Verification of cell authenticity in a wireless network using a system query

US 10,200,861 B2
Filed: 12/19/2016
Issued: 02/05/2019
Est. Priority Date: 10/28/2016
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

an antenna;

a radio-frequency (RF) transceiver coupled to the antenna and configured to wirelessly transmit and receive RF signals via the antenna; and

a processor coupled to the RF transceiver and configured to;

generate a system query including a first nonce;

cause the system query to comprise a request to include a set of GPS coordinates in a corresponding acknowledgement;

operate the RF transceiver to transmit a first RF signal having encoded thereon the system query, the first RF signal being directed to a base station; and

process the corresponding acknowledgement encoded onto a second RF signal received by the RF transceiver in response to the first RF signal to test authenticity of the base station, the test of authenticity being performed using the first nonce and the set of GPS coordinates; and

wherein the antenna, the RF transceiver, and the processor are parts of a mobile terminal.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

We disclose various embodiments that enable a mobile terminal to authenticate a base station before the mobile terminal proceeds to attach to the corresponding network and/or camp on the corresponding cell, e.g., during the initial network selection and attachment or during an idle mode. In an example embodiment, the authentication processing includes the mobile terminal generating and sending to a candidate base station a system query with a nonce. The candidate base station is deemed to be authentic only if the acknowledgement generated and transmitted in response to the system query includes a copy of the nonce properly signed by a digital signature generated using one or more security keys. In some embodiments, the system query may also include a request for GPS coordinates and/or selected system information signed using a digital signature, which the mobile terminal may beneficially use to further strengthen the protection against a spoofing attack.

31 Citations

View as Search Results

15 Claims

1. An apparatus comprising:
- an antenna;
  
  a radio-frequency (RF) transceiver coupled to the antenna and configured to wirelessly transmit and receive RF signals via the antenna; and
  
  a processor coupled to the RF transceiver and configured to;
  
  generate a system query including a first nonce;
  
  cause the system query to comprise a request to include a set of GPS coordinates in a corresponding acknowledgement;
  
  operate the RF transceiver to transmit a first RF signal having encoded thereon the system query, the first RF signal being directed to a base station; and
  
  process the corresponding acknowledgement encoded onto a second RF signal received by the RF transceiver in response to the first RF signal to test authenticity of the base station, the test of authenticity being performed using the first nonce and the set of GPS coordinates; and
  
  wherein the antenna, the RF transceiver, and the processor are parts of a mobile terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus of claim 1, wherein the processor is further configured to:
    - determine validity of a first digital signature included in the corresponding acknowledgement using a first security key; and
      
      compare a second nonce and the first nonce, the second nonce being a nonce included in the corresponding acknowledgement.
  - 3. The apparatus of claim 2, wherein the processor is further configured to determine validity of a second digital signature included in the corresponding acknowledgement using a second security key.
  - 4. The apparatus of claim 3, wherein the second security key is included in the corresponding acknowledgement.
  - 5. The apparatus of claim 1, wherein the processor is further configured to cause the request to include, in the corresponding acknowledgement,indication of support or non-support for one or more of selected operational features signed using a verifiable digital signature.
  - 6. The apparatus of claim 1, wherein the processor is further configured to:
    - read the set of GPS coordinates included in the corresponding acknowledgement.
  - 7. The apparatus of claim 1, wherein the processor is further configured to:
    - read at least one of (i) selected system information and (ii) indication of support or non-support for one or more of selected operational features included in the corresponding acknowledgement, the selected system information and the indication having been signed using a digital signature; and
      
      test authenticity of the base station using the digital signature.
  - 8. The apparatus of claim 1,wherein the mobile terminal is configured to camp on a cell corresponding to the base station in response to the test of authenticity confirming the authenticity of the base station.

9. An apparatus comprising:
- an antenna;
  
  a radio-frequency (RF) transceiver coupled to the antenna and configured to wirelessly transmit and receive RF signals via the antenna; and
  
  a processor coupled to the RF transceiver and configured to;
  
  generate an acknowledgement in response to a first RF signal received by the RF transceiver from a mobile terminal, the first RF signal having encoded thereon a system query including a nonce, the acknowledgement including a copy of the nonce;
  
  operate the RF transceiver to transmit a second RF signal having encoded thereon the acknowledgement, the second RF signal being directed to the mobile terminal; and
  
  include in the acknowledgement;
  
  a first security key; and
  
  a first digital signature generated using a second security key, the first digital signature signing the first security key; and
  
  a second digital signature generated using a third security key, the second digital signature signing the copy of the nonce, the first security key, and the first digital signature.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The apparatus of claim 9, wherein the processor is further configured to include in the acknowledgement one or more of the following:
    - a set of GPS coordinates when the system query comprises a request for the set of GPS coordinates;
      
      selected system information signed using a digital signature when the system query comprises a request for the selected system information; and
      
      indication of support or non-support for one or more of selected operational features signed using a digital signature when the system query comprises a request for the indication.
  - 11. The apparatus of claim 10, wherein the processor is further configured to generate the digital signature in a manner that enables the mobile terminal to verify the digital signature by processing the acknowledgement.
  - 12. The apparatus of claim 9, wherein the antenna, the RF transceiver, and the processor are parts of a base station capable of serving the mobile terminal using the RF signals.
  - 13. The apparatus of claim 9,wherein the antenna and the RF transceiver are parts of a base station connected to a network core and capable of serving the mobile terminal using the RF signals;
    - andwherein the processor is a part of the network core.
  - 14. The apparatus of claim 13,wherein the base station is configured to relay the system query to the network core;
    - andwherein the base station is configured to transmit the second RF signal in response to a control message received from the network core, the control message including the acknowledgement.

15. A method of making a network node, the method comprising:
- coupling an antenna to a radio-frequency (RF) transceiver configured to wirelessly transmit and receive RF signals via the antenna; and
  
  coupling a processor to the RF transceiver, the processor being configured to;
  
  generate an acknowledgement in response to a first RF signal received by the RF transceiver from a mobile terminal, the first RF signal having encoded thereon a system query including a nonce, the acknowledgement including a copy of the nonce;
  
  operate the RF transceiver to transmit a second RF signal having encoded thereon the acknowledgement, the second RF signal being directed to the mobile terminal; and
  
  include in the acknowledgement;
  
  a first security key;
  
  a first digital signature generated using a second security key, the first digital signature signing the first security key; and
  
  a second digital signature generated using a third security key, the second digital signature signing the copy of the nonce, the first security key, and the first digital signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia of America Corporation (Nokia Corporation)
Original Assignee
Nokia of America Corporation (Nokia Corporation)
Inventors
Nair, Suresh P., Mizikovsky, Semyon
Primary Examiner(s)
Mapa, Michael Y

Application Number

US15/383,715
Publication Number

US 20180124602A1
Time in Patent Office

778 Days
Field of Search

455410-411, 4554141-4143, 455434, 4554351, 726 3, 726 22, 713168
US Class Current
CPC Class Codes

H01Q 1/243   with built-in antennas

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/122   Counter-measures against at...

H04W 12/63   Location-dependent; Proximi...

H04W 4/025   using location based inform...

H04W 48/20   Selecting an access point

H04W 72/20   Control channels or signall...

H04W 88/02   Terminal devices

Verification of cell authenticity in a wireless network using a system query

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Verification of cell authenticity in a wireless network using a system query

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links