AUTHENTICATION METHOD, DEVICE AND SYSTEM FOR USER EQUIPMENT

US 20150026787A1
Filed: 10/08/2014
Published: 01/22/2015
Est. Priority Date: 04/12/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating user equipment, comprising:

receiving, by the user equipment, a random value RAND and an authentication code AUTN in an Evolved Packet System (EPS) authentication vector sent from equipment at a network side; and

in a case where an operating mode of the user equipment is a Long Term Evolution Hi (LTE Hi) operating mode, performing authentication by the user equipment based on the RAND and the AUTN, wherein in the authentication, the user equipment ignores a verification result obtained by verifying a separation bit of an Authentication Management Field (AMF) in the AUTN;

or, the user equipment does not verify the separation bit of the AMF.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclose are an authentication method, device and system for a user equipment. The method comprises: first, a user equipment receiving a random value RAND and a cognitive code AUTN in an evolved packet system (EPS) authentication vector sent by a network side device; when an operating mode of the user equipment is a long-term evolved node LTE Hi operating mode, the user equipment performing authentication based on the RAND and the AUTN. In the authentication process, the user equipment ignores a verification result of a separation bit of an authentication management field (AMF) in the AUTN; or, the user equipment does not verify the separation bit of the AMF. The present disclosure is applicable to the field of communication systems.

13 Citations

View as Search Results

13 Claims

1. A method for authenticating user equipment, comprising:
- receiving, by the user equipment, a random value RAND and an authentication code AUTN in an Evolved Packet System (EPS) authentication vector sent from equipment at a network side; and
  
  in a case where an operating mode of the user equipment is a Long Term Evolution Hi (LTE Hi) operating mode, performing authentication by the user equipment based on the RAND and the AUTN, wherein in the authentication, the user equipment ignores a verification result obtained by verifying a separation bit of an Authentication Management Field (AMF) in the AUTN;
  
  or, the user equipment does not verify the separation bit of the AMF.
- View Dependent Claims (2, 3, 4, 5, 10)
- - 2. The method for authenticating the user equipment according to claim 1, further comprising:
    - determining the operating mode of the user equipment by the user equipment.
  - 3. The method for authenticating the user equipment according to claim 2, wherein the determining the operating mode of the user equipment by the user equipment comprises one of:
    - determining, by the user equipment, the operating mode of the user equipment based on type of a wireless access node;
      
      determining, by the user equipment, the operating mode of the user equipment based on a carrier frequency of the wireless access node;
      
      determining, by the user equipment, the operating mode of the user equipment based on function information of the user equipment;
      
      determining, by the user equipment, the operating mode of the user equipment by judging whether a current operating mode supports a preset function;
      
      determining, by the user equipment, the operating mode of the user equipment based on a user equipment identity corresponding to the operating mode.
  - 4. The method for authenticating the user equipment according to claim 3, whereinthe type of the wireless access node is indicated by the equipment at the network side by means of an attach accept message or a tracking area update message or a security mode complete message;
    - orthe type of the wireless access node is indicated by a broadcast message broadcasted by a cell corresponding to the wireless access node.
  - 5. The method for authenticating the user equipment according to claim 1, wherein the performing authentication by the user equipment based on the RAND and the AUTN comprises:
    - determining, by the user equipment, whether a Message Authentication Code (MAC) and a Sequence Number (SQN) in the AUTN are the same as a MAC and a SQN of the user equipment respectively; and
      
      in a case where the MAC and the SQN in the AUTN are the same as the MAC and the SQN of the user equipment respectively, sending, by the user equipment, a message indicating that a verification is successful to the equipment at the network side.
  - 10. The device for authenticating the user equipment according to claim 5, wherein the authentication unit comprises:
    - a judging module, adapted to determine whether a Message Authentication Code (MAC) and a Sequence Number (SQN) in the AUTN are the same as a MAC and a SQN of the user equipment respectively; and
      
      a sending module, adapted to send the message indicating that the verification is successful to the equipment at the network side, in a case where the MAC and the SQN in the AUTN are the same as the MAC and the SQN of the user equipment respectively.

6. A device for authenticating user equipment, comprising a computer readable storage medium and a processor, the computer readable storage medium having a program that when run comprises:
- a receiving unit, configured to receive a random value RAND and an authentication code AUTN in an Evolved Packet System (EPS) authentication vector sent from equipment at a network side; and
  
  an authentication unit, configured to perform authentication based on the RAND and the AUTN received by the receiving unit in a case where an operating mode is a Long Term Evolution Hi (LTE Hi) operating mode, wherein in the authentication, the authentication unit ignores a verification result obtained by verifying a separation bit of an Authentication Management Field (AMF) in the AUTN;
  
  or, the authentication unit does not verify the separation bit of the AMF.
- View Dependent Claims (7, 8, 9)
- - 7. The device for authenticating the user equipment according to claim 6, further comprising:
    - a determination unit, configured to determine the operating mode.
  - 8. The device for authenticating the user equipment according to claim 7, wherein the determination unit comprises:
    - a first determination module, configured to determine the operating mode based on type of a wireless access node;
      
      a second determination module, configured to determine the operating mode based on a carrier frequency of the wireless access node;
      
      a third determination module, configured to determine the operating mode based on function information;
      
      a fourth determination module, configured to determine the operating mode by judging whether a current operating mode supports a preset function; and
      
      a fifth determination module, configured to determine the operating mode based on a user equipment identity corresponding to the operating mode.
  - 9. The device for authenticating the user equipment according to claim 8, whereinthe type of the wireless access node is indicated by the equipment at the network side by means of an attach accept message or a tracking area update message or a security mode complete message;
    - orthe type of the wireless access node is indicated by a broadcast message broadcasted by a cell corresponding to the wireless access node.

11. A device for authenticating user equipment, comprising:
- an acquisition unit, configured to acquire a Universal Mobile Telecommunication System (UMTS) authentication vector,wherein the acquisition unit is further configured to acquire an Evolved Packet System (EPS) authentication vector based on the UMTS authentication vector, in a case where an operating mode of the user equipment is a Long Term Evolution Hi (LTE Hi) operating mode; and
  
  a sending unit, configured to send a random value RAND and an authentication code AUTN in the EPS authentication vector acquired by the acquisition unit to the user equipment, so that the user equipment performs authentication based on the RAND and the AUTN.
- View Dependent Claims (12, 13)
- - 12. The device for authenticating the user equipment according to claim 11, wherein the UMTS comprises a random value RAND, an authentication code AUTN, an encryption key CK, an integrity protection key IK and a desired response value RES;
    - andthe EPS authentication vector comprises the RAND, the AUTN, a key KASME and a desired response value RES, wherein the KASME is acquired by the equipment at the network side based on the CK and the IK in the UMTS authentication vector.
  - 13. The device for authenticating the user equipment according to claim 11, further comprising:
    - an indication unit, configured to indicate type of a wireless access node corresponding to the user equipment by means of an attach accept message or a tracking area update message or a security mode complete message, so that the user equipment determines the operating mode of the user equipment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Inventors
Zhang, Dongmei, Xiong, Chunshan, Chen, Jing

Application Number

US14/509,882
Publication Number

US 20150026787A1
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

H04L 63/205   involving negotiation or de...

H04W 12/041   Key generation or derivation

H04W 12/06   Authentication

H04W 12/40   Security arrangements using...

AUTHENTICATION METHOD, DEVICE AND SYSTEM FOR USER EQUIPMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

AUTHENTICATION METHOD, DEVICE AND SYSTEM FOR USER EQUIPMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links