Patents by Inventor Seok-Heon Cho

Seok-Heon Cho has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 8656480
    Abstract: The present invention relates to a subscriber station security-related parameter negotiation method in a wireless portable Internet system. The subscriber station security-related parameter negotiation method includes security-related parameters in transmitting/receiving basic capability negotiation request messages and basic capability negotiation response messages such that the subscriber station and the base station negotiate the subscriber station security-related parameters. The security-related parameters include an authorization policy support subfield used to negotiate an authorization policy between the subscriber station and the base station, and message authentication code mode subfields used to negotiate a message authentication code mode.
    Type: Grant
    Filed: February 14, 2006
    Date of Patent: February 18, 2014
    Assignees: Samsung Electronics Co., Ltd, Electronics and Telecommunications Research Institute, KT Corporation, SK Telecom Co., Ltd, Hanaro Telecom., Inc.
    Inventors: Seok-Heon Cho, Tae-Yong Lee, Sun-Hwa Lim, Chul-Sik Yoon, Jun-Hyuk Song, Ji-Cheol Lee, Yong Chang
  • Patent number: 8644233
    Abstract: A terminal transmits control information to a base station by using a periodically allocated dedicated channel. In further detail, the terminal checks control information that needs to be transmitted, detects a priority of the checked control information, and selects control information to be transmitted to the base station based on the detected priority. The terminal forms a PDU by multiplexing the selected control information, and transmits the PDU to the base station.
    Type: Grant
    Filed: May 6, 2009
    Date of Patent: February 4, 2014
    Assignees: Samsung Electronics Co., Ltd., Electronics and Telecommunications Research Institute
    Inventors: Sung Cheol Chang, Kwang Jae Lim, Sung Kyung Kim, Seok Heon Cho, Chul Sik Yoon
  • Patent number: 8615218
    Abstract: Disclosed are a method for requesting, generating and distributing a service-specific traffic encryption key in a wireless portable Internet system, an apparatus for the same, and a protocol configuration method for the same. In the present invention, a subscriber station sends a Key Request message for requesting a service-specific traffic encryption key to the base station using a PKM-REQ MAC message, and a base station analyzes the Key Request message to generate the requested service-specific traffic encryption key. Subsequently, the base station sends a Key Reply message, including the generated service-specific traffic encryption key, to the subscriber station using a PKM-RSP MAC message. If the base station fails to generate the key, the base station sends a Key Reject message, including a reason for the failure, to the subscriber station.
    Type: Grant
    Filed: December 8, 2004
    Date of Patent: December 24, 2013
    Assignees: Electronics and Telecommunications Research Institute, Samsung Electronics Co., Ltd., KT Corporation, SK Telecom Co., Ltd, KTFreetel Co., Ltd, Hanaro Telecom., Inc.
    Inventors: Seok-Heon Cho, Ae-Soon Park, Chul-Sik Yoon, Kyung-Soo Kim, Jee Hwan Ahn
  • Patent number: 8479270
    Abstract: A method and authentication apparatus for sharing information for identifying an Authorization Key (AK) with a Base Station (BS) in a subscriber station are provided. The method includes, in the subscriber station, sharing a root key with the BS by performing an authentication with the BS, sharing an AK derived from the root key with the BS, sharing an AK sequence number of the AK with the BS, and sharing an AK Identifier (AKID) of the AK with the BS. The AK sequence number is generated by a sequence number of the root key. The AKID is generated by a parameter including the AK, the AK sequence number, a Medium Access Control (MAC) address of the subscriber station, and a BS Identifier (BSID) of the BS.
    Type: Grant
    Filed: June 7, 2011
    Date of Patent: July 2, 2013
    Assignees: Samsung Electronics Co., Ltd., Electronics and Telecommunications Research Institute, KT Corporation, SK Telecom Co., Ltd., Hanaro Telecom, Inc.
    Inventors: Seok-Heon Cho, Sung-Cheol Chang, Chul-Sik Yoon
  • Patent number: 8397071
    Abstract: The present invention relates to an authorization key generating method and an authorization key updating method in a mobile communication system. A terminal and a base station generate an authorization key by using a terminal random value and a base station random value that are exchanged in an authorization key generating procedure as input data. In addition, a lifetime of an authorization key is established to be shorter than a lifetime of a root key, and the authorization key is updated with an updating period that is shorter than that of the root period.
