Telecommunications – Radiotelephone system – Zoned or cellular telephone system
Reexamination Certificate
1998-05-07
2003-06-24
Cumming, William (Department: 2684)
Telecommunications
Radiotelephone system
Zoned or cellular telephone system
C380S029000, C380S030000, C380S218000
Reexamination Certificate
active
06584310
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to authentication of users in a communication system, and more particularly to the authentication of users in a wireless network as the user roams between two communication systems with differing authentication schemes.
2. Description of the Related Art
There are currently different communication standards utilized in the U.S., Europe, and Japan. The U.S. currently utilizes three major systems, with differing standards. The first system is a time division multiple access system (TDMA) and is governed by IS-136, the second system is a code division multiple access (CDMA) system governed by IS-95, and the third is the Advanced Mobile Phone System (AMPS). All three communication systems use the IS-41 standard for intersystem messaging, which defines the authentication procedure.
In TDMA, users share a frequency band, each user's speech is stored, compressed and transmitted as a quick packet, using controlled time slots to distinguish them, hence the phrase “time division”. At the receiver, the packet is decompressed. In the IS-136 protocol, three users share a given channel.
Traditional systems transmit a single strong signal, perhaps intermittently, on a narrow band. In contrast, CDMA works in reverse, sending a weak but very broad band signal. A unique code “spreads” the signal across the wide area of the spectrum (hence the alternative name—spread spectrum), and the receiver uses the same code to recover the signal from the noise. A very robust and secure channel can be established, even for an extremely low-power signal—theoretically, the signal can be weaker than the noise floor. Further, by using different codes, a number of different channels can simultaneously share the same spectrum, without interfering with each other.
The AMPS system is an analog system.
Europe utilizes the Global System for Mobiles (GSM) network as defined by the European Telecommunications Standard Institute (ETSI). GSM now has the support of 80 operators in over 40 countries including countries outside of Europe. GSM is a TDMA standard, with 8 users per channel. The speech is taken in 20 msec windows, which are sampled, processed, and compressed.
GSM is transmitted on a 900 MHz carrier. There is an alternative system operating at 1.8 GHz (DCS 1800), providing additional capacity, and is often viewed as more of a personal communication system (PCS) than a cellular system. In a similar way, the U.S. has also implemented DCS-1900, another GSM system operating on the different carrier of 1.9 GHz.
Personal Digital Cellular (PDC) is the Japanese standard, previously known as JDC (Japanese Digital Cellular). A TDMA standard similar to the U.S. IS-54 protocol, PDC is not in use anywhere else in the world.
The GSM network utilizes a user identification module (UIM) which is a credit card size card which is owned by a subscriber, who slides the UIM into any GSM handset to transform it into “their” phone. It will ring when their unique phone number is dialed, calls made will be billed to their account; all options and services connect; voice mail can be connected and so on. People with different UIMs can share one “physical” handset, turning it into several “virtual” handsets, one per UIM.
Similar to the U.S. systems, the GSM network also permits “roaming”, by which different network operators agree to recognize (and accept) subscribers from other networks, as phones (or UIMs) move. So, British subscribers can drive through France or Germany, and use their GSM phone to make and receive calls (on their same UK number), with as much ease as an American businessman can use a phone in Boston, Miami, or Seattle, within any one of the U.S. systems.
Regardless of the telephone communication system, when a subscriber places a call, his or her telephone indicates to the service provider the identity of the caller for billing purposes. The service provider must then “authenticate” the identity of the caller in order to ensure that he or she is an authorized user.
The GSM authentication scheme is illustrated in prior art
FIGS. 1 and 2
. This authentication scheme includes a home location register (HLR)
10
, a visiting location register (VLR)
20
, and a mobile terminal (MT)
30
, which includes a UIM
32
. When the mobile terminal
30
places a call, a request is sent to the home location register
10
, which generates an authentication triplet (RAND, SRES, K
c
) from a root key K
i
. The triplet includes a random number RAND, a signed response SRES, and a session key K
c
. The triplet is provided to the visiting location register
20
, which passes the random number RAND to the mobile terminal
30
. The UIM
32
receives the random number RAND, and utilizing the root key K
i
, the random number RAND, and an algorithm A
3
, calculates a signed response SRES. The UIM
32
also utilizes the root key K
i
and the random number RAND, and an algorithm A
8
to calculate the session key K
c
.
The SRES, calculated by the UIM
32
, is returned to the visiting location register
20
, which compares this value from the SRES received from the home location register
10
, in order to authenticate the subscriber using the mobile terminal
30
.
In the GSM “challenge/response” authentication system, the visiting location register
20
never receives the root key K
i
being held by the UIM
32
and the home location register
10
. The VLR
20
also does not need to know the authentication algorithms used by the HLR
10
and UIM
32
. Also, in the GSM authentication scheme, the triplet must be sent for every phone call by the home location register
10
. RAND is 128 bits, SRES is 32 bits, and K
c
is 64 bits, which is 224 bits of data for each request, which is a significant data load.
The IS-41 authentication scheme, used in U.S. TDMA, CDMA and AMPS systems, is illustrated in prior art FIGS.
3
(
a
),
3
(
b
) and
4
. This authentication scheme involves a home location register (HLR)
40
, a visiting location register (VLR)
50
, and a mobile terminal (MT)
60
, which includes a UIM
62
. The root key, known as the A_key, is stored only in the HLR
40
and the UIM
62
. There is a secondary key, known as Shared Secret Data SSD, which is sent to the VLR
50
during roaming. SSD is generated from the A_key and a random seed RANDSSD using a cryptographic algorithm, as illustrated in FIG.
3
(
a
). In the IS-41 network, this algorithm is CAVE (Cellular Authentication and Voice Encryption). When the MT
60
roams to a visiting network, the VLR
50
sends an authentication request to the HLR
40
, which responds by sending that subscriber's SSD.
Once the VLR
50
has the SSD, it can authenticate the MT
30
independently of the HLR
40
, as illustrated in FIG.
3
(
b
). The VLR
50
sends a random number RAND to the UIM
62
via the MT
60
, and the UIM
62
calculates the authentication response (AUTHR) using RAND and the stored value of SSD in UIM
62
. AUTHR is returned to the VLR
50
, which checks it against the value of AUTHR that it has independently calculated in the same manner. If the two AUTHR values match, the MT
60
is declared valid.
This scheme is efficient in two ways. One, the amount of data passed over the long-distance signaling link between the HLR
40
and the VLR
50
is very small (the 128-bit SSD), and one such transfer is sufficient for the entire registration period. Two, the VLR
50
may authenticate the user before assigning a traffic channel which is possible because RAND can be generated locally and need not be generated by the HLR
40
.
To generate encryption session keys, the internal state of the CAVE algorithm is preserved after the authentication calculation. Several levels of encryption keys are then calculated using the post-authentication state of CAVE and the current value of SSD, as illustrated in FIG.
4
.
The goal of the International Mobile Telecommunications—2000 (IMT-2000) standards development effort is to provide a global telecommunications system which will support a phone subscription anywhere in t
LandOfFree
Method and apparatus for performing authentication in... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for performing authentication in..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for performing authentication in... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3099233