TW200302670A - Authentication in a hybrid communications network - Google Patents

Abstract

A method of authenticating a mobile station from a first base station in a first cellular communications system controlled by a first mobile switching control station to a second base station in a second, different cellular system controlled by a second mobile switching control station is described. The method comprises generating at the second cellular communication system an authentication code as the result of applying an algorithm to a private key assigned to the mobile station for the second cellular communications system and a random number-generated by the second cellular communications system. An authentication code is also generated at the first cellular communication system as the result of applying an algorithm to the private key and the random number. The authentication code generated at the first cellular communication system is then transmitted to a mobile station in a data packet, and, from there, the authentication code is transmitted to the second cellular communication system. The authentication code generated at the first cellular communications system is then compared with the authentication code generated at the second cellular communications system.

Description

200302670 玖 发明, description of the invention (the description of the invention should state: the technical field to which the invention belongs, the prior art, the content, the embodiments and the simple description of the drawings) BACKGROUND OF THE INVENTION Identification method and device. II. Prior Technology The so-called code division multiple access (CDMA) modulation technology is just one of several technologies used to facilitate communication among a large number of system users. Although other technologies can also be used (for example, time division multiple access (TDMA), frequency division multiple access (FDMA), such as amplitude versus signal single sideband; ACSSB AM modulation principle such as modulation), but the advantages of CDMA are obviously better than other modulation technologies. The following U.S. patents have been published for use of CDMA technology in multi-directional proximity communication systems: U.S. Patent No. 4,901,307, entitled " Spread Spectrum Multiple Access Communication System Using Satellite Or Terrestrial Repeaters ... ', which has been assigned to this receiver People, whose content is incorporated herein by reference. A multi-directional proximity technology was published in U.S. Patent No. 4,901,307, in which a large number of mobile phone system users (each user has a transceiver) use code division multiple access (CDMA) spread spectrum communication The signal is transmitted through a satellite repeater or a ground communication base station (also referred to as a cell base station or a cell-site). When using CDM A communication, the spectrum will be reused many times, so it can increase the 200302670 announcement_gan page ⑺ system user capacity. The use of CDMA technology achieves higher spectral efficiency than the use of other multidirectional proximity technologies. In traditional mobile phone systems, the available frequency bands are divided into channels (bandwidth is usually 30 KHz) and FM modulation technology is used. The service area of the system is geographically divided into cells of different sizes. The available frequency channels are divided into arrays, and each group usually contains an equal number of channels. Frequency groups are assigned to cells to minimize the possibility of co-channel interference. For example, consider a system with seven frequency groups and cells of equal size hexagons. A set of frequency groups used in one unit will not be used in the six closest or adjacent units. In addition, the set of frequency groups used in one unit will not be used in the twelve secondary closest neighbors. In traditional cellular communication systems, the handover implemented is to enable continuous calls or other types of connections (i.e., data links) when the mobile station crosses the cell boundary. When the base station that is processing a call or connection notifies that the strength of the signal received from the mobile station has fallen below a predetermined limit, it will start to hand over from one unit to another. A low signal strength indicator means that the mobile must be near the cell boundary. When the signal level drops below the pre-determined limit, the base station requires the system controller to determine whether the signal strength of the signal received by the adjacent base station from the mobile station is stronger than the signal strength received by the current base station. The system controller responds to the query from the current base station, and transmits a message with a delivery request to the neighboring base station. The base station adjacent to the current base station uses a special scanning receiver to find the letter of the mobile station on the specified channel. 200302670 Talking_continued Ting Ling ^^ Xinjiang: Ling® (3). In the event that a nearby base station reports sufficient signal levels to the system controller, a handover will be attempted. Then, when an idle channel is selected from the channel set used in the new base station, the handover is initiated. A control message is sent to the mobile station to order the mobile station to switch from the current channel to the new channel. At the same time, the system controller switches the call from the first base station to the second base station. In the traditional system, if the delivery to the new base station fails, the call is interrupted. There are many reasons why a delivery fails. A handover failure occurs if there are no idle channels available in the neighboring unit for call communication. If another base station reports that it is hearing the mobile station in question, in fact, this base station actually uses the same channel in a completely different unit to receive different mobile stations. Delivery failed. This report error will cause the call to be switched to the wrong unit, usually a unit with insufficient signal strength to maintain communication. In addition, if the mobile station cannot receive the channel switching command, a handover failure will occur. Practical experience indicates that frequent delivery failures are questionable of system reliability.

