Process of combined authentication of a telecommunication terminal and of a user module
First Claim
1. Process for controlling access to a telecommunications network by means of a terminal operating together with a user module, in which a session key is calculated, on the one hand by the user module and on the other hand by the network, on the basis of data which include a user identification key held secretly in a memory of the user module and a first random number provided by the network, the network retrieving the user identification key on the basis of a user identification parameter issued by the terminal, wherein the terminal calculates an authentication key on the basis of data which include the session key calculated by the user module, a terminal identification key held secretly in a memory of the terminal and a second random number provided by the network, wherein the network calculates in the same way the authentication key on the basis of data which include the session key calculated by the network, the terminal identification key retrieved by the network on the basis of a terminal identification parameter issued by the terminal and the second random number, and wherein the terminal is authorized to access the network in the event of concordance between the authentication keys calculated by the terminal and by the network.
1 Assignment
0 Petitions
Accused Products
Abstract
The terminal and the user module are authenticated in a combined manner on the basis of an authentication key calculated on the one hand by the terminal and on the other hand by the network. A session key is firstly calculated by the user module on the basis of a secret user key, of a terminal identification parameter and of a first random number. Calculation of the authentication key by the terminal involves this session key calculated by the user module, a secret terminal identification key and a second random number. The network calculates in the same way the session key and the authentication key by retrieving the secret keys on the basis of the identification parameters transmitted by the terminal. The terminals can then be authenticated by the network independently of the associated user modules.
-
Citations
6 Claims
- 1. Process for controlling access to a telecommunications network by means of a terminal operating together with a user module, in which a session key is calculated, on the one hand by the user module and on the other hand by the network, on the basis of data which include a user identification key held secretly in a memory of the user module and a first random number provided by the network, the network retrieving the user identification key on the basis of a user identification parameter issued by the terminal, wherein the terminal calculates an authentication key on the basis of data which include the session key calculated by the user module, a terminal identification key held secretly in a memory of the terminal and a second random number provided by the network, wherein the network calculates in the same way the authentication key on the basis of data which include the session key calculated by the network, the terminal identification key retrieved by the network on the basis of a terminal identification parameter issued by the terminal and the second random number, and wherein the terminal is authorized to access the network in the event of concordance between the authentication keys calculated by the terminal and by the network.
Specification