Method of carrying out an authentication check between a base station and a mobile station in a mobile radio system
First Claim
1. A method for carrying out an authentication check between a base station and a mobile station in a mobile radio system, authentication of the mobile station being established when the base station determines that the mobile station should be given service and authentication of the base station being established when the mobile station determines that it should accept service from the base station, the method comprising the steps of:
- prior to establishing a connection, sending from the base station an interrogative message concerning the authentication of the mobile station;
requiring the mobile station to send a first response signal;
using the first response signal in the base station to establish the authentication of the mobile station;
subsequent to establishing the authentication of the mobile station, sending from the base station a second response signal to the mobile station;
using the second response signal in the mobile station to form a corresponding second response signal, thereby establishing the authentication of the base station; and
when authentication of the base station has been established, sending from the mobile station a third response signal and using the third response signal in the base station to establish the authentication of the mobile station prior to the service connection being established.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods for carrying out an authentication check in a mobile telephone system in which an authentic base station serves a plurality of mobile stations. A prior method carried out a unidirectional check from the base to a calling mobile, permitting a false base to carry out a false authentication check by collecting a number of so-called RAND-Response pairs. To avoid this problem, another unidirectional, base-to-mobile, authentication check and an authentication check from the mobile to the base are carried out. In one embodiment, only the bi-directional authentication check is carried out.
164 Citations
20 Claims
-
1. A method for carrying out an authentication check between a base station and a mobile station in a mobile radio system, authentication of the mobile station being established when the base station determines that the mobile station should be given service and authentication of the base station being established when the mobile station determines that it should accept service from the base station, the method comprising the steps of:
-
prior to establishing a connection, sending from the base station an interrogative message concerning the authentication of the mobile station; requiring the mobile station to send a first response signal; using the first response signal in the base station to establish the authentication of the mobile station; subsequent to establishing the authentication of the mobile station, sending from the base station a second response signal to the mobile station; using the second response signal in the mobile station to form a corresponding second response signal, thereby establishing the authentication of the base station; and when authentication of the base station has been established, sending from the mobile station a third response signal and using the third response signal in the base station to establish the authentication of the mobile station prior to the service connection being established. - View Dependent Claims (2, 3)
-
-
4. A method of carrying out an authentication check between a base station and a mobile station in a mobile radio system, authentication of the mobile station being established when the base station determines that the mobile station should be given service and authentication of the base station being established when the mobile station determines that it should accept service from the base station, the method comprising the steps of:
-
the mobile station requesting a connection; the base station assigning the mobile station a connection over a given channel; forming in the base station a first response signal and sending said first response signal to the mobile station; forming in the mobile station a corresponding response signal, thereby establishing the authentication of the base station; subsequent to establishing the authentication of the base station, sending a second response signal from the mobile station to the base station; and forming in the base station a corresponding response signal, thereby establishing the authentication of the mobile station prior to establishing a service connection. - View Dependent Claims (5, 6)
-
-
7. A method for the authentication of a network and a mobile station in a mobile radio system, authentication of the mobile station being established when the network determines that the mobile station should be given service and authentication of the network being established when the mobile station determines that it should accept service from the network, the method comprising the steps of:
-
forming in each of the network and the mobile station first and second response signals which depend on a pseudo-random number transmitted from the network to the mobile station; transmitting the first response signal formed in the network to the mobile station; comparing in the mobile station the first response signal formed in the mobile station with the first response signal received from the network; transmitting the second response signal formed in the mobile station to the network; and comparing the network the second response signal formed in the network with the second response signal received from the mobile station. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for controlling call set up between a network and a mobile station within an area covered by the network, said method comprising the steps of:
-
sending a first pseudo-random signal from the network to the mobile station; computing in the mobile station a first mobile value which is dependent on the first pseudo-random signal received from the network; sending the first mobile value from the mobile station to the network; computing in the network a first network value corresponding to the first mobile value; comparing the first mobile value to the first network value; allocating to the mobile station a speech channel if the first mobile value coincides with the first network value; computing in the network a second network value which is dependent on a second pseudo-random signal; sending the second network value and the second pseudo-random signal from the network to the mobile station; computing in the mobile station a second mobile value corresponding to the second network value; comparing the second network value to the second mobile value; computing in the mobile station a third mobile value which is dependent on the second pseudo-random signal; sending the third mobile value from the mobile station to the network; and computing in the network a third network value corresponding to the third mobile value; comparing the third mobile value to the third network value; and setting up the call between the network and the mobile station if the third mobile value coincides with the third network value. - View Dependent Claims (16, 17, 18)
-
-
19. A method for carrying out an authentication check between a network and a mobile station in a mobile radio system comprising the steps of:
-
selecting a first pseudo-random value; providing the first pseudo-random value to each of the network and the mobile station; computing in each of the network and the mobile station a first authentication value from the first pseudo-random value; sending the first authentication value computed in the mobile station to the network; comparing the first authentication value computed in the network with the first authentication value received from the mobile station; selecting a second pseudo-random value; providing the second random value to each of the network and the mobile station; computing in each of the network and the mobile station a second authentication value from the second pseudo-random value; sending the second authentication value computed in the network to the mobile station; and comparing the second authentication value computed in the mobile station with the second authentication value received from the network. - View Dependent Claims (20)
-
Specification