Re-authentication procedure for over-the-air activation

US 5,943,425 A
Filed: 07/29/1996
Issued: 08/24/1999
Est. Priority Date: 05/10/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method of operating a wireless telecommunications system comprising:

(a) receiving an originate activation message transmitted from a mobile station;

(b) generating a random number RAND string in response to said originate activation message, such that any given originate activation message leads to the generation of one and only one random number RAND string;

(c) transmitting a re-authentication message to said mobile station wherein said re-authentication message comprises said random number RAND string;

(d) generating an expected response based on said random number RAND string;

(e) receiving an actual response from said mobile station, which said actual response is generated by said mobile station based on said re-authentication message; and

(f) comparing said actual response to said expected response.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for providing OTA during the service origination call, wherein the mobile station performs an authentication procedure in response to a re-authentication message received, using shared secret data known to the mobile station and the system infrastructure and data in the re-authentication message to compute an authentication response. The response is transmitted to the base station, which compares it with an internally generated authentication response, and, if they match, privacy activation procedures, such as message encryption or voice masks, are initiated.

Citations

34 Claims

1. A method of operating a wireless telecommunications system comprising:
- (a) receiving an originate activation message transmitted from a mobile station;
  
  (b) generating a random number RAND string in response to said originate activation message, such that any given originate activation message leads to the generation of one and only one random number RAND string;
  
  (c) transmitting a re-authentication message to said mobile station wherein said re-authentication message comprises said random number RAND string;
  
  (d) generating an expected response based on said random number RAND string;
  
  (e) receiving an actual response from said mobile station, which said actual response is generated by said mobile station based on said re-authentication message; and
  
  (f) comparing said actual response to said expected response.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the step of transmitting a re-authentication message comprises transmitting said re-authentication message from a base station.
  - 3. The method of claim 1, wherein said expected response is also based on shared secret data.
  - 4. The method of claim 3, wherein the step of transmitting a re-authentication message is preceded by the step of updating said shared secret data in said wireless telecommunications system.
  - 5. The method of claim 4, wherein the step of transmitting a re-authentication message is preceded by the step of transmitting a shared secret data update message to said mobile station.
  - 6. The method of claim 5, wherein the step of transmitting said shared secret data update message to said mobile station is preceded by the step of transmitting an A-key from said wireless telecommunications system to said mobile station.
  - 7. The method of claim 1, wherein the step of generating an expected response comprises performing an authentication algorithm.
  - 8. The method of claim 7, wherein the step of generating an expected response comprises performing the AUTH_-- SIGNATURE authentication algorithm.
  - 9. The method of claim 8, wherein the step of generating an expected response comprises generating the AUTHR output of the AUTH_-- SIGNATURE algorithm.
  - 10. The method of claim 1, wherein all steps occur during an activation call initiated by said mobile station to said wireless telecommunications system.
  - 11. The method of claim 10, further comprising:
    - enabling a voice privacy mask in said wireless system when said actual response corresponds to said expected response.
  - 12. The method of claim 10, further comprising enabling message encryption parameters in said wireless telecommunications system when said actual response corresponds to said expected response.
  - 13. The method of claim 10, wherein said wireless telecommunications system is able to transmit on a control channel and on a traffic channel, and the step of transmitting a re-authentication message comprises transmitting said re-authentication message on said traffic channel.

