CN207251631U - A kind of follow-on SIM card and mobile terminal and identification system - Google Patents
A kind of follow-on SIM card and mobile terminal and identification system Download PDFInfo
- Publication number
- CN207251631U CN207251631U CN201720677173.6U CN201720677173U CN207251631U CN 207251631 U CN207251631 U CN 207251631U CN 201720677173 U CN201720677173 U CN 201720677173U CN 207251631 U CN207251631 U CN 207251631U
- Authority
- CN
- China
- Prior art keywords
- sim card
- random number
- key
- true random
- mobile
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The utility model discloses a kind of follow-on SIM card and mobile terminal and identification system, follow-on SIM card includes core processing module and the memory module and serial communication interface that are connected respectively with the core processing module, the memory module includes program storage block, data memory module and the work memory module being connected respectively with core processing module, and the SIM card, which is equipped with, to be used to generate true random number module of the true random number encryption key for encrypted authentication key.True random number module generates true random number encryption key in the utility model, SIM card is encrypted authentication key using the true random number encryption key, obtain the authentication key of ciphertext form, in addition authentication key is also used in itself to the form of true random number, generated in advance by mobile communications network and complete to distribute between mobile communications network and SIM card, for generating and comparing Authentication Response, security is further increased.
Description
Technical field
It the utility model is related to moving communicating field, more particularly to a kind of modified SIM card and with the SIM card
Mobile terminal and identification system.
Background technology
SIM card (Subscriber Identity Module client identification modules) is also referred to as smart card, user identity is known
Do not block, be the certificate that Virtual network operator distinguishes client identity, Virtual network operator cannot be accessed without its client mobile terminal
Carry out communication service.It stores the electricity of the information of digital mobile phone client, encrypted key and user on its chip
Content, voice messagings when differentiating for mobile communications network to client identity, and conversing client such as words book add
It is close.
When each client registers in the mobile communication network, be assigned a customer telephone number (MSISDN,
Mobile Subscriber International ISDN/PSTN number) and international mobile subscriber identity (IMSI,
International Mobile Subscriber Identification Number).IMSI is write by SIM writers
In the SIM card of client, while one and the corresponding unique customer authentication key (Ki) of IMSI are generated again in writer, it
The specific region being stored in SIM card cannot be read, while be stored in again in Authentication Center AUC, this is permanent letter
Breath.IMSI can be read from SIM card after the mobile phone power-on of client, when mobile phone logging in network, IMSI can be sent to network, net
Network returns to one random parameter RAND of mobile phone after receiving the IMSI that mobile phone is sent, and after mobile phone receives RAND, RAND is issued
SIM card, the Ki in SIM card pass through RAND algorithm and generate SRES (Signed Response, Authentication Response), and mobile phone is read
SRES simultaneously issues network, and network finds corresponding Ki according to IMSI and RAND is generated by the algorithm arranged with SIM card
SRES ', the SRES and the SRES ' of oneself generation that network relatively receives, thinks that the client is legal if both are identical, on the contrary
Think that the client is illegal.Existing 3G, 4G mobile communications network takes bi-directional authentification, i.e., except network to the authentication of client it
Outside, authentication of the client to network is further included.Its authentication process is similar with unidirectionally authenticating, and is kept after being write when being all built upon initial
On the basis of constant key.
Ki in SIM card also produces an encryption key Kc while generating SRES by algorithm to RAND, for carrying out
Secret telephony.Therefore, the key Ki in SIM card is the key key for ensureing mobile communication safety, once stolen by criminal
Take, the security of whole system will be destroyed.Since Ki is permanent information, and it is for producing certification message SRES and adding
Key Kc's, therefore, criminal cracks Ki often through analysis SRES or Kc.
In the prior art, the Ki in SIM card is to write and immobilize when SIM card is dispatched from the factory, and can be broken now with many approach
Ki is solved, once Ki is cracked, which can be cracked by massive duplication or its secret communication.
Utility model content
The utility model provides a kind of modified SIM that identification is carried out based on true random number key, by built-in
True random number module, can use encrypted test mode to preserve authentication key.
A kind of follow-on SIM card, including core processing module and the storage that is connected respectively with the core processing module
Module and serial communication interface, the memory module include program storage block, the data being connected respectively with core processing module
Memory module and work memory module, the SIM card, which is equipped with, to be used to generate true random number encryption key for encrypted authentication key
True random number module.
The SIM card of the utility model has the function of traditional SIM card, is the identity documents that client terminal networks, it is in inside
True random number module is added in structure compared with traditional SIM card.
True random number module generates true random number encryption key, and SIM card is close to authenticating using the true random number encryption key
Key is encrypted, and obtains the authentication key of ciphertext form, further increases security.
