Wireless communication device and method for over-the-air application service

US 7,319,757 B2
Filed: 01/02/2003
Issued: 01/15/2008
Est. Priority Date: 01/02/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A method of providing an over-the-air (OTA) application to a wireless device comprising:

receiving a request for an OTA application at an authentication center from the wireless device;

generating a random number and sending the random number to the wireless device in response to the request;

receiving a signed response (Sres) from the wireless device, the signed response generated by the wireless device based on the random number and a user key (Ki) stored within the wireless device; and

authenticating the wireless device by comparing the signed response (Sres) received from the wireless device with a predicted signed response (Sres),when the wireless device is authenticated, the method further comprises;

adding the random number to one protocol data unit (PDU) of a plurality of PDUs comprising the OTA application;

encrypting the PDUs using a cipher key (Kc) generated with the random number; and

sending the encrypted PDUs to the wireless device,wherein the wireless device extracts the random number from the one PDU that includes the random number, calculates a calculated cipher key (Kcc) from the extracted random number and the user key (Ki), and either accepts or rejects installation of the OTA application based on a comparison of the calculated cipher key (Kcc) and a generated cipher key (Kc).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communication network provides over-the-air (OTA) applications and application services to wireless devices in a way that provides authentication and helps insure confidentiality and/or information integrity. An authentication center authenticates a wireless device by comparing a signed response from the device with a predicted signed response. The signed responses may be generated from a random number, the device'"'"'s identification number and user key. When the wireless device is authenticated, the OTA application may be sent to the wireless device in protocol data units (PDUs). Prior to sending the PDUs, a random number may be added to one of the PDUs. When receiving the PDUs, the device may extract the random number and calculate a cipher key using the number and a user key. The OTA application may be accepted when the calculated cipher key matches a prior generated cipher key.

15 Citations

View as Search Results

22 Claims

1. A method of providing an over-the-air (OTA) application to a wireless device comprising:
- receiving a request for an OTA application at an authentication center from the wireless device;
  
  generating a random number and sending the random number to the wireless device in response to the request;
  
  receiving a signed response (Sres) from the wireless device, the signed response generated by the wireless device based on the random number and a user key (Ki) stored within the wireless device; and
  
  authenticating the wireless device by comparing the signed response (Sres) received from the wireless device with a predicted signed response (Sres),when the wireless device is authenticated, the method further comprises;
  
  adding the random number to one protocol data unit (PDU) of a plurality of PDUs comprising the OTA application;
  
  encrypting the PDUs using a cipher key (Kc) generated with the random number; and
  
  sending the encrypted PDUs to the wireless device,wherein the wireless device extracts the random number from the one PDU that includes the random number, calculates a calculated cipher key (Kcc) from the extracted random number and the user key (Ki), and either accepts or rejects installation of the OTA application based on a comparison of the calculated cipher key (Kcc) and a generated cipher key (Kc).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 15, 16)
- - 2. The method of claim 1 wherein the authentication center generates the predicted signed response using the random number, a device identification (ID) number, and the user key (Ki).
  - 3. The method of claim 1 wherein prior to authenticating, the random number is used by the wireless device requesting the OTA application to generate the generated signed response.
  - 4. The method of claim 2 further comprising storing a triplet in a home location register (HLR) and visitor location register (VLR), the triplet comprising the random number, the cipher key (Kc) and the predicted signed response,wherein at the authentication center, the method further comprising generating the cipher key (Kc) from the user key (Ki) and the random number, wherein the predicted signed response is generated at the authentication center from the user key and the device identification number.
  - 5. The method of claim 1 wherein the user key is stored on a subscriber information module (SIM) inserted into the wireless device,and wherein the predicted signed response matches the device-generated signed response from the wireless device when both the wireless device and an authentication center use the same user key (Ki) and the same random number to generate the signed response.
  - 6. The method of claim 1 further comprising, prior to encrypting, generating the cipher key (Kc) using the random number and the user key (Ki) associated with the wireless device.
  - 7. The method of claim 1 further comprising generating a transport layer PDU for the one PDU, and transmitting executable code of the OTA within the plurality of PDUs.
  - 8. The method of claim 1 wherein the OTA application is provided by a service provider, and wherein the random number is added as a preamble to the one PDU, andwherein the OTA application is one of either a computer program, a game program, data, a video, music or a program for programming the wireless device, and wherein the video or music or other content are provided by a content provider.
  - 9. The method of claim 1 wherein encrypting includes encrypting the plurality of PDUs including the one PDU that includes the random number.
  - 15. The method of claim 1 further comprising:
    - generating the signed response using the received random number and the user key (Ki), the user key being stored within a subscriber information module (SIM) inserted into the wireless device; and
      
      generating the cipher key (Kc) from the received random number and the stored user key (Ki); and
      
      decrypting the received PDUs that include the OTA application with the generated cipher key (Kc).
  - 16. The method of claim 15 wherein the OTA application comprises one of a computer program, a game program, data, a video, music or a program for programming the wireless device.

