Linked authentication protocols

US 7,707,412 B2
Filed: 11/25/2002
Issued: 04/27/2010
Est. Priority Date: 09/18/2002
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

executing a first authentication protocol, wherein a terminal authentication protocol comprisesauthenticating an identity of a network entity by the terminal in a communication system;

sharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity; and

executing another authentication protocol comprisingsharing challenge data between the network entity and the terminal;

forming at the terminal test data by applying an authentication function to the challenge data;

sending a message comprising terminal authentication data, from the terminal to the network entity; and

determining, based on the terminal authentication data, whether to provide the terminal with access to a service,wherein the determining comprises providing the terminal with access to the service only when the terminal authentication data equals a predetermined function of at least the test data and the key; and

forming at the terminal secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for authenticating a terminal in a communication system is described. The method includes executing a terminal authentication protocol, whereby the executing the terminal authentication protocol includes authenticating an identity of a network entity by a terminal in a communication system. The method further includes executing a challenge authentication protocol, wherein the executing the challenge authentication protocol includes sharing challenge data between the terminal and the network entity, and forming at the terminal, test data by at least applying one authentication function to the challenge data using the identifier. The executing the challenge authentication protocol further includes transmitting a message including terminal authentication data from the terminal to the network entity, and determining, based on the terminal authentication data, whether to provide the terminal with access to a service.

34 Citations

View as Search Results

65 Claims

1. A method, comprising:
- executing a first authentication protocol, wherein a terminal authentication protocol comprisesauthenticating an identity of a network entity by the terminal in a communication system;
  
  sharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity; and
  
  executing another authentication protocol comprisingsharing challenge data between the network entity and the terminal;
  
  forming at the terminal test data by applying an authentication function to the challenge data;
  
  sending a message comprising terminal authentication data, from the terminal to the network entity; and
  
  determining, based on the terminal authentication data, whether to provide the terminal with access to a service,wherein the determining comprises providing the terminal with access to the service only when the terminal authentication data equals a predetermined function of at least the test data and the key; and
  
  forming at the terminal secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. A method as claimed in claim 1, further comprising:
    - forming the test data by applying the authentication function to the challenge data at an authentication functionality; and
      
      sending the test data from the authentication functionality to the network entity,wherein the determining comprises forming network authentication data by applying the predetermined function to the test data and the key at the network entity, andwherein the determining further comprises providing the terminal with access to the service only when the terminal authentication data equals the network authentication data.
  - 3. A method as claimed in claim 1, further comprising:
    - sending the key from the network entity to the authentication functionality;
      
      forming the test data by applying the authentication function to the challenge data at the authentication functionality; and
      
      forming network authentication data by applying the predetermined function to the test data and the key at the authentication functionality.
  - 4. A method as claimed in claim 3, further comprising:
    - sending the terminal authentication data from the network entity to the authentication functionality; and
      
      sending, from the authentication functionality to the network entity, an indication of whether the terminal authentication data equals the network authentication data,wherein the determining comprises providing the terminal with access to the service only when the indication is that the terminal authentication data equals the network authentication data.
  - 5. A method as claimed in claim 3, further comprising:
    - sending the network authentication data from the authentication functionality to the network entity,wherein the determining comprises providing the terminal with access to the service only when the indication is that the terminal authentication data equals the network authentication data.
  - 6. A method as claimed in claim 1, wherein the terminal authentication data is formed as a cryptographic checksum.
  - 7. A method as claimed in claim 1, wherein the network entity is co-located with the authentication functionality.
  - 8. A method as claimed in claim 1, wherein an identity module of the terminal is configured to perform the authentication function.
  - 9. A method as claimed in claim 8, wherein the identity module is user-removable from the terminal.
  - 10. A method as claimed in claim 8, wherein the identity module is a subscriber identity module or a universal subscriber identity module.
  - 11. A method as claimed in claim 8, wherein the identity module is configured to store a code and the authentication function comprises a cryptographic transformation applied to the code and the input data.
  - 12. A method as claimed in claim 1, wherein the authentication protocol is one of a pre-internet key exchange credential provisioning protocol, a protected extensible authentication protocol, or an extensible authentication protocol-tunneled transport layer security.
  - 13. A method as claimed in claim 1, wherein the challenge data and the response data are formed according to an extensible authentication protocol.
  - 14. A method as claimed in claim 1, wherein the said message is a dedicated authentication message.
  - 15. A method as claimed in claim 1, wherein the predetermined function is used for derivation of a session key to be used for one of encryption or authentication of communications between the terminal and the network entity.
  - 16. A method as claimed in claim 1, further comprising:
    - forming at the terminal secret session keys by at least applying a predetermined function to the test data using the shared key established in the another authentication protocol; and
      
