Authenticating access to a wireless local area network based on security value(s) associated with a cellular system

US 7,593,717 B2
Filed: 09/12/2003
Issued: 09/22/2009
Est. Priority Date: 09/12/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

Determining, at a device, a private key for a first network based on at least one security value associated with a second network, wherein the private key refers to a key that, once calculated, is not shared with another device, wherein the second network is a cellular network and the first network is a wireless local area network, and wherein determining the private key comprises determining the private key based on a shared secret data key associated with the cellular network; and

establishing a plurality of sessions between a mobile terminal and the first network using the private key, wherein determining the private key based on the shared secret data key comprises applying a root key, an electronic serial number associated with the mobile terminal, and a network-supplied random value to a Cellular Authentication and Voice Encryption (CAVE) algorithm to generate the private key.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided for determining a private key for a first network based on at least one security value associated with a second network. The method further includes establishing a plurality of sessions between a mobile terminal and the first network based on the private key.

12 Citations

View as Search Results

21 Claims

1. A method comprising:
- Determining, at a device, a private key for a first network based on at least one security value associated with a second network, wherein the private key refers to a key that, once calculated, is not shared with another device, wherein the second network is a cellular network and the first network is a wireless local area network, and wherein determining the private key comprises determining the private key based on a shared secret data key associated with the cellular network; and
  
  establishing a plurality of sessions between a mobile terminal and the first network using the private key, wherein determining the private key based on the shared secret data key comprises applying a root key, an electronic serial number associated with the mobile terminal, and a network-supplied random value to a Cellular Authentication and Voice Encryption (CAVE) algorithm to generate the private key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein determining the private key further comprises populating the private key with a cryptographic transform of the shared secret data key.
  - 3. The method of claim 1, wherein the second network is a cellular network having an associated authentication center and the first network is a wireless local area network, and wherein determining the private key comprises determining the private key based on one or more random challenges generated by the authentication center associated with the cellular network.
  - 4. The method of claim 3, wherein the cellular network is a code division multiple access (CDMA) network, wherein determining the private key comprises determining one or more responses associated with the one or more challenges based on the shared secret data key associated with the CDMA network and combining the determined one or more responses to form the private key.
  - 5. The method of claim 1, further comprising determining at least one session key based on the determined private key.
  - 6. The method of claim 1, wherein establishing the plurality of sessions comprises authenticating the mobile terminal to the first network for each of the plurality of sessions.
  - 7. The method of claim 5, wherein authenticating the mobile terminal to the first network comprises:
    - receiving a challenge from the first network; and
      
      transmitting a response associated with he received challenge, wherein the response is calculated based on the private key.
  - 8. The method of claim 1, wherein establishing the plurality of sessions comprises determining a session key for each of the plurality of sessions based on the private key.

9. A method comprising:
- Receiving, at a device, at least one security value associated with a cellular network;
  
  determining, at the device, a private key for a wireless local area network based on the security value associated with the cellular network, wherein the private key refers to a key that, once calculated, is not shared with another device, and wherein determining the private key comprises determining the private key based on a shared secret data key associated with the cellular network, wherein determining the private key based on the shared secret data key comprises applying a root key, an electronic serial number associated with the mobile terminal, and a network-supplied random value to a Cellular Authentication and Voice Encryption (CAVE) algorithm to generate the private key; and
  
  allowing establishment of a plurality of sessions between a mobile terminal and the wireless local area network using the private key.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, wherein the cellular network is a code division multiple access (CDMA) network, and wherein receiving the at least one security value comprises receiving a shared secret data key associated with the CDMA network.
  - 11. The method of claim 10, wherein receiving the shared secret data key comprises receiving the shared secret data key over a Signaling System 7 (SS7) protocol.
  - 12. The method of claim 10, wherein the cellular network is a code division multiple access (CDMA) network having an associated authentication center, and wherein receiving at least one security value comprises receiving one or more responses associated with one or more challenges that are generated by the authentication center associated with the CDMA network.
  - 13. The method of claim 12, wherein receiving the one or more responses comprises receiving the one or more responses over a Signaling System 7 (SS7) protocol.
  - 14. The method of claim 12, further comprises receiving the one or more challenges from the authentication center and providing the one or more challenges to the mobile terminal.
  - 15. The method of claim 14, wherein providing the one or more challenges to the mobile terminal comprises providing the one or more challenges over an Extensible Authentication Protocol.
  - 16. The method of claim 14, wherein determining the private key comprises combining the one or more responses.

17. A method comprising:
- Receiving, at a server that is associated with a wireless local area network, at least one security value associated with a cellular network;
  
  determining, using the server, a private key based on the at least one security value;
  
  determining, at a mobile terminal, a private key based on the at least one security value associated with the cellular network, wherein the private key refers to a key that, once calculated, is not shared with another device, wherein determining the private key comprises determining the private key based on a shared secret data key associated with the cellular network, wherein determining the private key based on the shared secret data key comprises applying a root key, an electronic serial number associated with the mobile terminal, and a network-supplied random value to a Cellular Authentication and Voice Encryption (CAVE) algorithm to generate the private key; and
  
  allowing establishment of a plurality of sessions between a mobile terminal and the wireless local area network using the private key determining by the mobile terminal.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17, wherein receiving the at least one security value comprises receiving a shared secret data key associated with the cellular network.
  - 19. The method of claim 17, wherein receiving the at least one security value comprises receiving one or more random challenges generated by an authentication center associated with the cellular network and wherein determining, at the server, comprises determining the private key based on one or more signed responses associated with the respective one or more challenges.
  - 20. The method of claim 17, further comprises transmitting messages between the server and the mobile terminal using an Extensible Authentication Protocol.
  - 21. The method of claim 17, wherein determining, at a mobile terminal, the private key based on the at least one security value associated with the cellular network comprises determining the at least one security value associated with at least one of a CDMA network, TDMA network, GSM network, OFDMA network, and AMPS network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent USA, Inc. (Nokia Corporation)
Original Assignee
Alcatel-Lucent USA, Inc. (Nokia Corporation)
Inventors
Patel, Sarvar M., Marcovici, Michael, Mizikovsky, Semyon B., Blumenthal, Uri
Primary Examiner(s)
Kincaid; Lester
Assistant Examiner(s)
Ajayi; Joel

Application Number

US10/661,715
Publication Number

US 20050113067A1
Time in Patent Office

2,202 Days
Field of Search

None
US Class Current

455/411
CPC Class Codes

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04W 12/041   Key generation or derivation

H04W 12/0431   Key distribution or pre-dis...

H04W 12/065   Continuous authentication

H04W 12/068   using credential vaults, e....

H04W 84/12   WLAN [Wireless Local Area N...

H04W 88/02   Terminal devices

Authenticating access to a wireless local area network based on security value(s) associated with a cellular system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating access to a wireless local area network based on security value(s) associated with a cellular system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links