Another common problem in traditional telephone systems occurs when the mobile station is at the boundary between two units. In this case, the signal level tends to fluctuate between the two base stations. This fluctuation in signal level results in a "ping-ponging" sinking, in which repeated requests are made to handle calls back and forth between two base stations. Such extra unnecessary delivery requests would Increase the possibility of the mobile station receiving the wrong signal to the channel switching command, or according to the failure to receive the command. In addition, if the call is accidentally forwarded to a unit where all channels are currently in use and cannot accept the delivery, table tennis The situation may trigger the possibility of a call interruption of 200302670 (4). The following U.S. patents have been published during the delivery period: a method and system for providing communication to mobile stations through more than one unit: U.S. Patent No. 5,101,501, entitled " Method And System For Providing A Soft Handoff In Communications In A CDMA Cellular Telephone System ", the patent has been assigned to the assignee, the contents of which are incorporated herein by reference. In this environment, by the final delivery from the base station corresponding to the cell leaving the mobile station to the base station corresponding to the cell entering the mobile station, the communication in the cellular communication system is not interrupted. In the communication between a unit base station and a mobile station (two or more base stations or base station sectors transmitting mobile stations at the same time), this type of handover is considered a "soft" handover. It has been found that the use of this type of "soft" delivery can substantially reduce the incidence of ping-pong situations that require repeated delivery requirements between a pair of base stations. The following US patents have been issued for improved delivery technology: US patent case No. 5,267,261, entitled, "Mobile Station Assisted Soft Handoff In A CDMA Cellular Communications System", the patent has been assigned to the assignee, the contents of which are incorporated herein by reference. The way to improve the soft handover technique is to measure the strength of the "leader" signal transmitted by each base station of the mobile station measurement system. These preamble strength measurements are an aid to the soft handover process by facilitating the identification of feasible base station handover candidates. Improved soft handover technology requires mobile stations to monitor the strength of the pilot signals from neighboring base stations. When the measured signal strength exceeds a predetermined limit, the mobile station transmits a signal strength message to the system controller via the base station that is communicating with the mobile station. The command message transmitted from the system controller to the new base station and to the line 200302670 (5) The mobile station establishes the simultaneous communication between the new base station and the current base station. When the mobile station detects that the strength of the pilot signal corresponding to at least one base station that is communicating with the mobile station has fallen below a predetermined level, the mobile station passes the base station that is communicating with the mobile station to the system controller. Report the measured signal strength indication of the corresponding base station. The command messages transmitted from the system controller to the identified base station and to the mobile station terminate the communication through the corresponding base station, and at the same time continue the communication through the other base stations.

Although the aforementioned technology is very suitable for call forwarding between cells of the same cellular communication system, when a mobile station moves to a unit served by a base station of another cellular communication system, a more difficult situation occurs. A complication of such "inter-system" handovers is that adjacent cellular communication systems often have different characteristics. For example, adjacent cell communication systems usually operate at different frequencies and can maintain base station output power or pilot signal strength at different levels. These differences can actually prevent mobiles from performing pilot signal strength comparisons, as well as considerations of existing mobile-assisted soft handoff technologies.

When resources are not available to handle soft handovers between systems, if you want to maintain uninterrupted service, the delivery timing of calls or connections between systems becomes very critical. That is, the timing of the execution of the inter-system handover must likely result in a successful transfer of calls or connections between the systems. In this handover (referred to as hard handover in this article), the communication between the mobile station and a system must be terminated before the communication between the mobile station and other systems can be started. For example, delivery can only be attempted in the following cases: (i) there are intermediary channels available in the new unit; -10-200302670 Falun Daobin · (6) (ii) the mobile station is actually in the new unit Within the range of the base station, but before losing contact with the current unit base station; and (lli) the location of the mobile station is sure to receive a channel switching command. In the ideal case, the hard handover between each such system is to minimize the possibility of "table tennis" handover requirements between base stations in different systems. However, due to the existing handover The delivery process cannot determine when and through which base stations, mobile stations should be provided with new frequency and channel information, and instructions to forward existing calls or connections, so it is extremely difficult. These and other shortcomings of existing inter-system handover techniques will reduce The quality of cellular communication, and because it cannot simultaneously receive the cellular communication system to continue to spread, it is expected to further reduce the efficiency level. Therefore, there is a need for an inter-system delivery technology that can reliably guide between different cellular communication systems Handover of calls or connections between base stations. The following U.S. patents have published a method and system for performing inter-system handoffs between first and second cellular communication systems and inter-base station communications: U.S. Patent No. 5,697,055, titled `` Mobile Station Assisted Soft Handoff In A CDMA Cellular Communications Sy "stem", the patent has been assigned to the assignee, the contents of which are incorporated by reference. At the mobile station, measure the quantifiable parameters of the signal transmitted by the second base station of the second system. When the measured measurable parameter value passes the first predetermined level, the mobile station transmits a signal quality message to the first mobile switching console via the first base station of the first system. Then, a channel request message is transmitted from the first mobile switching console to the second mobile switching console in the second system. On the second base station, 200302670 Conveying Instructions continued 续

Measurable parameters of signals received from mobile stations are also measured. When the measured measurable parameter value usually determines the level in advance, the second base station establishes communication with the mobile station. Alternatively, measure the signal strength of the first preamble signal transmitted by the first base station on the mobile station. Then, when the measured signal strength of the first pilot signal is lower than the second predetermined level, a delivery request message is transmitted to the second base station to establish base station communication. The provision of a voice link between the mobile switching consoles takes into account the transfer of existing connections between the first and second cellular communication systems and facilitates the performance of soft handover between systems.

