NZ504378A - A method allowing flexible and safe management of seed numbers and encryption keys - Google Patents

A method allowing flexible and safe management of seed numbers and encryption keys

Info

Publication number
NZ504378A
NZ504378A NZ504378A NZ50437898A NZ504378A NZ 504378 A NZ504378 A NZ 504378A NZ 504378 A NZ504378 A NZ 504378A NZ 50437898 A NZ50437898 A NZ 50437898A NZ 504378 A NZ504378 A NZ 504378A
Authority
NZ
New Zealand
Prior art keywords
encryption
algorithm
key
seed number
encryption key
Prior art date
Application number
NZ504378A
Inventor
Pasi Lahtinen
Original Assignee
Sonera Oyj
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sonera Oyj filed Critical Sonera Oyj
Publication of NZ504378A publication Critical patent/NZ504378A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party

Abstract

A method for computing the key (4) to an encryption algorithm used to encrypt subscriber identify module specific application to be transmitted over a telecommunication network and for generating the seed number (1, 5) needed for the computation of the encryption key (4) by making use of the subscriber identity module (9) of a mobile station (8) wherein the key to the encryption algorithm is computed from the seed number (1, 5) using a certain algorithm (3, 7). The seed number (1, 5) used is a number computed from a random number RAND generated by the authentication centre (AC) (19) of the mobile communication network and - using the authentication algorithm (3) of the mobile communication network, the encryption key (4) required by the encryption algorithm is computed from the seed number (1, 5) and a subscriber identification key Ki (2).

