Method for establishing session key agreement

US 6,591,364 B1
Filed: 08/28/1998
Issued: 07/08/2003
Est. Priority Date: 08/28/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method for establishing a session key at a mobile, which has roamed into a coverage area of a network outside of the mobile'"'"'s home coverage area, comprising:

a) receiving a first code from said network, said first code being a global challenge;

b) generating second and third codes;

c) sending said second and third codes to said network;

d) receiving a fourth code from said network;

e) authenticating said network based on said fourth code; and

f) establishing said session key based on said first and second codes if said network is authenticated.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In the method for establishing a session key, a network and a mobile transfer codes between one another. The mobile and the network perform mutual authentication based on the codes. Besides performing this mutual authentication, the mobile and the network to establish the session key based on the codes. In one embodiment, the messages forming part of the intended session are sent with the codes, and form a basis upon which the codes for authentication have been derived.

133 Citations

47 Claims

1. A method for establishing a session key at a mobile, which has roamed into a coverage area of a network outside of the mobile'"'"'s home coverage area, comprising:
- a) receiving a first code from said network, said first code being a global challenge;
  
  b) generating second and third codes;
  
  c) sending said second and third codes to said network;
  
  d) receiving a fourth code from said network;
  
  e) authenticating said network based on said fourth code; and
  
  f) establishing said session key based on said first and second codes if said network is authenticated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
3. The method of claim 1, wherein said second code is a unique challenge.
4. The method of claim 1, wherein said step b) generates said third code by performing a keyed cryptographic function on said first and second codes.
5. The method of claim 1, whereinsaid step a) receives a first random number as said first code;
- and said step b) increments a counter to obtain a count value as said second code.
6. The method of claim 5, wherein said step b) generates said third code by performing a keyed cryptographic function on said first and second codes.
7. The method of claim 1, wherein said step c) sends dialed digits to said network with said second and third codes.
8. The method of claim 7, wherein said step b) generates said third code by performing a keyed cryptographic function on said first and second codes and said dialed digits.

9. A method for establishing a session key at a network having a coverage area outside of a home coverage area of a roaming mobile, said method comprising:
- a) sending a global challenge as a first code;
  
  b) receiving second and third codes from said roaming mobile;
  
  c) establishing a session key based on said first and second codes;
  
  d) authenticating said roaming mobile based on said third code and said session key.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 10. The method of claim 9, wherein
11. The method of claim 9, wherein said second code is a unique challenge.
12. The method of claim 9, wherein said step b) receives a result of performing a keyed cryptographic function on said first and second codes as said third code.
13. The method of claim 9, whereinsaid step a) sends a first random number as said first code;
- and said step b) receives a count value as said second code.
14. The method of claim 13, whereinsaid step b) receives a result of performing a keyed cryptographic function on said first and second codes.
15. The method of claim 13, further comprising:
- e) storing said count value;
  
  f) determining if said stored count value is greater than a previously stored count value; and
  
  wherein said step c) establishes said session key based on said first and second codes if said stored count value is greater than said previously stored count value.
16. The method of claim 9, wherein said step b) receives dialed digits from said roaming mobile with said second and third codes.
17. The method of claim 16, wherein said step b) receives a result of performing a keyed cryptographic function on said first and second codes and said dialed digits as said third code.
18. The method of claim 9, further comprising:
- e) generating a fourth code if said mobile is authenticated; and
  
  f) sending said fourth code to said mobile.
19. The method of claim 18, wherein said step e) generates said fourth code by performing a keyed cryptographic function on said second code.

20. A method for establishing a session key at a mobile, which has roamed into a coverage area of a network outside of the mobile'"'"'s home coverage area, said method comprising:
- a) receiving a first code from said network;
  
  b) incrementing a counter to obtain a count value as a second code;
  
  c) generating third code;
  
  d) sending said second and third codes to said network;
  
  e) receiving a fourth code from said network;
  
  f) authenticating said network based on said fourth code; and
  
  g) establishing said session key based on said first and second codes if said network is authenticated.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The method of claim 20, wherein said step a) receives a unique challenge as said first code.
  - 22. The method of claim 20, wherein said step a) receives a global challenge as said first code.
  - 23. The method of claim 20, wherein said step c) generates said third code by performing a keyed cryptographic function on said first and second codes.
  - 24. The method of claim 20, wherein said step d) sends dialed digits to said network with said second and third codes.
  - 25. The method of claim 24, wherein said step c) generates said third code by performing a keyed cryptographic function on said first and second codes and said dialed digits.

