CA2356420A1 - Authentication and non-repudiation of a subscriber on a public network - Google Patents

Authentication and non-repudiation of a subscriber on a public network Download PDF

Info

Publication number
CA2356420A1
CA2356420A1 CA002356420A CA2356420A CA2356420A1 CA 2356420 A1 CA2356420 A1 CA 2356420A1 CA 002356420 A CA002356420 A CA 002356420A CA 2356420 A CA2356420 A CA 2356420A CA 2356420 A1 CA2356420 A1 CA 2356420A1
Authority
CA
Canada
Prior art keywords
wireless device
digital wireless
application provider
authentication
authenticator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
CA002356420A
Other languages
French (fr)
Inventor
Thomas J. Mullen
Duane Sharman
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wmode Inc
Original Assignee
Wmode Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wmode Inc filed Critical Wmode Inc
Priority to CA002356420A priority Critical patent/CA2356420A1/en
Priority to PCT/CA2002/001352 priority patent/WO2003019856A2/en
Priority to AU2002325116A priority patent/AU2002325116A1/en
Publication of CA2356420A1 publication Critical patent/CA2356420A1/en
Abandoned legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Meter Arrangements (AREA)

Abstract

A system and method for authenticating a subscriber to an application provider using the authentication services of the wireless network over which the connection is made. A unique client id is provided, over a public network, by a wireless device to an authenticator. An authentication challenge is returned to the wireless device, which generates a response in accordance with a shared secret key. The response is transmitted back to the authenticator, which, if it determines the response to be authentic, permits the wireless device to connect to the desired application provider. A method and system for obtaining non-repudiable authorization for a billing transaction, so that charges can be placed on a network access billing system by an outside service provider, is also disclosed.

Description

08/30/2001 16:24 FAX 613 787 3558 _ _BLG CANADA 1005 AUTHENTICATION AND NON-REPUDIATION OF A SUBSCRIBER
O I E ORI~
FIELD OF THE INVENTION
The present invention relates to authenticating a subscriber on a public network. In particular, the present invention relates to a system for authenticating the identity of a user using a mobile device, such as a cellular phone, to log in to an application provider.
BACKGROUND OF THE INVENTION
1D In the field of wireless telecommunications, authentication of a user's identity is of fundamental concern. Three of the most substantial concerns regarding identity relate to whether or not the wireless device is legitimately identifying itself instead of reporting a false identification sequence, whether or not the handset is in the possession of the authorized user and generating an audit trail for billing purposes.
To facilitate the solution to the second problem, and to allow user billing, each wireless device is assigned a unique wireless device identifier, which is reported to the rAetwork upon initialization of the phone. The cellular phone service provider can check this wireless device identifier to ensure that the wireless device has not been reported stolen. Thus the assumption is made that unless reported stolen, a phone is in the hands of 2o an authorized user, and that until reporting the phone missing the user is responsible for all charges incurred.
In traditional analogue cellular service, such as advanced mobile phone system (AMPS), narrowband AMPS (VAMPS), total access communications system (TACS), or extended TACS (ETACS) networks, though the wireless device identifier may be useable for identifying a stolen phone, it cannot be used to determine that the phone transmitting the ESN is doing so legitimately. The transmission of the wireless device identifier over an insecure network allows a third party to intercept the wireless device identifier. Because no information, other than the wireless device identifier, is required to validate a phone, a sufficiently motivated and properly equipped third party can scan known cellular channels to obtain wireless device identifier as phones are initialized. By modifying a second phone to transmit the wireless device identifier of a first phone, it is possible to produce a cloned phone capable of convincing the network that it is authorized.

