermined functionality in response to a disable command.

Abstract: A composite customer ID (CCID) is stored in the OTP memory of integrated circuit chipsets used by a number of different customers. The CCID includes individual customer IDs (CIDs) at defined index positions, each corresponding to a different customer. Each chipset allows or disallows software booting, based reading a certificate index value from a given customer's certificate, reading an OTP CID from OTP, as pointed to the by certificate index value, and evaluating the OTP CID with a certificate CID read from the certificate. Thus, while CCID carries information for a plurality of customers, each customer's certificate points only to that customer's OTP CID, which can be changed to revoke that customer's certificate without revoking the other customers' certificates. The CCID also may include a version number, where the chipsets allow or disallow software booting based on evaluating the certificate version number in view of the CCID version number.