Key transforms to discriminate between beams in a multi-beam satellite communication system
First Claim
1. In a mobile telephone network for providing service to a plurality of mobile stations in communication with a plurality of network stations, a first network station comprising:
- a mobile station identifier which identifies at said first network station the identity of a mobile station;
a second network station identifier which uses said mobile station identity to determine the identity of a second network station from which a cipher variable may be obtained;
a receiver which receives said cipher variable from said second network station;
a former which forms at said first network station a cipher mode indication in dependence on the identity of said second network station; and
a determiner which uses said cipher mode indication formed at said first network station to select an algorithm from a plurality of algorithms and uses the selected algorithm and said cipher variable to encipher or decipher traffic information signals exchanged with said mobile station during a call.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus is described for transforming a key variable used for scrambling mobile data traffic between a terminal and a network in alternate ways based on a value transmitted to the terminal from the network. Transformation is accomplished by passing portions of the key variable through a series of S-boxes, which provide a mapping between inputs and outputs. The method and apparatus is explained also in the context of a satellite communications system, in which a terminal can be located in a different continent/country from the terminal'"'"'s home location. Enciphered communication is enabled between the foreign satellite gateway and the roaming terminal after the foreign gateway communicates with the terminal'"'"'s native gateway. The native gateway transmits one or more cipher variables in the communication. Moreover, the value determining which way to cipher the data traffic can be based on numerous factors, including aspects of the satellite communication system.
-
Citations
19 Claims
-
1. In a mobile telephone network for providing service to a plurality of mobile stations in communication with a plurality of network stations, a first network station comprising:
-
a mobile station identifier which identifies at said first network station the identity of a mobile station;
a second network station identifier which uses said mobile station identity to determine the identity of a second network station from which a cipher variable may be obtained;
a receiver which receives said cipher variable from said second network station;
a former which forms at said first network station a cipher mode indication in dependence on the identity of said second network station; and
a determiner which uses said cipher mode indication formed at said first network station to select an algorithm from a plurality of algorithms and uses the selected algorithm and said cipher variable to encipher or decipher traffic information signals exchanged with said mobile station during a call.
-
-
2. In a mobile telephone network for providing service to a plurality of mobile stations in communication with a plurality of network stations, a method comprising the steps of:
-
determining at a first network station the identity of a mobile station;
using said mobile station identity to determine the identity of a second network station from which a cipher variable may be obtained;
obtaining said cipher variable from said second network station;
forming at said first network station a cipher mode indication in dependence on the identity of said second network station;
using said cipher mode indication at said first network station to select an algorithm from a plurality of algorithms; and
using the selected algorithm and said cipher variable to encipher traffic information signals transmitted to said mobile station during a call.
-
-
3. In a mobile telephone network for providing service to a plurality of mobile stations in communication with a plurality of network stations, a method comprising the steps of:
-
determining at a first network station the identity of a mobile station;
using said mobile station identity to determine the identity of a second network station from which a cipher variable may be obtained;
obtaining said cipher variable from said second network station;
forming at said first network station a cipher mode indication in dependence on the identity of said second network station;
transmitting said cipher mode indication from said first network station to said mobile station;
receiving said cipher mode indication at said mobile station and using it to select an algorithm from a plurality of algorithms; and
using the selected algorithm for enciphering or deciphering traffic information signals transmitted between said first network station and said mobile station during a call. - View Dependent Claims (4, 5, 6)
comparing said cipher mode indication received at said mobile station with a previously stored mode indication to form a match indication if the received and previously stored indications are the same or to form a no-match indication if the received and previously stored indications are not the same.
-
-
5. The method of claim 4, further comprising the step of:
indicating at said mobile station an error status in the event of said no-match indication being formed.
-
6. The method of claim 4, further comprising the step of:
transmitting from said mobile station an error indication to said first network station in the event of said no-match indication being formed.
-
7. In a mobile telephone network for providing service to a plurality of mobile stations in communication with a plurality of network stations, a method comprising the steps of:
-
determining at a first network station the identity and approximate geographic location of a mobile station;
using said mobile station identity to determine the identity of a second network station from which a cipher variable may be obtained;
obtaining said cipher variable from said second network station;
forming at said first network station a cipher mode indication in dependence on the location of said mobile station, said cipher mode indication indicating which algorithm of a plurality of algorithms is to be used;
transmitting said cipher mode indication from said first network station to said mobile station;
receiving said cipher mode indication at said mobile station and using it to select an algorithm from said plurality of algorithms; and
using the selected algorithm for enciphering or deciphering traffic information signals transmitted between said first network station and said mobile station during a call. - View Dependent Claims (8, 9, 10)
comparing said cipher mode indication received at said mobile station with a previously stored mode indication to form a match indication if the received and previously stored indications are the same or to form a no-match indication if the received and previously stored indications are not the same.
-
-
9. The method of claim 8, further comprising the step of:
indicating at said mobile station an error status in the event of said no-match indication being formed.
-
10. The method of claim 8, further comprising the step of:
transmitting from said mobile station an error indication to said first network station in the event of said no-match indication being formed.
-
11. In a mobile telephone network for providing service to a plurality of mobile stations in communication with a plurality of network stations, a method comprising the steps of:
-
determining at a first network station the identity and approximate geographic location of a mobile station;
using said mobile station identity to determine the identity of a second network station from which a cipher variable may be obtained;
obtaining said cipher variable from said second network station;
forming at said first network station a cipher mode indication in dependence on the location of said mobile station, said cipher mode indication indicating which algorithm of a plurality of algorithms is to be used;
using said cipher mode indication at said first network station to select an algorithm from said plurality of algorithms; and
using the selected algorithm and said cipher variable to encipher traffic information signals transmitted to said mobile station during a call.
-
-
12. In a mobile telephone network for providing service to a plurality of mobile stations in communication with a plurality of network stations, a method comprising the steps of:
-
determining at a first network station the identity and approximate geographic location of a mobile station;
forming at said first network station a cipher mode indication in dependence on said mobile station identity and location;
accessing a call history memory to determine if said cipher mode indication is the same as or different from that transmitted to said mobile station during a previous call;
accessing said call history memory to retrieve an associated previously stored cipher variable; and
using the retrieved cipher variable during a call to encipher and decipher traffic information signals exchanged between said first network station and said mobile station if said cipher mode indication is the same as that transmitted during a previous call. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
transmitting a new cipher mode indication to said mobile station and commanding said mobile station to execute an authentication algorithm if said cipher mode indication is different from that transmitted during a previous call.
-
-
14. The method of claim 13, further comprising the step of:
transmitting a random authentication challenge variable from said first network station to said mobile station and using said random authentication challenge variable in said authentication algorithm.
-
15. The method of claim 13, further comprising the step of:
transmitting from said mobile station to said first network station an output value computed by said authentication algorithm.
-
16. The method of claim 13, further comprising the steps of:
-
transmitting a random authentication challenge variable from said first network station to said mobile station and using said random authentication challenge variable in said authentication algorithm; and
receiving at said first network station from said mobile station an output value computed by said authentication algorithm as a function of said random authentication challenge variable.
-
-
17. The method of claim 13, further comprising the step of:
combining an output value computed by said authentication algorithm with said new cipher mode indication to obtain a new cipher variable in said mobile station.
-
18. The method of claim 17, further comprising the step of:
using said new cipher variable in place of a previous cipher variable to encipher or decipher traffic information signals exchanged between said mobile station and said first network station.
-
19. The method of claim 17, further comprising the step of:
overwriting a previous cipher variable stored in said mobile station with said new cipher variable and storing said new cipher mode indication in association thereto.
Specification