Authentication of subscriber station
First Claim
1. A method for identifying an authentication message generated by an external attacker, the method comprising receiving the authenticating message comprising an input, the method comprising checking the correctness of the input by computing a message authentication code by utilizing the input and a checking algorithm, and identifying the authentication message as being generated by the external attacker if the input is incorrect on the basis of the message authentication code.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a telecommunication system comprising: at least one subscriber station in the memory of which a secret key is stored, and authentication means for authenticating the subscriber station. In order to make the subscriber-station-specific secret key even more difficult to crack, the subscriber station checks the correctness of a received input by computing a message authentication code utilizing the input and a checking algorithm and computes a response to be transmitted to the authentication means by the subscriber station utilizing an authentication algorithm, the secret key stored in the memory of the subscriber station and the input if the input is correct on the basis of the message authentication code.
36 Citations
20 Claims
- 1. A method for identifying an authentication message generated by an external attacker, the method comprising receiving the authenticating message comprising an input, the method comprising checking the correctness of the input by computing a message authentication code by utilizing the input and a checking algorithm, and identifying the authentication message as being generated by the external attacker if the input is incorrect on the basis of the message authentication code.
-
7. A telecommunication system comprising:
- at least one subscriber station comprising a counter and a memory with a subscriber-station-specific secret key stored therein, and authentication means for authenticating said subscriber station, the authentication means comprising a random number generator, a counter and a memory with the subscriber-station-specific secret key of said at least one subscriber station stored therein, the authentication means;
computes a response on the basis of an input, an authentication algorithm and the subscriber-station-specific secret key stored in the memory of the authentication means, transmits said input to said subscriber station, and indicates that the subscriber station has been authenticated if the authentication means receive from the subscriber station a response which corresponds to the response computed by the authentication means, wherein the authentication means are arranged to compute said input by utilizing a random number generated by the random number generator and a first algorithm, and that the subscriber station checks the correctness of the received input by computing a message authentication code by utilizing the input and a checking algorithm, computes a response to be transmitted to the authentication means by the subscriber station by utilizing the authentication algorithm, said secret key stored in the memory of the subscriber station and the input if the input is correct on the basis of the message authentication code. - View Dependent Claims (8, 9, 10, 11, 14, 15, 16, 17, 19, 20)
- at least one subscriber station comprising a counter and a memory with a subscriber-station-specific secret key stored therein, and authentication means for authenticating said subscriber station, the authentication means comprising a random number generator, a counter and a memory with the subscriber-station-specific secret key of said at least one subscriber station stored therein, the authentication means;
-
12. An authentication centre in a telecommunication system, the authentication centre comprising:
-
a random number generator a counter and a memory with subscriber station-specific secret keys of subscriber stations stored therein, and generating an input and a response necessary for authenticating a particular subscriber station, and in order to produce the response the authentication centre;
retrieves from the memory the secret key of the subscriber station to be authenticated, and computes the response by utilizing the secret key retrieved from the memory, said input and an authentication algorithm, wherein the authentication centre is arranged to produce said input by utilizing a random number generated by the random number generator and a first algorithm.
-
-
13. A subscriber station in a telecommunication system which, for authenticating the subscriber station, comprises:
-
a memory with a secret key stored therein, means for receiving an input and a counter wherein the subscriber station is arranged to check the correctness of the input by computing a message authentication code by utilizing the input and a checking algorithm, and the counter is arranged to compute a response to be forwarded by the subscriber station by utilizing an authentication algorithm, said secret key and said input if the input is correct on the basis of the message authentication code.
-
-
18. A SIM card comprising a counter and a memory with a secret key stored therein, and an inlet for receiving an input, wherein the SIM card:
checks the correctness of the received input by computing a message authentication code by utilizing the input and a checking algorithm, and compute a response to be forwarded by the SIM card by utilizing an authentication algorithm, said secret key and said input if the input is correct on the basis of the message authentication code.
Specification