      forming at the network entity secret session keys by at least applying a predetermined function to the test data using the shared key established in the another authentication protocol,wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.
  - 17. A method as claimed in claim 1, further comprising:
    - executing a third authentication protocol for authentication of the terminal comprising;
      
      sharing between an authentication functionality and the challenge data;
      
      forming response data and another key at the terminal by applying the authentication function to the challenge data;
      
      sending the response data to the authentication functionality from the terminal;
      
      authenticating the terminal at the authentication functionality using the response data; and
      
      applying the authentication function to the challenge data to duplicate the another key.
  - 18. A method as claimed in claim 17, wherein the third authentication protocol is an authentication and key agreement protocol or any protocol of the extensible authentication protocol family.
  - 19. A method as claimed in claim 18, wherein the test data comprises one or both of an authentication and key agreement protocol integrity key value or an authentication and key agreement protocol cipher key value.

20. A system, comprising:
- a terminal configured to apply authentication functions to input data to form response data; and
  
  a network entity configured to provide access to a service,wherein the system is configured to perform an authentication method of executing an authentication protocol, wherein the authentication protocol comprisesauthenticating an identity of the network entity by the terminal in the system;
  
  sharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity; and
  
  executing another authentication protocol comprisingsharing challenge data between the network entity and the terminal;
  
  forming at the terminal test data by applying an authentication function to the challenge data;
  
  sending a message comprising terminal authentication data from the terminal to the network entity; and
  
  determining, based on the terminal authentication data, whether to provide the terminal with access to a service;
  
  wherein the determining comprises providing the terminal with access to the service only when the terminal authentication data equals a predetermined function of at least the test data and the key; and
  
  forming at the terminal secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.
- View Dependent Claims (21)
- - 21. A system as claimed in claim 20, wherein the system is further configured to execute a linking protocol by forming at the terminal secret session keys by at least applying a predetermined function to the test data using the shared key established in the another authentication protocol, and forming at the network entity secret session keys by at least applying a predetermined function to the test data using the shared key established in the another authentication protocol,wherein the secret session keys are configured to secure the subsequent communications between the terminal and some network element.

22. A method, comprising:
- executing an authentication protocol, wherein the authentication protocol comprisesauthenticating an identity of a network entity by a terminal in a communication system, andsharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity; and
  
  executing another authentication protocol comprisingreceiving challenge data from the network entity at the terminal;
  
  forming at the terminal test data by applying an authentication function to the challenge data;
  
  sending a message comprising terminal authentication data from the terminal to the network entity; and
  
  receiving access to a service at the terminal following a determination of whether the terminal authentication data equals a predetermined function of at least the test data and the key; and
  
  forming at the terminal secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 23. A method as claimed in claim 22, wherein the terminal authentication data is formed as a cryptographic checksum.
  - 24. A method as claimed in claim 22, wherein the network entity is co-located with an authentication functionality.
  - 25. A method as claimed in claim 22, wherein an identity module of the terminal is configured to perform the authentication function.
  - 26. A method as claimed in claim 25, wherein the identity module is user-removable from the terminal.
  - 27. A method as claimed in claim 25, wherein the identity module is a subscriber identity module or a universal subscriber identity module.
  - 28. A method as claimed in claim 25, wherein the identity module is configured to store a code and the authentication function comprises a cryptographic transformation applied to the code and the input data.
  - 29. A method as claimed in claim 22, wherein the authentication protocol is one of a pre-internet key exchange credential provisioning protocol, a protected extensible authentication protocol or an extensible authentication protocol-tunneled transport layer security.
  - 30. A method as claimed in claim 22, wherein the challenge data and the response data are formed according to an extensible authentication protocol.
  - 31. A method as claimed in claim 22, wherein the message is a dedicated authentication message.