08/30/2001 16:24 FAX 613 787 3558 _ BLG CANADA f~J006 Along with offering encryption for phone calls to impede eavesdropping, digital cellular service also introduces a more secure initialization routine to make phone cloning more difficult. Due to its worldwide use, and simple to describe implementation global system for mobile communications (GSM) type systems will be used in the following discussion. It will be appreciated by one of skill in the art that the discussion is equally applicable to other communication systems such as time division multiple access (TDMA) and code division multiple access (CDMA). In digital service initialization, as illustrated in Figure 1, the wireless device identifier, such as an electronic serial number (ESN), is pxovided by the digital wireless device 112 to the digital cellular network 114, as shown in flow 116. The ESN is verified by checking against a database, such as an equipment identity register (EIR), in step 118, and is rejected at 120 if it is determined to be an invalid ESN: If the ESN is valid, an authenticator 122, such as an authentication center (AuC), transmits an authentication challenge in step 124. Associated with each unique ESN is a predetermined secret key value, that is only stored in the cellular device 112 and i5 AuC 122 and that is used to calculate a response such as a signed response (SRES) 126.
This secret icey value is commonly referred to as the shaxed secret key. The SR.ES is transmitted 130 by the cellular device to the AuC 122, which also calculates an SRES 128.
The two SRESs are compared in step 132, and only upon matching is authentication of the digital wireless device provided 134.
2o The authentication challenge can be used, in conjunction with the shared secret key value, to generate an SRES in numerous manners, including polynomial expansions of the values, and encrypting the shared secret key using the seed value as the public encryption Icey. Thus, by adding a securely stored value, the shared secret key, that is associated with a unique value, the ESN, and never openly transmitting the securely stored value, digital 25 cellular services have a method of preventing one cellular device from impersonating another. In order to clone a first digital cellular phone 112, a second digital wireless device would need to be reprogrammed to transmit the ESN of the first device and have the shared secret key value copied as well. Typically, the shared secret Icey value can only be discerned by physical examination of the first digital wireless device 112, or the AuC 122 30 of the digital cellular network 114. After receiving authentication, digital cellular devices use a mix of encryption, spread spectrum transmissions and pseudo-random frequency 08/30/2001 16:25 FAX 613 787 3558 _ _ ALG CANADA 0 007 hopping to provide second transmission channels.
Another advance digital cellular service offers over an analogue service is the ability to use the cellular device for more than audio signals. With analogue service, a computer could be connected to a modem, which in turn would connect to the analogue cellular device to provide a dial-up data connection. These connections are typically slow, noisy and insecure. In contrast, digital cellular services are by nature better designed to handle digital communications. Voice calls on a digital cellular network are packetized prior to transmission, and are transmitted as a series of binary representative packets. This allows digital cellular devices to interact with computers without the need for a modem. It also allows digital ceiluiar devices to serve as digital wireless data stations.
So called wireless web functionality, wherein cellular devices allow a user to browse a subset of Internet web sites through a proxy server or directly if the web site offers wireless markup language (WML) services, are already comnnonly implemented.
Numerous services, from stock pricing to sports scores are commonly offered by application providers (AP), such as wireless application service providers (WASP).
Additionally interactive services, such as Banking transactions and stock trading can also be offered to users. These services are typically accessed through a data network that relies upon the transmission of data as packets. In many implementations the data is transmitted in packets conforming to the standards of the transmission control protocol/intemet 2o protocol (TCP/IP) suite. To translate between the wireless protocols of the network 114 and the wired protocols of data networks, such as the Internet, a gateway, such as a wireless application protocol (WAP) gateway, may be employed. This does not allow a connection from a digital wireless device 112 to a WASP that is guaranteed to be carried in a secure channel. One remedy is the use of a secure, or encrypted, connection between the WASP and the WAP gateway.
These wireless appLicarion service providers typically require a combination of user identifier and password to identify the user and select the corresponding account information. Though transmitted over a semi-secure connection, many people's user identification and password information are easy to discern. Due to the limited interface of 3o the majority of digital cellular devices many user identification and password combinations are very short, and thus more readily fall prey to conventional social _3_ 08/30/2001 16:26 FAX 613 787 3558 _BLG CANADA f~008 engineering techniques, thus making illicit access to wireless ASP services easier to access than typical non-wireless systems.
By discerning user identification and password information, it is possible to impersonate a user of a WASP from any digital cellular device. Additionally the impersonation requires less effort than the cloning of an analogue cellular phone does, as impersonation requires no specialized equipment, whereas cloning analogue cellular devices requires equipment to reprogram electrically erasable programmable read only memory (EEPROIvI].
The client id can also be falsified by a computer with access to the WASP over a to network. The data sent, in reply, by the WASP, is directed to the address of the computer that transmitted the packet, and not to a specific digital cellular phone.
Thus an individual could falsify a client 1D field and attempt to interact with the WASP, using discerned user ldentificataon and password information, without the WASP knowing that an unauthorized access had been performed.
Because it is not possible for a WASP to ensure that the user using the service is the authorized user, it is difficult to authenticate a user request in a manner that prevents the user from repudiating the transaction at a later time. Due to the ability of the user to repudiate transactions, forming fee per use billing arrangements with cellular service providers is difficult. Though banking institutions are content to carry out their own 2o authentication and billing, other financial services, or services associated with personal information, lack the infrastructure to either bill a client on a fee-per-transaction basis or obtain a non-repudiable transaction authorization. One such example is a gaming service that allows wireless online gaming and requires the ability to bill small amounts of money to a carrier billing system per session. Another example is a stock monitoring service, where a user does not carry out a transaction, but does require authentication of the user to protect the privacy of a user's portfolio, that would benefit from the ability to offer the same levels of security as the basic network requires.
Currently, digital wireless devices support WML through integrated WAP
browsers, and included in this dialect is a "sign text" function that can be used to digitally sign requests. This function is embedded in the hardware of the phone and operates in the following manner.

