Cryptography – Cellular telephone cryptographic authentication
Reexamination Certificate
2000-04-26
2004-05-25
Sheikh, Ayaz (Department: 2135)
Cryptography
Cellular telephone cryptographic authentication
C380S255000, C380S270000
Reexamination Certificate
active
06741704
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to a method of setting encryption for a connection in a radio system that comprises a plurality of mobile terminals, at least one switching centre and at least one radio network unit communicating with the switching centre, the radio network unit further comprising at least one control unit and at least one base station under its control. In the radio system, the handling of the encryption settings of the switching centre and the base station is performed at different protocol layers than the handling of the encryption settings of the mobile terminals.
BACKGROUND OF THE INVENTION
The present-day requirement of public radio systems is mutual compatibility. At times, it is further required that units of different systems can be combined into a workable entity, for example the use of a base station system in core networks of different radio systems.
FIG. 1
shows such a combination of a plurality of radio systems, in which a Radio Access Network (RAN) is connected to core networks of different systems, in the figure to the core networks of a Global System for Mobile Communications (GSM), International Mobile Telecommunication (IMT-2000), General Packet Radio Service (GPRS) and Integrated Services Digital Network (ISDN). Such a radio access network RAN is planned to be implemented in the IMT-2000 system of the future. By means of the RAN network, a radio connection is established to subscribers of several core networks. Consequently, it is also referred to as a Generic Radio Access Network (GRAN). Each core network provides services to its own subscribers. The mobile terminal (MT) is thus connected to a base station BTS of the radio access network RAN via the radio path over the radio interface. Via the BTS, the connection is transferred from the radio access network RAN to the home core network of the mobile terminal MT over the interface I
u
. The I
u
interface refers to an open interface that can be used to interconnect the RAN of different systems and a Core Network (CN). A core network refers to a Mobile Services Switching Centre (MSC) and the other units in the network, such as the Visitor Location Register (VLR), the Home Location Register (HLR), etc. depending on the system. The I
u
is illustrated as comprising the BN protocol (Bearer Negotiation) of layer
3
and the lower physical transmission layers. A core network can also be made up of separate packet service nodes such as General Packet Radio Service (GPRS), Serving GPRS Support Node (SGSN) and Gateway GPRS Support Node (GGSN) of the GSM.
FIG. 2
shows the connection of the GSM core network to the radio access network RAN in closer detail. The RAN consists of at least one base station controller (BSC) and base stations BTS under its control. Unlike with operation of the GSM system, the signaling between the RAN network and the mobile terminal in the IMT-2000 system is often transparent to the base station BTS. Thus, the structure of the BTS functioning as a repeater in the signaling between the BSC and the MT is simpler than in traditional mobile communications systems. The base station controller BSC routes the messages from the mobile terminal MT, received via the base station BTS, to the mobile services switching centre MSC of the GSM system, and vice versa.
The problem with connecting the IMT-2000 system radio access network RAN and, e.g., the GSM system core network to one another is arranging encryption for the connections. In the IMT-2000 system, encryption is implemented between the mobile terminal MT and the core network MSC, which makes traffic transparent from the point of view of the radio access network RAN. In the GSM system, encryption is implemented at the air interface between a mobile station MS and a base station BTS. The next examines in closer detail the problem caused by a combined system in the light of
FIGS. 3-6
.
FIG. 3
illustrates a theoretical layer description for a connection in the GSM system entity, in which identically-named protocols of units connected to each other communicate with each other. For reasons of clarity, physical transmission layers
1
and
2
that do not take part in the encryption are marked with dotted lines. Boxes circled with solid lines in the figures belong to layer
3
. Of the protocols shown in the figure, CC (Call control) carries out call control and MM (Mobility Management) location management of the mobile station MS. In the GSM system, these protocols do not take part in implementing encryption for the connection.
FIG. 4
is a signaling diagram for setting of encryption in the GSM system.
FIG. 4
also shows the taking part of the protocol boxes of
FIG. 3
in the setting of the encryption. With a BSSAP protocol, the mobile services switching center MSC transmits an encryption start command
41
CIPHERING_MODE_COMMAND to the BSSAP protocol of the base station controller BSC. The BSSAP (BSS Application Part) protocol corresponds to the BN protocol. BSC-internally, the start command is transferred in message
42
from the BSSAP protocol to the BTSM protocol (BTS Management) that is able to communicate with the corresponding protocol of the base station BTS. The BTSM protocol of the base station controller BSC thus transfers the encryption command to the BTSM protocol of the BTS in message
44
ENCRYPTION_COMMAND, which includes a CIPHERING_MODE_COMMAND message of an RR protocol (Radio Resource Management), meant to be transmitted to the mobile station MS. BTS-internally, the encryption command is transferred, in message
45
, from the BTSM protocol to an RR′ protocol which is part of the RR protocol and thus capable of communicating with the RR protocol of the mobile station MS. The RR′ protocol of the base station BTS transfers the CIPHERING_MODE_COMMAND message, delivered within message
44
, to the RR protocol of the MS (message
46
). The RR protocol of the mobile station MS acknowledges the encryption setting by transmitting an acknowledgement message
47
CIPHERING_MODE_COMPLETE to the RR protocol of the base station controller BSC. BSC-internally, this acknowledgement is transferred from the RR protocol to the BSSAP protocol (message
48
) that sends the acknowledgement message further to the BSSAP protocol of the mobile services switching centre in message
49
CIPHERING_MODE_COMPLETE. The RR protocol of the mobile station MS and the RR′ protocol of the base station BTS transfer the encryption parameters and the encryption start command unit-internally to lower layers of the physical connection, which at the transmitting end carry out encryption and, at the receiving end, decryption for signals of the higher protocols.
FIG. 5
shows a theoretical layer description corresponding to
FIG. 3
in the case of IMT-2000 system entity. Again, the physical transmission layers
1
and
2
not taking part in the encryption are marked with dotted lines. Layers
1
and
2
may be implemented with the ATM protocol, for example. The CC protocol of the IMT-2000 system carries out call control, and the MM protocol in addition to location management of the mobile terminal MT initializes the connection encryption. A TAC protocol (Terminal Association Control) establishes a connection between the network and the mobile terminal MT.
FIG. 6
shows a signaling chart for initialization of the IMT-2000 system encryption. The encryption initialization is performed with an MM-T protocol (Mobility Management-Terminal) in a transparent way from the point of view of the radio access network RAN. The MSC transmits, by means of the MM-T protocol, an encryption initialization message
61
MOBILITY_FACILITY_(START_CIPHERING: INVOKE) to the mobile terminal MT. The radio access network RAN transfers the message directly to the MT, which acknowledges the encryption initialization with message
62
MOBILITY_FACILITY (START_CIPHERING: RETURN_RESULT). Message
62
is also transferred to the MSC transparently from the RAN's point of view. The base station BTS and the base station controller BSC of the RAN, thr
Nokia Corporation
Sheikh Ayaz
Song Hosuk
Squire Sanders & Dempsey L.L.P.
LandOfFree
Method of setting encryption for a connection in a radio system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of setting encryption for a connection in a radio system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of setting encryption for a connection in a radio system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3232154