    Type: Grant
    Filed: June 8, 2009
    Date of Patent: March 12, 2013
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Seok-Heon Cho, Chul-Sik Yoon
  • Patent number: 8160254
    Abstract: The present invention relates to a method for managing a group traffic encryption key (GTEK) in a wireless portable Internet system. In the method, for higher security of a group traffic service such as a multicast service, a broadcast service, and a multicast-broadcast service (MBS), a base station periodically generates and distributes a GTEK to a subscriber station served with the group traffic service. A lifetime of a group key encryption key (GKEK) used for encrypting a GTEK is set greater than that of the GTEK. That is, the GKEK is updated once while the GTEK is updated several times. According to the present invention, security for the group traffic service is increased while reducing radio resource consumption.
    Type: Grant
    Filed: June 9, 2006
    Date of Patent: April 17, 2012
    Assignees: Samsung Electronics Co., Ltd., Electronics and Telecommunications Research Institute, KT Corporation, SK Telecom Co., Ltd., Hanaro Telecom, Inc.
    Inventors: Seok-Heon Cho, Chul-Sik Yoon
  • Patent number: 8140054
    Abstract: Disclosed are a subscriber station authentication method, a protocol configuration method, and a device thereof in a wireless portable Internet system. In the subscriber station authentication method, an authentication mode between a subscriber station (10) and a base station (20) is negotiated, and the authentication mode is negotiated by the base station (20) according to the authentication mode negotiation. The authentication modes include an authentication mode based on the IEEE 802.16 privacy standard protocol and an authentication mode based on the standardized authentication protocol of the upper layer. Authentication is performed by the base station (10) in the case of the authentication mode based on the IEEE 802.16 privacy standard protocol, and the authentication is performed through message transmission using a diameter protocol between a base station (10) and an authentication server (40) in the case of the authentication mode based on the standardized authentication protocol of the upper layer.
    Type: Grant
    Filed: October 29, 2004
    Date of Patent: March 20, 2012
    Assignees: Electronics and Telecommunications Research Institute, Samsung Electronics Co., Ltd., KT Corporation, SK Telecom Co., Ltd., KTFreetel Co., Ltd., Hanaro Telecom., Inc.
    Inventors: Ae-Soon Park, Seok-Heon Cho, Sun-Hwa Lim, Yeong-Jin Kim, Jee-Hwan Ahn
  • Publication number: 20110261960
    Abstract: A method and authentication apparatus for sharing information for identifying an Authorization Key (AK) with a Base Station (BS) in a subscriber station are provided. The method includes, in the subscriber station, sharing a root key with the BS by performing an authentication with the BS, sharing an AK derived from the root key with the BS, sharing an AK sequence number of the AK with the BS, and sharing an AK Identifier (AKID) of the AK with the BS. The AK sequence number is generated by a sequence number of the root key. The AKID is generated by a parameter including the AK, the AK sequence number, a Medium Access Control (MAC) address of the subscriber station, and a BS Identifier (BSID) of the BS.
    Type: Application
    Filed: June 7, 2011
    Publication date: October 27, 2011
    Applicants: SAMSUNG ELECTRONICS CO. LTD., Electronics and Telecommunications Research Institute, HANARO TELECOM, INC., SK TELECOM CO., LTD, KT CORPORATION
    Inventors: Seok-Heon CHO, Sung-Cheol CHANG, Chul-Sik YOON
  • Patent number: 7978855
    Abstract: The present invention relates to a method for allocating an authorization key identifier in a wireless portable Internet system. In a privacy key management version 2 (PKMv2) of the wireless portable Internet system, a base station generates PAK identifier, PMK identifier, and authorization key identifier for distinguishing a primary authorization key (PAK) shared by the base station and the subscriber station in an RSA-based authorization, a pairwise master key (PMK) shared by the base station and the subscriber station in an EAP-based authorization, and authorization keys generated by the PAK and the PMK. The base station transmits PAK identifier, PMK identifier, and authorization key identifier to the subscriber station and shares them with the subscriber station. Therefore, the base station and the subscriber station may easily distinguish more than 2 authorization-related keys.
    Type: Grant
    Filed: October 27, 2005
    Date of Patent: July 12, 2011
    Assignees: Samsung Electronics Co., Ltd., Electronics and Telecommunications Research Institute, KT Corporation, SK Telecom Co., Ltd., Hanaro Telecom, Inc.