Although this configuration is very suitable for the case where both systems have CDMA architecture and therefore can perform soft handover, there is still a problem of how to handle handover between systems, where one or more of the systems cannot perform this handover Pass. For example, the so-called GSM standard does not have a soft handover mechanism. Therefore, there will be problems in the call delivery process using the air interface from the CDMA network to the GSM network. In addition, because the CDMA 2000 mechanism cannot transfer the data required to perform the GS M authentication, the G S M authentication cannot be completed. The encryption in G S M is different from the encryption in CDMA 2000. One way to solve this problem is to modify the G S M to enable handover to non-GS M systems, such as CDMA systems. However, GMS has been in existence for many years, and relatively speaking, the industry has no intention to spend large sums to modify existing equipment to accept nearby incompatible systems. If new messages are added to the space interface that supports dual-mode mobile stations, they must be modified to support these new messages. Obviously, this is not the desired form in terms of employment. Another issue between the CDMA system and the GSM system is the issue of -12-200302670 _ (8) I. The CDMA and GSM authentication systems use two different methods and keys. The authentication methods of GSM and CDMA IX are basically the same, but the keys have different sizes. CDMA IX has additional procedures, such as a unique challenge and count method, to prevent channel interception and replay attacks, respectively. SUMMARY OF THE INVENTION The present invention solves the problems previously posed.

According to an aspect of the present invention, the present invention discloses a method for identifying a mobile station, wherein the mobile station is moved from a first base station controlled by a first mobile switching console in a first cell communication system. To a second base station controlled by a second mobile switching console in a second, different cellular communication system, the method includes: generating an authentication code in the second cellular communication system, wherein the authentication is generated The identification code is the result of applying an algorithm to a private key of the mobile station assigned to the second cell communication system and the second cell communication system generates an arbitrary number; in the first cell communication system Generate an authentication code, where the generated authentication code is the result of applying an algorithm to the private key and the random number; in a data packet, the authentication will be generated in the first cellular communication system The code is transmitted to a mobile station; the authentication code generated in the first cellular communication system is transmitted from the mobile station to the second cellular communication system; and the authentication code generated in the first cellular communication system is transmitted The authentication and code ratio is for the authentication code generated in the second cellular communication system. The detailed description of the exemplary embodiments of the present invention explained below with reference to the drawings will make it clearer the features proposed in the accompanying patent application. -13-200302670 (9) The foregoing and further functions and advantages of the present invention . The drawings are briefly explained in the drawings: FIG. 1 shows a schematic representation of a cellular communication system; FIG. 2 shows a schematic representation of a boundary between two cellular communication systems; FIG. 3 shows a schematic diagram of a dual-mode mobile station; 4 shows a schematic representation of data exchange in the GS Μ system; and

Figure 5 shows the schematic of a single-mode mobile station. Detailed description of specific embodiments of the present invention

FIG. 1 shows a schematic diagram of an exemplary mobile phone system. The system shown in the figure can utilize any multi-directional proximity modulation technology to facilitate communication between a usually large number of system mobile stations or mobile phones and base stations. Such multidirectional proximity communication system technologies include: time division multiple access (TDMA), frequency division multiple access (FDMA), code division multiple access (CDMA) ) And AM modulation principles such as amplitude-modulated single-sideband modulation. For example, the advantages of the CDMA spread spectrum modulation technology published in the aforementioned US Patent No. 4,901,307 are clearly superior to other multi-directional proximity communication technology modulation techniques, and are therefore better modulation techniques. In a typical CDMA system, each base station transmits a unique preamble signal, which includes a "preamble carrier" transmitted on the corresponding preamble channel. The preamble signal is an unmodulated, direct sequence, spread-spectrum signal, and every -14-200302670 (10) base station will always use a universal pseudorandom noise (PN) spreading code to transmit the preamble signal. In addition to providing a phase reference for coherent demodulation and a reference for signal strength measurements used in handover decisions, the preamble allows the base station to obtain synchronization of the starting system (ie, timing). The preamble transmitted by each base station may usually be the same PN spreading code, but with different encoding phase offsets. In the system shown in FIG. 1, the system controller and the switch 10 (also referred to as a mobile switching center (MSC)) usually include an image and processing circuit (not shown in the figure) for providing access to a plurality of base stations 1 2 , 14 and 16 system controls. The controller 10 also controls the path selection from the public switched telephone network (PSTN) to the appropriate base station for transmission to the appropriate mobile station. The controller 10 also controls the path selection from the mobile station to the PSTN via at least one base station. The controller 10 can direct calls between mobile users via an appropriate base station because such mobile stations usually cannot communicate directly with each other.

