Sequence number calculation and authentication in a communications system
First Claim
1. A method of authenticating access of a subscriber terminal to a communication network, comprising:
- storing in a communication network database authentication information for said subscriber terminal for exchanging secret key information between said subscriber terminal and said communication network when said subscriber terminal accesses the communication network, said authentication information comprising a sequence number which is recalculated each time the subscriber terminal accesses the communication network;
recalculating the sequence number by generating a new sequence number from a sequence number for the subscriber terminal stored in the communication network database and wherein each sequence number comprises a suffix and a prefix, the method of generating a new sequence number comprising calculating a new sequence number suffix from an existing sequence number suffix, calculating a new sequence number prefix by a randomising process if the new suffix is equal to a predetermined value, and calculating a new sequence number prefix by an algorithmic process from the prefix of the existing sequence number if the new suffix differs from said predetermined value;
exchanging secret key information between said subscriber terminal and said communication network using said recalculated sequence number; and
based on said exchanged secret key information, authenticating access of said subscriber terminal to the communications network.
3 Assignments
0 Petitions
Accused Products
Abstract
In a mobile communications system, a batch of sequence numbers is generated via an algorithm wherein each sequence number comprises a suffix and a prefix. The method comprises; calculating a new sequence number suffix from an existing sequence number suffix, calculating a prefix of a first new sequence number of the batch by addition to the prefix of the existing sequence number if the new suffix is not equal to a predetermined value or by a randomizing process if the new suffix is equal to said predetermined value, and calculating prefixes for the other sequence numbers of the batch by modular addition of integers to the prefix of said first new sequence number. The sequence numbers are used in the authentication procedure.
-
Citations
8 Claims
-
1. A method of authenticating access of a subscriber terminal to a communication network, comprising:
-
storing in a communication network database authentication information for said subscriber terminal for exchanging secret key information between said subscriber terminal and said communication network when said subscriber terminal accesses the communication network, said authentication information comprising a sequence number which is recalculated each time the subscriber terminal accesses the communication network; recalculating the sequence number by generating a new sequence number from a sequence number for the subscriber terminal stored in the communication network database and wherein each sequence number comprises a suffix and a prefix, the method of generating a new sequence number comprising calculating a new sequence number suffix from an existing sequence number suffix, calculating a new sequence number prefix by a randomising process if the new suffix is equal to a predetermined value, and calculating a new sequence number prefix by an algorithmic process from the prefix of the existing sequence number if the new suffix differs from said predetermined value; exchanging secret key information between said subscriber terminal and said communication network using said recalculated sequence number; and based on said exchanged secret key information, authenticating access of said subscriber terminal to the communications network. - View Dependent Claims (2, 3)
-
-
4. A method of authenticating access of a subscriber terminal to a communication network, comprising:
-
storing in a communication network database authentication information for said subscriber terminal for exchanging secret key information between said subscriber terminal and said communication network when said subscriber terminal accesses the communication network, said authentication information comprising a sequence number which is recalculated each time the subscriber terminal accesses the communication network; recalculating the sequence number by generating a new sequence number from a sequence number for the subscriber terminal stored in the communication network database and wherein each sequence number comprises a suffix and a prefix, the method of generating a new sequence number comprising;
calculating a new sequence number suffix from an existing sequence number suffix, calculating a new sequence number prefix by addition to the prefix of the existing sequence number if the new suffix is non-zero, and calculating a new sequence number prefix by a randomising process if the new suffix is equal to zero;exchanging secret key information between said subscriber terminal and said communication network using said recalculated sequence number; and based on said exchanged secret key information, authenticating access of said subscriber terminal to the communications network.