    Inventors: Seok-Heon Cho, Sung-Cheol Chang, Chul-Sik Yoon
  • Publication number: 20110064053
    Abstract: The present invention relates to a handover management method that can reduce a service interruption time due to handover of a mobile station in a wideband wireless access system. A handover management method according to an exemplary embodiment of the present invention includes receiving a handover request message from a serving base station, transmitting a handover response message that includes a basic channel identifier to be allocated to a mobile station, receiving a ranging request message from the mobile station using the basic channel identifier, and using the basic channel identifier to start uplink/downlink communication with the mobile station.
    Type: Application
    Filed: August 29, 2008
    Publication date: March 17, 2011
    Inventors: Jae Sun Cha, Chul Sik Yoon, Seok Heon Cho
  • Patent number: 7907733
    Abstract: Disclosed is a traffic encryption key (TEK) management method for automatically generating a TEK for a multicast or broadcast service by a base station to periodically update a TEK used by a subscriber station. The base station transmits the first Key Update Command message for updating a group key encryption key (GKEK) for encrypting the TEK and the second Key Update Command message for updating the TEK to the subscriber station to update the TEK. The base station establishes an M & B TEK Grace Time which is different from a TEK Grace Time established by the subscriber station, transmits the first message including a new GKEK to the subscriber station through a primary management connection before the M & B TEK Grace Time, and transmits the second message including a new TEK encrypted with the new GKEK thereto through a broadcast connection after the M & B TEK Grace Time.
    Type: Grant
    Filed: March 4, 2005
    Date of Patent: March 15, 2011
    Assignees: Electronics and Telecommunications Research Institute, Samsung Electronics Co., Ltd., KT Corporation, SK Telecom Co., Ltd., KTFreetel Co., Ltd., Hanaro Telecom. Inc.
    Inventors: Seok-Heon Cho, Sung-Cheol Chang, Chul-Sik Yoon
  • Publication number: 20110044281
    Abstract: A terminal transmits control information to a base station by using a periodically allocated dedicated channel. In further detail, the terminal checks control information that needs to be transmitted, detects a priority of the checked control information, and selects control information to be transmitted to the base station based on the detected priority. The terminal forms a PDU by multiplexing the selected control information, and transmits the PDU to the base station.
    Type: Application
    Filed: May 6, 2009
    Publication date: February 24, 2011
    Applicant: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Sung Cheol Chang, Kwang Jae Lim, Sung Kyung Kim, Seok Heon Cho, Chul Sik Yoon
  • Publication number: 20100161958
    Abstract: The present invention relates to a device for performing a security function in a medium access control (MAC) layer in a wireless portable Internet system and an authentication method thereof. In the wireless portable Internet system including a physical layer and the MAC layer, a security sublayer (i.e., the device for performing the security function in the MAC layer) is provided on an MAC common part sublayer. The security sublayer includes a privacy key management (PKM) control management module, a traffic data encryption/authentication module, a control message processing module, a message authentication module, a Rivest Shamir Adleman (RSA)-based authentication module, an authentication control/security association (SA) control module, and an extensible authentication protocol (EAP) encapsulation/decapsulation module.
    Type: Application
    Filed: October 27, 2005
    Publication date: June 24, 2010
    Inventors: Seok-Heon Cho, Tae-Yong Lee, Jae-Sun Cha, Chul-Sik Yoon
  • Publication number: 20090240944
    Abstract: The present invention relates to an authorization key generating method and an authorization key updating method in a mobile communication system. A terminal and a base station generate an authorization key by using a terminal random value and a base station random value that are exchanged in an authorization key generating procedure as input data. In addition, a lifetime of an authorization key is established to be shorter than a lifetime of a root key, and the authorization key is updated with an updating period that is shorter than that of the root period.
    Type: Application
    Filed: June 8, 2009
    Publication date: September 24, 2009
    Applicant: Electronics and Telecommunications Research Institute
    Inventors: Seok-Heon Cho, Chul-Sik Yoon
  • Publication number: 20090235075
    Abstract: The present invention relates to a method for managing a group traffic encryption key (GTEK) in a wireless portable Internet system. In the method, for higher security of a group traffic service such as a multicast service, a broadcast service, and a multicast-broadcast service (MBS), a base station periodically generates and distributes a GTEK to a subscriber station served with the group traffic service. A lifetime of a group key encryption key (GKEK) used for encrypting a GTEK is set greater than that of the GTEK. That is, the GKEK is updated once while the GTEK is updated several times. According to the present invention, security for the group traffic service is increased while reducing radio resource consumption.
