System and method for strong authentication achieved in a single round trip
First Claim
Patent Images
1. A method, comprising:
- sending a random number to a mobile node, wherein the random number is generated local to the mobile node, wherein the random number is generated by a base station;
generating a mobile node signature using the mobile node, wherein the mobile node signature is generated using the random number;
authenticating the mobile node to a network, wherein the network is a general packet radio service network; and
authenticating the network to the mobile node,wherein the authenticating the mobile node to the network and the authenticating the network to the mobile node is performed in a single round trip while the mobile node is roaming.
8 Assignments
0 Petitions
Accused Products
Abstract
A system and method for strong authentication achieved in a single round trip is disclosed, which reduces the amount of time needed for a mobile node to be authenticated by the network. In an embodiment of the present invention, the, authentication time is approximately three times faster than for 3GPP.
-
Citations
20 Claims
-
1. A method, comprising:
-
sending a random number to a mobile node, wherein the random number is generated local to the mobile node, wherein the random number is generated by a base station; generating a mobile node signature using the mobile node, wherein the mobile node signature is generated using the random number; authenticating the mobile node to a network, wherein the network is a general packet radio service network; and authenticating the network to the mobile node, wherein the authenticating the mobile node to the network and the authenticating the network to the mobile node is performed in a single round trip while the mobile node is roaming. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system, comprising:
-
a mobile node that is configured to generate a mobile node signature in response to a random number received from a source within a domain local to a current position relating to the mobile node and send the mobile node signature to be verified, wherein the random number is generated by a base station; the authentication server located within a home domain associated with the mobile node that is configured to receive the mobile node signature, verify the mobile node signature, and in response to the verification of the mobile node signature that indicates that the mobile node is verified to a network, wherein the network is a general packet radio service network, return an authentication signature to the mobile node, wherein the verification of the mobile node by the authentication server and verification of the authentication signature by the mobile node is performed in a single round trip while the mobile node is roaming. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system, comprising:
-
a base station for generating a random number local to the mobile node; a means for sending the random number to the mobile node a means for generating a mobile node signature using the mobile node, wherein the mobile node signature is generated using the random number; a means for sending the mobile node signature to an authentication server within a general packet radio service network, and verifying by the authentication the mobile node signature; and
in response to the verifying, generating an authentication signature and sending the authentication signature to the mobile node for verification,wherein the verification of the mobile node by the authentication server and verification of the authentication signature by the mobile node is performed in a single round trip while the mobile node is roaming.
-
-
19. A base station, comprising:
-
a random number generation unit configured to generate a random number; a transmission unit configured to send the random number to a mobile node that is roaming and is connected to the base station; a reception unit configured to receive a mobile node signature generated by the mobile node using the random number; an authentication unit configured to authenticate the mobile node to a network by communicating with an authentication server, wherein the network is a general packet radio service network; and a provision unit configured to provide an authentication signature to the mobile node, wherein the authenticating the mobile node to the network and the providing the authentication signature to the mobile node is performed in a single round trip.
-
-
20. A base station, comprising:
-
random number generation means for generating a random number; transmission means for sending the random number to a mobile node that is roaming and is connected to the base station; reception means for receiving a mobile node signature generated by the mobile node using the random number; authentication means for authenticating the mobile node to a network by communicating with an authentication server, wherein the network is a general packet radio service network; and provision means for providing an authentication signature to the mobile node, wherein the authenticating the mobile node to the network and the providing the authentication signature to the mobile node is performed in a single round trip.
-
Specification