32. A method, comprising:
- executing an authentication protocol, wherein the authentication protocol comprisessending an identity of a network entity for authentication by a terminal in a communication system;
  
  sharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity; and
  
  executing another authentication protocol comprisingsending challenge data from the network entity to the terminal for forming test data at the terminal by applying an authentication function to the challenge data;
  
  receiving a message comprising terminal authentication data from the terminal at the network entity;
  
  determining, based on the terminal authentication data, whether to provide the terminal with access to a service;
  
  providing the terminal with access to the service only when the terminal authentication data equals a predetermined function of at least the test data and the key; and
  
  forming secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 33. A method as claimed in claim 32, wherein the terminal authentication data is formed as a cryptographic checksum.
  - 34. A method as claimed in claim 32, wherein the network entity is co-located with an authentication functionality.
  - 35. A method as claimed in claim 32, wherein an identity module of the terminal is configured to perform the authentication function.
  - 36. A method as claimed in claim 35, wherein the identity module is user-removable from the terminal.
  - 37. A method as claimed in claim 35, wherein the identity module is a subscriber identity module or a universal subscriber identity module.
  - 38. A method as claimed in claim 35, wherein the identity module is configured to store a code and the authentication function comprises a cryptographic transformation applied to the code and the input data.
  - 39. A method as claimed in claim 32, wherein the authentication protocol is one of a pre-internet key exchange credential provisioning protocol, a protected extensible authentication protocol or an extensible authentication protocol-tunneled transport layer security.
  - 40. A method as claimed in claim 32, wherein the challenge data and the response data are formed according to an extensible authentication protocol.
  - 41. A method as claimed in claim 32, wherein the message is a dedicated authentication message.
  - 42. A method as claimed in claim 32, wherein the predetermined function is used for derivation of a session key to be used for one of encryption or authentication of the subsequent communications between the terminal and the network entity.

43. An apparatus, comprising:
- a processor configured to apply an authentication function to input data to form response data, and to execute an authentication protocol,wherein the authentication protocol comprisesauthenticating an identity of a network entity by a terminal in a communication system, andsharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity;
  
  wherein the processor is further configured to execute another authentication protocol comprisingreceiving challenge data from the network entity at the terminal;
  
  forming at the terminal test data by applying an authentication function to the challenge data;
  
  sending a message comprising terminal authentication data from the terminal to the network entity;
  
  receiving access to a service at the terminal following a determination of whether the terminal authentication data equals a predetermined function of at least the test data and the key; and
  
  forming at the terminal secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.
- View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52)
- - 44. An apparatus as claimed in claim 43, wherein the terminal authentication data is formed as a cryptographic checksum.
  - 45. An apparatus as claimed in claim 43, wherein the network entity is co-located with an authentication functionality.
  - 46. An apparatus as claimed in claim 43, wherein an identity module of the terminal is configured to perform the authentication function.
  - 47. An apparatus as claimed in claim 46, wherein the identity module is user-removable from the terminal.
  - 48. An apparatus as claimed in claim 46, wherein the identity module is a subscriber identity module or a universal subscriber identity module.
  - 49. An apparatus as claimed in claim 46, wherein the identity module is configured to store a code and the authentication function comprises a cryptographic transformation applied to the code and the input data.
  - 50. An apparatus as claimed in claim 43, wherein the authentication protocol is one of a pre-internet key exchange credential provisioning protocol, a protected extensible authentication protocol or an extensible authentication protocol-tunneled transport layer security.
  - 51. An apparatus as claimed in claim 43, wherein the challenge data and the response data are formed according to an extensible authentication protocol.
  - 52. An apparatus as claimed in claim 43, wherein the message is a dedicated authentication message.

53. An apparatus, comprising:
- a processor configured to execute an authentication protocol, wherein the authentication protocol comprisessending an identity of a network entity for authentication by a terminal in a communication system; and
  
  sharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity;
  
  wherein the processor is further configured to execute another authentication protocol comprisingsending challenge data from the network entity to the terminal for forming test data at the terminal by applying an authentication function to the challenge data;
  
  receiving a message comprising terminal authentication data, from the terminal at the network entity;
  
  determining, based on the terminal authentication data, whether to provide the terminal with access to a service;
  
  providing the terminal with access to the service only when the terminal authentication data equals a predetermined function of at least the test data and the key; and
  