26. A method for establishing a session key at a network having a coverage area outside of a home coverage area of a roaming mobile, said method comprising:
- a) sending a first code to said roaming mobile;
  
  b) receiving second and third codes from a mobile, said second code being a count value;
  
  c) establishing a session key based on said first and second codes;
  
  d) authenticating said roaming mobile based on said third code and said session key.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
- - 27. The method of claim 26, wherein said step a) sends unique challenge as said first code.
  - 28. The method of claim 26, wherein said step a) sends a global challenge as said first code.
  - 29. The method of claim 26, wherein said step b) receives a result of performing a keyed cryptographic function on said first and second codes as said third code.
  - 30. The method of claim 26, further comprising:
31. The method of claim 26, wherein said step b) receives dialed digits from said roaming mobile with said second and third codes.
32. The method of claim 31, wherein said step b) receives a result of performing a keyed cryptographic function on said first and second codes and said dialed digits as said third code.
33. The method of claim 26 further comprising:
- e) generating a fourth code if said roaming mobile is authenticated; and
  
  f) sending said fourth code to said roaming mobile.
34. The method of claim 33, wherein said step e) generates said fourth code by performing a keyed cryptographic function on said second code.

35. A method for establishing a session key at a first party, comprising:
- a) receiving a first code from a second party;
  
  b) generating a second code;
  
  c) establishing a session key based on said first and second codes;
  
  d) generating a third code by performing a keyed cryptographic function on a first message using said session key;
  
  e) sending said message and said second and third codes to said second party;
  
  f) receiving a fourth code from said second party; and
  
  g) authenticating said session key based on said fourth code;
  
  wherein said first party is a roaming mobile and said second party is a network outside of a home coverage area of said roaming mobile, or said first party is a network outside of a home coverage area of a roaming mobile and said second party is said roaming mobile.
- View Dependent Claims (36, 37, 38, 39, 40)
- - 36. The method of claim 35, wherein said step d) generates said third code by performing said keyed cryptographic function on said first message and a message count value using said session key.
  - 37. The method of claim 35, wherein said step f) receives a second message and said fourth code.
  - 38. The method of claim 37, wherein said fourth code is a result of performing said keyed cryptographic function on said second message using said session key.
  - 39. The method of claim 35, wherein said step f) receives a second message, a message count value, and said fourth code, and said fourth code is a result of performing said keyed cryptographic function on said second message and said message count value using said session key.
  - 40. The method of claim 35, wherein said first code is a global challenge.

41. A method for establishing a session key at a first party, comprising:
- a) sending a first code to a second party;
  
  b) receiving a message, a second code, and a third code from said second party, said third code being a result of performing a keyed cryptographic function on said message using a session key;
  
  c) determining said session key based on said first and second codes; and
  
  d) authenticating said second party based on said third code and said session key, wherein said first party is a roaming mobile and said second party is a network outside of a home coverage area of said roaming mobile, or said first party is a network outside of a home coverage of a roaming mobile and said second party is said roaming mobile.
- View Dependent Claims (42, 43, 44, 45, 46, 47)
- - 42. The method of claim 41, wherein said third code is a result of performing said keyed cryptographic function on said first message and a message count value using said session key.
  - 43. The method of claim 41, further comprising:
44. The method of claim 43, wherein said step f) sends a second message and said fourth code.
45. The method of claim 44, wherein said fourth code is a result of performing said keyed cryptographic function on said second message using said session key.
46. The method of claim 43, wherein said step f) sends a second message, a message count value, and said fourth code, and said fourth code is a result of performing said keyed cryptographic function on said second message and said message count value using said session key.
47. The method of claim 41, wherein said step a) sends a global challenge as said first code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent USA, Inc. (Nokia Corporation)
Original Assignee
Lucent Technologies, Inc. (Nokia Corporation)
Inventors
Patel, Sarvar
Primary Examiner(s)
Hayes, Gail
Assistant Examiner(s)
Seal, James

Application Number

US09/141,580
Time in Patent Office

1,775 Days
Field of Search

713/170, 380/270
US Class Current

713/170
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0869   for achieving mutual authen...

H04W 12/041   Key generation or derivation

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

H04W 88/02   Terminal devices

Method for establishing session key agreement

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

133 Citations

47 Claims

Specification

Solutions

Use Cases

Quick Links

Method for establishing session key agreement

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

133 Citations

47 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links