AUTHENTICATION VECTOR GENERATION DEVICE, SUBSCRIBER IDENTITY MODULE, WIRELESS COMMUNICATION SYSTEM, AUTHENTICATION VECTOR GENERATION METHOD, CALCULATION METHOD, AND SUBSCRIBER AUTHENTICATION METHOD
First Claim
1. An authentication vector generation device comprising:
- authentication vector generating means for generating an authentication vector used to authenticate a subscriber identity module in a wireless local area network connected to a mobile communication network, said authentication vector having a random number field for storing random numbers used in an authentication calculation performed in said subscriber identity module;
attaching means for attaching, to said random number field of said generated authentication vector, information specifying a calculation information element that is constituted by at least one of an algorithm and secret information for use in said calculation; and
transmitting means for transmitting to said mobile communication network said random number field which includes said information specifying said calculation information element.
0 Assignments
0 Petitions
Accused Products
Abstract
According to the present invention, a subscriber identity module in a wireless local area network is authenticated using an authentication vector with no decrease in the confidentiality of the calculation processing, even when a triplet is employed as the authentication vector. An HLR of a mobile communication network comprises an attachment unit for attaching to a RAND field of an authentication vector, which is used to authenticate an SIM in a wireless local area network, information specifying calculation information that is constituted by at least one of an algorithm and secret information for use in the authentication calculation. The SIM, which is mounted on a wireless LAN terminal, comprises a calculation information storage unit storing in advance a plurality of the calculation information, a specification unit for specifying the calculation information to be used in the calculation from the plurality of calculation information stored in the calculation information storage unit by referring to information specifying the calculation information, and a calculation unit for performing the calculation on the basis of the specified calculation information.
-
Citations
9 Claims
-
1. An authentication vector generation device comprising:
-
authentication vector generating means for generating an authentication vector used to authenticate a subscriber identity module in a wireless local area network connected to a mobile communication network, said authentication vector having a random number field for storing random numbers used in an authentication calculation performed in said subscriber identity module; attaching means for attaching, to said random number field of said generated authentication vector, information specifying a calculation information element that is constituted by at least one of an algorithm and secret information for use in said calculation; and transmitting means for transmitting to said mobile communication network said random number field which includes said information specifying said calculation information element.
-
-
2. A subscriber identity module mounted on subscriber side terminal equipment that is capable of connecting to a wireless local area network, comprising:
-
calculation information storage means storing in advance a plurality of calculation information elements constituted by at least one of an algorithm and secret information for use in a calculation to authenticate said subscriber identity module; reception means for receiving data including information specifying a calculation information element for use in said calculation, which are transmitted from said subscriber side terminal equipment and include at least data in a random number field storing random numbers for use in said calculation, said field being provided in an authentication vector used to authenticate said subscriber identity module in said wireless local area network connected to a mobile communication network; specifying means for specifying a calculation information element to be used in said calculation from said plurality of calculation information elements stored in said calculation information storage means by referring to said information specifying said calculation information element attached to said data of said random number field, included in said received data; calculating means for performing said calculation on the basis of said specified calculation information element using said received data; and transmitting means for transmitting information regarding a calculated result of said calculation to said subscriber side terminal equipment.
-
-
3. A wireless communication system constituted by an authentication vector generation device and a subscriber identity module mounted on subscriber side terminal equipment which is capable of connecting to a wireless local area network, wherein said authentication vector generation device comprises:
-
authentication vector generating means for generating an authentication vector used to authenticate said subscriber identity module in said wireless local area network connected to a mobile communication network, said authentication vector having a random number field for storing random numbers used in an authentication calculation performed in said subscriber identity module; attaching means for attaching, to said random number field of said generated authentication vector, information specifying a calculation information element that is constituted by at least one of an algorithm and secret information for use in said calculation; and transmitting means for transmitting to said mobile communication network said random number field which includes said information specifying said calculation information element, and said subscriber identity module comprises; calculation information storage means storing in advance a plurality of calculation information elements for use in said calculation to authenticate said subscriber identity module; reception means for receiving data including said information specifying said calculation information element for use in said calculation, transmitted from said subscriber side terminal equipment and including at least data in said random number field of said authentication vector used to authenticate said subscriber identity module in said wireless local area network; specifying means for specifying said calculation information element to be used in said calculation from said plurality of calculation information elements stored in said calculation information storage means by referring to said information specifying said calculation information element in said data of said random number field, included in said received data; calculating means for performing said calculation on the basis of said specified calculation information element using said received data; and transmitting means for transmitting information regarding a calculated result of said calculation to said subscriber side terminal equipment.
-
-
4. An authentication vector generation method in an authentication vector generation device, comprising:
-
generating an authentication vector used to authenticate a subscriber identity module in a wireless local area network connected to a mobile communication network, said authentication vector having a random number field for storing random numbers used in an authentication calculation performed in said subscriber identity module; attaching, to said random number field of said generated authentication vector, information specifying a calculation information element that is constituted by at least one of an algorithm and secret information for use in said calculation; and transmitting to said mobile communication network said random number field which includes said information specifying said calculation information element.