08/3012001 16:27 FAX 613 787 3558 _ __BLG CANADA f~J009 a) WML script which contains sign text command is loaded into wireless device from web site;
b) Sign text function presents the specified text string to the subscriber on the phone;
s c) Subscriber must enter a PIN known to subscriber and phone to sign the document; and d) Upon entering the PIN the text is passed to the SIM and 'digitally signed"
using a public key infrastructure (PKI) key pair specified in the sign text command.
Implementing this system requires that a PKI infrastructure be implemented by the l0 WASP, and that the implemented PKI infrastructure is approved by the network 114 so that transactions can be approved, and if needed bill by the network 114.
Implementing a PKI infrastructure for every WASP and carrier is logistically difficult.
It is therefore desirable to provide a system and method for remote authentication of a wireless device for a service, without requiring the cumbersome step of requiring a 15 user identification aa~d password entry on the form factor limited input device. It is further desirable to provide a method of authorizing a WASP to bill a user through the wireless cellular provider, with proof that the WASP received authorization for the billing.
SUMMARY OF THE INVENTION
2o It is an object of the present invention to obviate or mitigate at least one disadvantage of the prior art.
In a first aspect, the present invention provides a method fox providing authentication of both a digital wireless device having both a client identifier and a shared secret key, by an application provider connected to an authenticator where copies of bofih the client identifier 25 and shared secret key are held, and the channel between the application provider and the digital wireless device. The method of the first aspect of the present invention comprises the authenticator receiving a request to authenticate a digital wireless device from the application provider, said request optionally including the client identifier of the digital wireless device to be authenticated, the authenticator generating an authentication challenge in response to the 3o received request and then transmitting the challenge to the digital wireless device, whereupon the digital wireless device generates and transmits a response to the authentication challenge, 08/30/2001 16:27 FAX 613 787 3558 BLG_CANADA I~ 010 said response optionally being generated by use of the shared secret key, which upon being received by the authenticator is authenticated, the authentication results being provided to the application provider. In an embodiment of the first aspect of the present invention communication between the application provider and the authenticator is carried by a data packet protocol, such as one provided in the transmission control protoeol/internet protocol suite, and is carried over a network such as the Internet. In another embodiment, communication between the authenticator and the digital wireless device is carried out using the application provider as an intermediary, while communication between the application provider and the digital wireless device is carried out using a digital wireless network, such t o as a digital cellular network employing time division multiple access, code division multiple access, the global system for mobile communications, or other such digital cellular protocols, as an intermediary.
According to a further aspect of the present invention, there is provided a system for authenticating a digital wireless device, having both a client identifier and a shared secret key, for an application provider, connected to a data network, that is in communication with the digital wireless device comprising an authenticator, which optionally holds the key associated with the client id of the digital wireless device, that is operatively connected to the application provider over the data network for receiving requests from the application provider to authenticate the digital wireless device, for generating and transmitting authentication 2o challenges, receiving and authenticating responses to the authentication challenges and for transmitting to the application provider the result of the authentication of the received responses. In an embodiment of the present aspect the data network is a network such as the Internet that is based on a protocol such one included in the transmission control protocol/internet protocol suite. In another embodiment of the present invention the digital wireless device is connected to the application provider by a digital wireless network, said digital wireless network being optionally connected to the application provider by the data network.
In another embodiment, there exists an auxiliary device connected to the digital wireless device, optionally over a wireless connection, and the application provider, optionally over the data network, for transmitting to the application provider the client id of the digital wireless device, and fox acting as an intermediary between the application provider 08/30/2001 16:28 FAX 613 787 3558 _- BLG_CANADA L~JO11 and the digital wireless device wherein it receives from the application provider authentication challenges for the digital wireless device, provides the received authentication challenges to the digital wireless device, receives from the digital wireless device responses to the received challenges and provides the received responses to the application provider. In this embodiment the authentication of the channel covers the channel between the application provider and the digital wireless device through the auxiliary device.
In a presently preferred embodiment, there is provided a system, as described above, wherein the digital wireless device is operatively connected to the application provider for receiving a transaction request, and has digital signature means for signing the transaction to request and transmission means for transmitting the signed transaction request to the application provider, furthermore the authenticator includes means for receiving the signed transaction request, authenticating the signed transaction request, said means optionally using a copy of the initial transaction request and a value derived from the client id, and transmission means for transmitting the results of the authentication of the signed transaction request to the application provider.
In a further aspect, there is provided a method of obtaining non-repudiable authorization, for a transaction, from a digital wireless device having both a client identifier and a shared secret key, at an application provider connected to both an authenticator knowing the shared secret key associated with the client identifier of the digital wireless device, and zo the digital wireless device, the method comprising the steps of the application provider transmitting a transaction request to the digital wireless device, the digital wireless device digitally signing the transaction request, which optionally includes the step of encrypting the transaction request with the shared secret key, and transmitting the digitally signed transaction request to the application provider, and the authenticator authenticating the digitally signed transaction request optionally using a copy of the transaction request and the shared secret key associated with the client id of the digital wireless device.
BRLEF DESCRrPTION OF THE DRAWINGS
Preferred embodiments of the present invention will now be described, by way of 3o example only, with reference to the attached Figures, wherein:
Figure 1 is an illustration of the prior art authentication process for a digital cellular 08/30/2001 16:29 FAX 613 787 3558 BLG CANADA I~ 012 network;
Figure 2 is an illustration of a system of the present invention to facilitate authentication of a user device by an application provider;
Figure 3 is a flowchart of an authentication process of the present invention;
