Telecommunications – Radiotelephone system – Special service
Reexamination Certificate
1999-03-16
2002-07-30
Hunter, Daniel (Department: 2684)
Telecommunications
Radiotelephone system
Special service
C455S557000, C455S411000, C455S558000
Reexamination Certificate
active
06427073
ABSTRACT:
FIELD OF THE INVENTION
The invention relates to a method and system for preventing the misuse of a copied subscriber identity in a mobile communication system.
BACKGROUND OF THE INVENTION
Both the users and the network operator in all telecommunication networks have to be optimally protected against undesirable intrusions by third parties. Thus, various security procedures are called for in networks. The most important characteristics of network security are 1) protecting information relayed by the network, and 2) authentication of network users and access control. The most important protection mechanism in the foreseeable future is some kind of encryption. Authentication is a measure for ensuring that information is originating from the source indicated. It is typically based on passwords and keys. Access rights are indicated as the ability to send and/or receive via a switching channel. Also access mechanisms are based on some sort of password or key.
As data transmission to mobile subscribers takes place on a radio connection, public land mobile networks (PLMN) are especially vulnerable to misuse of their resources by unauthorized users who eavesdrop on the information exchanged on the radio path. This is because radio signals may be listened to and sent from any place without access to user or operator equipment. It is obvious that the need for improved security is more pronounced in PLMN networks than in conventional telecommunication networks.
The basic structure of the pan-European digital cellular radio system GSM (Global System for Mobile Communications) is shown in FIG.
1
. The structure of the GSM network consists of two parts: a base station sub-system (BSS) and a network subsystem (NSS). The BSS and mobile stations MS communicate by means of radio connections. A base transceiver station (BTS) serves each cell in the base station subsystem BSS. A group of base stations BTS is linked to a base station controller (BSC) serving to control the radio frequencies and channels used by the base station BTS. The base station controllers BSC are linked to a mobile switching centre (MSC). A mobile switching centre serves to switch calls involving at least one mobile station MS. Some mobile switching centres MSC are linked to other telecommunication networks, such as a public integrated services network (PISN), and include switching procedures for dealing with calls to and from these networks. Such mobile switching centres are called gateway MSCs (GMSC).
Two types of data bases are involved in the routing of calls. Subscriber data on all subscribers is stored in a home location register HLR permanently or semi-permanently, including information on the services the subscriber can access and the present location of the subscriber. An other type of register is a visitor location register VLR. The VLR is usually associated with one mobile switching centre MSC, but may serve several centres. The visitor location register VLR is usually integrated into the mobile switching centre MSC. Such an integrated network element is called a visited mobile switching centre (VMSC). When a MS is active (it has registered in the network and may initiate or receive a call), the majority of the subscriber data on the mobile station MS in the home location register HLR is loaded (copied) into the visitor location register VLR of the mobile switching centre MSC whose area the MS is roaming.
The GSM system incorporates an extremely secure authentication system. This is also true of derivatives of the GSM system, such as the DCS, based on what is known as the challenge and response principle. When a subscriber contract is drawn up, the subscriber is allocated a secret subscriber authentication key (K
i
) and an international mobile subscriber identity (IMSI). K
i
is stored in a GSM network element serving this purpose and called the authentication centre (AUC), associated with or connected to the subscriber home location register (HLR). The authentication centre AUC also comprises an encryption algorithm called A8, and an authentication algorithm called A3, and a random number RAND generator. An encryption key K
c
is generated by the algorithm A8 on the basis of K
i
and RAND. Similarly, a signed response (SRES) is generated by the algorithm A3 on the basis of K
i
and RAND. These three parameters, RAND, K
c
, and SRES form a subscriber-specific triplet, employed later in authentication and encryption.
Referring to
FIG. 2
, the authentication centre AUC comprises a data base
20
for storing the authentication key K
i
of each GSM network subscriber. The subscriber K
i
may be retrieved from the data base
20
by using the mobile subscriber identity IMSI as index.
In order not to have to calculate and send the triplet always when it is needed, the AUC/HLR calculates several triplets for each subscriber in advance and delivers them on request to the visitor location register (VLR) and to the mobile switching centre (MSC), in which they are stored. The MSC/VLR has one unused triplet always at its disposal for each visiting subscriber. High-quality security presumes that the triplet is used only once for one connection, and is destroyed thereafter.
FIG. 4
shows some subscriber-specific triplets. A security parameter file
40
comprises n triplets 1 to n for each subscriber identity IMSI. This reserve in the security parameter file
40
is formed when a mobile subscriber registers in a visited centre MSC and a visitor location register VLR for the first time. It is part of the subscriber data which was loaded from the home location register HLR in connection with the INSERT SUBSCRIBER DATA message.
Referring to
FIG. 5
, when a subscriber has used all triplets at its disposal, the AUC/HLR is requested to calculate and send back a new series. This triplet completion procedure consists of two messages: SEND PARAMETERS and a response thereto called SEND PARAMETERS RESULT. The former contains the IMSI of the mobile subscriber, used to retrieve K
i
for calculation of the triplets, as described in connection with FIG.
2
. The triplets calculated are delivered to the MSC/VLR in the SEND PARAMETERS RESULT message and stored in the visitor location register VLR.
Still referring to
FIG. 4
, a mobile station MS sends an access request to the MSC/VLR. The latter retrieves a triplet reserved for the mobile subscriber from the security parameter file
40
by using the IMSI as index. On one hand the MSC/VLR forwards the value of K
c
to the channel equipment of the base station controller BSC to be used in traffic channel coding, and on the other hand it forwards the value of RAND to the mobile station in an AUTHENTICATION REQUEST message. This is depicted by block
41
in FIG.
4
. On the basis of RAND the mobile station MS calculates the other values (SRES and K
c
) of the triplet.
Referring now to
FIG. 3
, a copy of the mobile subscriber authentication key K
i
, and the encryption algorithm A8 and the authentication algorithm A3 are stored in the mobile station. On receiving an AUTHENTICATION REQUEST message, the mobile station MS isolates RAND from the message, feeding it and the stored K
i
to the algorithms A3 and A8, respectively, for calculation of the signed response SRES and the encryption key K
c
. The SRES calculated is forwarded to the MSC/VLR in the AUTHENTICATION REQUEST message in order to complete the authentication, as is shown in
FIGS. 4 and 5
.
Referring to
FIG. 4
, the MSC/VLR isolates the value of SRES from the AUTHENTICATION REQUEST message (block
42
) and retrieves the stored value of SRES from the file
40
(block
43
). Thereafter the MSC/VLR, for this particular connection and before any other processing, authenticates the mobile subscriber by checking that the SRES calculated in the AUC/HLR and the SRES calculated in the mobile station (block
44
) are identical. If these two values are identical, access is permitted (block
45
). Otherwise access is denied (block
46
).
As an example, in the GSM system the authentication of a mobile subscriber is subject to a subscriber-specific
Kortesalmi Jyrki
Pelto Tapio
Altera Law Group LLC
Hunter Daniel
Le Lana
Nokia Telecommunications Oy
LandOfFree
Preventing misuse of a copied subscriber identity in a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Preventing misuse of a copied subscriber identity in a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Preventing misuse of a copied subscriber identity in a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2886431