The controller 10 can be coupled to the base station by various methods (for example, a dedicated telephone line, a fiber optic link, or by a microwave communication link as shown in FIG. 1). Three such exemplary base stations 12 are shown in FIG. , 14 and 16 and an exemplary mobile station 18 (which includes a mobile phone). Arrows 20a and 20b define possible communication links between base station 12 and mobile station 18. Arrows 2 2 a and 2 2 b define the possible communication links between base station 14 and mobile station 18. Arrows 2 4 a and 2 4 b define possible communication links between base station 16 and mobile station 18. The geographic shape of the base station's service area or cell is designed so that the mobile station is usually closest to a base station. When the mobile station is in a standby state (i.e., there are no calls in progress), the mobile station continuously monitors the transmission of the pilot signal from each nearby base station. As shown in FIG. 1, the base stations 12, 14 and 16 transmit the preamble signals to the mobile station 18 on the communication links 20b, 22b and 24b, respectively. The mobile station then compares the strength of the preamble signals transmitted from these particular base stations to determine in which unit it is located.

In the example shown in Fig. 1, mobile station i 8 is considered to be closest to base station 16. When the mobile station 18 makes a call, it will transmit the control message to the nearest base station, here is the base station 16. After the base station 16 receives the call request message, it sends a signal to the system controller 10 and forwards the call number. The system controller 10 then connects the call to the intended recipient through the PSTN.

In the event that a call is initiated within the PSTN, the controller 10 will transmit the call information to all base stations in the area. The base station then transmits a paging message to the intended receiving mobile station. When the mobile station receives the paging message, it responds with a control message transmitted to the closest base station. Control messages signal the system controller to inform this particular base station that it is communicating with the mobile station. The controller 10 then routes the call to the mobile station through the closest base station. When mobile station 18 moves beyond the coverage area of the original base station (i.e., base station 16), it attempts to continue the call by placing the call through another base station. There are different ways to initiate a call handover during a handover procedure or to place a call through another base station. In the base station initial handover method, the starting base station (base station 16) notices that the signal transmitted by the mobile station 18 has fallen to a certain limit level. Next, the base station 16 transmits a handover request to the system controller 10, which is used to relay -16-200302670 (12). _Continue to buy the request to relay all base stations 1 to base station 1 6 2, 1 4. The controller transmission type request includes channel-related information, including the PN code sequence used by the mobile station 18. Base stations 12 and 14 adjust the receiver to the channel used by the mobile station and measure the signal strength (usually using digital technology). If the signal strength reported by one of the base stations 12 and 14 receivers is higher than the signal strength reported by the starting base station, it will be delivered to that base station.

Alternatively, the mobile station itself may initiate a so-called mobile-assisted delivery. The base station transmits the preamble signal, which is used to identify the base station among other functions. The mobile station is equipped with a search receiver which, in addition to performing other functions, is also used to scan for preamble transmissions of adjacent base stations 12 and 14. If it is found that the preamble signal strength of one of the adjacent base stations 12 and 14 is higher than a predetermined limit value, the mobile station 18 transmits a message of this result to the base station 16.

An interactive process between the mobile station and the base station then allows the mobile station to communicate through one or more of the base stations 12, 14 and 16. During this processing procedure, the mobile station identifies and measures the signal strength of the received pilot signal. This information is communicated to MS C via the base station that is communicating with the mobile station. After receiving this information, MS SC starts or terminates the connection between the mobile station and the base station, thereby making the mobile-assisted delivery effective. -The aforementioned processing procedure is also recognized as "soft" handover, because the mobile station communicates through more than one base station at the same time. During soft handover, the MSC can combine or select the signals received from each base station, of which The base station is the base station that is communicating with the mobile station while the mobile station is moving between different units. In -17- 200302670 (13), _continued in a similar manner, the MSC can relay the signal from the PSTN to Each base station that the mobile station communicates in. If the mobile station is within the coverage of two or more base stations that are not part of the same cellular communication system (that is, not controlled by the same MSC), the mobile station assists handover Tend to be more complicated.

A method for performing handover between base stations belonging to different systems will now be described with reference to FIG. 2. The figure shows a schematic diagram of a cellular communication network 3 ′, which includes CDMA controlled by a CDMA mobile switching center MSCc. Cellular communication system (for example, IS-95 lx), and GSM cellular communication system controlled by GSM mobile switching center MSCg. In FIG. 2, five exemplary base stations B 1 A to B 5 A are depicted in cells C 1 A to C 5 A ′ of the CDMA system, respectively, and five exemplary base stations b 1 B to B 5 B are respectively Located in units c 1 B to C 5 B of the GS M system. Although based on the convenience of illustration, the units C 1 Α to C 5 Α and C 1 Β to C 5 Β are described in the drawing. # Will be circular, but it should be understood that 'units are usually designed in other shapes, and actually The shape depends on the terrain and terrain in the area. Units C 1 Α to