Figure 4 is an illustration of a system of the present invention to facilitate authentication of a digital wireless device's digital signature on a transaction request from the application provider;
Figure 5 is a flowchart of a method of the present invention to provide a non-repudiable transaction authorization from the user device; and Figure 6 is an illustration of a system of the present invention to provide authentication and transaction services for an application provider to authenticate the user of an auxiliary device using the authentication features of a digital wireless device.
DETAILED DESCRIPTION OF THE INVENTION
The present invention will be described in relation to the Figures. One of skill in the art will appreciate that a number of changes can be made to the presented system and method to accomplish the same object without departing from the scope of the present invention.
Figure 2 presents a system according to an embodiment of the present invention.
2o Digital wireless device 156, in a present embodiment a digital wireless device such as a cellular phone, is connected to network 114, which provides a connection to an application provider (AP) 158, which in a present embodiment is a wireless application service provider, through data network 162. The connection between network 114 and data network 162 may be through a gateway or translation device as will be appreciated by one of skill in the art. In the presently illustrated embodiment, all communication between the digital wireless device 156 and the network 114 is carried out using standard radio frequency (RF) protocols. All communication between the application provider 158 and other components is carried out using standard data transfer protocols such as those in the transmission control protocol/internet protocol (TCP/iP) suite.
Upon connecting to the AP 158, through network 114, a client id uniquely associated with digital wireless device 156 is provided to AP 158. The client id can _g_ .08!30/2001 16:29 FAX 613 787_3558 . _ __ BLG CANADA I~J013 originate in the digital wireless device 156, or digital identifier module 164. Alternatively, network 114, using a standard gateway such as a wireless application protocol gateway, can attach the client id to data transmissions originating from digital wireless device 156.
Digital identifier module 164 is, in one embodiment, a subscriber identification module (SIM) that is removable from the digital wireless device 154. In other embodiments, the digital identifier module 164 is integrated with the digital wireless device 154, so as not to be removable, and can encompass any means of storing the client id and shared secret key in the wireless device 154. Authenticator 160 is connected to AP 158 through data network 162. Data network 162 is a packet-based network such as the Internet.
to Optionally included in the system of Figure 2 is auxiliary device 196, which is directly connected to digital wireless device 156, and connected to AP 158 through data network 162.
A method according to the present invention is shown in Figure 3, with the data flows shown in Figure 2. Generally, AP 158 associates the unique client id with its own account information. To ensure that a malicious third party does not forge a client id, AP
158 confirms that the source of the client id is a valid party. The process commences when the AP 158 receives a connection request from the digital wireless device 156 at step 166.
This request includes the client id of the digital wireless device 156 that is initiating the connection, or in an alternate embodiment the request can include any value uniquely 2o associated with the client id, such as the ESN or phone number of the digital wireless device. The authenticator 160 is asked to authenticate the user in step 168.
The authenticator 160 then generates an authentication challenge based upon the client id, or other value associated with the client id, step 169. This authentication challenge is similar to the one that would be generated when a digital wireless device is initialized on the network 114. The authenticator then transmits the generated challenge to the AP 158 at step 170. AP 158 then transmits the authentication challenge to the party that initiated the connection at step 171 (whose network address is determined from the incoming request).
If the request is from digital wireless device 156, it receives the authentication challenge, and calculates an authentication response.
3o The digital wireless device 156 receives the authentication challenge from and responds by generating an authentication response in step 172. The authentication 08/30/2001 16:30 FAX 613 787 3558 _ _ BLG CANADA f~]014 response is calculated using a shared secret key stored in the wireless identification module 164. The generated response is transmitted to the AP 158 in step 173.
The authentication response is transmitted by AP 158 to the authenticator 160 in step 174. The authenticator 160 authenticates the provided authentication response in step 176. Upon authenticating the authentication response, authenticator 160 provides AP 158 with the result of the authentication. If the authenticator 160 authenticated the authentication response successfully, the connection to the digital wireless device 156 is allowed to proceed and the account is accessed, as shown at step 178. If the authentication response is not successfully authenticated the connection is rejected at step 180.
S o In another embodiment of the method of the present invention, AP 158 requests authentication of a client id by interacting with authenticator 160, and includes in the request the network address of digital wireless device 156. Authenticator 160 transmits an authentication request to AP 158. AP 158 relays the authentication challenge to digital wireless device 156, which generates the authentication response and transmits it directly to authenticator 160. Upon authenticating the authentication response, authenticator 160 provides AP 158 with the authentication result, which is used to determine whether or not to provide a connection with digital wireless device 156. Thus authenticator 160 delivers a challenge to the originator of the connection to AP 158 to authenticate both digital wireless device 158, and th.e connection between digital wireless device 156 and AP 160.
2o As will be appreciated by those of skill in the art, by providing a connection between the AP 158 and the authenticator 160, it is possible to authenticate digital wireless device 156 without requesting that user information be input by the user. This provides the same degree of authentication that nefiwork 114 provides for basic network service. Thus possession of the digital wireless device 156 is considered to be permission to access the services of AP 158, and the onus to report a device theft is placed upon user.
An example of a user being authenticated using the method of Figure 3 and the system of Figure 2 is now provided, for illustrative purposes only. This example should not be construed as limiting to the scope of the present invention. A user controls the digital wireless device 156, and creates a connection, over network 114, to a stock quote service's AP 158 with which a series of accounts have been established, each account holding a number of stocks that are tracked. The Ap 158 receives a request for a '08/30/2001 16:31 FAX 613 787 3558_ . _ BLG CANADA f~J015 connection, which includes a client id. Seeking to authenticate that the client reported is from the device rebistered by the user, AP 158 connects to the authenticator 160 and requests an authentication of the client id reported by the incoming connection to AP 158.
Authenticator 160 then generates an authentication challenge. The challenge is pxovided to the AP 158, which then transmits the challenge to digital wireless device 156.
The digital wireless device 156 calculates an authentication xesponse that will identify it to the authenticator 160, using the shared secret key associated with its client id.