10. A method of receiving an over-the-air (OTA) application by a wireless device comprising:
- receiving a random number from an authentication center in response to a request for an over-the-air (OTA) application;
  
  sending a signed response (Sres) to the authentication center, the signed response generated based on the received random number and a user key (Ki) stored within the wireless device;
  
  generating a generated cipher key (Kc) from the received random number and the user key (Ki);
  
  when authenticated, receiving a plurality of encrypted protocol data units (PDUs) that include the OTA application, one of the encrypted PDUs including the random number;
  
  extracting the random number from the one PDU;
  
  calculating a calculated cipher key (Kcc) from the extracted random number and the user key (Ki); and
  
  either accepting or rejecting installation of the OTA application based on a comparison of the calculated cipher key (Kcc) and the generated cipher key (Kc),wherein a processing element within the wireless device generates the signed response, generates the generated cipher key, extracts the random number, calculates the calculated cipher key and either accepts or rejects the installation.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10 further comprising decrypting the received PDUs that include the OTA application with the generated cipher key (Kc).
  - 12. The method of claim 11 wherein the authentication center authenticates the wireless device by generating the random number, sending the random number to the wireless device, and comparing a predicted signed response with the signed response received from the wireless device,wherein the authentication center generates the predicted signed response from the random number, the user key (Ki) and a device identification number associated with the wireless device.
  - 13. The method of claim 12 wherein the authentication center generates a cipher key (Kc) corresponding to the generated cipher key (Kc) from the random number and the user key (Ki).
  - 14. The method of claim 13 wherein the authentication center:
    - encrypts the PDUs that include the OTA application with the generated cipher key (Kc); and
      
      sends the encrypted PDUs to the wireless device when authenticated.

17. A wireless communication device comprising:
- a receiver to receive a random number from an authentication center in response to a request for an over-the-air (OTA) application;
  
  a transmitter to transmit a signed response to the authentication center, the signed response generated based on the received random number and a user key (Ki) stored within the wireless communication device; and
  
  a processing element to generate the signed response,wherein when authenticated, the receiver receives a plurality of encrypted protocol data units (PDUs) that include the OTA application, one of the encrypted PDUs including the random number, the processing element extracts the random number from the one PDU and calculates a calculated cipher key (Kcc) from the extracted random number and the user key (Ki), the processing element either accepts or rejects installation of the OTA application based on a comparison of the calculated cipher key (Kcc) and a generated cipher key (Kc),wherein the processing element generates the generated cipher key (Kc) from the received random number and the user key (Ki).
- View Dependent Claims (18, 19)
- - 18. The device of claim 17 wherein the processing element decrypts the received PDUs that include the OTA application with the generated cipher key,and wherein the device further comprises a subscriber information module (SIM) receptacle for insertion of a SIM, the SIM to store the user key (Ki).
  - 19. The device of claim 18 wherein the processing element generates the signed response using the received random number, the user key, and a device identification stored on the SIM.

20. A semiconductor device comprising:
- a processing element to generate a signed response based on a random number and a user key (Ki), and to generate a generated cipher key (Kc) from the random number and the user key (Ki); and
  
  memory to store the generated cipher key (Kc) and instructions for execution by the processing element,wherein the random number is received from an authentication center in response to a request for an over-the-air (OTA) application and the signed response is sent to the authentication center,wherein in response to the request and when authenticated by the authentication center, a plurality of encrypted protocol data units (PDUs) is received that include the OTA application, one of the encrypted PDUs including the random number,wherein the processing element extracts the random number from the one encrypted PDU calculates a calculated cipher key (Kcc) from the extracted random number and the user key (Ki), and either accepts or rejects installation of the OTA application based on a comparison of the calculated cipher key (Kcc) and the generated cipher key (Kc).
- View Dependent Claims (21, 22)
- - 21. The device of claim 20 wherein the processing element decrypts the received PDUs that include the OTA application with the generated cipher key.
  - 22. The device of claim 21 wherein the processing element generates the signed response using the received random number, the user key, and a wireless device identification number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Kumar, Anil K.
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
POLTORAK, PIOTR

Application Number

US10/336,554
Publication Number

US 20040131185A1
Time in Patent Office

1,839 Days
Field of Search

380/247, 380/270, 713/168, 717173-174, 717177-178, 726/2
US Class Current

380/247
CPC Class Codes

H04L 63/08   for authentication of entit...

H04W 12/03   Protecting confidentiality,...

H04W 12/06   Authentication

H04W 12/35   Protecting application or s...

H04W 8/26   Network addressing or numbe...

H04W 88/02   Terminal devices

Wireless communication device and method for over-the-air application service

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Wireless communication device and method for over-the-air application service

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links