C3A and C1B to C3B are called "boundary" cells because these cells are close to the boundary between the first and second cellular communication systems. This naming allows the remaining units within each system to be referred to as "internal" units. The following description is about a mobile station that can receive and respond to signals from base stations in CDMA and GSM cell-based communication systems. However, any type of communication system is expected to be used, such as CDMA One, CDMA2000, CDMA 2000 U, CDMA 2000 3x, High Data Rate Principles (HDR), CDMA UEV, CDMA lxEVDO, TDMA, TDSCDMA , W-CDMA, GPRS, and other communication systems-18- (14) (14) 200302670 Introduction_Continued Page 3 For this purpose, the mobile station configured is equipped with a dual-band transceiver, which has a Receive chains belonging to two cellular communication systems with different operating frequencies. FIG. 3 of the accompanying drawings shows a schematic diagram of such a mobile station. As shown, the mobile station 40 includes an antenna 42 that is connected to the CDMA transmission and reception chain 46 and the GSM transmission and reception chain 48 through a duplexer 44. The transmission / reception chains 46, 48 are the traditional transmission / reception chains of the respective CDMA and GSM systems. The transmission / reception chain outputs the appropriately demodulated and converted data to the conventional baseband circuit 50, and receives the data transmitted from the baseband circuit 40. The transmission / reception chains 46, 48 are controlled by the controller 52, and one of their roles is to switch between the two transmission / reception chains in response to control signals from the CDMA or GSM system. Therefore, in this specific embodiment, the two transmission / reception chains will not be active at the same time. In another embodiment, the two transmission / reception chains can be active at the same time. In another specific T embodiment, the configured mobile station is equipped with a single transceiver having a receive key tunable to one of two cellular communication systems. FIG. 5 of the accompanying drawings shows a schematic diagram of such a mobile station. As shown, the mobile station 53 includes an antenna 54. The duplexer 55 is connected to the CDMA transmission and reception chain 56 (if the duty station is a CDMA mobile phone). Otherwise, the mobile station 53 is connected to the GSM transmission receiving chain 57. The transmission / reception chains 56, 57 are the traditional transmission / reception chains of the respective CDMA and GSM systems. The transmission / reception chain outputs the appropriately demodulated and converted data to the conventional baseband circuit 58 and receives the data transmitted from the baseband circuit 58. The transmission / reception key (56 or 57) is controlled by the controller 5-9. Please refer to Figure 2. The CDMA Mobile Switching Center (MSCc) controls the telephone call from the public exchange-19- 200302670 to 9 males _ continued (15) Telephone network (PSTN) to the appropriate base stations B 1 A to B 5 A Route selection for transmission to the specified mobile station. The CDMA mobile switching center MSCC also controls the path selection of calls from mobile stations located within the coverage area of the first cellular communication system to the PSTN via at least one base station. GS Μ

The mobile switching center MSCg operates in a similar manner to manage the operations of base stations B 1 B to B 5 B and to place calls between the PSTN and the GSM cellular communication system. Control messages and so on are transmitted through the inter-system data link 34 to be transmitted between MSCc and MSCg. When the mobile station is located in the internal unit of the CDMA system, the mobile station is usually programmed to monitor the transmission of the pilot signal from each nearby (ie, internal and / or border) base station. The mobile station then compares the strength of the preamble signal transmitted from the surrounding base stations to determine which internal unit it is in. For example, when a mobile station approaches the boundary of an internal unit, mobile-assisted delivery is initiated using the method described in the aforementioned U.S. Patent No. 5,267,261.

When the mobile station is within one of the boundary cells C 1 A to C 3 A or C 1 B to C 3 B, a different situation occurs. For example, consider that the mobile station is within range of cell C2A, but is approaching cell C2B. In this case, the mobile station will begin to receive available signal levels from base station B 2 B and then report to base station B 2 B and any other base stations that the mobile station is currently communicating. Determine the mobile station or base by measuring one or more quantifiable parameters of the received signal (for example, signal strength, noise ratio, frame erasure rate, bit error rate, and / or relative time delay) The time at which the station received the available signal level. This mechanism is similar to the mechanism mentioned in the aforementioned U.S. Patent No. -20-200302670 (16) I # 瞵 破: _ Continued: 5,697,055.

If both systems are CDMA systems, the handover mechanism published in US Patent No. 5,697,055 can be used to implement handover between cell C2 A and cell C2B. However, since there is currently no call handover mechanism for using an air interface from a CDMA network to a GSM network, there are problems. Since the CDMA mechanism cannot transfer the information required to perform the GS MM authentication, it cannot complete the GS MM authentication. Encryption in GSM is different from encryption in CDMA. If new messages are added to the space interface that supports dual-mode mobile stations, they must be modified to support these new messages. This is an undesirable situation.

