Escrowed key distribution for over-the-air service provisioning in wireless communication networks
First Claim
Patent Images
1. A method for activating a wireless communication device, comprising:
- transmitting from the wireless communication device an identifier corresponding to an encrypted authentication key stored in the wireless communication device;
receiving a mask at the wireless communication device in response to the transmission of the identifier; and
recovering an authentication key for activating the wireless communication device by applying the mask to the encrypted authentication key.
2 Assignments
0 Petitions
Accused Products
Abstract
An escrowed key distribution system for over-the-air service provisioning of cellular telephones and other wireless communication devices provides a secure and efficient authentication key distribution method for wireless communications networks. To ensure security, an authentication key used to activate the wireless device is never transmitted over the air. In addition, mutual authentication is performed between the wireless communication device and the service provider using an embedded private-key algorithm to ensure proper authentication key transfer.
97 Citations
25 Claims
-
1. A method for activating a wireless communication device, comprising:
-
transmitting from the wireless communication device an identifier corresponding to an encrypted authentication key stored in the wireless communication device;
receiving a mask at the wireless communication device in response to the transmission of the identifier; and
recovering an authentication key for activating the wireless communication device by applying the mask to the encrypted authentication key. - View Dependent Claims (2, 3, 4, 5, 6)
generating an internal verifier at the wireless communication device using the mask and the authentication key; and
authenticating the mask by comparing the external verifier to the internal verifier.
-
-
4. A method according to claim 3, wherein the act of generating an internal verifier includes applying the mask and the authentication key as inputs to an embedded private-key encryption algorithm to generate the internal verifier.
-
5. A method according to claim 1, further comprising:
storing the encrypted authentication key in the wireless communication device during the manufacturing of the wireless communication device.
-
6. A method according to claim 1, further comprising:
storing the encrypted authentication key in the wireless communication device prior to the transmission of the unique identifier.
-
7. A wireless communication device, comprising:
-
a memory for storing at least one activation pair consisting of a unique identifier and an encrypted authentication key;
an input section for generating an initiation signal to initiate the activation of the wireless communication device in response to an input from a user;
a processor, coupled to the memory and the input section, for selecting an activation pair in response to the initiation signal from the input section and for extracting the unique identifier from the selected activation pair; and
a transceiver, coupled to the processor, for transmitting the unique identifier extracted by the processor and for receiving a mask in response to the transmission of the unique identifier, wherein the processor includes a decryption section for recovering an authentication key for activating the wireless communication device by applying the mask to the encrypted authentication key of the selected activation pair. - View Dependent Claims (8, 9, 10, 11)
wherein the transceiver includes an antenna for wirelessly transmitting the unique identifier. -
9. A wireless communication device according to claim 7,
wherein the transceiver includes a reception section for receiving an external verifier in response to the transmission of the unique identifier. -
10. A wireless communication device according to claim 9, further comprising:
an authenticator, coupled to the processor for generating an internal verifier using the mask and the authentication key and for authenticating the mask by comparing the external verifier to the internal verifier.
-
11. A wireless communication device according to claim 10,
wherein the authenticator includes a verification generator for generating the internal verifier by applying the mask and the authentication key to an embedded private-key encryption algorithm.
-
-
12. A system for activating a wireless communication device, the system comprising:
-
a memory having program instructions; and
a processor configured to use the program instructions to transmit an identifier corresponding to an encrypted authentication key stored in the wireless communication device from the wireless communication device;
receive a mask at the wireless communication device in response to the transmission of the identifier; and
recover an authentication key for activating the wireless communication device by applying the mask to the encrypted authentication key.- View Dependent Claims (13, 14, 15)
-
-
16. A method for activating a wireless communication device by a carrier, comprising:
-
receiving at the carrier an identifier from the wireless communication device corresponding to an encrypted authentication key stored in the wireless communication device; and
transmitting a mask corresponding to the identifier from the carrier to the wireless communication device in response to the transmission of the identifier, wherein the mask recovers an authentication key for activating the wireless communication device by applying the mask to the encrypted authentication key. - View Dependent Claims (17, 18, 19)
-
-
20. A carrier for activating a wireless communication device, comprising:
-
a memory having program instructions; and
a processor configured to use the program instructions to receive an identifier corresponding to an encrypted authentication key stored in the wireless communication device from the wireless communication device; and
transmit a mask corresponding to the identifier to the wireless communication device in response to the transmission of the identifier,wherein the mask recovers an authentication key for activating the wireless communication device by applying the mask to the encrypted authentication key. - View Dependent Claims (21, 22, 23)
-
-
24. A clearinghouse for activating a wireless communication device, comprising:
-
a memory having program instructions; and
a processor configured to use the program instructions to generate an activation pair consisting of an identifier and an encrypted authentication key;
transmit the activation pair to a manufacturer for storage in the wireless communication device;
receive the identifier from the wireless communication device; and
transmit a mask corresponding to the identifier to the wireless communication device,wherein the mask recovers an authentication key for activating the wireless communication device by applying the mask to the encrypted authentication key. - View Dependent Claims (25)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeVerizon Laboratories Incorporated (Verizon Communications Inc.)
-
Original AssigneeVerizon Laboratories Incorporated (Verizon Communications Inc.)
-
InventorsFrankel, Yair, Carroll, Christopher Paul
-
Primary Examiner(s)Hayes, Gail
-
Assistant Examiner(s)Baum, Ronald
-
Application NumberUS09/280,882Time in Patent Office1,611 DaysField of Search713/171, 713/168, 380/247-249, 380/281, 380/273, 455/411US Class Current713/171CPC Class CodesH04L 2209/04 Masking or blindingH04L 2209/56 Financial cryptography, e.g...H04L 2209/80 Wireless network architectu...H04L 9/0841 involving Diffie-Hellman or...H04L 9/0894 Escrow, recovery or storing...H04L 9/3033 details relating to pseudo-...H04L 9/321 involving a third party or ...H04L 9/3273 for mutual authentication n...H04W 12/041 Key generation or derivationH04W 12/0431 Key distribution or pre-dis...H04W 12/06 AuthenticationH04W 8/265 for initial activation of n...
