Method and system for user authentication are described. The method comprises receiving an authentication code from an application server seeking authentication of the user. Further, a private key of the user is computed in real time based on a user identity (ID) of the user and a master secret key of the PKG. The method further comprises, ascertaining a verification code based on the private key of the user and a verification timestamp, wherein the verification timestamp indicates a time at which the ascertaining of the verification code was initiated. Further, the authentication code is compared with the verification code. Further, the method comprises authenticating the user based on the comparison.

A communication method includes receiving by a SGSN a context request message from a mobility management entity (MME), obtaining by the SGSN an authentication vector-related key, and calculating by the SGSN a root key according to the authentication vector-related key. In addition, the method further includes sending by the SGSN a context response message including the root key to the MME, wherein the MME derives a NAS protection key according to the root key.

Embodiments of the invention relate to methods of generating and using an image-based derived key. In various embodiments, the image-based derived key may be used to facilitate user authentication and data encryption. For some embodiments, a method is disclosed comprising determining an image-based derived key, wherein the image-based derived key is generated from a selection of authentication images chosen by a user, encrypting data using the image-based derived key, and transmitting the encrypted data.

A method of establishing a group trust relationship in an Internet of Things (IoT) system using a first IoT device within a group of IoT devices is provided. The method includes generating, by the first IoT device, a first set of keys corresponding to the first IoT device, deriving, by the first IoT device, a group set of keys corresponding the group of IoT devices, and discarding the first set of keys and storing the group set of keys after the first IoT device transmits data toward a base station and goes idle, wherein the group set of keys is used by each IoT device within the group of IoT devices for subsequent transmissions of data to the base station.

A User Equipment (UE) device or network system facilitates a Circuit Switched Fallback (CSFB) procedure to enable fallback from a Long Term Evolution (LTE) network to a circuit switched domain network. A network device or a UE can operate to skill skip an authentication procedure during CSFB procedures and shorten a call setup time. A key access security management entity (K.sub.ASME) is acquired. An extended service request message is communicated, or received, to originate the CSFB process from a first network of a first network device to a second network of a second network device in response to a mobile originating call or a mobile terminating call. A plurality of circuit switched (CS) key parameters is derived from the K.sub.ASME, and the CSFB procedure is generated based on the plurality of CS key parameters.

A system and method for electronic payment that involves generating and then using a temporary token based on a legacy PAN (Primary Account Number) to conduct an electronic transaction. The token is generated by transforming the PAN using specific inputs such that the original PAN can be recovered by manipulating the token in various ways as disclosed herein. One potential manipulation that may be used is encryption/decryption. The token is transmitted to a portable electronic device such that the portable electronic device may present the token to a point-of-sale device. The POS communicates the token to a server which validates the token by, among other things, recovering the PAN. If the PAN is recovered as expected a validation message is returned to the POS device.

Providing an encrypted search index for performing searches on encrypted documents, the method comprising: (i) providing a set of documents, the documents comprising a plurality of unencrypted phrases; (ii) providing a master key; (iii) providing, based on the master key, for each phrase a set of encryption keys comprising one or more encryption keys; (iv) selecting, for each phrase, one encryption key of the set of encryption keys; (v) encrypting each phrase with the selected encryption key; and (vi) building an index based on the encrypted phrases, the index comprising information regarding which encrypted phrase is comprised within a certain document.

Providing an encrypted search index for performing searches on encrypted documents, the method comprising: (i) providing a set of documents, the documents comprising a plurality of unencrypted phrases; (ii) providing a master key; (iii) providing, based on the master key, for each phrase a set of encryption keys comprising one or more encryption keys; (iv) selecting, for each phrase, one encryption key of the set of encryption keys; (v) encrypting each phrase with the selected encryption key; and (vi) building an index based on the encrypted phrases, the index comprising information regarding which encrypted phrase is comprised within a certain document.

A method (300) for registering with a serving network (104). The method is performed by a UE (102). The method includes the UE transmitting (s302) to the serving network (104) a message (212) indicating a UE capability that is relevant for a home network (106), wherein the 5 serving network (104) is configured to send to the home network (106) a message (216) indicating the UE capability.

Systems and methods for secure electronic data transfer utilizing an ephemeral key for encryption and decryption of data.