The solution to this problem is to use a common message, which contains instructions to transfer the mobile station from the CDMA network to the GS M network. The general message must be able to carry the data needed for GSM authentication and encryption. Preferably, the general message should also support the supplementary function in GSM. In other words, the established GS Μ communication protocol must remain unchanged, so that changes to the existing GS Μ system are minimized. Part of the delivery operation includes establishing user identification, and once the delivery has been implemented, it must be maintained The physical connection of the messaging and data confidential (little secret :). GSM 02.09. Provides the definition of user identification and operation requirements. The authentication procedure is also used to set the encryption key. Therefore, the authentication process will be performed after the network has established user identification and before the channel is encrypted. To achieve this, two network functions are required, namely the authentication process itself, and the management of the system and the authentication and encryption keys. Keep in mind that the ideal situation is to use the ready-to-use tunnelling mechanism (during delivery and non-delivery situations), and may be one-way or -21-200302670 (17) Two way. One such channel mechanism is the so-called ADDS (Application Data Delivery Service) message and short data burst message, which are used to transfer GS Μ parameters without obstacles in a CDMA system. These parameters are usually It will not be checked by the GS M base controller BSC ', however it is a parameter required for a dual mode mobile station. The use of ADDS messages and data bursts together allows common packet bearers to be transmitted between the mobile service switching center (MSC) or other network elements (eg, SMS, location server, 0TASP) of the network. The system uses this approach to transfer GSM information between the network and the mobile station in an end-to-end manner without any changes to CDMA BSCc or BTSc. In the network configuration shown in Figure 2, the ADDS message is used to transport GSM handover data (for example, timing information and authentication data) from the MSCc to the mobile station via the BSCc. The mobile station then uses a so-called MAP (Mobile Application Protocol) message to deliver the delivery data to the MSCg in the GSM network. This only requires a slight change in MSCg, which can interpret the information in the MA P message and control the mobile station accordingly. Of course, other data transfer alternatives can be used. When the mobile station is located at the boundary between the CDMA and GSM systems (for example, in cell C 2 A and is approaching cell c 2 B), the mobile station begins to hand over the processing procedure by returning the message to MSC c to Notify MSC c of the status of the handover of the mobile station to the GS M system. A unit database (not shown in the figure) can be used as one of the 4 injuries in the delivery procedure. The η database is used to provide basic information about the GS Μ network to the mobile station. 'Enable the mobile station to perform between CDMA MSC and GS Μ as needed.-22-200302670 Submit. In the GSM system, there are two types of handovers available, i.e. synchronous and asynchronous. For ease of implementation, it is best to use asynchronous delivery. Therefore, the mobile station is informed that it will be delivered to GSM by asynchronous delivery. After the mobile station receives the handover command, the mobile station first transmits a small access burst to the GSM base station controller BSCg, until the mobile station receives the MAP handover message returned to the CDMA MSCc to facilitate the generation of GS Μ identification data,

And provided to the mobile station. G S M has a non-synchronous handover procedure, where data bursts can assist BSCg in obtaining the timing of the mobile station. Therefore, ADDS contains * action time • message, which is used to specify the time when the handover occurs. Only after receiving this information will the mobile station begin normal transmission. Another problem between CDMA and GSM handover is that CDMA and GS MM authentication use two different methods and keys. The authentication method of GS M and CDMA IX is basically the same, but the keys have different sizes. CDMA IX has additional procedures such as unique challenge and counting (Unique

Challenge and Count) methods are used to prevent channel interception and replay attacks. For the CDMA physical layer used in the GSM system, there is no need to modify the G S M M S C g significantly. The g SM authentication method should be reused on the CD MA entity layer. The advantage of this approach is that the system does not need to support two different types of authentication centers, two types of S-cards, and so on. The authentication process consists of a series of clearinghouses between the system and the mobile station. The system transfers the unpredictable number RAND to the mobile station. Next, the mobile station uses an algorithm called the A3 algorithm to calculate the result SRES (also known as the signature of the RAND number) ° The A3 algorithm uses rand and the individual user • 23-200302670 (19) (Individual Subscriber Authentication Key) Ki to calculate the SRES 3 user authentication key Ki is configured when the customer orders the service for the first time and will be stored in the S [M (subscriber identity module) card and the system's Home Location Register (HLR). K i is the private key in the encryption method, so it will not be transmitted over the network. Finally, the mobile station transmits the signed SRES to the system, and the system tests its validity.

Please note that the specified encryption keys and authentication procedures are not related to the delivery handler. Figure 4 of the accompanying drawings shows how authentication is performed in a GSM MSC. The authentication key in GSM is called K i and its length is 128 bits. The network generates random numbers (RAND), which are also 128 bits in length. RAND and Ki are input to the A3 algorithm to calculate a 32-bit result (SRES) from the input data. Random numbers of RAND will also be transmitted to the mobile station by air message. In the GSM system, each mobile station contains a smart card, a so-called SIM (subscriber identity module) card. The standard SIM authentication command specified in GSM 1 1.1 1. Only commands will not interfere with the proper operation of the G S Μ application