-
-
5. A calculation method in a subscriber identity module which is mounted on subscriber side terminal equipment that is capable of connecting to a wireless local area network, and which stores in advance a plurality of calculation information elements constituted by at least one of an algorithm and secret information to be used in a calculation to authenticate said subscriber identity module, said calculation method comprising:
-
receiving data including information specifying a calculation information element for use in said calculation, transmitted from said subscriber side terminal equipment and including at least data in a random number field storing random numbers for use in said calculation, said field being provided in an authentication vector used to authenticate said subscriber identity module in said wireless local area network connected to a mobile communication network; specifying a calculation information element to be used in said calculation from said plurality of calculation information elements by referring to said information specifying said calculation information element attached to said data of said random number field, included in said received data; performing said calculation on the basis of said specified calculation information element using said received data; and transmitting information regarding a calculated result of said calculation to said subscriber side terminal equipment.
-
-
6. A subscriber authentication method in a wireless communication system comprising an authentication vector generation device, and a subscriber identity module mounted on subscriber side terminal equipment that is capable of connecting to a wireless local area network, said subscriber identity module storing in advance a plurality of calculation information elements that is constituted by at least one of an algorithm and secret information used in a calculation to authenticate said subscriber identity module, wherein, in said authentication vector generation device, said subscriber authentication method comprises:
-
generating an authentication vector used to authenticate said subscriber identity module in said wireless local area network connected to a mobile communication network, said authentication vector having a random number field for storing random numbers used in said authentication calculation performed in said subscriber identity module; and attaching, to said random number field of said generated authentication vector, information specifying a calculation information element to be used in said calculation, and in said subscriber identity module, comprising calculation information storage means storing in advance a plurality of said calculation information elements for use in said calculation to authenticate said subscriber identity module, said subscriber authentication method comprises; receiving data for use in said calculation, transmitted from said subscriber side terminal equipment and including at least data in said random number field of said authentication vector used to authenticate said subscriber identity module in said wireless local area network; specifying said calculation information element to be used in said calculation from said plurality of calculation information elements by referring to said information specifying said calculation information element in said data of said random number field, included in said received data; performing said calculation on the basis of said specified calculation information element using said received data; and transmitting information regarding a calculated result of said calculation to said subscriber side terminal equipment.
-
-
7. An authentication vector generation device comprising:
-
an authentication vector generating device configured to generate an authentication vector used to authenticate a subscriber identity module in a wireless local area network connected to a mobile communication network, said authentication vector having a random number field for storing random numbers used in an authentication calculation performed in said subscriber identity module; an attaching device configured to attach to said random number field of said generated authentication vector, information specifying a calculation information element that is constituted by at least one of an algorithm and secret information for use in said calculation; and a transmitting means for transmitting to said mobile communication network said random number field which includes said information specifying said calculation information element.
-
-
8. A subscriber identity module mounted on subscriber side terminal equipment that is capable of connecting to a wireless local area network, comprising:
-
a calculation information storage device configured to store in advance a plurality of calculation information elements constituted by at least one of an algorithm and secret information for use in a calculation to authenticate said subscriber identity module; a reception device configured to receive data including information specifying a calculation information element for use in said calculation, which are transmitted from said subscriber side terminal equipment and include at least data in a random number field storing random numbers for use in said calculation, said field being provided in an authentication vector used to authenticate said subscriber identity module in said wireless local area network connected to a mobile communication network; a specifying device configured to specify a calculation information element to be used in said calculation from said plurality of calculation information elements stored in said calculation information storage device by referring to information specifying said calculation information element attached to said data of said random number field, included in said received data; a calculating device configured to perform said calculation on the basis of said specified calculation information element using said received data; and a transmitting device configured to transmit information regarding a calculated result of said calculation to said subscriber side terminal equipment.
-
-
9. A wireless communication system constituted by an authentication vector generation device and a subscriber identity module mounted on subscriber side terminal equipment which is capable of connecting to a wireless local area network, wherein said authentication vector generation device comprises:
-
an authentication vector generating device configured to generate an authentication vector used to authenticate said subscriber identity module in said wireless local area network connected to a mobile communication network, said authentication vector having a random number field for storing random numbers used in an authentication calculation performed in said subscriber identity module; an attaching device configured to attach to said random number field of said generated authentication vector, information specifying a calculation information element that is constituted by at least one of an algorithm and secret information for use in said calculation; and a transmitting device for transmitting to said mobile communication network said random number field which includes said information specifying said calculation information element, and said subscriber identity module comprises; a calculation information storage device configured to store in advance a plurality of calculation information elements for use in said calculation to authenticate said subscriber identity module; a reception device configured to receive data including said information specifying said calculation information element for use in said calculation, transmitted from said subscriber side terminal equipment and including at least data in said random number field of said authentication vector used to authenticate said subscriber identity module in said wireless local area network; a specifying device configured to specify said calculation information element to be used in said calculation from said plurality of calculation information elements stored in said calculation information storage device by referring to said information specifying said calculation information element in said data of said random number field, included in said received data; a calculating device configured to perform said calculation on the basis of said specified calculation information element using said received data; and a transmitting device configured to transmit information regarding a calculated result of said calculation to said subscriber side terminal equipment.
-
Specification