Authentication in a mobile communications network
First Claim
Patent Images
1. A method of authentication in a mobile communications network comprising:
- authentication of a subscriber identifying means to a network entity; and
authentication of the network entity to the subscriber identifying means.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of authentication in a mobile communications network comprising authentication of a subscriber identifying means to a network entity and authentication of the network entity to the subscriber identifying means.
166 Citations
40 Claims
-
1. A method of authentication in a mobile communications network comprising:
-
authentication of a subscriber identifying means to a network entity; and
authentication of the network entity to the subscriber identifying means. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 21, 22)
-
-
11. A method of authentication in a mobile communications network using an information storage means, said method comprising the steps of:
-
said information storage means receiving a message comprising an authentication challenge and determining a characteristic of said message;
performing a first procedure if said message has a first predetermined characteristic; and
performing a second procedure if said message has a different characteristic. - View Dependent Claims (12, 13, 14, 16, 17, 18, 19, 20)
-
-
15. A method of authentication using an information storage means,
said information storage means receiving a message comprising an authentication challenge and determining a characteristic of said message, said information storage means comprising means for calculating an authentication response based on said authentication challenge, an authentication input parameter and an authentication algorithm, said method comprising the steps of: -
retrieving one authentication input parameter from a number of input parameters stored on said information storage means or one authentication algorithm from a number of algorithms stored on said information storage means in response to said characteristic; and
responding to said authentication challenge by using said retrieved authentication input parameter or algorithm.
-
- 23. A method of authentication, comprising distinguishing an authorised request for authentication from an unauthorised request for authentication and responding differently to authorised requests than to unauthorised requests.
- 26. A method of authentication, comprising the step of using a first valid input parameter or a first authentication algorithm to respond to an authorised authentication challenge and using a second input parameter or a second algorithm, different from said first input, to respond to an unauthorised authentication challenge.
-
28. An authentication centre for a mobile communications network, comprising:
-
a database storing a secret authentication input parameter for subscribers of said mobile communications network;
a source for providing random numbers as second input parameters;
means for calculating certificates for authorising authentication challenges, including an algorithm for calculating said certificates; and
means for calculating authentication responses, including an algorithm for calculating said responses.
-
-
29. An authentication centre for a mobile communications network, comprising:
-
a database storing;
i) an authentication algorithm and at least two secret first input parameters;
orii) a secret first input parameter and at least two different authentication algorithms for calculating authentication responses;
a source for providing second input parameters for calculating said authentication responses;
means for;
i) determining characteristics of said second input parameters;
orii) providing authentication codes;
means for assigning one of said at least two secret first input parameters or authentication algorithms to said characteristics or said authentication codes in a predetermined way;
means for retrieving the assigned first input parameter or authentication algorithm from said database; and
means for calculating said authentication responses using said assigned first input parameter or authentication algorithm.
-
- 30. An information storage means for authentication, adapted for distinguishing authorised and unauthorised requests for authentication and for responding differently to said authorised and said unauthorised authentication requests.
-
36. An information storage means for authentication, comprising:
-
means for calculating authentication responses to received authentication challenges using said challenges, an authentication input parameter and an authentication algorithm stored on said information storage means;
means for;
i) determining characteristics of said authentication challenges;
orii) determining characteristics of received authentication codes;
means for storing;
i) an authentication algorithm and at least two secret authentication input parameters;
orii) a secret authentication input parameters and at least two authentication algorithms means for determining predetermined assignments of said characteristics to said at least two authentication input parameters or algorithms; and
means for retrieving the assigned authentication input parameters or algorithms for a particular characteristic or authentication code and using said assigned authentication input parameter or algorithm for calculating said authentication responses.
-
-
38. A subscriber identifying means for authentication in a mobile communications network, adapted for distinguishing a genuine authentication challenge as transmitted by said network from a false authentication challenge and for storing data indicating that said subscriber identifying means has been subject to false authentication challenges.
-
39. A method of authentication in a mobile communications network, comprising transmitting an authentication request to a mobile station and receiving an authentication response from the mobile station, wherein the authentication request transmitted to the mobile station comprises:
-
an authentication challenge; and
a certificate, said certificate providing authentication of a network entity to or an authentication code for determining a procedure for responding to said authentication challenge.
-
-
40. A method of authentication in a mobile communications network,
wherein a network entity transmits an authentication challenge to a subscriber identifying means and generates an authentication response to said challenge, wherein said subscriber identifying means generates an authentication response to said received challenge and transmitting said response to said network entity, wherein said network entity compares the authentication response generated by said network entity to the authentication response provided by said subscriber identifying means, and wherein said method comprises the steps of generating said authentication responses using a variable external input parameter available to said network entity and said subscriber identifying means and calculating said authentication response in response thereto.
Specification