14. A method of operating a mobile station comprising:
- (a) transmitting an originate activation message to a wireless telecommunications system;
  
  (b) receiving a re-authentication message from said wireless telecommunications system that comprises a random number RAND string that was generated in said wireless telecommunications system in response to the receipt by said wireless telecommunications system of said originate activation message;
  
  (c) generating an actual response to said re-authentication message based on said random number RAND string; and
  
  (d) transmitting said actual response to said wireless telecommunications system.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 15. The method of claim 14, wherein the step of receiving a re-authentication message from said wireless telecommunications system comprises receiving said re-authentication message from a base station.
  - 16. The method of claim 14, wherein said actual response is based on shared secret data.
  - 17. The method of claim 16, wherein the step of receiving a re-authentication message is preceded by the step of updating said shared secret data in said mobile station.
  - 18. The method of claim 17, wherein the step of receiving a re-authentication message is preceded by the step of updating said shared secret data in said wireless telecommunications system.
  - 19. The method of claim 18, wherein the step of updating is preceded by the step of receiving an A-key.
  - 20. The method of claim 14, wherein the step of generating a response to said re-authentication message comprises performing an authentication algorithm.
  - 21. The method of claim 20, wherein the step of generating a response to said re-authentication message comprises performing an AUTH_-- SIGNATURE authentication algorithm.
  - 22. The method of claim 21, wherein the step of generating a response to said re-authentication message comprises generating an AUTHR output of said AUTH_-- SIGNATURE algorithm.
  - 23. The method of claim 14, wherein all steps occur during a first call initiated by said mobile station to said wireless telecommunications system.
  - 24. The method of claim 14, wherein said wireless telecommunications system is able to transmit on a control channel and on a traffic channel, and the step of receiving a re-authentication message comprises receiving said re-authentication message on said traffic channel.

25. A wireless telecommunications system comprising:
- (a) a receiver configured to receive an originate activation message transmitted by a mobile station and an actual response transmitted by said mobile station;
  
  (b) means for generating a random number RAND string in response to the receipt of said originate activation message, such that any given originate activation message leads to the generation of one and only one random number RAND string;
  
  (c) processing means configured to generate a re-authentication message that comprises said random number RAND string;
  
  (d) transmitting means configured to transmit said re-authentication message to said mobile station;
  
  (e) computing means to generate an expected response to said re-authentication message using said random number RAND string; and
  
  (f) means for comparing said actual response to said expected response.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. The system of claim 25 wherein said receiver is in a base station.
  - 27. The system of claim 25 wherein said transmitting means is in a base station.
  - 28. The system of claim 25 wherein said computing means is in a base station.
  - 29. The system of claim 25 wherein said expected response is based on shared secret data.
  - 30. The system of claim 25 further comprising means for enabling a voice privacy mask when said actual response corresponds to said expected response.
  - 31. The system of claim 25 further comprising means for enabling message encryption parameters when said actual response corresponds to said expected response.
  - 32. The system of claim 25, wherein said transmitting means is able to transmit on a control channel and on at least one traffic channel, and said transmitting means are configured to transmit said re-authentication message on said at least one traffic channel.

33. A mobile station comprising:
- (a) a transmitter configured to transmit an originate activation message and an actual response to a wireless telecommunications system;
  
  (b) a receiver configured to receive a re-authentication message comprising a random number RAND string generated in response to the originate activation message; and
  
  (c) computing means for generating said actual response to said re-authentication message based on said random number RAND string.
- View Dependent Claims (34)
- - 34. The system of claim 33 wherein said actual response is also based on shared secret datum.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lucent Technologies, Inc. (Nokia Corporation)
Original Assignee
Lucent Technologies, Inc. (Nokia Corporation)
Inventors
Mizikovsky, Semyon B.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/681,753
Time in Patent Office

1,121 Days
Field of Search

455/403, 455/410, 455/411, 455/418, 455/419, 455/422, 455/424, 455/425, 455/435, 455/415, 375/200, 375/201, 375/202, 375/203, 375/204, 375/206, 375/207, 375/208, 375/209, 375/210, 380/9, 380/23, 380/25, 380/30, 380/49, 380/50, 380/59, 380/29
US Class Current

380/247
CPC Class Codes

H04W 12/02   Protecting privacy or anony...

H04W 12/06   Authentication

H04W 8/265   for initial activation of n...

Re-authentication procedure for over-the-air activation

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Re-authentication procedure for over-the-air activation

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links