Method and apparatus for authentication in a communication system

US 5,708,710 A
Filed: 06/23/1995
Issued: 01/13/1998
Est. Priority Date: 06/23/1995
Status: Expired due to Term

First Claim

Patent Images

1. A method of performing authentication in a communication system comprising the steps of:

detecting an unexpected authentication message, said unexpected authentication message including but not limited to at least one of the following;

an unsolicited base station challenge message; and

an unsolicited unique challenge response message;

updating a counter value;

comparing the counter value to a threshold value; and

performing an encryption key update operation in response to the comparison between the counter value and the threshold value.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for performing authentication in a communication system. The method includes the steps of detecting an unexpected authentication message, updating a counter value, comparing the counter value to a threshold value, and performing an encryption key update operation in response to the comparison between the counter value and the threshold value. The apparatus includes a base station (152), a switching center (128) coupled to the base station (152), and an authentication center (149) responsive to the switching center (128). The switching center (128) detects an unexpected authentication message received by the base station (152). The authentication center (149) updates a counter when the switching center (128) detects the unexpected authentication message and compares the updated counter with a threshold value. The authentication center (149) initiates an encryption key update operation when the updated counter value exceeds the threshold value.

Citations

16 Claims

1. A method of performing authentication in a communication system comprising the steps of:
- detecting an unexpected authentication message, said unexpected authentication message including but not limited to at least one of the following;
  
  an unsolicited base station challenge message; and
  
  an unsolicited unique challenge response message;
  
  updating a counter value;
  
  comparing the counter value to a threshold value; and
  
  performing an encryption key update operation in response to the comparison between the counter value and the threshold value.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the encryption key comprises shared secret data (SSD).
  - 3. The method of claim 1, wherein the encryption key comprises an A-key value.
  - 4. The method of claim 1 wherein the unsolicited base station challenge message comprises a received base station challenge message that is not in repose to prior encryption key update message.
  - 5. The method of claim 1 wherein the unsolicited unique challenge response message comprises a received unique response message that is not in response to a prior unique challenge message.
  - 6. The method of claim 1, wherein a plurality of unexpected authentication messages are detected and the counter value is updated in response to the detection of each of the plurality of unexpected authentication messages.
  - 7. The method of claim 1, further comprising the steps of:
    - updating a second counter value;
      
      comparing the second counter value to a second threshold value; and
      
      performing a second encryption key update operation in response to the comparison between the second counter value and the second threshold value.

8. An apparatus for performing authentication in a communication system comprising:
- a base station receiving an unexpected authentication message, said unexpected authentication message including but not limited to at least one of the following;
  
  an unsolicited base station challenge message; and
  
  an unsolicited unique challenge response message;
  
  a switching center coupled to the base station;
  
  a counter that is updated in response to the received unexpected authentication message; and
  
  an authentication center responsive to the switching center, said authentication center initiating an encryption key update operation when the counter exceeds a threshold value.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The apparatus of claim 8, wherein said authentication center is incorporated into the switching center.
  - 10. The apparatus of claim 8, wherein the encryption key comprises shared secret data (SSD).
  - 11. The apparatus of claim 8, wherein the encryption key comprises an A-KEY value.
  - 12. The apparatus of claim 8 wherein the unsolicited base station challenge message comprises a received base station challenge message that is not in response to a prior encryption key update message.
  - 13. The apparatus of claim 8, wherein the mobile switching center detects a plurality of unexpected authentication messages and the counter is updated in response to the detection of each of the plurality of unexpected authentication messages.
  - 14. The apparatus of claim 8, wherein said communication system comprises a wireless communication system.
  - 15. The apparatus of claim 14, wherein said wireless communication system comprises a system selected from the group consisting of a code division multiple access, a time division multiple access, and a frequency division multiple access cellular system.

16. A method of performing authentication in a communication system comprising the steps of:
- receiving a base station challenge message at a base station;
  
  determining whether the received base station challenge message is an unexpected authentication message by determining whether a prior shared secret data (SSD) update order was sent by the base station;
  
  incrementing a first counter if the received base challenge message is an unexpected authentication message;
  
  comparing the first counter to a first threshold value;
  
  performing an SSD key update and incrementing a second counter if the first counter exceeds the first threshold value;
  
  comparing the second counter with a second threshold value; and
  
  performing an A-key update if the second counter exceeds the second threshold value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Duda, Michael C.
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US08/493,951
Time in Patent Office

935 Days
Field of Search

380/21, 380/25, 380/44, 455/33.1
US Class Current

380/247
CPC Class Codes

H04L 2209/80   Wireless

H04L 9/0891   Revocation or update of sec...

H04L 9/3271   using challenge-response

Method and apparatus for authentication in a communication system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for authentication in a communication system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links