Method and system for activation
First Claim
1. A method for activation comprising:
- (a) verifying, by a security module card, an activation server using a shared secret key and a first challenge;
(b) mediating, by the security module card, in response to verifying the activation server, a verification of the activation server by a mobile device, wherein the verification uses a second challenge and a key pair;
(c) encrypting, by the security module card, the second challenge using a generated key to obtain an encrypted second challenge, wherein the generated key is generated by the activation server;
(d) transmitting, by the security module card, the encrypted second challenge and a third challenge to the mobile device, wherein the mobile device verifies the security module card using the encrypted second challenge;
(e) receiving, by the security module card, an encrypted third challenge from the mobile device;
(f) decrypting, by the security module card, the encrypted third challenge to obtain a received third challenge;
(g) verifying, by the security module card, the mobile device based on the received third challenge being equal to the third challenge sent to the mobile device; and
(h) sending, by the security module card, a validation of mutual trust between the security module card and the mobile device to the activation server,wherein (a) is performed before (c) and wherein (c) is performed before (h).
1 Assignment
0 Petitions
Accused Products
Abstract
An activation method includes a security module card verifying an activation server using a shared secret key and a first challenge, mediating a verification of the activation server by a mobile device, and encrypting the second challenge using a generated key to obtain an encrypted second challenge. The security module card further transmits the encrypted second challenge and a third challenge to the mobile device. The method further includes receiving an encrypted third challenge from the mobile device, decrypting the encrypted third challenge to obtain a received third challenge, verifying the mobile device based on the received third challenge being equal to the third challenge sent to the mobile device, and sending a validation of mutual trust between the security module card and the mobile device to the activation server.
-
Citations
20 Claims
-
1. A method for activation comprising:
-
(a) verifying, by a security module card, an activation server using a shared secret key and a first challenge; (b) mediating, by the security module card, in response to verifying the activation server, a verification of the activation server by a mobile device, wherein the verification uses a second challenge and a key pair; (c) encrypting, by the security module card, the second challenge using a generated key to obtain an encrypted second challenge, wherein the generated key is generated by the activation server; (d) transmitting, by the security module card, the encrypted second challenge and a third challenge to the mobile device, wherein the mobile device verifies the security module card using the encrypted second challenge; (e) receiving, by the security module card, an encrypted third challenge from the mobile device; (f) decrypting, by the security module card, the encrypted third challenge to obtain a received third challenge; (g) verifying, by the security module card, the mobile device based on the received third challenge being equal to the third challenge sent to the mobile device; and (h) sending, by the security module card, a validation of mutual trust between the security module card and the mobile device to the activation server, wherein (a) is performed before (c) and wherein (c) is performed before (h). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A security module card for activation, the security module card comprising:
-
secured memory comprising a shared secret key; and a card activation module configured to; (a) verify an activation server using the shared secret key and a first challenge; (b) mediate, in response to verifying the activation server, a verification of the activation server by a mobile device, wherein the verification uses a second challenge and a key pair; (c) encrypt the second challenge using a generated key to obtain an encrypted second challenge, wherein the generated key is generated by the activation server; (d) transmit the encrypted second challenge and a third challenge to the mobile device, wherein the mobile device verifies the security module card using the encrypted second challenge; (e) receive an encrypted third challenge from the mobile device; (f) decrypt the encrypted third challenge to obtain a received third challenge; (g) verify the mobile device based on the received third challenge being equal to the third challenge sent to the mobile device; and (h) send a validation of mutual trust between the security module card and the mobile device to the activation server, wherein (a) is performed before (c) and wherein (c) is performed before (h). - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A system comprising:
-
a security module card comprising; secured memory comprising a shared secret key; and a card activation module configured to; (a) verify an activation server using the shared secret key and a first challenge; (b) mediate, in response to verifying the activation server, a verification of the activation server by a mobile device, wherein the verification uses a second challenge and a key pair; (c) encrypt the second challenge using a generated key to obtain an encrypted second challenge, wherein the generated key is generated by the activation server; (d) transmit the encrypted second challenge and a third challenge to the mobile device, wherein the mobile device verifies the security module card using the encrypted second challenge; (e) receive an encrypted third challenge from the mobile device; (f) decrypt the encrypted third challenge to obtain a received third challenge; (g) verify the mobile device based on the received third challenge being equal to the third challenge sent to the mobile device; and (h) send a validation of mutual trust between the security module card and the mobile device to the activation server, wherein (a) is performed before (c) and wherein (c) is performed before (h); and a mobile device operatively connected to the security module card, and comprising; mobile device memory comprising a public key in the key pair; and a mobile device activation module configured to; send the second challenge to the activation server via the security module card; receive from the activation server an encrypted value via the security module card; decrypt the encrypted value using the public key to obtain a value, and verify the second challenge sent by the mobile device is equal to the second challenge in the value to verify the activation server. - View Dependent Claims (18, 19, 20)
-
Specification