Authentication system for digital cellular communications
First Claim
1. A method for the generation of parameters for use in enhancing the security of communication in a communications system in which a mobile station is assigned a unique multi-digit permanent key and in which a changeable multi-digit rolling key is employed for increased security, both said permanent key and said rolling key being stored in said mobile station and the network of the mobile, said method comprising:
- receiving at a location a plurality of multi-digit input signals, including, a signal representative of an authentication inquiry from the network along with the multi-digit permanent key of a particular mobile station and the multi-digit rolling key associated with said particular mobile at that particular time;
arranging at least some of the digits of said input signals in a first grouping;
calculating from said first grouping of input signals and said permanent and rolling key digits a first output value in accordance with a first algorithm; and
assigning sequentially arranged blocks of digits comprising said first output value to selected parameters for use within said system, including, an authentication response to be used by said mobile station to reply to the authentication inquiry by the network and an authentication signal to be used by the network to authenticate it to the mobile station.
5 Assignments
0 Petitions
Accused Products
Abstract
A system for the authentication of mobile stations and base stations in a cellular communications network. The system includes an algorithm which generates not only a key dependent response to a random challenge, but also a temporary conversation key or call variable which may be used to encipher traffic in the network. To protect against clones in the network, the algorithm uses a rolling key which contains historical information. A bilateral authentication procedure may be used to update the rolling key and to generate a new conversation key.
-
Citations
32 Claims
-
1. A method for the generation of parameters for use in enhancing the security of communication in a communications system in which a mobile station is assigned a unique multi-digit permanent key and in which a changeable multi-digit rolling key is employed for increased security, both said permanent key and said rolling key being stored in said mobile station and the network of the mobile, said method comprising:
-
receiving at a location a plurality of multi-digit input signals, including, a signal representative of an authentication inquiry from the network along with the multi-digit permanent key of a particular mobile station and the multi-digit rolling key associated with said particular mobile at that particular time; arranging at least some of the digits of said input signals in a first grouping; calculating from said first grouping of input signals and said permanent and rolling key digits a first output value in accordance with a first algorithm; and assigning sequentially arranged blocks of digits comprising said first output value to selected parameters for use within said system, including, an authentication response to be used by said mobile station to reply to the authentication inquiry by the network and an authentication signal to be used by the network to authenticate it to the mobile station. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 25, 26, 27, 28)
-
-
16. A system for the generation of parameters for use in enhancing the security of communication in a communications system in which a mobile station is assigned a unique multi-digit secret permanent key and in which a changeable multi-digit rolling key is employed for increased security, both said permanent key and said rolling key being stored in each mobile station and the network of the mobile, said method comprising:
-
means for receiving at a location a plurality of multi-digit input signals, including, a signal representative of an authentication inquiry from the network along with the multi-digit permanent key of said particular mobile station, and the multi-digit rolling key associated with said particular mobile at that particular time; means for arranging the digits of said input signals in a first grouping; means for calculating from said first grouping of input, signals and said permanent and rolling key digits a first output value in accordance with a first algorithm; and means for assigning sequentially arranged blocks of digits comprising said first output value to selected parameters for use within said system, including, an authentication response to be used by said mobile station to reply to the authentication inquiry by the network and an authentication signal to be used by the network to authenticate it to the mobile station. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
-
-
29. A method for the generation of parameters for use in authenticating access in a communication system in which a mobile station is assigned a unique multi-digit permanent key and in which a changeable multi-digit rolling key is employed for increased security, both said permanent key and said rolling key being stored in said mobile station and in the network with which the mobile is to communicate, said method comprising:
-
providing a plurality of multi-digit input signals, including, a signal representative of an authentication inquiry from the network along with the multi-digit permanent key of said particular mobile station and the multi-digit rolling key associated with said particular mobile at that particular time; arranging at least some of the digits of said input signals in a first grouping; calculating from said first grouping of input signals and said permanent and rolling key digits a first output value in accordance with a first algorithm; and assigning sequentially arranged groups of digits comprising at least part of said first output value to selected parameters for use within said system, including, an authentication response to be used by said mobile station to reply to the authentication inquiry by the network. - View Dependent Claims (30, 31, 32)
-
Specification