Method and apparatus for authentication of mobile devices

US 7,734,280 B2
Filed: 10/21/2005
Issued: 06/08/2010
Est. Priority Date: 10/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method for authentication of a mobile device in a wireless communication network comprising the steps of:

sharing a secret between the mobile device and a first device;

requesting by the mobile device a connection to a second device;

determining whether the mobile device can connect to the second device by the second device;

(i) concurrently sending a challenge to the mobile device and sending the challenge and an identity of the mobile device to the first device;

(ii) receiving a first authentication code from the mobile device based on the shared secret at the mobile device in response to the challenge;

(iii) receiving a second authentication code from the first device based on the shared secret at the first device in response to the challenge;

(iv) comparing the first authentication code with the second authentication code; and

(v) authenticating the mobile device at the second device when the first authentication code matches the second authentication code.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for authentication in a wireless communication network is disclosed. A secret is shared between a mobile device and a home device. When a mobile device requests a connection to a remote device and the remote device does not have knowledge of the shared secret, the remote device determines whether the mobile device can connect to the remote device by concurrently sending a challenge to the mobile device and the home device. The remote device then compares the responses from the mobile device and the home device.

37 Citations

View as Search Results

16 Claims

1. A method for authentication of a mobile device in a wireless communication network comprising the steps of:
- sharing a secret between the mobile device and a first device;
  
  requesting by the mobile device a connection to a second device;
  
  determining whether the mobile device can connect to the second device by the second device;
  
  (i) concurrently sending a challenge to the mobile device and sending the challenge and an identity of the mobile device to the first device;
  
  (ii) receiving a first authentication code from the mobile device based on the shared secret at the mobile device in response to the challenge;
  
  (iii) receiving a second authentication code from the first device based on the shared secret at the first device in response to the challenge;
  
  (iv) comparing the first authentication code with the second authentication code; and
  
  (v) authenticating the mobile device at the second device when the first authentication code matches the second authentication code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein the mobile device is associated with identification information.
  - 3. The method of claim 1 wherein the step of sharing is performed by at least one of a) programming the mobile device with a secret known to the first device and b) by EAP methods.
  - 4. The method of claim 1 wherein the step of sending a challenge adheres to at least one of a) an ANSI/IEEE 802.11, 802.15.1, 802.15.3, 802.15.4, 802.16, 802.20, and 802.22 wireless standard and b) a GSM cellular standard.
  - 5. The method of claim 1 further comprising the step of determining by a third device whether the mobile device can connect to the third device based upon a previous authentication between the second device and the first device.
  - 6. The method of claim 1 further comprising the step of checking service information on the first device before granting access to the second device.
  - 7. The method of claim 1 further comprising the step of setting up confidential communications between the mobile device and the second device by(i) calculating a first keying material at the mobile device based on a second shared secret at the mobile device;
    - (ii) calculating a second keying material at the first device;
      
      (iii) transmitting the second keying material from the first device to the second device; and
      
      (iii) providing authenticated communications between the mobile device and the second device, if the first keying material equals the second keying material.
  - 8. The method of claim 1 wherein the first authentication code is calculated as a first function of the shared secret and the challenge.
  - 9. The method of claim 8 wherein the first function is a keyed hash algorithm.
  - 10. The method of claim 9 wherein the second authentication code is calculated as a second function of the shared secret, the challenge, and identification information.

11. A method for authentication of a mobile device in a wireless communication network comprising the steps of:
- sharing a secret between the mobile device and a first device;
  
  requesting by the mobile device a connection to a second device wherein the second device does not have knowledge of the shared secret;
  
  determining by the second device whether the mobile device can connect to the second device by a) concurrently sending a challenge to the mobile device and sending the challenge and an identity of the mobile device to the first device and b) comparing responses to the challenge from the mobile device and the first device; and
  
  setting up confidential communications between the mobile device and the second device when the responses to the challenge from the mobile device and the first device match,wherein the response from the mobile device comprises;
  
  a first keying material calculated at the mobile device based on a second shared secret at the mobile device;
  
  wherein the response from the first device comprises a second keying material calculated at the first device based on the second shared secret at the first device;
  
  and further wherein the confidential communications between the mobile device and the second device is initiated at the second device when it determines that the first keying material equals the second keying material.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11 wherein the step of sharing is performed by at least one of a) programming the mobile device with a secret known to the home device and b) by EAP methods.
  - 13. The method of claim 11 further comprising:
    - transmitting the second keying material from the first device to the second device securely based on at least one of a) a third shared secret between the second device and the first device and b) asymmetric cryptography.
  - 14. The method of claim 11 wherein the keying material is a part of the authentication code.
  - 15. The method of claim 11 wherein the second shared secret is an authentication code comprising a) a function of the first shared secret or b) a function of the challenge.

16. A system for authentication of a mobile device to a remote device in a wireless communication network comprising:
- means for sharing a secret between the mobile device and a home device;
  
  means for requesting by the mobile device a connection to the remote device wherein the remote device does not have knowledge of the shared secret; and
  
  means for determining by the remote device whether the mobile device can connect to the remote device by concurrently sending a challenge to the mobile device and sending the challenge and an identity of the mobile device to the home device, comparing a first authentication code based on the shared secret included in a response to the challenge from the mobile device and a second authentication code based on the shared secret included in a response to the challenge from the home device, and authenticating the mobile device at the remote device when the first authentication code matches the second authentication code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Motorola Solutions, Inc.
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Eastlake, Donald E. III
Primary Examiner(s)
Harper; Vincent P
Assistant Examiner(s)
BALAOING, ARIEL A

Application Number

US11/255,475
Publication Number

US 20060094401A1
Time in Patent Office

1,691 Days
Field of Search

455/410, 455/411, 380/247, 380/259, 380/270, 726/2, 726/27, 726/4, 713/169, 713/182
US Class Current

455/411
CPC Class Codes

H04L 63/08   for authentication of entit...

H04M 1/72502   with one base station conne...

H04M 2250/06   including a wireless LAN in...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

Method and apparatus for authentication of mobile devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

37 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for authentication of mobile devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others