-
-
5. A method of authenticating access of a subscriber terminal to a communication network, comprising:
-
storing in a communication network database authentication information for said subscriber terminal for exchanging secret key information between said subscriber terminal and said communication network when said subscriber terminal accesses the communication network, said authentication information comprising a sequence number from a batch of sequence numbers which is recalculated each time the subscriber terminal accesses the communication network; recalculating the sequence number by generating a new sequence number from a sequence number for the subscriber terminal stored in the communication network database and wherein each sequence number comprises a suffix and a prefix, the method of generating a new sequence number comprising;
calculating a new sequence number suffix from an existing sequence number suffix, calculating a prefix of a first new sequence number of the batch by addition to the prefix of the existing sequence number if the new suffix is not equal to a predetermined value or by a randomising process if the new suffix is equal to said predetermined value, and calculating prefixes for the other sequence numbers of the batch by modular addition of integers to the prefix of said first new sequence number;exchanging secret key information between said subscriber terminal and said communication network using said recalculated sequence number; and based on said exchanged secret key information, authenticating access of said subscriber terminal to the communications network.
-
-
6. A system for authenticating access of a subscriber terminal to a communication network, said system comprising:
-
a communication network database storing authentication information for said subscriber terminal for exchanging secret key information between said subscriber terminal and said communication network when said subscriber terminal accesses the communication network, said authentication information comprising a set of authentication vectors constructed from a batch of sequence numbers generated by a sequence number generation system in said communications network wherein each sequence number comprises a suffix and a prefix, said sequence number generation system comprising; means for generating a batch of sequence numbers in a communications system wherein each sequence number comprises a suffix and a prefix; means for calculating a new sequence number suffix from an existing sequence number suffix; means for calculating a prefix of a first new sequence number of the batch by addition to the prefix of the existing sequence number if the new suffix is not equal to a predetermined value or by a randomising process if the new suffix is equal to said predetermined value; means for calculating prefixes for the other sequence numbers of the batch by modular addition of integers to the prefix of said first new sequence number; means for exchanging secret key information between said subscriber terminal and said communication network using said recalculated sequence number; and means for authentications access of said subscriber terminal to the communications network based on said exchanged secret key information.
-
-
7. A home location register arranged to authenticate access of a subscriber terminal to a communication network, said home location register having a database for storing authentication information for said subscriber terminal for exchanging secret key information between said subscriber terminal and said communication network when said subscriber terminal accesses the communication network, said authentication information comprising a sequence number which is recalculated each time the subscriber terminal accesses the communication network;
- the home location register being arranged to recalculate the sequence number by generating a new sequence number from a sequence number for the subscriber terminal stored in the communication network database and wherein each sequence number comprises a suffix and a prefix, the home location register comprising;
means for calculating a new sequence number suffix from an existing sequence number suffix means for calculating a new sequence number prefix by a randomising process if the new suffix is equal to a predetermined value; means for calculating a new sequence number prefix by an algorithmic process from the prefix of the existing sequence number if the new suffix differs from said predetermined value means for exchanging secret key information between said subscriber terminal and said communication network using said recalculated sequence number; and means for authenticating access of said subscriber terminal to the communications network based on said exchanged secret key information.
- the home location register being arranged to recalculate the sequence number by generating a new sequence number from a sequence number for the subscriber terminal stored in the communication network database and wherein each sequence number comprises a suffix and a prefix, the home location register comprising;
-
8. A mobile handset arranged to respond to an authentication signal incorporating a set of authentication vectors constructed from a batch of sequence numbers generated by a system in a communications system wherein each sequence number comprises a suffix and a prefix, said sequence number generation system comprising:
-
means for generating a batch of sequence numbers in a communications system wherein each sequence number comprises a suffix and a prefix; means for calculating a new sequence number suffix from an existing sequence number suffix; means for calculating a prefix of a first new sequence number of the batch by addition to the prefix of the existing sequence number if the new suffix is not equal to a predetermined value or by a randomising process if the new suffix is equal to said predetermined value; means for calculating prefixes for the other sequence numbers of the batch by modular addition of integers to the prefix of said first new sequence number; and means for exchanging secret key information with said communication network using said recalculated sequence number.
-
Specification