The authentication response is provided to the authenticator 160 by AP 158 upon receiving it from digital wireless device 156. The authenticator 160 then verifies that a party that to knows the shared secret key generated the authentication response. This information is considered to be proof that the digital wireless device 156 is valid and not cloned, nor is the connection request from a source attempting to masquerade as digital wireless device 156. Upon receiving the result of the comparison between the provided authentication response and the authenticator calculated authentication xesponse, AP 158 accepts the 1 5 connection if the comparison revealed that the authentication response was valid. The client id of the incoming connection is then used, by the AP 158 to identify the user, and present the relevant information about the stocks in each account. The matching of the client id and user information is done in a database hosted by AP 158.
Because the authentication of a user is as secure as that offered fox basic network 2o service, it is possible for an infrastructure to be built that allows the AP 158 to bill through the network billing system as, with the above mentioned system, user authentication is now sufficiently secure. A system, to do implement AP 158 to network 114 billing, a method of obtaining non-repudiable user permission for billing must be implemented. A
method of obtaining non-repudiable transactions has other addition uses such as providing 25 proof of approval for account status changes. Such a figure is illustrated in Figure 4.
Figure 4 maintains the same network topology as the system of Figure 2, but illustrates different data flows. Despite the fact that the user device 112 has been authenticated, AP
must still obtain proof that the user has authorized a transaction. This approval can be assumed if AP 158 is considered to be a trusted party by network 114, typically this would 3o require a standing relationship. Alternatively the AP 158 can issue a transaction request to digital wireless device 156 to approve a transaction, and provide a digitally signed '08/30/2001 16:32 FAX 613 78? 3558 _ BLG CANADA I~/O16 response as proof of approval. This transaction request is provided to digital wireless device 156 through the network 114, after being generated by AP 158. The transaction response containing the approval for billing is generated by digital wireless device 156 by encrypting and/or hashing the transaction request with the shared secret key, or a value derived therefrom. Approval of tJne transaction is provided by digital wireless device 156, and is transmitted through network 114 to AP 158. The transaction response, and a copy of the transaction request, along with the client id are then provided to authenticator 160.
Using the shared secret key, assoc,7ated with the client id, it is possible for the authenticator to authenticate that digital wireless device 156 signed the transaction request. The result of to the transaction authentication is then provided to the application provider.
A flowchart, demonstrating a further steps to provide subscriber non-repudiation according to the method of the present invention is illustrated in Figure 5, with the data flows illustrated in Figure 4. Upon receiving authentication of the digital wireless device 156, from the authenticator 160, the AP 158 allows a connection to be established with digital wireless device 156 in step 182. At a certain point in the connection, determines that it requires authentication of a transaction from digital wireless device 156.
The authenticated transaction, which is non-repudiable, could be instructions to bill for a service provided, instructions to carry out a financial transaction, or any service for which the AP desires proof that the instructions are from digital wireless device 156. AP 158 then 2o transmits a transaction request to digital wireless device 156 in step x84.
Typically, the transaction request is a text message from AP 158 that is displayed by the user device. The user digitally signs the request in step 186 by selecting a prompt, inputting an identification number, or other method that will be apparent to one of skill in the art. In order to provide AP 158 with non-repudiation, the request is signed by hashing and/or otherwise encrypting the request with either the shared secret key used in the generation of the authentication response or a value derived therefrom. One of skill in the art will appreciate that a number of known techniques could be applied to provide non-repudiation using either the authentication response or the shared secret key, or a combination of the two, without departing from the spirit of the present invention. In a presently preferred 3o embodiment, the user of digital wireless device 156 must input a personal identification number that is known to both the user and digital wireless device 156 in order to digitally 08/30/2001 16:33 FAX 613 787 3558 _ BLG CANADA f~ 017 sign the request, in an alternate embodiment the user must simply respond by selecting a transaction confirmation option. In step 188, AP 158 transmits the transaction request, the transaction response, and the client id of digital wireless device 156 to the authenticator 160. The authenticator 160, using the shared secret key associated with the provided client id, authenticates the digitally signed document. In a presently preferred embodiment the authentication of the document is provided by encrypting and/or hashing the transaction request, as done in digital wireless device 156, with the shared secret key, and comparing the result to the provided transaction response, providing AP 158 with a non-repudiable authorization to carryout the approved transaction. In an alternate embodiment, the to encrypting of the transaction request is preformed using both a value derived from the shared secret key, and a value derived from the current time. This allows the authenticator to ensure that a given transaction request is authenticated within a fixed time interval to prevent an AP from re-submitting a request multiple times. Upon authenticating the digitally signed request the authenticator 160 transmits the authentication results to the AP
158, which uses the results for a decision in step 190. Tf the authentication of the digitally signed transaction has failed, the transaction is rejected in step 192. If the authentication of the digitally signed transaction is successful the AP proceeds with the transaction in step 194.
An further embodiment of the system of the present invention is illustrated in 2o Figure 6. AP 158 is connected to authenticator 160 as previously described.
Additionally an auxiliary device 196, such as a personal computer, is connected both AP
158, through a data network, and the digital wireless device 156. A user controls both digital wireless device 156 and auxiliary device 196. The connection between digital wireless device 156 and auxiliary device 196, may be wireless, by means of a dial-in connection, a BluetoothTM
wireless link, an infrared connection, ox other means known to one of skill in the art, or it could be a wired connection from a data port on digital wireless device 156 to an input on auxiliary device 196. The auxiliary device 196 is connected to AP 158, through a data network, and serves as the primary method of interacting with AP 158. The manner of connection between auxiliary device 196 and AP 158 does not necessarily have to be 3o either wireless, or permanent. The requests for authentication and approval for billing that were previously transmitted to the digital wireless device 156 over network 114, are '08/30/2001 16:33 FAX 613 787 3558 _BLG CANADA I~JO18 instead transmitted from AP 158 to the auxiliary device 196 over a data network. The auxiliary device 196 then transmits the received requests to the digital wireless device 112, and forwards all responses to AP 158.
