Patents by Inventor Vesa Torvinen

Vesa Torvinen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9973925
    Abstract: A method, performed by a User Equipment device (UE), for obtaining a key for direct communication with a device over an air interface, wherein the UE has previously acquired a transaction identifier received from a Bootstrapping Server Function (BSF), in a Generic Bootstrapping Architecture (GBA), procedure, is provided. The method comprises storing the transaction identifier, sending the transaction identifier to the device and requesting key generation for direct communication with the device. If the transaction identifier is invalid, the method further comprises receiving from the device a device identifier and key generation information, deriving a session shared key from at least the key generation information, and deriving a direct communication key from at least the session shared key and the device identifier.
    Type: Grant
    Filed: August 17, 2015
    Date of Patent: May 15, 2018
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Vesa Lehtovirta, Katharina Pfeffer, Vesa Torvinen, Monica Wifvesson
  • Publication number: 20180131676
    Abstract: A device receives a privacy template from a network node. The device forms a temporary privacy mask using a time-varying value and the privacy template; and encrypts a code value using the temporary privacy mask. The device transmits the encrypted code value. A receiving device receives an encrypted code value, and forms a temporary privacy mask using a time-varying value and a privacy template that it has also received from a network node. The receiving device is then able to decrypt the code value using the temporary privacy mask. The code may identify an individual or a group, and may be protected using a privacy template that is specific to the individual or to the group.
    Type: Application
    Filed: February 4, 2016
    Publication date: May 10, 2018
    Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa TORVINEN, Vesa LEHTOVIRTA, Katharina PFEFFER, Monica WIFVESSON
  • Publication number: 20180115895
    Abstract: A method performed by a proximity service server is disclosed. The method comprises generating a ProSe query code and a ProSe response code, sending at least a the ProSe response code together with a first and a second discovery key to a first end device, and sending at least the first discovery key and the ProSe query code to a second end device, so that the second end device can securely discover the first end device over an air interface.
    Type: Application
    Filed: December 18, 2015
    Publication date: April 26, 2018
    Applicant: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Vesa LEHTOVIRTA, Katharina PFEFFER, Vesa TORVINEN, Monica WIFVESSON
  • Publication number: 20180070234
    Abstract: This relates to wireless communications, and in particular to the generation of keying material for security purposes. In particular, A method of performing authentication for a user terminal. The method comprises performing an Authentication and Key Agreement procedure for authenticating the user terminal in a cellular access network, wherein a core network of the cellular network comprises a Home Subscriber Server; determining in a Bootstrapping Server Function that the user terminal requires keying material for use outside the cellular access network. The method also comprises transferring authentication information directly from the Home Subscriber Server to the Bootstrapping Server Function; and generating session keys in the Bootstrapping Server Function using said authentication information, wherein said session keys are also generated in the user terminal.
    Type: Application
    Filed: April 13, 2015
    Publication date: March 8, 2018
    Inventors: Vesa Torvinen, Vesa Lehtovirta, Katharina Pfeffer, Patrik Teppo, Monica Wifvesson
  • Publication number: 20170195877
    Abstract: A method, performed by a User Equipment device (UE), for obtaining a key for direct communication with a device over an air interface, wherein the UE has previously acquired a transaction identifier received from a Bootstrapping Server Function (BSF), in a Generic Boot-strapping Architecture (GBA), procedure, is provided. The method comprises storing the transaction identifier, sending the transaction identifier to the device and requesting key generation for direct communication with the device. If the transaction identifier is invalid, the method further comprises receiving from the device a device identifier and key generation information, deriving a session shared key from at least the key generation information, and deriving a direct communication key from at least the session shared key and the device identifier.