Preferably, the authentication key is to preserve in a storage module or be stored in the shifting to match with the SIM card
True random number key in dynamic terminal.
The utility model also uses the form of true random number with regard to authentication key in itself, is generated in advance by mobile communications network
And distribution is completed between mobile communications network and SIM card, for generating and comparing Authentication Response.
The core processing module is CPU.
Program storage block is used for the system program for storing SIM card.User is inoperable, preferably ROM, Flash,
EEPROM etc..
Work memory module, that is, memory RAM, for storing SIM card system temporary information.User is inoperable.
Data memory module, for storing international mobile subscriber identity IMSI, authentication key (true random number key), visitor
Family identity information and all kinds of cryptographic algorithms etc..Preferably Flash, EEPROM etc..After the true random number encryption key use
Also data memory module is stored in, for decryption oprerations.
True random number key defines identical with authentication key Ki in traditional SIM card, is all to write SIM card in client enrollment
In and be used as in client mobile terminal logging in network the key of certification, difference lies in a Ki in traditional SIM card is changed to
The true random number key being made of one group of true random number, its size of key depend on the storage of the capacity or mobile terminal of SIM card
Amount.
The true random number module is preferably real random number generator chip, is used for producing true random number for SIM card.
The utility model additionally provides a kind of mobile terminal, including SIM card described in the utility model, and with the SIM card
Serial communication interface be connected.
Mobile communication terminal, refers to the communication apparatus that can be used on the move, is preferably mobile phone, notebook, tablet electricity
Brain, POS machine, vehicle-mounted computer etc..Communicated by network from other equipment and developed in the system of itself it is different should
With function for users to use, to complete the demand of user.Mobile terminal described in the utility model refers to access based on SIM card
The terminal device of mobile communications network.There is the mobile terminal memory carried can also be deposited by built-in SD card to extend it
Storage area.
The authentication key of ciphertext form is stored in the data memory module of SIM card or preserves in the terminal.
The utility model additionally provides a kind of mobile communication identification system, including mobile communications network, mobile terminal
And the SIM card in the mobile terminal, SIM card carry out body between the mobile terminal and mobile communications network
Part identification, the mobile terminal are the mobile terminal described in utility model.
Mobile communications network, refers to global system for mobile communications, and China meets the operator master of communication system network standard
There are movement, unicom, telecommunications etc..Its main function is to provide voice communications services for legal mobile terminal client.
Preferably, the mobile communications network, which includes key, issues server, key is issued in server and is equipped with very
Randomizer, it is corresponding truly random for generating true random number and distributing formation between mobile communications network and SIM card
Number key.
It can be that the client for holding mobile terminal handles networking formality and issues SIM card that key, which issues server, the key
Issue and contain real random number generator on server, can be used to produce true random number and be presented to client's as true random number key
SIM card.
Also there is Authentication Center (AUC), the true random number key is in mobile communications network in the mobile communications network
In be stored in Authentication Center.
The authentication customer information write in SIM card (can be included at least international mobile subscriber identity by mobile communications network
IMSI, true random number key and all kinds of cryptographic algorithms) it is stored in Authentication Center AUC.When mobile client access network carries out
During communication, the SIM card of the mobile terminal of client is authenticated by AUC, certification logs in mobile radio communication by rear permission client
Network carries out secret communication.
At present, GSM network is that the unidirectional authentication to client, 3G network start using double between network and client using network
To authentication, i.e., in addition to network is to authenticated client its legitimacy, client is also authenticated network, only both sides' all certifications into
Work(could logging in network progress communication service.
True random number key cancels after first use, and the key storage area of calcellation is known as invalid data area, not by
The key storage area used is known as valid data area.It is the currently active close that true random number key has a pointer to be directed toward in storage
The position of key, the currently active key pointed by the pointer are true random number key to be used next time, when the key uses
Afterwards, client mobile terminal can carry out key synchronization renewal with network, i.e., pointer is directed toward to the position of next effectively key.
When the size of key in valid data area is less than certain value, which will be sent by mobile terminal to client
Supplement the signal of key with money, remind the client to supplement key with money to mobile communications network, supplement the method for key with money and side that key is issued
Method is similar, and this will not be repeated here.
Authentication code used is by SIM card when the mobile terminal of client logs in mobile communications network every time in the utility model
The true random number key generation shared with mobile communications network, and for generating the true random number key of authentication code using once
After update.This causes true random number key to instead of the Ki in traditional SIM card, and effectively prevent Ki keys in traditional SIM card
The risk being cracked, improves the security of mobile communication system.
Brief description of the drawings
Fig. 1 is the structure diagram of the utility model SIM card;
Fig. 2 is the flow chart being authenticated using the utility model SIM card.
