System and method for strong authentication achieved in a single round trip

US 20020178358A1
Filed: 02/25/2002
Published: 11/28/2002
Est. Priority Date: 02/23/2001
Status: Active Grant

First Claim

Patent Images

1. A method for strong authentication achieved in a single round trip, comprising:

sending a random number to a mobile node (MN), wherein the random number is generated local to the MN;

generating a MN signature using the MN, wherein the MN signature is generated using the random number;

authenticating the MN to a network, wherein the network is a GPRS network; and

authenticating the network to the MN.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for strong authentication achieved in a single round trip is disclosed, which reduces the amount of time needed for a mobile node to be authenticated by the network. In an embodiment of the present invention, the, authentication time is approximately three times faster than for 3GPP.

52 Citations

View as Search Results

19 Claims

1. A method for strong authentication achieved in a single round trip, comprising:
- sending a random number to a mobile node (MN), wherein the random number is generated local to the MN;
  
  generating a MN signature using the MN, wherein the MN signature is generated using the random number;
  
  authenticating the MN to a network, wherein the network is a GPRS network; and
  
  authenticating the network to the MN.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein authenticating the MN to the network, further comprises sending the MN signature to an authentication server;
    - and verifying, by the authentication server, the mobile node signature.
  - 3. The method of claim 1, wherein the random number is generated by a base station.
  - 4. The method of claim 2, wherein authenticating the network to the MN, further comprises generating an authentication signature by the authentication server;
    - and sending the authentication signature to the MN.
  - 5. The method of claim 4, further comprising:
    - verifying, by the MN, the authentication signature.
  - 6. The method of claim 5, wherein the authentication server is a home authentication server (AAAH).
  - 7. The method of claim 6, wherein sending the MN signature to the AAAH, further comprises sending the MN signature to a local authentication server (AAAF), wherein AAAF is located in a foreign domain and forwards the signature to the AAAH.
  - 8. The method of claim 7, further comprising determining when the MN signature is not verified, and when ending the strong authentication.
  - 9. The method of claim 8, further comprising determining when the authentication signature is not verified, and when ending the strong authentication.

10. A system for strong authentication achieved in a single round trip between a MN and a network, comprising:
- a mobile node (MN) that is configured to generate a MN signature in response to a random number received from a source within a domain local to a current position relating to the MN and send the MN signature to be verified;
  
  the authentication server located within a home domain associated with the MN that is configured to receive the MN signature, verify the MN signature, and in response to the verification of the MN signature that indicates that the MN is verified to the network, wherein the network is a GPRS network, return an authentication signature to the MN.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10, wherein the source comprises a base station, wherein the base station is within the domain local to the MN and is configured to generate the random number and send the random number to the MN.
  - 12. The system of claim 10, further comprising:
    - the MN is configured to verify the authentication signature, and if the authentication signature is verified authenticating the network to the MN.
  - 13. The system of claim 11, further comprising:
    - the MN is configured to verify the authentication signature, and if the authentication signature is verified authenticating the network to the MN.
  - 14. The system of claim 13, wherein the authentication server is a home authentication server (AAAH).
  - 15. The system of claim 14, wherein sending the MN signature to be verified, further comprises the MN is configured to send the MN signature to a local authentication server (AAAF), and the AAAF is configured to forward the signature to the AAAH.
  - 16. The system of claim 15, wherein the AAAH is further configured to send the authentication signature to the AAAF, wherein the AAAF is arranged to send the authentication signature to the MN.
  - 17. The system of claim 16, wherein the AAAH is further configured to determine when the MN signature is not verified, and when, end the strong authentication.
  - 18. The system of claim 17, wherein the MN is further configured to determine when the authentication signature is not verified, and when, end the strong authentication.

19. A system for strong authentication between a mobile node (MN) and a network, comprising:
- a means for generating a random number local to the MN;
  
  a means for sending the random number to the mobile node a means for generating a MN signature using the MN, wherein the MN signature is generated using the random number;
  
  a means for sending the MN signature to an authentication server within a GPRS network, and verifying by the authentication the MN signature; and
  
  in response to the verifying, generating an authentication signature and sending the authentication signature to the MN for verification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
WSOU Investments, LLC (WSOU Holdings, LLC)
Original Assignee
Nokia Solutions and Networks US LLC (Nokia Corporation)
Inventors
Perkins, Charles E., Afifi, Hossam

Granted Patent

US 7,472,269 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/169
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/0869   for achieving mutual authen...

H04L 63/0892   by using authentication-aut...

H04L 63/126   the source of the received ...

H04L 9/3242   involving keyed hash functi...

H04L 9/3247   involving digital signatures

H04W 12/069   using certificates or pre-s...

H04W 80/04   Network layer protocols, e....

System and method for strong authentication achieved in a single round trip

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for strong authentication achieved in a single round trip

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links