Network assisted terminal to SIM/UICC key establishment

US 20060206710A1
Filed: 10/13/2005
Published: 09/14/2006
Est. Priority Date: 03/11/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method for establishing a shared key (KE) between a mobile device and a smart card, said method comprising the steps of:

sending, from said mobile device, a first message to a mobile operator which upon receiving the first message said mobile operator generates;

an encrypted shared key (KE′

);

a random challenge value (RAND); and

if needed, an authentication token (AUTN);

receiving, at said mobile device, a second message from said mobile operator, wherein said second message includes;

the encrypted shared key (KE′

);

the random challenge value (RAND); and

if present, the authentication token (AUTN);

decrypting, at said mobile device, the encrypted shared key (KE′

) to determine the shared key (KE);

sending, from said mobile device, a third message to said smart card, wherein said third message includes;

the random challenge value (RAND); and

if present, the authentication token (AUTN);

using, at said smart card, the random challenge value (RAND) and if present the authentication token (AUTN) to determine the shared key (KE).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is described herein which enables a mobile device and a smart card (SIM, UICC) to establish a shared secret KE which can then be used to secure an interface between themselves. A mobile operator helps in the establishment of the shared secret (KE) by taking part in a key exchange between the mobile device and smart card. The mobile operator'"'"'s involvement is desirable since they can keep track of mobile device-smart card pairs and if necessary they can block the security establishment between the mobile device and the smart card in order to prevent fraudulent behavior.

153 Citations

19 Claims

1. A method for establishing a shared key (KE) between a mobile device and a smart card, said method comprising the steps of:
- sending, from said mobile device, a first message to a mobile operator which upon receiving the first message said mobile operator generates;
  
  an encrypted shared key (KE′
  
  );
  
  a random challenge value (RAND); and
  
  if needed, an authentication token (AUTN);
  
  receiving, at said mobile device, a second message from said mobile operator, wherein said second message includes;
  
  the encrypted shared key (KE′
  
  );
  
  the random challenge value (RAND); and
  
  if present, the authentication token (AUTN);
  
  decrypting, at said mobile device, the encrypted shared key (KE′
  
  ) to determine the shared key (KE);
  
  sending, from said mobile device, a third message to said smart card, wherein said third message includes;
  
  the random challenge value (RAND); and
  
  if present, the authentication token (AUTN);
  
  using, at said smart card, the random challenge value (RAND) and if present the authentication token (AUTN) to determine the shared key (KE).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein said mobile operator, said mobile device and said smart card are configured in accordance with a GSM standard or a UMTS standard.
  - 3. The method of claim 1, wherein said first message includes:
    - a subscription identity (UserID); and
      
      a key identifier (KID) or a certificate (CERT_t) when a terminal identity (TID) is equal to the key identifier (KID).
  - 4. The method of claim 1, wherein said first message includes:
    - a subscription identity (UserID);
      
      a terminal identity (TID); and
      
      a key identifier (KID) or a certificate (CERT_t).
  - 5. The method of claim 1, wherein said first message further includes at least one of:
    - key exchange information (Kx_t);
      
      a random nonce or time stamp value (N/T); and
      
      a message authentication code (MAC_t) or a digital signature (SIG_t).
  - 6. The method of claim 1, wherein said second message further includes at least one of:
    - key exchange information (Kx_n);
      
      a random nonce or time stamp value (N/T);
      
      a certificate (CERT_n); and
      
      a message authentication code (MAC_n) or a digital signature (SIG_n).
  - 7. The method of claim 1, wherein when said mobile operator, said mobile device and said smart card are configured in accordance with a GSM standard then the shared key (KE) is related to a GSM encryption key (Kc) and the authentication token (AUTN) is not needed.
  - 8. The method of claim 1, wherein when said mobile operator, said mobile device and said smart card are configured in accordance with a UMTS standard then the shared key (KE) is related to an UMTS encryption/integrity key (CK|IK) and the authentication token (AUTN) is needed.
  - 9. The method of claim 1, wherein said mobile operator, said mobile device, said smart card are configured in accordance with a 3GPP Generic Bootstrap Architecture.
  - 10. The method of claim 1, wherein said first message includes:
    - a subscription identity (UserID);
      
