Method for creating and distributing cryptographic keys in a mobile radio system and corresponding mobile radio system
First Claim
1. Method for creating and distributing cryptographic keys (318, 322) in a mobile radio system (100), which system has at least one mobile radio terminal (103), one first computer (113), one computer of a home communications network (109) and also one second computer (106, 107), whereby the mobile radio terminal (103) and the computer of the home communications network (109) contain authentication key materials (312, 314) resulting from an authentication, characterized in that a first cryptographic key (318) and a second cryptographic key (322) are created by the mobile radio terminal (103) and by the computer of the home communications network (109) by using the authentication key materials (312), the first cryptographic key (318) is transmitted to the first computer (113), and the second cryptographic key (322) is transmitted to the second computer (106), the first cryptographic key (318) and the second cryptographic key (322) are created in such a way that no inference can be made from the first cryptographic key (318) as to the second cryptographic key (322), no inference can be made from the second cryptographic key (322) as to the first cryptographic key (318), no inference can be made from the first cryptographic key (318) or from the second cryptographic key (322) as to the authentication key materials (312, 314).
1 Assignment
0 Petitions
Accused Products
Abstract
A first cryptographic key (318) and a second cryptographic key (322) are created by a mobile radio terminal (103) and by a computer of the home communications network (108, 109) by using authentication key materials (312). The first cryptographic key (318) is transmitted to the computer of the visited communications network (113), and the second cryptographic key (322) is transmitted to an application server computer (106, 107).
-
Citations
15 Claims
-
1. Method for creating and distributing cryptographic keys (318, 322) in a mobile radio system (100), which system has at least one mobile radio terminal (103), one first computer (113), one computer of a home communications network (109) and also one second computer (106, 107), whereby the mobile radio terminal (103) and the computer of the home communications network (109) contain authentication key materials (312, 314) resulting from an authentication, characterized in that
a first cryptographic key (318) and a second cryptographic key (322) are created by the mobile radio terminal (103) and by the computer of the home communications network (109) by using the authentication key materials (312), the first cryptographic key (318) is transmitted to the first computer (113), and the second cryptographic key (322) is transmitted to the second computer (106), the first cryptographic key (318) and the second cryptographic key (322) are created in such a way that no inference can be made from the first cryptographic key (318) as to the second cryptographic key (322), no inference can be made from the second cryptographic key (322) as to the first cryptographic key (318), no inference can be made from the first cryptographic key (318) or from the second cryptographic key (322) as to the authentication key materials (312, 314).
-
15. Mobile radio system (100)
with at least one mobile radio terminal (103), in which authentication key materials (312, 314) resulting from an authentication are stored, with one first computer (113), with one computer of a home communications network (109) in which computer the authentication key materials (312, 314) resulting from an authentication are stored, with at least one second computer (106, 107), characterized in that the mobile radio terminal (103) and the computer of the home communications network (109) each have a crypto unit for creating a first cryptographic key (318) and a second cryptographic key (322) by using the authentication key materials (312, 314), whereby the first cryptographic key (318) and the second cryptographic key (322) are created in such a way that no inference can be made from the first cryptographic key (318) as to the second cryptographic key (322), no inference can be made from the second cryptographic key (322) as to the first cryptographic key (318), no inference can be made from the first cryptographic key (318) or from the second cryptographic key (322) as to the authentication key materials (312, 314), the first computer (113) has a memory for storing the first cryptographic key (318), and the second computer (106, 107) has a memory for storing the second cryptographic key (322).
Specification