Method for establishing session key agreement
First Claim
Patent Images
1. A method for establishing a session key at a mobile, which has roamed into a coverage area of a network outside of the mobile'"'"'s home coverage area, comprising:
- a) receiving a first code from said network, said first code being a global challenge;
b) generating second and third codes;
c) sending said second and third codes to said network;
d) receiving a fourth code from said network;
e) authenticating said network based on said fourth code; and
f) establishing said session key based on said first and second codes if said network is authenticated.
4 Assignments
0 Petitions
Accused Products
Abstract
In the method for establishing a session key, a network and a mobile transfer codes between one another. The mobile and the network perform mutual authentication based on the codes. Besides performing this mutual authentication, the mobile and the network to establish the session key based on the codes. In one embodiment, the messages forming part of the intended session are sent with the codes, and form a basis upon which the codes for authentication have been derived.
133 Citations
47 Claims
-
1. A method for establishing a session key at a mobile, which has roamed into a coverage area of a network outside of the mobile'"'"'s home coverage area, comprising:
-
a) receiving a first code from said network, said first code being a global challenge;
b) generating second and third codes;
c) sending said second and third codes to said network;
d) receiving a fourth code from said network;
e) authenticating said network based on said fourth code; and
f) establishing said session key based on said first and second codes if said network is authenticated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
g) incrementing a counter upon receipt of said global challenge to obtain a count value; and
whereinsaid step c) sends said count value and said second and third codes to said network; and
said step f) establishes said session key based on said first and second codes and said count value.
-
-
3. The method of claim 1, wherein said second code is a unique challenge.
-
4. The method of claim 1, wherein said step b) generates said third code by performing a keyed cryptographic function on said first and second codes.
-
5. The method of claim 1, wherein
said step a) receives a first random number as said first code; - and
said step b) increments a counter to obtain a count value as said second code.
- and
-
6. The method of claim 5, wherein said step b) generates said third code by performing a keyed cryptographic function on said first and second codes.
-
7. The method of claim 1, wherein said step c) sends dialed digits to said network with said second and third codes.
-
8. The method of claim 7, wherein said step b) generates said third code by performing a keyed cryptographic function on said first and second codes and said dialed digits.
-
9. A method for establishing a session key at a network having a coverage area outside of a home coverage area of a roaming mobile, said method comprising:
-
a) sending a global challenge as a first code;
b) receiving second and third codes from said roaming mobile;
c) establishing a session key based on said first and second codes;
d) authenticating said roaming mobile based on said third code and said session key. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
said step b) receives a count value; - and further including,
e) storing said count value;
f) determining if said stored count value is greater than a previously stored count value; and
whereinsaid step c) establishes said session key based on said first and second codes and said count value if said stored count value is greater than said previously stored count value.
-
-
11. The method of claim 9, wherein said second code is a unique challenge.
-
12. The method of claim 9, wherein said step b) receives a result of performing a keyed cryptographic function on said first and second codes as said third code.
-
13. The method of claim 9, wherein
said step a) sends a first random number as said first code; - and
said step b) receives a count value as said second code.
- and
-
14. The method of claim 13, wherein
said step b) receives a result of performing a keyed cryptographic function on said first and second codes. -
15. The method of claim 13, further comprising:
-
e) storing said count value;
f) determining if said stored count value is greater than a previously stored count value; and
whereinsaid step c) establishes said session key based on said first and second codes if said stored count value is greater than said previously stored count value.
-
-
16. The method of claim 9, wherein said step b) receives dialed digits from said roaming mobile with said second and third codes.
-
17. The method of claim 16, wherein said step b) receives a result of performing a keyed cryptographic function on said first and second codes and said dialed digits as said third code.
-
18. The method of claim 9, further comprising:
-
e) generating a fourth code if said mobile is authenticated; and
f) sending said fourth code to said mobile.
-
-
19. The method of claim 18, wherein said step e) generates said fourth code by performing a keyed cryptographic function on said second code.
-
20. A method for establishing a session key at a mobile, which has roamed into a coverage area of a network outside of the mobile'"'"'s home coverage area, said method comprising:
-
a) receiving a first code from said network;
b) incrementing a counter to obtain a count value as a second code;
c) generating third code;
d) sending said second and third codes to said network;
e) receiving a fourth code from said network;
f) authenticating said network based on said fourth code; and
g) establishing said session key based on said first and second codes if said network is authenticated. - View Dependent Claims (21, 22, 23, 24, 25)
-
-
26. A method for establishing a session key at a network having a coverage area outside of a home coverage area of a roaming mobile, said method comprising:
-
a) sending a first code to said roaming mobile;
b) receiving second and third codes from a mobile, said second code being a count value;
c) establishing a session key based on said first and second codes;
d) authenticating said roaming mobile based on said third code and said session key. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
e) storing said count value;
f) determining if said stored count value is greater than a previously stored count value; and
whereinsaid step c) establishes said session key based on said first and second codes if said stored count value is greater than said previously stored count value.
-
-
31. The method of claim 26, wherein said step b) receives dialed digits from said roaming mobile with said second and third codes.
-
32. The method of claim 31, wherein said step b) receives a result of performing a keyed cryptographic function on said first and second codes and said dialed digits as said third code.
-
33. The method of claim 26 further comprising:
-
e) generating a fourth code if said roaming mobile is authenticated; and
f) sending said fourth code to said roaming mobile.
-
-
34. The method of claim 33, wherein said step e) generates said fourth code by performing a keyed cryptographic function on said second code.
-
35. A method for establishing a session key at a first party, comprising:
-
a) receiving a first code from a second party;
b) generating a second code;
c) establishing a session key based on said first and second codes;
d) generating a third code by performing a keyed cryptographic function on a first message using said session key;
e) sending said message and said second and third codes to said second party;
f) receiving a fourth code from said second party; and
g) authenticating said session key based on said fourth code;
whereinsaid first party is a roaming mobile and said second party is a network outside of a home coverage area of said roaming mobile, or said first party is a network outside of a home coverage area of a roaming mobile and said second party is said roaming mobile. - View Dependent Claims (36, 37, 38, 39, 40)
-
-
41. A method for establishing a session key at a first party, comprising:
-
a) sending a first code to a second party;
b) receiving a message, a second code, and a third code from said second party, said third code being a result of performing a keyed cryptographic function on said message using a session key;
c) determining said session key based on said first and second codes; and
d) authenticating said second party based on said third code and said session key, wherein said first party is a roaming mobile and said second party is a network outside of a home coverage area of said roaming mobile, or said first party is a network outside of a home coverage of a roaming mobile and said second party is said roaming mobile. - View Dependent Claims (42, 43, 44, 45, 46, 47)
e) generating a fourth code if said second party is authenticated; and
f) sending said fourth code to said second party if said second party is authenticated.
-
-
44. The method of claim 43, wherein said step f) sends a second message and said fourth code.
-
45. The method of claim 44, wherein said fourth code is a result of performing said keyed cryptographic function on said second message using said session key.
-
46. The method of claim 43, wherein said step f) sends a second message, a message count value, and said fourth code, and said fourth code is a result of performing said keyed cryptographic function on said second message and said message count value using said session key.
-
47. The method of claim 41, wherein said step a) sends a global challenge as said first code.
Specification