  forming secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.
- View Dependent Claims (54, 55, 56, 57, 58, 59, 60, 61, 62)
- - 54. An apparatus as claimed in claim 53, wherein the terminal authentication data is formed as a cryptographic checksum.
  - 55. An apparatus as claimed in claim 53, wherein the network entity is co-located with an authentication functionality.
  - 56. An apparatus as claimed in claim 53, wherein an identity module of the terminal is configured to perform the authentication function.
  - 57. An apparatus as claimed in claim 56, wherein the identity module is user-removable from the terminal.
  - 58. An apparatus as claimed in claim 56, wherein the identity module is a subscriber identity module or a universal subscriber identity module.
  - 59. An apparatus as claimed in claim 56, wherein the identity module is configured to store a code and the authentication function comprises a cryptographic transformation applied to the code and the input data.
  - 60. An apparatus as claimed in claim 53, wherein the authentication protocol is one of a pre-internet key exchange credential provisioning protocol, a protected extensible authentication protocol or an extensible authentication protocol-tunneled transport layer security.
  - 61. An apparatus as claimed in claim 53, wherein the challenge data and the response data are formed according to an extensible authentication protocol.
  - 62. An apparatus as claimed in claim 53, wherein the message is a dedicated authentication message.

63. A computer program product embodied on a computer readable storage medium, the computer program product being configured to control a processor to perform a method comprising:
- executing an authentication protocol, wherein the terminal authentication protocol comprisesauthenticating an identity of a network entity by a terminal in a communication system;
  
  sharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity; and
  
  executing another authentication protocol comprisingsharing challenge data between the network entity and the terminal,forming at the terminal test data by applying an authentication function to the challenge data;
  
  sending a message comprising terminal authentication data, from the terminal to the network entity; and
  
  determining, based on the terminal authentication data, whether to provide the terminal with access to a service,wherein the determining comprises providing the terminal with access to the service only when the terminal authentication data equals a predetermined function of at least the test data and the key; and
  
  forming at the terminal secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.

64. A computer program product embodied on a computer readable storage medium, the computer program product being configured to control a processor to perform a process comprising:
- executing an authentication protocol, wherein the authentication protocol comprisesauthenticating an identity of a network entity by a terminal in a communication system, andsharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity; and
  
  executing another authentication protocol comprisingreceiving challenge data from the network entity at the terminal;
  
  forming at the terminal test data by applying an authentication function to the challenge data;
  
  sending a message comprising terminal authentication data from the terminal to the network entity;
  
  receiving access to a service at the terminal following a determination of whether the terminal authentication data equals a predetermined function of at least the test data and the session key; and
  
  forming a secret key by at least applying a predetermined function to the test data using the session key, the session key binding the authentication protocol and the another authentication protocol.

65. A computer program product embodied on a computer readable storage medium, the computer program product being configured to control a processor to perform a method comprising:
- executing an authentication protocol, wherein the authentication protocol comprisessending an identity of a network entity for authentication by a terminal in a communication system;
  
  sharing a key between the terminal and the network entity for use in securing subsequent communications between the terminal and the network entity; and
  
  executing another authentication protocol comprisingsending challenge data from the network entity to the terminal for forming test data at the terminal by applying an authentication function to the challenge data;
  
  receiving a message comprising terminal authentication data from the terminal at the network entity;
  
  determining, based on the terminal authentication data, whether to provide the terminal with access to a service;
  
  providing the terminal with access to the service only when the terminal authentication data equals a predetermined function of at least the test data and the key; and
  
  forming secret session keys by at least applying a predetermined function to the test data using the shared key established in the first authentication protocol, wherein the secret session keys are configured to secure the subsequent communications between the terminal and a network element.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Asokan, Nadarajah, Niemi, Valtteri, Nyberg, Kaisa
Primary Examiner(s)
Smithers; Matthew B
Assistant Examiner(s)
Abyaneh; Ali S

Application Number

US10/528,161
Publication Number

US 20050210251A1
Time in Patent Office

2,710 Days
Field of Search

713/168, 713/150, 380/247, 380/270
US Class Current

713/168
CPC Class Codes

H04L 63/0869   for achieving mutual authen...

H04L 63/162   at the data link layer

H04W 12/069   using certificates or pre-s...

Linked authentication protocols

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

34 Citations

65 Claims

Specification

Solutions

Use Cases

Quick Links

Linked authentication protocols

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

65 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links