Cryptography – Cellular telephone cryptographic authentication – Initialization
Reexamination Certificate
1998-08-19
2001-03-13
Hayes, Gail O. (Department: 2766)
Cryptography
Cellular telephone cryptographic authentication
Initialization
C380S272000
Reexamination Certificate
active
06201871
ABSTRACT:
BACKGROUND OF THE INVENTION
I. Field of the Invention
The present invention relates to the field of wireless communications. More particularly, the present invention relates to a novel and improved system that encrypts the information used to authenticate a wireless communications device.
II. Description of the Related Art
The security of a wireless communications system is an important factor in determining the quality of the system. A major security threat to wireless communications systems is the cloning of wireless communications devices. Each wireless communications device has an authentication key (A-Key). The wireless communications system uses the A-key along with other information to authenticate the wireless communications device, and the wireless communications device may be denied service without proper authentication.
This other information used with the A-key to authenticate the wireless communications device is typically broadcast over the air and is relatively easy to obtain. The A-key is the one piece of information that should remain absolutely secret within the wireless communications device and the wireless communications system. If the A-Key is obtained, then the legitimate wireless communications device can be readily cloned given the available access to the other information. The wireless communications system is unable to differentiate between the legitimate wireless communications device and the clone.
Unfortunately, the user of the legitimate wireless communications device is improperly billed for calls made with the clone. The wireless communications system typically forgives the fraudulent bills, but the reputation of the wireless communications system is damaged. The wireless communications system must also increase capacity to handle fraudulent calls without obtaining any associated revenue. The cost of the increased capacity is typically passed on to legitimate wireless communications device users.
The wireless communications system has an authentication system to authenticate wireless communications devices. The authentication system and the wireless communications device each use the A-key and a shared random number to generate identical Shared Secret Data (SSD). The authentication system and the wireless communications device periodically update the SSD. To authenticate a wireless communications device, the authentication system and the wireless communications device share another random number. The authentication system and the wireless communications device each use the SSD and this other random number to generate an authentication result. The wireless communications device is authenticated if it transfers a matching authentication result to the authentication system. Although technically possible, it is not computationally feasible to derive the A-Key from the authentication result considering the vast amount of computing power and time required.
The authentication system maintains large databases of A-Keys for millions of wireless communications devices. The mass storage of A-Keys poses a great risk. If a person obtains access to the authentication system, then that person can potentially clone large numbers of wireless communications devices and seriously undermine the security and integrity of the wireless communications system. The wireless communications system would be greatly improved by a technology that improves the security of A-Keys in a wireless communications system.
SUMMARY OF THE INVENTION
The present invention is a novel and improved system that provides security for the A-Keys in a wireless communications system. The system effectively prevents any human access to the A-Keys and eliminates cloning. The system improves the security and integrity of the wireless communications system.
The invention allows the authentication system to store only encrypted A-Keys. The decryption key for the encrypted A-Keys is stored in a secure processor. The authentication system uses the secure processor for A-key operations. The secure processor can be physically isolated to prevent human access to the A-Keys and the A-key decryption key. For example, the secure processor can be encased in concrete or placed in a vault. Thus, the decrypted authentication keys only exist momentarily in the secure processor, and the authentication system only stores encrypted A-keys. The invention eliminates the storage of large numbers of decrypted A-Keys.
The secure processor exchanges random numbers with the wireless communications device to generate the A-Key. The secure processor then encrypts the A-Key and transfers the encrypted A-Key to the authentication system. When the authentication system generates or updates the SSD, the authentication system transfers the encrypted A-Key and other information to the secure processor. The secure processor decrypts the A-Key and calculates the SSD. The secure processor transfers the SSD to the authentication system for use in authenticating the wireless communications device.
The A-Key is generated in the secure processor and it is not transferred from the secure processor unless it is encrypted. The decrypted A-Key is only present in the secure processor momentarily during its actual use and is not permanently stored. Thus, the invention eliminates the need for a database of non-encrypted A-Keys. The invention also restricts human access to the A-key decryption key.
REFERENCES:
patent: 5153919 (1992-10-01), Reeds
patent: 5371794 (1994-12-01), Diffie
patent: 5392356 (1995-02-01), Konno et al.
patent: 5537474 (1996-07-01), Brown
patent: 5642401 (1997-06-01), Yahagi
patent: 0 853 438 (1998-07-01), None
Sun Lim Kyeongsuk Shin, Introduction, ETRI Journal 19(3), pp. 187-201, Oct. 1997.
Shin, Lee, Han, Mobile System Architecture, ETRI Journal 19(3) , Oct. 1997.
Han, Bahk and Yang, CDMA Mobile System Overview, ETRI Journal 19(3) pp. 83-97, Oct. 1997.
Bostley, III Phil J.
Eckhardt Andrew D.
Srinivasan Raghavan
Edwards Christopher O.
Hayes Gail O.
Qualcomm Incorporated
Rouse Thomas R.
Seal James
LandOfFree
Secure processing for authentication of a wireless... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure processing for authentication of a wireless..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure processing for authentication of a wireless... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2485687