The system of Figure 6, allows an auxiliary device 196 to be authenticated in the same manner as the digital wireless device 156, without digital wireless device 156 needing to directly access network 114. In operation auxiliary device 196 provides a client id, or a value associated with the client id, to AP 158. This client id, can by manually input by the user or obtained from a connection to digital wireless device 156. AP
then submits an authentication request to authenticator 160 ovex data network.
Authenticator 160 to provides an authentication challenge, based upon the client id, to the auxiliary device, via AP 158. Auxiliary device 196 provides the authentication challenge to digital wireless device 156, which uses the shared secret key in the wireless identification module, or a value derived therefrom, to calculate an authentication response, which is provided to auxiliary device 196. Auxiliary device 196 transmits the authentication response to authenticator 160 via AP 158. Authenticator 160 authenticates the provided authentication xesponse and provides the authentication result to AP 158, which can optionally share the authentication result with auxiliary device 196.
For exemplary purposes the system of Figure 6, and elements of the figure, will be used to provide a description of a system that uses the authentication and transaction authentication processes outlined above, to complete a transaction. It is increasingly common for a user, to have digital wireless device 156 present at all times.
Thus it may be desirable to use digital wireless device 156 as a method of payment for various goods and services. Auxiliary device 196 is , for the purposes of this example, a vending machine.
Upon making a selection from the machine, either using a wireless connection from digital z5 wireless device 156 or by manually interacting with vending machine 196, the user elects to pay for the products through a charge on the account associated with digital wireless device 156. The vending machine 196 communicates with a centralized AP 158 that serves to track billing transactions. The centralized AP 158 needs to authenticate the digital wireless device 112 that will be paying for the transaction and then needs to obtain 3o approval for the transaction. Vending machine 196 communicates with digital wireless device I56 by means of a wireless connection, such as a BluetoothT"' connection. The " 08/30/2001 16:34 FAX 613 787 3558 .. _ _ BLG CANADA f~019 digital wireless device 156 then provides to the vending machine 196 a client id, which is provided to the authenticator 160 by AP 158. The authenticator 160 generates an authentication challenge for the digital wireless device 156, as described above. The challenge is provided to the digital wireless device through AP 158 and the vending machine 196. The digital wireless device 156 responds with an authentication response that is provided to the authenticator 160 through the vending machine 196 and the AP 158.
The authentication is confirmed and AP 158 transients a request to approve the billing transaction to the digital wireless device 156 through the wireless Bluetooth'T'' connection between the digital wireless device 156 and the vending machine 196. The request to to approve the billing transaction is approved by the user, and digital wireless device 156 creates a reply that is comprised of the request to approve billing modified by the shared secret key associated with the client id. This information is provided to the authenticator 160 via AP 158 and vending machine 196. Authenticator 160 then authenticates the transaction request and provides an authentication request to AP 158. AP 158 then bills the user's account in the billing system of network 114 (not shown). Upon transmitting a billing transaction to the billing system, AP 158 instructs the vending machine 196 to dispense the products that were paid for.
In. an alternate embodiment of the present invention, the auxiliary device I96 is a personal computer (PC), connecting over a data network 162, such as the Internet to AP
2o x58. PC 196 is controlled by a user, and connects to AP 158 to carry out a transaction.
AP 158 receives the connection, and is provided with the client id associated with digital wireless device 156, or another value that is uniquely associated with the client id such as the phone number of digital wireless device 156. AP 158 needs to authenticate the identity of the connecting device, so requests authentication from authenticator 160.
Included in 2s the authentication request is the identifying information that is uniquely associated with the client id of digital wireless device 156. Authenticator, using the identifying information generates an authentication challenge based upon the shared secret key associated with the identifying information, and provides the authentication challenge to AP 158, which relays the challenge to PC 196. PC 196 provides the authentication 3o challenge to digital wireless device 156 over a wireless connection, such as a BlueTooth~
connection. Digital wireless device 156, using the shared secret key held in wireless 09/17/2001 11:17 FAX 613 787 3558 BLG CANADA f~]02D
identifier module I64, generates an authentication response which is provided to auxiliary device 196, arid relayed to authenticator 160 through AP 1 S8 and data network 162.
Authenticator 160 authenticates the response and provides the authentication result to AY
158, which can then provide service to PC 196. Transaction requests can be signed in a similar manner as they were previously, using the channel illustrated here.
Thus any auxiliary device that can communicate with digital wireless device 156, can be authenticated by AP 158 by authenticator 160.
Because there are a plurality of application providers that are not associated with each other, and a plurality of wireless networks, each of which have a distinct 1o authenticator, it is foreseeable that a clearinghouse be implemented. Thus each AP can connect to the clearinghouse, and through the clearinghouse, have access to the authenticators of different networks.
The above-described invention provides the ability for an application provider to authenticate the identity of a subscriber with the same security and accuracy as a wireless 15 network service provider has. This authentication of identity allows for easier logins to application providers, and provides additional security for a user by restricting access to a limited number of predetermined wireless devices. Additionally the above described invention provides a method of non-repudiable authorization for transactions that among other uses allows application providers to charge on a fee for service basis, and apply the 2o charges to an account associated with the digital wireless device managed by the wireless network.
To implement such a system, minor modifications to the WML browser of current digital wireless devices would be required to modify the included signtext function in the phone to support digitally signing transaction requests, with the carriers shared secret key 2s in place of the PKI keys. Additionally, this invention could be implemented through the creation of a new WML command to support the generation of the authentication response based on the authentication challenge. This would allow AP 160 to send the challenge to digital wireless device 158 using WML. The WML processor in the browser generates the Authentication response and sends the reply to AP 160.
3o The above-described embodiments of the invention are intended to be examples of the present invention. Alterations, .modifications and variations may be effected the 09/17/2001 11:18 FAX 613 787 3558 BLG CANADA f~021 particular embodiments by those of skill in the art, without departing from the scope of the invention which .is defined solely by the claims appended hereto.