    Type: Application
    Filed: August 17, 2015
    Publication date: July 6, 2017
    Inventors: Vesa LEHTOVIRTA, Katharina PFEFFER, Vesa TORVINEN, Monica WIFVESSON
  • Publication number: 20170164200
    Abstract: A method and arrangements for enabling authentication of a communication device is suggested, where a network node, capable of operating as an authentication server does not have to store all state related information relevant for a roundtrip of an authentication session. Instead of storing all this information, at least a part of it is provided to the authenticator or the communication unit, for later retrieval in a subsequent response. Based on the state related information provided in the response, the network node is capable of reproducing a state associated with a respective roundtrip. By repeating the mentioned process for a required number of roundtrips, an authentication session can be executed, where less state related information need to be stored at the mentioned network node.
    Type: Application
    Filed: December 7, 2015
    Publication date: June 8, 2017
    Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (publ)
    Inventors: Mats NÄSLUND, Elena DUBROVA, Karl NORRMAN, Vesa TORVINEN
  • Publication number: 20170055149
    Abstract: A method, performed by a User Equipment device, UE, for obtaining a key for direct communication with a device over an air interface, wherein the UE has previously acquired a transaction identifier received from a Bootstrapping Server Function, BSF, in a Generic Bootstrapping Architecture, GBA, procedure, is provided. The method comprises storing the transaction identifier, sending the transaction identifier to the device and requesting key generation for direct communication with the device. If the transaction identifier is invalid, the method further comprises receiving from the device a device identifier and key generation information, deriving a session shared key from at least the key generation information, and deriving a direct communication key from at least the session shared key and the device identifier.
    Type: Application
    Filed: November 20, 2015
    Publication date: February 23, 2017
    Inventors: Vesa Lehtovirta, Katharina Pfeffer, Vesa Torvinen, Monica Wifvesson
  • Patent number: 7424284
    Abstract: A method of authenticating a user access network to a mobile node, where the mobile node wishes to access a service via the access network, the method comprising: establishing a secure transport channel between the mobile node and a service access node of the visited network, said channel being bound to an identity of the service access node; sending an authorization request from the mobile node to the service access node, incorporating an identity of the service access node into the request at the service access node, and forwarding the request to an authorization node of the user's home network; at said authorization node of the home network, authorizing the service access node, and sending to the service access node a user challenge including the identity of the service access node, said identity being included in such a way that a change to the identity can be detected by a recipient; at the serving access node, forwarding the received user challenge to the mobile node; and at the mobile node verifying
    Type: Grant
    Filed: November 2, 2005
    Date of Patent: September 9, 2008
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Vesa Torvinen, Bengt Sahlin, Jani Hautakorpi
  • Publication number: 20070005730
    Abstract: A method of generating a password for use by an end-user device (UE) (101) to access a remote server (103) comprises sending a request for access from the UE to the remote server, and sending to an authentication node (105) in the UE's home network (104) details of the request for access and the identity of the remote server. A HTTP Digest challenge is generated at the authentication node or the remote server using an algorithm capable of generating end-user passwords. The challenge includes details of the identity of the remote server and the identity of the UE. A password is generated and stored at the UE (101) based on the HTTP Digest challenge, the password being associated with the identity of the remote server (103) and the identity of the UE (101).
    Type: Application
    Filed: June 24, 2004
    Publication date: January 4, 2007
    Inventors: Vesa Torvinen, Monica Wifvesson, Alfredo Plaza
  • Publication number: 20060155995
    Abstract: A method of authenticating a user access network to a mobile node, where the mobile node wishes to access a service via the access network, the method comprising: establishing a secure transport channel between the mobile node and a service access node of the visited network, said channel being bound to an identity of the service access node; sending an authorisation request from the mobile node to the service access node, incorporating an identity of the service access node into the request at the service access node, and forwarding the request to an authorisation node of the user's home network; at said authorisation node of the home network, authorising the service access node, and sending to the service access node a user challenge including the identity of the service access node, said identity being included in such a way that a change to the identity can be detected by a recipient; at the serving access node, forwarding the received user challenge to the mobile node; and at the mobile node verifying wh
    Type: Application
    Filed: November 2, 2005
    Publication date: July 13, 2006
    Applicant: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Vesa Torvinen, Bengt Sahlin, Jani Hautakorpi