To execute these commands. As defined in GSM 1 1.11, if SIM is removed during a mobile station call, the call is terminated immediately. The S [M in the mobile station also calculates S RES by applying the A 3 algorithm to the random number of RANDs received and the K i copy stored locally. The calculation result is SRES again, and it should be the same as the calculation result of 'System. Therefore, the mobile station transmits the result SRES to the network ', the SRES value calculated by the network compared to the network. If the SRES values are all the same, the mobile is true. In the system shown in Figure 2, the RAND random number is transmitted using the ADDS message on the air interface, and the result SRES is returned. -24- 200302670 (20) The algorithm named A8 will also use SRES to calculate the encrypted iron Kc. The Kc key generated by the SIM in the mobile station through the GSM authentication and encryption algorithm is provided to the CDMA physical layer to replace the private long code mask (usually generated using the CDMA CAVE algorithm). . The 64-bit K c key is uniquely mapped to a 42-bit private long code, and serves as the basis for a "private long code mask" to provide voice privacy. The entire CDMA message is passed and interpreted as a private long code Mask, and is the same as the private long code mask generated by the CAVE algorithm. In a hybrid CDMA / GSM network, this language is used

Audio privacy practices allow the system to maintain a unique authentication center and a single SIM type. G S M performs encryption at the frame level. All frames are encrypted using the frame number and 64-bit K c key, where the key is derived from the discussion with reference to FIG. 4. Frame numbers and K c masks are applied to all frames. In the CDMA IX system, a 42-bit private long code is used to perform encryption. In the hybrid system shown in Fig. 2, a corresponding algorithm correspondence method between Kc Jinyu and Yuan private long code is used to generate a 42-bit private long code using K c Jin Yu. This correspondence method is implemented in MSCc and then directly informs B s c of the private long code to be used. ADDS operations allow the unobstructed delivery of services between terrestrial communications network elements (eg, MSC, SMS, PDC) and mobile stations. The system uses this operation to pass the authentication information RAND to the MS and the SRES back to the MSC. • ADDS messaging (mgsag) operations are moved from MSCc to BSCc and allow data to be transmitted to the mobile station via paging channels. ADDS Transfer is moved from BSCc to MSCc, and allows access to the channel to transfer the data -25- 200302670 (21) Award_read page Transfer from mobile station to the network. The ADDS delivery operation is moved from MSCc to BSCc, or from BSCc to MSCc, and allows data to be transmitted between the mobile station and the network through a traffic channel. ADDS parameters have been defined as " ADDS User Part, which contains a 6-bit "Data Burst Type" used to indicate the application data message format. , ADDS user part, parameters to include service-specific data. The authentication operation uses the "ADDS user part" to carry the authentication data. The illustrated system uses a new "data burst type", named, 'GSM-MAP Authentication.' (GSM-MAP Authentication), and the mobile station interprets it accordingly. Please note that whenever the receiver is useful The exemplary embodiment can be implemented when the database storing the information related to the authentication processing program, or when the receiving end can access the database, the processor of the exemplary embodiment can be used to implement a certain Encryption mechanism, and another encryption mechanism with the other party. The basic implementation of the exemplary embodiment can be implemented without the need for a physical connection of intermediate resources, because all parties will communicate through wireless media. Those skilled in the art should understand that The various illustrated logical blocks, modules, circuits, and algorithm steps described in conjunction with the specific embodiments published herein may be implemented as electronic hardware, computer software, or a combination thereof. Various illustrated components, blocks, modules, circuits, and steps A general description has been given in terms of its function-function. Depending on the specific application and design constraints affecting the entire system, the function is implemented as a hard fa or authority. Artists should understand how to exchange hard sister or soft fa 'in these circumstances and how to optimize the implementation of the function for the specific application of the parent. For example, you can use a dedicated integrated circuit (AS 〖C), Cheng Cheng 200302670 (22) Invention _ Continued page planning logic device, discrete gate or transistor logic, discrete firewall components (such as register and FIFO), processor executing a set of firmware instructions, any

What are the traditional programmable software modules and microprocessors, field programmable gate arrays (FPGAs) or other programmable logic devices (PLDs), or any combination thereof to implement or implement the specifics published in this article. Various graphical logic blocks, modules, circuits, and algorithm steps described in the embodiments. The processor may be a microcontroller, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. Software modules can reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, hard drives, removable disks, CD-ROM, DVD-ROM, scratchpad, or Any other magnetic or optical storage media. Those skilled in the art should further understand that the instructions, commands, information, signals, bits, symbols, and chips mentioned in the entire specification are beneficial to the use of voltage, current, electromagnetic waves, magnetic fields or particles, light fields or particles, Or any group of them.

