Apple Inc.
IDENTITY-BASED MESSAGE INTEGRITY PROTECTION AND VERIFICATION FOR WIRELESS COMMUNICATION

Abstract:

Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PK.sub.ID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PK.sub.PKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SK.sub.ID obtained from the PKG server, which generates the identity-based private key SK.sub.ID using (i) the ID value of the network entity and (ii) a private key SK.sub.PKG that is known only by the PKG server and corresponds to the public key PK.sub.PKG.