Arranging data ciphering in a wireless telecommunication system

US 20020009199A1
Filed: 06/29/2001
Published: 01/24/2002
Est. Priority Date: 06/30/2000
Status: Active Grant

First Claim

Patent Images

1. A method for arranging data ciphering in a telecommunication system having at least one wireless terminal, a wireless local area network and a public land mobile network, the method comprising:

offering an identifier for the terminal and a specific secret key for the identifier, the secret key also being stored in the mobile network, arranging data transmission between the mobile network and the terminal through the wireless local area network, sending the terminal identifier from the terminal to the mobile network, calculating in the mobile network at least one first ciphering key according to the mobile network using the secret key specific for the identifier and a challenge code selected for the first ciphering key, sending at least one challenge code to the terminal, calculating in the terminal at least one first ciphering key according to the mobile network using the secret key and at least one challenge code, calculating a second ciphering key in the terminal and in the mobile network using said at least one first ciphering key, sending said second ciphering key from the mobile network to the wireless local area network, and ciphering the data between the terminal and the network in the terminal and in the wireless local area network using said second ciphering key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Arranging data ciphering in a telecommunication system comprising at least one wireless terminal, a wireless local area network and a public land mobile network. At least one first ciphering key according to the mobile network is calculated in the mobile network and in the terminal for a terminal identifier using a specific secret key for the identifier. Data transmission between the mobile network and the terminal is carried out through the wireless local area network. A second ciphering key is calculated in the terminal and in the mobile network using said at least one first ciphering key. The second ciphering key is sent from the mobile network to the wireless local area network. The data between the terminal and the network is ciphered using said second ciphering key.

218 Citations

15 Claims

1. A method for arranging data ciphering in a telecommunication system having at least one wireless terminal, a wireless local area network and a public land mobile network, the method comprising:
- offering an identifier for the terminal and a specific secret key for the identifier, the secret key also being stored in the mobile network, arranging data transmission between the mobile network and the terminal through the wireless local area network, sending the terminal identifier from the terminal to the mobile network, calculating in the mobile network at least one first ciphering key according to the mobile network using the secret key specific for the identifier and a challenge code selected for the first ciphering key, sending at least one challenge code to the terminal, calculating in the terminal at least one first ciphering key according to the mobile network using the secret key and at least one challenge code, calculating a second ciphering key in the terminal and in the mobile network using said at least one first ciphering key, sending said second ciphering key from the mobile network to the wireless local area network, and ciphering the data between the terminal and the network in the terminal and in the wireless local area network using said second ciphering key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method of claim 1, further comprising:
    - calculating at least one authentication response according to the mobile network in the terminal and in the mobile network on the basis of at least one challenge code and the secret key, calculating a check response in the terminal on the basis of at least one authentication response and the first ciphering key, sending the check response to the mobile network, calculating the check response in the mobile network on the basis of at least one authentication response and at least one first ciphering key, comparing the check response sent by the terminal with the check response calculated by the mobile network, and sending said second ciphering key from the mobile network to the wireless local area network in response to the fact that the check response sent by the terminal correspond with the check response calculated by the mobile network.
  - 3. A method of claim 1, further comprising:
    - sending a protection code from the terminal to the mobile network, calculating a check sum in the mobile network using the protection code and at least one first ciphering key, sending the check sum to the terminal, checking the check sum in the terminal, and calculating said second ciphering key in the terminal in response to the check sum being a correct one.
  - 4. A method of claim 1, further comprising:
    - sending said second ciphering key to the access point of the wireless local area network, the access point offering a wireless connection for the terminal, sending a request from the access point to the terminal concerning the use of a WEP algorithm, and enciphering the data to be sent in the access point and in the terminal and deciphering the received data using the WEP algorithm and said second ciphering key.
  - 5. A method of claim 4, further comprising:
    - feeding said second ciphering key and an initialization vector into a WEP pseudorandom number generator providing a key sequence, enciphering the data to be sent by performing an XOR operation for the plain text and the key sequence, and deciphering the received data by performing the XOR operation for the ciphered data and the key sequence.
  - 6. A method of claim 1, wherein the terminal comprises a subscriber identity module SIM of the GSM system, the wireless local area network supports IEEE802.11 standard, and the mobile network supports GSM standard.
  - 7. A method of claim 1, further comprising:
    - calculating said second ciphering key by performing a hash function for at least a part of the following parameters;
      
      at least one first ciphering key, at least one challenge code, a subscriber identifier and the protection code calculated by the terminal.