Therefore, the present invention has been described with reference to preferred specific embodiments, but it should be understood that the specific embodiments discussed are merely exemplary specific embodiments and that various changes and modifications may be made by those with appropriate knowledge and familiarity with this technology without It would depart from the spirit or scope of the invention as defined in the scope of the accompanying patent application. -Explanation of Symbols of Schematic Diagrams 10 System Controller and Switch 12,14,16, BlAtoB5A, BlBtoB5B Base Station 1 8,40,5 3 Mobile Station -27- 200302670

(23) Pharos Faming Continued 20a, 22a, 24a, 20b, 22b, 24b Communication link 30 Cellular communication network MSCc Coded Multi-Directional Proximity (CDMA) mobile center MSCg GS M Mobile switching center ClAtoC5A CDMA system ClBtoC5B GSM system unit 42, 54 antenna 44, 55 duplexer 46, 56 CDMA transmission and reception chain 48, 57 GSM transmission and reception chain 40, 50 baseband circuit 52, 59 controller 34 data link between systems

-28-

Claims (1)

200302670 Patent application scope 1. A method for identifying a mobile station, wherein the mobile station is connected from a first base station controlled by a first mobile switching console in a first cellular communication system to a mobile station Second, in a different cellular communication system, a second base station controlled by a second mobile switching console, the method includes: generating an authentication code in the second cellular communication system, wherein the authentication code is generated It is a result of applying an algorithm to a private cell of the mobile station assigned to the second cell communication system and a random number generated by the second cell communication system; in the first cell communication system The prostitute generates an authentication code, wherein the authentication code generated is a set of algorithm. It is applied to the private and the random numbers. Fields will be generated in the first cellular communication system. Transmitting the authentication code to a mobile station in a data packet; transmitting the authentication code generated in the first cellular communication system from the mobile station to the second cellular communication system; and First cell The Accreditation code generated by the communication system to authenticate the code produced in the second cellular communication system than the formula. 2. The method of claim 1, wherein: the first cellular communication system includes a coded multi-directional proximity (CDMA) system, and the data packet includes an ADDS message. 3. The method of applying for the first item of the patent scope, wherein: 200302670 Patent Application Continuation Page. The data packet contains an instruction, 'to instruct the mobile station to remove the authentication code from the data packet; and the method It further includes removing the authentication code from the data packet at the mobile station. 4. If the method of claim 3 is applied, the authentication code will be transmitted to the second cellular communication system in a different data packet ° 5. If the method according to item 4 of the patent is requested, wherein the second cellular communication system includes a GSM system. 6. The method of claim 1, wherein the first cellular communication system includes a first base station controlled by a first mobile switching console, and the second cellular communication system includes a first base station A second base station controlled by two mobile switching consoles, the method comprising: measuring a parameter of a signal transmitted by the first base station at the mobile station; Measuring a parameter of a signal transmitted by the second base station at the mobile station; when the parameters reach a predetermined condition, transmitting a signal quality message from the mobile station to the first base station via the first base station Mobile switching console;-in the first row mobile switching console. Generating information of a channel request message of the second mobile switching console; transmitting the information from the first mobile switching console to the mobile station; Generating, on the mobile station, a channel request message of the second mobile switching console from the 200302670 patent application continuation page information from the first mobile switching console; and removing the channel request message from the mobile station To the second action exchange console. 7. The method of claim 6 further includes generating channel information on the second mobile switching console to identify a channel of the mobile station in the second mobile switching console. 8. The method according to item 7 of the patent application scope, further comprising establishing communication between the mobile station and the second base station in the identification channel. 9. The method according to item 8 of the patent application, further comprising cutting off communication between the mobile station and the second base station. 10. The method according to item 6 of the patent application, wherein the parameter corresponds to the signal strength. 11. An apparatus in a system having a mobile station, the mobile station is connected from a first base station controlled by a first mobile switching console in a first cellular communication system to a second base station, A second base station controlled by a second mobile switching console in a different cellular communication system, the device includes: a forensic code generating component for generating an authentication code in the second cellular communication system, wherein The lack of the authentication code is a result of applying an algorithm to a private key of the mobile station assigned to the second cellular communication system and the random number generated by the second cellular communication system; A generating component for generating an authentication code in the first cellular communication system, wherein the generated authentication code is a result of applying an algorithm to 200302670 to apply for a special rhyme fan Guosuo page to the private yoga and the random number; A transmission component for transmitting the authentication code generated in the first cellular communication system to a mobile station in a data packet; a transmission component for transmitting the authentication code generated in the first cellular communication system The authentication code is transmitted from the mobile station to the second cellular communication system; and a comparison component for comparing the authentication code generated in the first cellular communication system to that generated in the second cellular communication system The authentication code. 12. The device as claimed in item 11 of the patent application, wherein the first cellular communication system includes a CDMA system; and the data packet includes an ADDS message. 13. The device as claimed in item 11 of the patent application, wherein: the data packet includes an instruction to instruct the mobile station to remove the authentication code from the data packet; and the device further includes a removing component for: The authentication code is removed from the data packet at the mobile station. 14. For the method of claim 13 in the scope of patent application, the authentication code is transmitted to the second cellular communication system in a different data packet. 15. For example, the method of claim 14 in the scope of patent application, wherein the second cellular communication system includes a GS system.