Claims (33)

What is claimed is:
1. A method of authenticating a digital wireless device having both a client identifier and a shared secret key, by an application provider connected to an authenticator where copies of both the client identifier and shared secret key are held, the method comprising the steps of:
receiving at the authenticator, a request to authenticate a digital wireless device from the application provider;
generating an authentication challenge at the authenticator;
transmitting the authentication challenge to the digital wireless device;
transmitting, from the digital wireless device, a response to the authentication challenge;
determining the authenticity of the response to the authentication challenge, at the authenticator; and transmitting the determined authenticity of the response to the authentication challenge to the application provider.
2. The method, as in claim 1, wherein the authenticator communicates with the application provider using a data packet protocol.
3. The method, as in claim 2, wherein the data packet protocol is a part of the transmission control protocol/internet protocol suite.
4. The method, as in claim 3, wherein communication between the application provider and the authenticator is carried by the Internet.
5. The method, as in claim 1, further comprising the step of transmitting the authentication challenge to the application provider, after generating the authentication challenge at the authenticator.
6. The method, as in claim 5, wherein communication between the application provider and the digital wireless device is carried by a digital wireless network.
7. The method, as in claim 6, wherein the application provider and the digital wireless network communicate using a protocol that is part of the transmission control protocol/internet protocol suite.
8. The method, as in claim 6, wherein the digital wireless network and the digital wireless device communicate using a digital cellular protocol.
9. A method, as in claim.8, wherein the digital cellular protocol is time division multiple access.
10. A method, as in claim 8, wherein the digital cellular protocol is code division multiple access.
11. A method, as in claim 8, wherein the digital cellular protocol is global system for mobile communications.
12. The method, as in claim 1, wherein the response to the authentication challenge is transmitted from the digital wireless device to the application provider.
13. The method, as in claim 12, wherein the response to the authentication challenge is transmitted from the application provider to the authenticator after being received by the application provider, prior to determining the authenticity of the response.
14. The method, as in claim 1, wherein the request for authentication from the application provider includes the a value uniquely associated with the client identifier of the digital wireless device.
15. The method, as in claim 14, wherein the authentication challenge is generated to be specific to the client identifier of the digital wireless device.
16. The method, as in claim 15, wherein the response to the authentication challenge is calculated using the shared secret key associated with the client identifier of the digital wireless device.
17. A system for authenticating a digital wireless device, having both a client identifier and a shared secret key, for an application provider, connected to a data network, that is in communication with the digital wireless device, comprising:
an authenticator, operatively connected to the application provider over the data network, for receiving authentication requests for the digital wireless device from the application provider, for generating and transmitting authentication challenges, for receiving and authenticating authentication responses to generated challenges, and for transmitting to the application provider the result of the authentication of the received responses to the generated challenges.
18. The system, as in claim 17, wherein the data network is based on a protocol included in the transmission control protocol/internet protocol suite.
19. The system, as in claim 18, wherein the data network is the Internet.
20. The system, as in claim 17, wherein the digital wireless device and the application provider are connected by a digital wireless network.
21. The system, as in claim 20, wherein the digital wireless network and the application provider are connected by the data network.
22. The system, as in claim 17, wherein the authenticator holds the key associated with each client identifier.
23. The system, as in claim 17, wherein the application provider and authenticator are operatively connected by a clearinghouse.
24. The system, as in claim 17, further comprising an auxiliary device connected to the digital wireless device, and the application provider, for transmitting to the application provider the a value uniquely associated with the client identifier of the digital wireless device, receiving from the application provider authentication challenges, providing the received authentication challenges to the digital wireless device, receiving from the digital wireless device responses to the authentication challenges and providing to the application provider the received responses to the authentication challenges.
25. The system, as in claim 24, wherein the auxiliary device is connected to the application provider over the data network.
26. The system, as in claim 24, wherein the auxiliary device is connected to the digital wireless device over a wireless connection.
27. The system, as in claim 17, wherein the digital wireless device is operatively connected to the application provider for receiving a transaction request.
28. The system, as in claim 27, wherein the digital wireless device includes digital signature means for signing the transaction request and transmission means for transmitting the signed transaction request to the application provider
29. The system, as in claim 28, wherein authenticator includes means for receiving the signed transaction request, authenticating the signed transaction request and for transmitting the results of the authentication of the signed request to the application provider.
30. The system, as in claim 29, wherein the authenticator includes means for authenticating the digitally signed request using a copy of the initial transaction request and a value derived from the client identifier.
31 . A method of obtaining non-repudiable authorization for a transaction, from a digital wireless device having both a client identifier and a shared secret key, at an application provider connected to both an authenticator having the shared secret key associated with the client identifier, of the digital wireless device, and the digital wireless device, the method comprising the steps of:
transmitting, from the application provider, a transaction request to the digital wireless device;
digitally signing and transmitting the transaction request to the application provider;
and authenticating the digitally signed transaction request, at the authenticator.
32. A method, as in claim 31, wherein authentication of the digitally signed transaction request is performed using a copy of the transaction request and the shared secret key associated with the client identifier of the digital wireless device.
33. The method, as in claim 31, wherein the step of digitally signing includes the step of encrypting the transaction request with the shared secret key.
CA002356420A 2001-08-30 2001-08-30 Authentication and non-repudiation of a subscriber on a public network Abandoned CA2356420A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CA002356420A CA2356420A1 (en) 2001-08-30 2001-08-30 Authentication and non-repudiation of a subscriber on a public network
PCT/CA2002/001352 WO2003019856A2 (en) 2001-08-30 2002-08-30 Authentication of a subscriber on a public network
AU2002325116A AU2002325116A1 (en) 2001-08-30 2002-08-30 Authentication of a subscriber on a public network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CA002356420A CA2356420A1 (en) 2001-08-30 2001-08-30 Authentication and non-repudiation of a subscriber on a public network