      a terminal identity (IMEI);
      
      a key identifier (KID);
      
      a Diffie-Helman public key (g^x);
      
      a random nonce (N); and
      
      a message authentication code (MAC_t)
  - 11. The method of claim 1, wherein said second message further includes:
    - a Diffie-Helman public key (g^y);
      
      a random nonce (N); and
      
      a message authentication code (MAC_n).

12. A mobile device/smart card that uses a mobile operator to help establish a shared key (KE) which is used to protect an interface between said mobile device and said smart card, wherein:
- said mobile device comprising;
  
  logic that sends a request message to a mobile operator and then receives;
  
  an encrypted shared key (KE′
  
  );
  
  a random challenge value (RAND); and
  
  if present, an authentication token (AUTN); and
  
  logic that decrypts the encrypted shared key (KE′
  
  ) to determine the shared key (KE);
  
  logic that sends said smart card the following;
  
  the random challenge value (RAND); and
  
  if present, the authentication token (AUTN); and
  
  said smart card comprising;
  
  logic that receives the following;
  
  the random challenge value (RAND); and
  
  if present, the authentication token (AUTN); and
  
  logic that determines the shared key (KE) using the random challenge value (RAND) and if present the authentication token (AUTN).
- View Dependent Claims (13, 14, 15)
- - 13. The mobile device/smart card of claim 12, wherein when said mobile operator supports a GSM architecture then the shared key (KE) is related to a GSM encryption key (Kc) and the authentication token (AUTN) is not needed.
  - 14. The mobile device/smart card of claim 12, wherein when said mobile operator supports a UMTS architecture then the shared key (KE) is related to an UMTS encryption/integrity key (CK|IK) and the authentication token (AUTN) is needed.
  - 15. The mobile device/smart card of claim 12, wherein said mobile operator supports a 3GPP Generic Bootstrap Architecture.

16. A mobile network comprising:
- a node/database that receives a request message from a mobile device and then determines at least the following;
  
  an encrypted shared key (KE′
  
  );
  
  a random challenge value (RAND); and
  
  if needed, an authentication token (AUTN);
  
  said node/database sends said mobile device the following;
  
  the encrypted shared key (KE′
  
  );
  
  the random challenge value (RAND); and
  
  if present, the authentication token (AUTN), wherein said mobile device decrypts the encrypted shared key (KE′
  
  ) to determine a shared key (KE), wherein said mobile device sends a smart card the random challenge value (RAND) and if provided the authentication token (AUTN), wherein said smart card uses the random challenge value (RAND) and if provided the authentication token (AUTN) to determine a shared key (KE), wherein said mobile device and said smart card use their shared keys (KEs) to protect an interface between themselves.
- View Dependent Claims (17, 18, 19)
- - 17. The mobile network of claim 16, wherein when said mobile operator supports a GSM architecture then the shared key (KE) is related to a GSM encryption key (Kc) and the authentication token (AUTN) is not needed.
  - 18. The mobile network of claim 16, wherein when said mobile operator supports an UMTS architecture then the shared key (KE) is related to an UMTS encryption/integrity key (CK|IK) and the authentication token (AUTN) is needed.
  - 19. The mobile network of claim 16, wherein said mobile operator supports a 3GPP Generic Bootstrap Architecture.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Gehrmann, Christian

Application Number

US11/250,113
Publication Number

US 20060206710A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/3271   using challenge-response

H04W 12/0431   Key distribution or pre-dis...

H04W 88/02   Terminal devices

Network assisted terminal to SIM/UICC key establishment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

153 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Network assisted terminal to SIM/UICC key establishment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

153 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links