Description

<div class="application article clearfix" id="description"> <p class="printTableText" lang="en">WO 99/25086 <br><br> 1 <br><br> PCT/FI98/00879 <br><br> GENERATION OF A SEED NUMBER <br><br> The present invention relates to a method as defined in the preamble of claim 1 for computing the key to an encryption algorithm used to encrypt messages 5 transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobile station. Moreover, the invention relates to a system as defined in the preamble 10 of claim 7 for computing the key to an encryption algorithm used to encrypt messages transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobi-15 le station. <br><br> In the near future, it is to be expected that further applications will be designed for mobile station subscriber identity modules, such as SIM cards (Subscriber Identity Module, SIM), in which encryption 20 of communication is required. The encryption algorithm implementing the encryption needs an encryption key. In prior art, a methficl is known m which a separate algorithm for computing the encryption key is implemented in the subscriber identity module of a mobile station. 25 In another prior-art method, the encryption key is stored on the subscriber identity module in conjunction with manufacture. In yet another previously known method, the encryption key is stored on the subscriber identity module when the latter is taken into use. A 30 problem with the prior-art methods is that managing the seed number needed for the computation of the encryption key and/or managing the encryption key is difficult and, e.g. in solutions based on an RSA algorithm, separate equipment is needed. A further problem is that an 35 encryption key permanently stored on the subscriber identity module is not as secure as an encryption key having a variable value. <br><br> Printed from Mimosa <br><br> WO 99/25086 <br><br> 2 <br><br> PCT/FI98/00879 <br><br> The object of the present invention is to disclose a new type of method that eliminates the problems described above. A further object of the invention is to disclose a system that can be used to implement said method. <br><br> A specific object of the present invention is to disclose a method and a system that allow flexible and safe management of seed numbers and encryption keys. <br><br> As for the features characteristic of the present invention, reference is made to the claims. <br><br> In the method of the invention, the encryption key required by the encryption algorithm used for the encryption of communication is computed from a certain seed number by making use of the subscriber identity module of the mobile station. When the mobile station is activated, its subscriber identity module performs an authentication procedure with the mobile communication network. This is done by using an operator-specific authentication algorithm and a seed number consisting of a random number RAND generated by the mobile communication network. The same authentication algorithm can be used to compute an encryption key. The seed number is a number computed on the basis of a random number RAND generated by the authentication centre AC of the mobile communication network. Using the seed number and a subscriber identification key Kx as starting values for the authentication algorithm, an application in the subscriber identity module computes the encryption key and stores it in the subscriber identity module. This encryption key is used when messages are to be encrypted and/or decrypted. <br><br> As compared with prior art, the present invention has the advantage that it makes the management of seed numbers and encryption keys considerably easier and simpler than before. As the seed numbers and encryption keys are calculated in the subscriber identity module when necessary, they need not be transmitted or <br><br> Printed from Mimosa <br><br> WO 99/25086 <br><br> 3 <br><br> PCT/FI98/00879 <br><br> set. A further advantage is that no separate equipment is needed for the management of seed numbers and encryption keys, which means that cost savings are achieved. The invention also increases security. In the met-5 hod of the invention, the encryption key changes continuously and it is not transmitted anywhere, thus considerably reducing the chance of its getting into the hands of outsiders. <br><br> In an embodiment of the method, a seed number 10 is calculated from a random number RAND generated by the authentication centre, producing a seed number such as RAND+1. <br><br> In an embodiment of the method, the encryption key is computed by using an A3 algorithm, which is an 15 operator-specific authentication algorithm. <br><br> In an embodiment of the method, one or more encryption keys are used. In this case, each application requiring encryption has its own encryption key, thus increasing security. <br><br> 20 In an embodiment of the method, the encryption key is computed by using one or more successive algorithms so that the result of the preceding algorithm is used as the seed number for the next algorithm. This provides the advantage that the seed number for the new 25 algorithm is changed, which leads to increased security. <br><br> In an embodiment of the method, a certain portion of the random number range used by the mobile communication network is reserved for the calculation of 30 seed numbers. <br><br> The system of the invention for computing the key to an encryption algorithm used to encrypt messages transmitted over a telecommunication network and for generating the seed number needed for the computation 35 of the encryption key by making use of the subscriber identity module of a mobile station comprises an encryption device and means for the transmission of encrypted messages. The encryption device comprises a me- <br><br> Printed from Mimosa <br><br> WO 99/25086 PCT/FI98/00879 <br><br> 4 <br><br> ans for computing an encryption key from a seed number. The means used to transmit encrypted messages comprise a mobile station and an encryption server. <br><br> In an embodiment of the system, an encryption 5 device is implemented both in the subscriber identity module and in the authentication centre. <br><br> In an embodiment of the system, the encryption device comprises a device for storing the encryption key. <br><br> 10 In an embodiment of the system, the mobile station is GSM compatible. <br><br> In the following, the invention will be described by the aid of an embodiment example by referring to the attached drawings, wherein 15 Fig. la and lb illustrate an example represen ting the method of the invention in the form of logic diagrams; and <br><br> Fig. 2 presents an example representing the hardware configuration of the system of the invention. 20 Fig. la illustrates a method in which the mo bile communication network generates a random number RAND and sends it to the subscriber identity module 9. Based on this random number, a seed number RAND+1 is calculated. This seed number 1 and the identification 25 key KA 2 are input as starting values to an A3 algorithm 3. The identification key Kx 2 is a user-specific secret parameter, which has been stored in the subscriber identity module 9 and in the authentication centre 10. The A3 algorithm 3 is the same operator-specific 30 algorithm that is used when the subscriber identity module 9 carries out an authentication procedure with the authentication centre 10 of the mobile communication network upon activation of the mobile station 8. A feature characteristic of the A3 algorithm 3 is that com-35 puting the encryption key 4 from the seed number 1 and the identification key K± 2 is easy, but determining the identification key 2 on the basis of the seed number 1 and the encryption key 4 is extremely difficult. <br><br> Printed from Mimosa <br><br> WO 99/25086 <br><br> 5 <br><br> PCT/FI98/00879 <br><br> The encryption key 4 is the result produced by the algorithm 3. This encryption key 4 is used when messages are to be encrypted and/or decrypted. <br><br> Fig. lb illustrates a variation of the method 5 of the previous example. In this case, it is assumed that the random number range is 0 - 10000. It is divided into two halves so that the random number RAND values 0 - 4 999 are reserved for the computation of seed numbers 5. the mobile communication network generates a 10 random number RAND and sends it to the subscriber identity module 9. Based on the random number, a seed number RAND+5000 is calculated. The seed number 5 and the identification key ^ 2 are input as starting values to the A3 algorithm 3, which produces a new seed number 6 15 as a result. The new seed number 6 thus computed and the identification key K± 2 are given as starting values to a new algorithm 7. The result obtained is used as the final encryption key 4. The advantage provided by this alternative is that the seed number 6 for the 20 new algorithm 7 is automatically changed. <br><br> Fig. 2 illustrates a system in which encrypted short messages are transmitted between a GSM telephone 8 and an encryption server 12 m a GSM network. An encryption device 11 has been implemented both in the 25 subscriber identity module 9 of the mobile station 8 and in the authentication 10 of the GSM network. The encryption device 11 comprises a SIM Application Toolkit, an application that computes the encryption key 4. In addition, the encryption device 11 stores the compu-30 ted encryption key 4 for use. When messages to be encrypted and/or decrypted are transmitted, the encryption device 11 computes an encryption key 4 on the basis of a seed number 1 and a user-specific identification key Kx 2 both on the SIM card 9 and in the authentica-35 tion centre 10. Based on this encryption key 4, an encryption algorithm, such as an RSA or 3DES algorithm, implemented both on the SIM card and in the authentication server 12, encrypts/decrypts the message. The key <br><br> Printed from Mimosa <br><br> WO 99/25086 <br><br> 6 <br><br> PCT/FI98/00879 <br><br> 4 is stored for the next time it is needed, or a new value for the key is computed each time. <br><br> The invention is not restricted to the examples of its embodiments described above, but many 5 variations are possible within the scope of the inventive idea defined by the claims. <br><br> Printed from Mimosa <br><br> INTELLECTUAL PROPERTY OFFICE OF N.Z. <br><br> 1 5 JAN 2002 RECEIVED <br><br></p> </div>