Publications (1)

Publication Number Publication Date
CA2356420A1 true CA2356420A1 (en) 2003-02-28

Family

ID=4169851

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002356420A Abandoned CA2356420A1 (en) 2001-08-30 2001-08-30 Authentication and non-repudiation of a subscriber on a public network

Country Status (3)

Country Link
AU (1) AU2002325116A1 (en)
CA (1) CA2356420A1 (en)
WO (1) WO2003019856A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8621577B2 (en) * 2005-08-19 2013-12-31 Samsung Electronics Co., Ltd. Method for performing multiple pre-shared key based authentication at once and system for executing the method

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7130615B2 (en) 2003-09-10 2006-10-31 Hewlett-Packard Development Company, L.P. Software authentication for mobile communication devices
US7519815B2 (en) 2003-10-29 2009-04-14 Microsoft Corporation Challenge-based authentication without requiring knowledge of secret authentication data
CN1816997B (en) 2004-05-04 2011-02-16 捷讯研究有限公司 Challenge response system and method
KR101300844B1 (en) * 2005-08-19 2013-08-29 삼성전자주식회사 Method for performing multiple pre-shared key based authentication at once and system for executing the method
CN101243642B (en) * 2005-08-19 2013-01-02 三星电子株式会社 Method for performing multiple pre-shared key based authentication at once and device for executing the method
DE102005047798A1 (en) * 2005-10-05 2007-05-10 Vodafone Holding Gmbh Method, system and apparatus for creating and / or using identities of clients in a communication system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
NO313949B1 (en) * 1999-04-29 2002-12-30 Ericsson Telefon Ab L M Authentication in mobile networks
WO2001017310A1 (en) * 1999-08-31 2001-03-08 Telefonaktiebolaget L M Ericsson (Publ) Gsm security for packet data networks

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8621577B2 (en) * 2005-08-19 2013-12-31 Samsung Electronics Co., Ltd. Method for performing multiple pre-shared key based authentication at once and system for executing the method

Also Published As

Publication number Publication date
AU2002325116A1 (en) 2003-03-10
WO2003019856A2 (en) 2003-03-06
WO2003019856A3 (en) 2003-07-17

Similar Documents

Publication Publication Date Title
US8582762B2 (en) Method for producing key material for use in communication with network
US7444513B2 (en) Authentication in data communication
EP1512307B1 (en) Method and system for challenge-response user authentication
US7908484B2 (en) Method of protecting digest authentication and key agreement (AKA) against man-in-the-middle (MITM) attack
KR101047641B1 (en) Enhance security and privacy for security devices
US7142851B2 (en) Technique for secure wireless LAN access
KR101158956B1 (en) Method for distributing certificates in a communication system
US20060155822A1 (en) System and method for wireless access to an application server
US20050262355A1 (en) Method of providing a signing key for digitally signing verifying or encrypting data and mobile terminal
EP1208715A1 (en) Gsm security for packet data networks
US6925297B2 (en) Use of AAA protocols for authentication of physical devices in IP networks
WO2004025921A2 (en) Secure access to a subscription module
US20020169958A1 (en) Authentication in data communication
CA2356420A1 (en) Authentication and non-repudiation of a subscriber on a public network
EP1890461A1 (en) Secure access to a subscription module
Weerasinghe et al. Security framework for mobile banking
Lunde et al. Using SIM for strong end-to-end Application Authentication
Halonen Authentication and authorization in mobile environment
Khu-Smith et al. Enhancing e-commerce security using GSM authentication
KR100474419B1 (en) System and Method for Authentication of Wireless Communication Subscriber in Wired/Wireless Communication Network
Xia et al. Virtual prepaid tokens for Wi-Fi hotspot access
CA2358801A1 (en) Authentication and non-repudiation of a subscriber on a public network through redirection
Mumtaz et al. Strong authentication protocol based on Java Crypto chips
Schuba et al. Security for Mobile Commerce Applications

Legal Events

Date Code Title Description
FZDE Discontinued
FZDE Discontinued

Effective date: 20050830