    Type: Application
    Filed: June 9, 2006
    Publication date: September 17, 2009
    Inventors: Seok-Heon Cho, Chul-Sik Yoon
  • Publication number: 20090164788
    Abstract: The present invention relates to a method of generating an authorization key for a wireless communication system. In the wireless communication system, when an authorization key is generated after authentication between a subscriber station and base station is successfully performed, the authorization key is generated using a value indicating the number of generation times of the authorization key. Subsequently, the subscriber station and the base station confirm through a predetermined procedure whether or not they share the same authorization key and the same number of generation times of the authorization key. According to such a method of generating an authorization key, an authentication function for messages to be transmitted and received between the subscriber station and the base station can be efficiently supported. Further, replay attacks by malignant users can be powerfully protected against.
    Type: Application
    Filed: April 19, 2007
    Publication date: June 25, 2009
    Inventors: Seok-Heon Cho, Sung-Cheol Chang, Chul-Sik Yoon
  • Publication number: 20090119509
    Abstract: The present invention relates to a subscriber station security-related parameter negotiation method in a wireless portable Internet system. The subscriber station security-related parameter negotiation method includes security-related parameters in transmitting/receiving basic capability negotiation request messages and basic capability negotiation response messages such that the subscriber station and the base station negotiate the subscriber station security-related parameters. The security-related parameters include an authorization policy support subfield used to negotiate an authorization policy between the subscriber station and the base station, and message authentication code mode subfields used to negotiate a message authentication code mode.
    Type: Application
    Filed: February 14, 2006
    Publication date: May 7, 2009
    Inventors: Seok-Heon Cho, Tae-Yong Lee, Sun-Hwa Lim, Chul-Sik Yoon, Jun-Hyuk Song, Ji-Cheol Lee, Yong Chang
  • Publication number: 20090019284
    Abstract: An authentication method and authorization key generation method in a wireless portable Internet system is provided. In a wireless portable Internet system, the base station and the subscriber station share an authorization key when an authentication process is performed according to a predetermined authentication method negotiated therebetween. Particularly, the subscriber station and the base station perform an additional authentication process including an authorization key-related parameter and a security-related parameter and exchanges a security algorithm and SA (Security Association) information. In addition, an authorization key is derived from one or more basic key obtained through various authentication processes as an input key of an authorization key generation algorithm. Therefore, reliability of a security related parameter received from the receiving node can be enhanced and an authorization key having a hierarchical and secure structure can be provided.
    Type: Application
    Filed: March 9, 2006
    Publication date: January 15, 2009
    Applicants: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTIT, SAMSUNG ELECTRINICS CO., LTD., KT CORPORATION, SK TELECOM CO., LTD., HANARO TELECOM, INC.
    Inventors: Seok-Heon Cho, Sung-Cheol Chang, Chul-Sik Yoon
  • Publication number: 20080192931
    Abstract: The present invention relates to a method for allocating an authorization key identifier in a wireless portable Internet system. In a privacy key management version 2 (PKMv2) of the wireless portable Internet system, a base station generates PAK identifier, PMK identifier, and authorization key identifier for distinguishing a primary authorization key (PAK) shared by the base station and the subscriber station in an RSA-based authorization, a pairwise master key (PMK) shared by the base station and the subscriber station in an EAP-based authorization, and authorization keys generated by the PAK and the PMK. The base station transmits PAK identifier, PMK identifier, and authorization key identifier to the subscriber station and shares them with the subscriber station. Therefore, the base station and the subscriber station may easily distinguish more than 2 authorization-related keys.
    Type: Application
    Filed: October 27, 2005
    Publication date: August 14, 2008
    Inventors: Seok-Heon Cho, Sung-Cheol Chang, Chul-Sik Yoon
  • Publication number: 20080170691
    Abstract: The present invention relates to encryption and decryption apparatuses in a wireless portable Internet system, and a method thereof. In the wireless portable Internet system, a subscriber station and a base station share an encryption during key distribution, and a message is encrypted with the encryption key and transmitted. In this case, a first initial vector is generated for encryption based on information shared by the subscriber station and the base station in a wireless channel, and the message is encrypted with the first initial vector and the encryption key and is then transmitted. In addition, a second initial vector for decryption is generated based on information shared by the subscriber station and the base station in the wireless channel, and the encrypted message is decrypted with the second initial vector and the encryption key. Herein, the first initial vector corresponds to the second initial vector.
    Type: Application
    Filed: March 10, 2006
    Publication date: July 17, 2008
    Inventors: Sung-Cheol Chang, Jae-Sun Cha, Seok-Heon Cho, Chul-Sik Yoon