Claims (12)

<div class="application article clearfix printTableText" id="claims"> <p lang="en"> CLAIMS<br><br>
1. Method for computing the key to an encryption algorithm used to encrypt subscriber identity module<br><br> 5 specific application messages to be transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobile station, in which method the key to the encryption<br><br> 10 algorithm is computed from the seed number using a certain algorithm, characterised in that the seed number used is a number computed from a random number RAND generated by the authentication centre (AC) of the mobile communication network; and<br><br> 15 using the authentication algorithm of the mobile communication network, the encryption key required by the encryption algorithm is computed from the seed number and a subscriber identification key K±.<br><br>
2. Method as defined in claim 1, characterised in<br><br> 20 that the seed number is calculated from the random number RAND generated by the authentication centre, producing a seed number such as RAND+1.<br><br>
3. Method as defined in claim 1 or 2, characterised in that the encryption key is computed by using an A3<br><br> 25 algorithm.<br><br>
4. Method as defined in any one of claims 1-3, characterised in that one or more encryption keys are used.<br><br>
5. Method as defined in any one of claims 1-4, characterised in that the encryption key is computed by<br><br> 30 using one or more successive algorithms in such manner that the result of the preceding algorithm is used as the seed number for the next algorithm.<br><br> INTELLECTUAL PROPERTY OFFICE OF N.Z.<br><br> 1 5 JAN 2002 © RECEIVED<br><br>
6. Method as defined in any one of claims 1-5, characterised in that a certain portion of the random number range used by the mobile communication network is reserved for the computation of seed numbers.<br><br> 5
7. System for computing the key to an encryption algorithm used to encrypt subscriber identity module specific application messages to be transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by<br><br> 10 making use of the subscriber identity module of a mobile station, said system comprising an encryption device and means for the transmission of encrypted messages, characterised in that the encryption device comprises a means for<br><br> 15 computing the encryption key from the seed number; and the means used to transmit encrypted messages comprise a mobile station and an encryption server.<br><br>
8. System as defined m claim 7, characterised in that an encryption device is implemented both in the<br><br> 20 subscriber identity module and in the authentication centre.<br><br>
9. System as defined in claim 7 or 8, characterised in that the encryption device comprises a device for storing the encryption key.<br><br> 25
10. System as defined in any one of claims 7-9,<br><br> characterised in that the mobile station is GSM compatible.<br><br>
11. Method for computing as claimed in claim 1 and substantially as herein described with reference to the accompanying drawings.<br><br> 30
12. System for computing as claimed in claim 7 and substantially as herein described with reference to the accompanying drawings.<br><br> </p> </div>
NZ504378A 1997-11-11 1998-11-11 A method allowing flexible and safe management of seed numbers and encryption keys NZ504378A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI974198A FI105253B (en) 1997-11-11 1997-11-11 Generation of start value
PCT/FI1998/000879 WO1999025086A2 (en) 1997-11-11 1998-11-11 Generation of a seed number

Publications (1)

Publication Number Publication Date
NZ504378A true NZ504378A (en) 2002-03-28

Family

ID=8549914

Family Applications (1)

Application Number Title Priority Date Filing Date
NZ504378A NZ504378A (en) 1997-11-11 1998-11-11 A method allowing flexible and safe management of seed numbers and encryption keys

Country Status (7)

