Providing multimedia system security to removable user identity modules

US 20070043947A1
Filed: 08/19/2005
Published: 02/22/2007
Est. Priority Date: 08/19/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method of authenticating at least one user identity module and an entry node of a wireless communication system, comprising:

receiving, from the entry node, at least a first challenge formed according to at least a first security protocol;

forming, according to at least a second security protocol different from the first security protocol, at least a second challenge based on the first challenge; and

providing the second challenge to the user identity module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method of authenticating a user identity module to an entry node of a wireless communication system. The method may include receiving a first challenge formed according to a first security protocol from the entry node and forming, according to a second security protocol different from the first security protocol, a second challenge based on the first challenge. The method may also include providing the second challenge to the user identity module.

73 Citations

View as Search Results

28 Claims

1. A method of authenticating at least one user identity module and an entry node of a wireless communication system, comprising:
- receiving, from the entry node, at least a first challenge formed according to at least a first security protocol;
  
  forming, according to at least a second security protocol different from the first security protocol, at least a second challenge based on the first challenge; and
  
  providing the second challenge to the user identity module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein receiving the first challenge formed according to the first security protocol comprises receiving an HTTP digest challenge formed according to an Authentication and Key Agreement security protocol from a proxy call session control function.
  - 3. The method of claim 1, wherein forming the second challenge based on the first challenge comprises forming the second challenge from a selected number of bits in the first challenge.
  - 4. The method of claim 3, wherein forming the second challenge comprises forming a nonce using the 32 least significant bits of the first challenge.
  - 5. The method of claim 1, wherein forming the second challenge comprises forming the second challenge according to a TIA/EIA-41 security protocol.
  - 6. The method of claim 1, comprising receiving a first response from the user identity module in response to the second challenge.
  - 7. The method of claim 6, wherein receiving the first response comprises receiving at least one of a digital signature, a signaling message key, and a public long code mask.
  - 8. The method of claim 7, comprising forming at least one key based on at least one of the signaling message key and the private long code mask.
  - 9. The method of claim 7, comprising forming a second response based on at least one of the first challenge, the signaling message key, a private identifier, the second challenge, and the digital signature.
  - 10. The method of claim 9, wherein forming the second response comprises forming an HTTP digest response based on at least one of the first challenge, the signaling message key, and the private identifier.
  - 11. The method of claim 9, comprising providing the second response to the entry node.
  - 12. The method of claim 11, comprising receiving a third response from the entry node in response to providing the second response.
  - 13. The method of claim 12, comprising authenticating the user identity module to the entry node based on the third response.

14. A method of authenticating a user identity module associated with at least one mobile unit, comprising:
- providing at least a first challenge formed according to at least a first security protocol to the mobile unit;
  
  receiving at least a first response formed based on at least a second response provided to the mobile unit by the user identity module, the second response being formed based on the first challenge according to a second security protocol different from the first security protocol; and
  
  authenticating the user identity module based on the first response.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 15. The method of claim 14, comprising forming the first challenge according to the first security protocol.
  - 16. The method of claim 15, wherein forming the first challenge comprises determining whether a private identifier has been received.
  - 17. The method of claim 16, wherein forming the first challenge comprises retrieving authentication information from a home subscription server in response to determining that the private identifier has been received.
  - 18. The method of claim 14, wherein forming the first challenge according to the first security protocol comprises forming an HTTP digest challenge according to an HTTP Digest protocol.
  - 19. The method of claim 14, wherein receiving the first response comprises receiving the first response formed based upon a second response that is formed by the user identity module according to a TIA/EIA-41 security protocol.
  - 20. The method of claim 14, wherein receiving the first response comprises receiving information indicative of at least one of the first challenge, a signaling message encryption key, a private identifier, a second challenge formed based on the first challenge, and a digital signature received from the user identity module.
  - 21. The method of claim 20, wherein receiving the first response comprises receiving an HTTP digest response formed based on at least one of the first challenge, the signaling message encryption key, and the private identifier.
  - 22. The method of claim 14, wherein authenticating the user identity module comprises providing an authorization request to at least one of a Home Location Register and an authentication center.
  - 23. The method of claim 22, wherein providing the authorization request comprises providing an authorization request formed using at least one of a subscriber identifier, a second challenge formed based on the first challenge, and a digital signature received from the user identity module.
  - 24. The method of claim 22, comprising receiving an authorization request response.
  - 25. The method of claim 24, wherein receiving the authorization request response comprises receiving an authorization request response comprising information indicative of at least one of a signaling message encryption key and a private long code mask.
  - 26. The method of claim 25, wherein authenticating the user identity module comprises authenticating the user identity module using the signaling message encryption key.
  - 27. The method of claim 25, comprising generating at least one key based on at least one of the signaling message encryption key and the private long code mask.
  - 28. The method of claim 14, comprising providing a message indicating that the user identity module has been authenticated in response to authenticating the user identity module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lucent Technologies, Inc. (Nokia Corporation)
Original Assignee
Lucent Technologies, Inc. (Nokia Corporation)
Inventors
Wang, Zhibi, Mizikovsky, Semyon

Application Number

US11/208,137
Publication Number

US 20070043947A1
Time in Patent Office

Days
Field of Search
US Class Current

713/172
CPC Class Codes

H04L 63/0869   for achieving mutual authen...

H04L 65/1016   IP multimedia subsystem [IMS]

H04W 12/0431   Key distribution or pre-dis...

H04W 12/0433   Key management protocols

H04W 12/069   using certificates or pre-s...

Providing multimedia system security to removable user identity modules

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

73 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Providing multimedia system security to removable user identity modules

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

73 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links