8. A telecommunication system comprising at least one wireless terminal, a wireless local area network and a public land mobile network, wherein the mobile network comprises first calculation means for calculating at least one first ciphering key according to the mobile network using a secret key according to an identifier sent by the terminal and a challenge code selected for the first ciphering key, means for sending at least one challenge code for the terminal, second calculation means for calculating a second ciphering key using said at least one first ciphering key and means for sending said second ciphering key to the wireless local area network, the terminal comprises an identity module for calculating at least one first ciphering key according to the mobile network using the secret key stored in the identity module and at least one challenge code, second calculation means for calculating a second ciphering key using said at least one first ciphering key and ciphering means for enciphering/deciphering the data between the terminal and the wireless local area network using said second ciphering key. the wireless local area network comprises means for carrying out data transmission between the mobile network and the terminal and ciphering means for enciphering/deciphering the data between the terminal and the wireless local area network using said second ciphering key.
- View Dependent Claims (9, 10)
- - 9. A telecommunication system of claim 8, wherein the identity module of the terminal and the first calculation means of the mobile network are configured to calculate at least one authentication response according to the mobile network on the basis of the challenge code and the secret key, the second calculation means of the terminal are configured to calculate a check response on the basis of at least one authentication response and at least one first ciphering key, the terminal further comprises means for sending the check response to the mobile network, the second calculation means of the mobile network are configured to calculate the check response on the basis of at least one authentication response and the first ciphering key, the second calculation means of the mobile network are configured to compare the check response sent by the terminal with the check response calculated thereby, and the second calculation means of the mobile network are configured to send said second ciphering key from the mobile network to the wireless local area network in response to the fact that the check response sent by the terminal corresponds with the check response calculated by the mobile network.
  - 10. A telecommunication system of claim 8, wherein the wireless local area network and the terminal support IEEE802.11 standard, and the mobile network supports GSM standard, and the ciphering means are configured to cipher data using a WEP algorithm.

11. A wireless terminal comprising:
- a transceiver for establishing a wireless connection with an access point in a wireless local area network, an identity module for calculating at least one first ciphering key according to the mobile network using a secret key stored in the identity module and at least one challenge code sent by the mobile network, second calculation means for calculating a second ciphering key using said at least one first ciphering key, and ciphering means for enciphering/deciphering the data between the terminal and the access point using said second ciphering key.
- View Dependent Claims (12, 13)
- - 12. A wireless terminal of claim 11, wherein the identity module of the terminal is configured to calculate at least one authentication response according to the mobile network on the basis of a challenge code and the secret key, the second calculation means of the terminal are configured to calculate a check response on the basis of at least one authentication response and said at least one first ciphering key, and the terminal comprises means for sending the check response to the mobile network.
  - 13. A wireless terminal of claim 11, wherein the terminal supports IEEE802.11 standard and the ciphering means are configured to encipher data using a WEP algorithm.

14. An access point of a wireless local area network comprising:
- ciphering means for enciphering/deciphering data between a terminal and the access point, the ciphering means being configured to encipher the data to be sent and to decipher the received data using a terminal-specific second ciphering key calculated by a public land mobile network, the second ciphering key being calculated using at least one first ciphering key calculated using a secret key specific for the terminal.
- View Dependent Claims (15)
- - 15. An access point of claim 14, wherein the access point supports IEEE802.11 standard and the ciphering means are configured to encipher the data to be sent and to decipher the received data using a WEP algorithm.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intellectual Ventures I LLC (Intellectual Ventures LLC)
Original Assignee
Spyder Navigations LLC (Intellectual Ventures LLC)
Inventors
Honkanen, Jukka-Pekka, Ala-Laurila, Juha, Rinnemaa, Jyri

Granted Patent

US 7,356,145 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/247
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 2463/061   applying further key deriva...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0844   with user authentication or...

H04L 9/3271   using challenge-response

H04W 12/03   Protecting confidentiality,...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

Arranging data ciphering in a wireless telecommunication system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

218 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Arranging data ciphering in a wireless telecommunication system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

218 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others