Embodiment
Referring to Fig. 1, follow-on SIM card in the present embodiment, including core processing module and respectively with the core processing
Memory module, serial communication interface and the true random number module that module is connected;Wherein memory module include respectively with core processing
Program storage block, data memory module and the work memory module that module is connected.
Core processing module is CPU, and program storage block is used for the system program for storing SIM card.User is inoperable,
Preferably ROM, Flash, EEPROM etc..Work memory module, that is, memory RAM, for storing SIM card system temporary information.User
It is inoperable.Data memory module, for store international mobile subscriber identity IMSI, authentication key (true random number key),
Client identity information and all kinds of cryptographic algorithms etc..Preferably Flash, EEPROM etc..
Mobile communication identification system in the present embodiment, including mobile communications network, mobile terminal and be installed on
SIM card in mobile terminal, when SIM card use, are connected with matched mobile terminal by serial communication interface, and SIM card is via shifting
It is dynamic that identification is carried out between terminal and mobile communications network.
Mobile communications network includes key and issues server, and key, which is issued, is equipped with real random number generator in server,
Corresponding true random number key is formed for generating true random number and distributing between mobile communications network and SIM card.It is mobile logical
Also there is Authentication Center (AUC), true random number key is stored in Authentication Center in the mobile communication network in communication network.
When client handles networking to mobile communications network, which is assigned a customer telephone number
(MSISDN), international mobile subscriber identity (IMSI) and a SIM card.By writer by IMSI and other customer informations such as
In the SIM card of the write-in client such as all kinds of cryptographic algorithms.
Then, issued from key in true random number caused by the quantum random number generator on server, take out and specify
The true random number of quantity is write in SIM card as true random number key, as authentication key.
After SIM card receives true random number key, by its internal real random number generator chip produce one very with
Machine number K, i.e. true random number encryption key, and true random number key is encrypted to using K the true random number key of ciphertext form.Should
The true random number key of ciphertext form can preserve in a memory in the mobile terminal or mobile terminal extension storage region.
Meanwhile K can be saved in the data memory module in SIM card.
Mobile communications network can by write SIM card in authentication customer information (include at least IMSI, true random number key and
All kinds of cryptographic algorithms) it is stored in Authentication Center AUC.And the SIM card is presented to client, client is moved using SIM card joint
Dynamic terminal can accessing mobile communication network communicate.
Referring to Fig. 2, mobile communications network includes the verification process of the mobile terminal of client:
1) mobile terminal of client reads IMSI codes from SIM card and is sent to mobile communications network.
2) the Authentication Center AUC in mobile communications network first determines whether the IMSI codes are effective after receiving IMSI, such as
Fruit is effective, then produces a true random number N and return to client mobile terminal.
3) after client mobile terminal receives true random number N, the true random number key of true random number N and ciphertext form is sent out
Give SIM card.
4) SIM card using true random number K by the true random number secret key decryption of ciphertext form, and by the true random number after decryption
Key and random number N generate authentication code key (i.e. Authentication Response) by the algorithm arranged with mobile communications network, and key is sent
Mobile terminal to client.
5) authentication code key is returned to mobile communications network by the mobile terminal of client.
6) the Authentication Center AUC in mobile communications network receives authentication code key, with the mode identical with SIM card, utilizes
Corresponding true random number key generation key ' is stored in Authentication Center AUC, and compares key and key '.If key=key ',
Then show mobile communications network to client mobile terminal certification success.If key ≠ key ', show mobile communications network to visitor
Family authentification failure.
Disclosed above is only specific embodiment of the utility model, but the utility model is not limited to this, ability
The technical staff in domain can carry out the utility model spirit and scope of the various modification and variations without departing from the utility model.
These obvious modification and variations should all belong in the protection domain protection of the requires of the utility model.In addition, although in this specification
Some specific terms have been used, but these terms are merely for convenience of description, and it is any special that the utility model is not formed
Limitation.
Claims (5)
1. a kind of follow-on SIM card, including core processing module and the storage mould that is connected respectively with the core processing module
Block and serial communication interface, program storage block, the data that the memory module includes with core processing module being connected respectively are deposited
Store up module and work memory module, it is characterised in that the SIM card, which is equipped with, is used to generate true random number encryption key for encryption
The true random number module of authentication key;
The true random number module is real random number generator chip.
2. follow-on SIM card as claimed in claim 1, it is characterised in that the authentication key is to be stored in memory module
In or the true random number key that is stored in the mobile terminal to match with the SIM card.
A kind of 3. mobile terminal, it is characterised in that including the 1 or 2 follow-on SIM card of any one of them of claim, and with
The serial communication interface of the SIM card is connected.