Country Link
EP (1) EP1025739A2 (en)
JP (1) JP2001523064A (en)
AU (1) AU1489299A (en)
CA (1) CA2309666A1 (en)
FI (1) FI105253B (en)
NZ (1) NZ504378A (en)
WO (1) WO1999025086A2 (en)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7328350B2 (en) 2001-03-29 2008-02-05 Arcot Systems, Inc. Method and apparatus for secure cryptographic key generation, certification and use
GB2350981A (en) * 1999-06-11 2000-12-13 Int Computers Ltd Cryptographic key recovery
KR20010004791A (en) * 1999-06-29 2001-01-15 윤종용 Apparatus for securing user's informaton and method thereof in mobile communication system connecting with internet
FI109864B (en) 2000-03-30 2002-10-15 Nokia Corp Subscriber authentication
US7046639B2 (en) * 2000-09-29 2006-05-16 The Regents Of The University Of California System and method for ad hoc network access employing the distributed election of a shared transmission schedule
US6983375B2 (en) 2001-04-13 2006-01-03 Ge Medical Technology Services, Inc. Method and system to grant indefinite use of software options resident on a device
US7424115B2 (en) 2003-01-30 2008-09-09 Nokia Corporation Generating asymmetric keys in a telecommunications system
FI120174B (en) * 2004-03-19 2009-07-15 Nokia Corp Saving data with the device
CN1747384A (en) * 2004-09-08 2006-03-15 华为技术有限公司 Authenticated key set
EP1849119B1 (en) 2005-02-18 2019-07-10 EMC Corporation Derivative seeds
JP2007019711A (en) * 2005-07-06 2007-01-25 Kyocera Mita Corp Data management apparatus and program therefor
US7925895B2 (en) 2005-02-22 2011-04-12 Kyocera Mita Corporation Data management apparatus, data management method, and storage medium
GB2512595A (en) * 2013-04-02 2014-10-08 Mastercard International Inc Integrated contactless mpos implementation
JP5847345B1 (en) * 2015-04-10 2016-01-20 さくら情報システム株式会社 Information processing apparatus, authentication method, and program

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4797672A (en) * 1986-09-04 1989-01-10 Octel Communications Corp. Voice network security system
JP3080382B2 (en) * 1990-02-21 2000-08-28 株式会社日立製作所 Cryptographic communication system
US5201000A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Method for generating public and private key pairs without using a passphrase
IL107967A (en) * 1993-12-09 1996-12-05 News Datacom Research Ltd Apparatus and method for securing communication systems
EP0688929B1 (en) * 1994-06-21 2004-10-13 Microchip Technology Inc. Secure self-learning
SE506619C2 (en) * 1995-09-27 1998-01-19 Ericsson Telefon Ab L M Method for encrypting information

Also Published As

Publication number Publication date
WO1999025086A3 (en) 1999-10-28
AU1489299A (en) 1999-05-31
CA2309666A1 (en) 1999-05-20
WO1999025086A2 (en) 1999-05-20
JP2001523064A (en) 2001-11-20
FI974198A (en) 1999-05-12
FI105253B (en) 2000-06-30
FI974198A0 (en) 1997-11-11
EP1025739A2 (en) 2000-08-09

Similar Documents

Publication Publication Date Title
EP0841770B1 (en) Method for sending a secure message in a telecommunications system
US7716483B2 (en) Method for establishing a communication between two devices
US5544245A (en) Mutual authentication/cipher key delivery system
US8223970B2 (en) Message deciphering method, system and article
CA2191668C (en) Communication method and device
US5602917A (en) Method for secure session key generation
EP0735723B1 (en) Cryptographic communication method and cryptographic communication device
US5915021A (en) Method for secure communications in a telecommunications system
CN100452700C (en) Secret session establishment based on radi oapplied protocol
CN100442691C (en) Method for providing security on powerline-modem network
EP1502467B1 (en) Paired sim card function
EP0393806A2 (en) Cryptographic method and apparatus for public key exchange with authentication
GB2401293A (en) Secure data transmission links
MXPA96006339A (en) Communication method and device
KR20010033435A (en) Secure messaging system overlay for a selective call signalling system
NZ504378A (en) A method allowing flexible and safe management of seed numbers and encryption keys
WO2003003171A3 (en) A method and system for generating and verifying a key protection certificate.
US6640303B1 (en) System and method for encryption using transparent keys
US20050102507A1 (en) Method for establishing an encrypted communication by means of keys
AU2006216855A1 (en) System and method for three-phase data encryption
WO2009004411A1 (en) Communication device with secure storage of user data
CN110213764B (en) Wireless safety communication method and device
JP2005051368A (en) Communication apparatus, base station apparatus and communication system
JPS6346028A (en) Cryptographic key distribution system
CN115580863A (en) Internet of vehicles card real name authentication method and system

Legal Events

Date Code Title Description
PSEA Patent sealed