4. a kind of mobile communication identification system, including mobile communications network, mobile terminal and installed in it is described it is mobile eventually
SIM card in end, SIM card carry out identification between the mobile terminal and mobile communications network, it is characterised in that institute
Mobile terminal is stated as the mobile terminal described in claim 3.
5. mobile communication identification system as claimed in claim 4, it is characterised in that the mobile communications network includes
Key issues server, and key, which is issued, is equipped with real random number generator in server, for generating true random number and mobile logical
Distribution forms corresponding true random number key between communication network and SIM card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201720677173.6U CN207251631U (en) | 2017-06-12 | 2017-06-12 | A kind of follow-on SIM card and mobile terminal and identification system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201720677173.6U CN207251631U (en) | 2017-06-12 | 2017-06-12 | A kind of follow-on SIM card and mobile terminal and identification system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN207251631U true CN207251631U (en) | 2018-04-17 |
Family
ID=61877989
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201720677173.6U Active CN207251631U (en) | 2017-06-12 | 2017-06-12 | A kind of follow-on SIM card and mobile terminal and identification system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN207251631U (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111464998A (en) * | 2020-03-27 | 2020-07-28 | 郑州信大捷安信息技术股份有限公司 | Burning and accessing method and system for private network SIM card |
| CN112235799A (en) * | 2020-10-14 | 2021-01-15 | 中国电力科学研究院有限公司 | Network access authentication method and system for terminal equipment |
| CN113950049A (en) * | 2021-09-28 | 2022-01-18 | 天翼物联科技有限公司 | Internet of things quantum security method, system, device and medium based on SIM card |
-
2017
- 2017-06-12 CN CN201720677173.6U patent/CN207251631U/en active Active
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111464998A (en) * | 2020-03-27 | 2020-07-28 | 郑州信大捷安信息技术股份有限公司 | Burning and accessing method and system for private network SIM card |
| CN112235799A (en) * | 2020-10-14 | 2021-01-15 | 中国电力科学研究院有限公司 | Network access authentication method and system for terminal equipment |
| CN112235799B (en) * | 2020-10-14 | 2021-11-16 | 中国电力科学研究院有限公司 | Network access authentication method and system for terminal equipment |
| CN113950049A (en) * | 2021-09-28 | 2022-01-18 | 天翼物联科技有限公司 | Internet of things quantum security method, system, device and medium based on SIM card |
| CN113950049B (en) * | 2021-09-28 | 2023-10-03 | 天翼物联科技有限公司 | Quantum security method, system, device and medium of Internet of things based on SIM card |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101641976B (en) | An authentication method | |
| CN108833114A (en) | A kind of decentralization identity authorization system and method based on block chain | |
| CN111787530B (en) | Block chain digital identity management method based on SIM card | |
| US20140093144A1 (en) | More-Secure Hardware Token | |
| CN106850209A (en) | A kind of identity identifying method and device | |
| CN107333263B (en) | Improved SIM card and mobile communication identity recognition method and system | |
| CN107833317A (en) | Control of bluetooth access control system and method | |
| CN106658474A (en) | Method utilizing embedded safety element to realize safety protection for SIM card data | |
| CN101300808A (en) | Method and arrangement for secure autentication | |
| CN101777978A (en) | Method and system based on wireless terminal for applying digital certificate and wireless terminal | |
| CN101986641A (en) | Trusted computing platform chip applicable to mobile communication equipment and authentication method thereof | |
| CN108683510A (en) | A kind of user identity update method of encrypted transmission | |
| CN108848495B (en) | User identity updating method using preset key | |
| JP4153046B2 (en) | Mobile radio communication subscriber authentication method and authentication apparatus | |
| CN106789024B (en) | A kind of remote de-locking method, device and system | |
| CN109151820A (en) | One kind being based on the safety certifying method and device of " one machine of a people, one card No.1 " | |
| CN207251631U (en) | A kind of follow-on SIM card and mobile terminal and identification system | |
| CN104202299A (en) | System and method of identity authentication based on Bluetooth | |
| CN104424676A (en) | Identity information sending method, identity information sending device, access control card reader and access control system | |
| CN102867157A (en) | Mobile terminal and data protecting method | |
| CN101990201B (en) | Method, system and device for generating general bootstrapping architecture (GBA) secret key | |
| CN103037366A (en) | Mobile terminal user authentication method and mobile terminal based on asymmetric cryptographic technique | |
| CN107517217A (en) | A kind of multiple-factor wireless key fill system based on fingerprint recognition | |
| CN101944216A (en) | Two-factor online transaction safety authentication method and system | |
| WO2014180345A1 (en) | User identity verification and authorization system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |