WO1999007178A1 - System and method for preventing replay attacks in wireless communication - Google Patents
System and method for preventing replay attacks in wireless communication Download PDFInfo
- Publication number
- WO1999007178A1 WO1999007178A1 PCT/US1998/015995 US9815995W WO9907178A1 WO 1999007178 A1 WO1999007178 A1 WO 1999007178A1 US 9815995 W US9815995 W US 9815995W WO 9907178 A1 WO9907178 A1 WO 9907178A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- station
- security parameter
- communication network
- authentication signature
- authentication
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 73
- 238000004891 communication Methods 0.000 title claims abstract description 31
- 238000012795 verification Methods 0.000 claims description 12
- 230000008569 process Effects 0.000 description 20
- 230000001413 cellular effect Effects 0.000 description 7
- 230000006870 function Effects 0.000 description 7
- 238000013475 authorization Methods 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 230000004044 response Effects 0.000 description 4
- 238000010367 cloning Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 230000002411 adverse Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000010267 cellular communication Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W74/00—Wireless channel access
Definitions
- the invention relates generally to wireless communication systems, such as mobile telephone systems. More particularly, the invention relates to authentication procedures in mobile telephone systems.
- Cloning is the duplication of a legitimate subscriber unit to seize the legitimate subscriber unit's identity and thus acquire unauthorized telephone service. Such activities also create problems and substantial inconveniences for system users.
- CTIA Cellular Telecommunications Industry Association
- authentication refers to the exchange and processing of stored information to confirm a subscriber unit's identity.
- the authentication procedure is performed by a network to validate the identity of a standard-compliant phone unit, such as an IS-54B, IS-136, IS-91, or IS-95 standard phone.
- a standard-compliant phone unit such as an IS-54B, IS-136, IS-91, or IS-95 standard phone.
- the authentication procedure is independent of the air-interface protocol used (i.e., CDMA or TDM A).
- FIG. 1 is a pictorial diagram of a typical mobile communication system having one or more mobile stations.
- a mobile telephone system (MTS) 100 typically includes infrastructure components 112 communicating with a plurality of mobile stations (MS) 120 using radio frequency (RF) channels.
- the infrastructure components include a base station (BS) 110, a mobile switching center (MSC) 130, a home location register (HLR) 150, an authentication center (AC) 160, and a visitor location register (VLR) 155.
- the BS 110 provides the air interface between the MS 120 and the MSC 130.
- the MSC 130 coordinates all communications channels and processes, and provides access for the BS 110 to networks, such as a public switched telephone network (PSTN) 140.
- the HLR 150 contains a subscriber database 152.
- the subscriber database 152 maintains each subscriber's mobile identification number (MIN) and electronic serial number (ESN). The MIN and ESN, taken together, uniquely identify each MS.
- MIN mobile identification number
- ESN electronic serial number
- the MSC 130 also includes the visitor location register (VLR) 155.
- VLR visitor location register
- the VLR 155 may be a separate component of the system.
- the VLR 155 contains a local, temporary subscriber database 157 similar to the permanent subscriber database in the HLR 150. The information from the HLR 150 and the VLR 155 are used to authorize system access and to authorize billing to a particular billing account.
- the MSC 130 also interfaces with the AC 160 through the HLR 150.
- the VLR 155 and MS 120 each have access to at least three pieces of information that make up the data used for authentication: the MIN of the mobile, the ESN of the mobile, and a shared secret data (SSD-A) associated with the mobile.
- the SSD-A is typically derived from an authentication key (A-Key).
- A-Key is a secret value that is unique to each individual subscription. For example, the
- A-Key may be a 64-bit cryptographic variable key stored in the memory of the MS 120.
- the A-Key may, for example, be entered once from the keypad of the MS 120 when the mobile station is first put into service to serve a particular subscriber.
- the A-Key typically remains unchanged unless its value has been compromised.
- the MIN and ESN may be transmitted over the air, but the A-Key may not be transmitted over the air.
- CAVE cellular authentication and voice encryption
- the CAVE algorithm is a software-compatible non-linear mixing function having a 32-bit linear-feedback shift register (LFSR), sixteen 8-bit mixing registers, and a 256-entry lookup table.
- LFSR linear-feedback shift register
- 256-entry lookup table For further details on the CAVE algorithm refer to Common Cryptographic Algorithms cellular standard.
- Authentication requires both the MS 120 and the infrastructure components 112 of the system to execute the CAVE algorithm with a common set of data to generate an authentication signature. If the authentication signature generated by the MS 120 matches the authentication signature generated by the infrastructure components, then the identity of the MS 120 is authenticated and access to telephone service is granted.
- the authentication can be performed by either a unique challenge or a broadcast challenge.
- a unique challenge a "RAND" is transmitted to a MS 120 that requests access to the system.
- the RAND is typically a randomly-generated value used in the authentication process.
- the RAND for a unique challenge is typically a 24-bit digital value.
- the MS 120 receives the RAND and executes the CAVE algorithm using the received RAND, the
- the MS 120 transmits the RAND and the calculated authentication signature to the infrastructure components 112.
- the infrastructure components 112 similarly use the CAVE algorithm to calculate an authentication signature based upon the stored values for the SSD-A, the MIN, and the ESN. If the authentication signature received from the MS 120 matches the authentication signature calculated independently by the infrastructure components 112, then the MS 120 is granted access to service. Otherwise, the MS 120 is denied access to service.
- the infrastructure components broadcast a RAND to all MSs 120 on a dedicated broadcast channel (e.g., a cellular paging channel) rather than sending a RAND only to one MS 120 that has requested access.
- the broadcast challenge is sometimes referred to as the "global challenge.”
- a new RAND will be generated and transmitted from time to time.
- the MS 120 computes the authentication signature based on the most recently broadcast RAND prior to any communication with the infrastructure components 112.
- the MS 120 transmits the 8 most significant bits of the RAND and the computed authentication signature to the infrastructure components 112 for verification. Since the infrastructure components 112 send the authentication signature together with the request for services, verification of the authentication signature can begin immediately upon the MS 120 requesting access to service, thereby minimizing delay in call processing.
- a replay attack allows an intruder to appear to be a legitimate subscriber. As a result, the intruder can make calls that are billed to the legitimate subscriber.
- an intruder monitors the information that is transmitted between an authorized MS 120 and the infrastructure components 112. The intruder stores the RAND and authorization signature transmitted by the authorized MS 120 to the infrastructure components 112. When the call ends, the intruder transmits a request for service containing the same RAND and authorization signature as sent previously by the legitimate subscriber. If the RAND has not changed since the authorized MS 120 calculated the intercepted authentication signature, then the subscriber who owns the authorized MS 120 would be billed for the intruder's use of service.
- dialed digits Prior efforts to prevent replay attacks such as using the dialed digits as input to the CAVE algorithm have been unsuccessful. For a mobile originated call a subset of the dialed digits is used as input to the CAVE algorithm instead of the MIN. Since dialed digits typically change with each call, using the dialed digits as an input to the CAVE algorithm results in a unique authentication signature for each call, unless the two calls are made to the same number. However, the authorization process typically will use a predetermined number of the last digits dialed, since these are most likely to be unique to each call. In many cases, the dialed digits of the authorized call can be appended to the dialed digits of the unauthorized call without adversely affecting the call.
- the infrastructure will generate the same authentication signature as was generated for the call made by the authorized MS 120. Furthermore, fraudulent access to the system is available if the unauthorized MS intercepts and an operator assisted call or a call that is made through a directory assistance operator and uses the intercepted information (i.e., RAND and authentication signature) to access the system. Since many wireless service providers are now offering directory assistance service which connects the user directly to the number requested, many users will be dialing only "411" to get access to the system. Accordingly, by waiting for an operator assisted call to be made by an authorized user, a fraudulent user can gain unauthorized access to the system. Therefore, there is a need in the wireless communication technology for an authentication process that is less susceptible to unauthorized access to the system.
- a method and apparatus which confirms the identity of a station in a communication network, such as a mobile telephone system.
- the disclosed method and apparatus is not susceptible to replay attacks.
- the disclosed method and apparatus implements an authentication process that has a relatively short delay.
- the disclosed method and apparatus includes the present invention as defined by the appended claims.
- the disclosed method and apparatus comprises a first station (e.g., a mobile station) that communicates a first "security parameter" (e.g., a RAND) and an authentication signature to a second station (e.g., an infrastructure component) within the communication network.
- a security parameter is defined as any signal, pattern, or value that can be used as an input to a signature generation
- SG SG
- CAVE cellular authentication and voice encryption
- the second station receives the first security parameter and the authentication signature from the first station. If the first security parameter differs from each of a predetermined number of first security parameters previously received from the first station, then the second station performs conventional procedures to authenticate (i.e., confirm the identity of) the first station. Once the second station has authenticated the first station, the first station is granted access to the communication network. If the first security parameter is the same as one of the first security parameters transmitted by that first station in the most recent attempt by that first station to gain access, then the second station performs a "unique challenge".
- Figure 1 is a pictorial diagram of a typical mobile communication system having one or more mobile stations
- Figure 2 is a pictorial diagram of a challenge /response dialog between a mobile switching center and a mobile station
- Figure 3 is an illustration of the components of the MSC
- Figure 4 is a flow chart describing the steps performed during operation of an authentication process.
- a method and apparatus for confirming the identify a mobile station in a mobile telephone system (MTS).
- the disclosed method and apparatus ensures that each mobile station (MS) can use a particular set of security values (such as a "RAND” or an authentication signature generated from a particular set of information, including a RAND) only once within a predetermined time.
- a particular set of security values such as a "RAND” or an authentication signature generated from a particular set of information, including a RAND
- the disclosed method and apparatus includes the claimed present invention. However, the scope of the invention should be determined exclusively by the appended claims.
- FIG. 2 illustrates a challenge/response dialog between infrastructure components 312 of an MTS 300 and an authorized MS 320 (e.g., an MS that has a valid billing account with the service provider who operates the MTS 300).
- An MS 321 is an intruder (i.e., an unauthorized user).
- the infrastructure components 312 include a base station (BS) 310, a mobile switching center
- the MTS 300 is preferably capable of performing both unique and broadcast challenges.
- the infrastructure components 312 transmit (via the BS 310) a broadcast security value (such as a "broadcast RAND") to all MSs 320 over an air link 340.
- the broadcast security value is preferably a randomly generated value that is used in a "broadcast authentication" process, as is described below. From time to time, the broadcast security value changes, and the new broadcast security value is broadcast to all MS's 320.
- the disclosed method and apparatus preferably operates in compliance with any industry standards that dictate how often a RAND is to be changed.
- the broadcast security value is provided as one of several inputs to a signature generation (“SG") algorithm, such as a CAVE (cellular authentication and voice encryption) algorithm, to generate an authentication signature.
- SG signature generation
- the other inputs to the SG algorithm preferably include the mobile identification number (“MIN”), the electronic serial number (“ESN”), and the shared secret data (“SSD-A”) values associated with the MS 320.
- MIN mobile identification number
- ESN electronic serial number
- SSD-A shared secret data
- the MS 320 transmits over the air to the infrastructure components 312, a set of security values.
- the set of security values include: (1) the authentication signature, (2) either the entire broadcast security value used as input to the SG, a portion of that broadcast security value, or some value which represents that broadcast security value, (3) the ESN, and (4) the MIN used to generate that authentication signature. Since the SSD-A value and the particular SG algorithm are not known to anyone who might intercept this information, there is no possibility that an intruder would be able to use this information in the future to independently generate an authentication signature when the security value changes.
- the infrastructure components 312 note at least some of the values within the set of the security values transmitted.
- the infrastructure components 312 note which broadcast security value was used by the MS 320 to generate the authentication signature.
- the security value noted by the infrastructure components 312 is the authentication signature itself.
- the infrastructure components 312 store a portion of the security information, such as the broadcast security value or the authentication signature.
- the infrastructure components 312 are equipped with sufficient memory capacity to store several security values (or values representing the value of the security value) for each MS 320.
- the infrastructure components 312 may only have memory allocated for one storing one security value (or value representing the value of the security value) for each MS 320.
- the MS 320 uses the then current broadcast security value and the MIN, ESN, and
- the MS 320 will transmit the ESN and MIN with the new broadcast security value (or representative value) and authentication signature. In this case, the process will be essentially identical to the case in which the MS 320 makes its first attempt to access the system.
- the values of the computed authentication signature and broadcast security value will be the same as those values used for the previous attempt to gain access to the system. That is, given the same input to the SG, the output from the SG will be the same for the second access attempt.
- the MS 320 transmits the broadcast security value (or representative value), the calculated authentication signature, and ESN and MIN to the infrastructure components 312 over the air link 340a.
- the infrastructure components 312 compare one or more of the received set of security values with stored security values (or representative values) previously received by the infrastructure components 312 from that MS 320. For example, in one embodiment of the disclosed method and apparatus, the infrastructure components 312 compare the broadcast security value received with broadcast security values previously received from that MS 320. Alternatively, the infrastructure components 312 can check the entire set of information that is sent by the MS 320.
- some portion of that information other than the security value or representative value is checked, as long as the information that is checked changes each time the MS 320 uses a different broadcast security value in the access attempt. Since, in this case, the infrastructure components 312 have previously received the same security information from the MS 320 (e.g., a RAND or authentication signature having the same value), the infrastructure components 312 will require additional verification of the identity of the MS 320 before that MS 320 will be allowed to access the system. In accordance with one embodiment of the disclosed method and apparatus, additional verification is performed by having the infrastructure components 312 initiate a unique challenge authentication procedure. Alternatively, the infrastructure components 312 could force a change in the broadcast security value and require the MS 320 to respond to the broadcast challenge using the new security value value. In yet another embodiment, another method may be used to force the MS 320 to verify its identity.
- the additional verification procedure indicates that the MS 320 is authorized (e.g., a successful outcome results from the unique challenge) the
- MS 320 is considered to be a legitimate subscriber and not an intruder (e.g., MS 321). Accordingly, the infrastructure components 312 grants the MS 320 access to telephone service.
- an unauthorized MS 321 captures authentication data (e.g., a RAND, authentication signature, and ESN and MIN) by monitoring transmissions from an authorized MS 320, that unauthorized MS 321 would fail the additional verification process. For example, if the infrastructure components 312 requested that the MS 321 respond to a unique challenge, that MS 321 could not respond properly, since the MS 321 would have to independently generate a new authentication signature from the unique challenge security value that is provided from the infrastructure components 312. Alternatively, if the infrastructure components 312 changed the broadcast security value and then requested the MS 321 to respond to the broadcast challenge using the new broadcast security value, the MS 321 could not do so successfully. This is because the broadcast challenge would now require independent generation of a new authentication signature based upon the new broadcast security value.
- authentication data e.g., a RAND, authentication signature, and ESN and MIN
- each of the particular components within the infrastructure components 312 may vary from one embodiment of the disclosed method and apparatus to another. However, each such component is essentially conventional with the exception of the functions that are performed to determine whether an MS 320 has previously attempted to access the system, and the process of requesting a further verification from the MS 320, if so.
- the infrastructure components 312 include the base station 310, the MSC 330, the HLR 350, the AC 360, and the VLR 355, the MSC 330 generates a broadcast security value. This broadcast security value is communicated to the BS 310. The BS 310 transmits the broadcast security value to the MS 320.
- the MS 320 When the MS 320 attempts to access communication services from the network 300, the MS 320 sends the following information back to the BS 310.
- the MS 320 sends a portion of the broadcast security value (or a value that is generated based upon the value of the security value), a copy of the MIN, the ESN, and the authentication signature that was generated by the MS 320 using these parameters. Each of these parameters are communicated to the HLR 350.
- the HLR 350 determines whether the MS 320 is registered in the system 300. If the HLR 350 determines that the MS 320 is registered, then the parameters communicated to the HLR 350 are communicated to the AC 360. The AC 360 checks whether the MS 320 (which is identified by the MIN and ESN) has previously attempted to access the system using the same broadcast security value. If not, then the AC 360 uses the MIN, the ESN, the SSD-A, and the broadcast security value to independently generate the authentication signature. The AC 360 then checks to ensure that the authentication signature that it generated is the same as the authentication signature that was received from the MS 320.
- the AC 360 will generate a unique challenge security value.
- the AC 360 will use the unique challenge security value to generate a new authentication signature (a "unique authentication signature").
- the unique challenge security value and the unique authentication signature are both communicated to the MSC 330.
- the MSC 330 communicates only the unique challenge security value to the BS 310.
- the BS 310 transmits the unique challenge security value to the MS 320.
- the MS 320 responds with a unique authentication signature that the MS 320 has independently calculated using the MIN, ESN, unique challenge security value, and SSD-A.
- the BS 310 receives the unique authentication signature from the MS 320.
- the BS 310 then communicates the signature to the MSC 330.
- the MSC 330 compares the unique authentication signature received from the MS 320 with the unique authentication signature that was provided to the MSC 330 from the AC 360. If they match, then the MS 320 is assumed to be legitimate.
- the VLR 355 is used to perform the functions that would otherwise be performed by the HLR 350.
- FIG 3 is an illustration of the components of the MSC 330.
- the MSC preferably includes a processor 301, a receiver 303, and a memory 305.
- the receiver is any type of receiving device that can receive signals from an external source.
- the receiver is a conventional receiver, such as is commonly found in equipment that is coupled to a base station via land lines.
- the processor 301 is coupled to the receiver 303.
- the processor is shown here as a single processor. However, it will be understood by those skilled in the art that the processor merely represents processing functions may be either performed by a single processing entity, such as a microprocessor, or which is performed by a plurality of processing entities distributed throughout the infrastructure components 312.
- FIG. 4 is a flow chart describing the steps executed during an authentication process in one embodiment of the disclosed method and apparatus.
- the system described in Figure 2 may be used to implement the steps of Figure 4.
- the process begins at step 400.
- the MS 320 transmits a set of security values, including identification data (e.g.,
- the MS 320 obtains the previously received broadcast security value from the infrastructure components 312 during a previous broadcast by the MSC 330, or during a previous unique challenge procedure with the infrastructure components 312.
- the infrastructure components 312 determine whether the MS 320 has previously obtained service from the infrastructure components 312 using the same set of security values. In an alternatively embodiment, the infrastructure components 312 check whether some portion of the set of security value was previously used by the MS 320 to access service.
- the infrastructure components 312 determine that the MS 320 has not previously accessed service using the same set of security values, then at step 440, the infrastructure components 312 store the security value received from the MS 320.
- the infrastructure components 312 verify the value of the authorization signature received from the MS 320. That is, a check is made of the value of the authorization signature that is expected (e.g., the value calculated independently by the infrastructure components 312 using the same inputs to the SG as were used by the MS 320). After verifying the authorization signature, the process proceeds to step 470. If, on the other hand, the infrastructure components 312 determine at step 430 that the MS 320 has previously accessed service using the same security value, then the process proceeds to step 460.
- the infrastructure components 312 perform an additional verification of the MS 320, such as by requesting a response from the MS 320 to a unique challenge procedure.
- the unique challenge procedure involves the exchange of at least a unique security value from the infrastructure components 312 to the MS 320, and a unique challenge signature from the MS 320 to the infrastructure components 312.
- the infrastructure components 312 determine whether the MS 320 has passed the authentication procedures performed at the step 450 or 460. This determination is accomplished by executing the same SG algorithm (e.g., the CAVE algorithm) as that executed by the MS 320 to compute an expected authentication signature. The infrastructure components 312 compare the expected authentication signature with the authentication signature computed by the MS 320. If the two signatures match, then the process proceeds to step 480 and the MS 320 is granted access to telephone service. If the two signatures do not match, then the process proceeds to step 490 and the MS 320 is denied access to service. The process terminates at step 499.
- the same SG algorithm e.g., the CAVE algorithm
- the invention overcomes the long-standing need for a wireless system and method having an intrusion-resistant authentication procedure.
- the probability of intrusion is minimized.
- an intruder would have to obtain not only the authentication data, but acquire the SSD-A which is not transmitted over the air.
- the invention may be embodied in other specific forms without departing from its spirit or essential characteristics.
- the described embodiment is to be considered in all respects only illustrative and not restrictive.
- the scope of the invention is, therefore, indicated by the appended claims rather by the foregoing description. All changes which fall within the meaning and range of equivalency of the claims are to be embraced within their scope.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Priority Applications (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020007000990A KR100545512B1 (ko) | 1997-08-01 | 1998-07-31 | 무선통신에서의 재사용 침입 방지 시스템 및 방법 |
AU86803/98A AU8680398A (en) | 1997-08-01 | 1998-07-31 | System and method for preventing replay attacks in wireless communication |
JP2000505766A JP2001512941A (ja) | 1997-08-01 | 1998-07-31 | 無線通信における再生攻撃を防ぐシステムおよび方法 |
EP98938232A EP1000520A1 (en) | 1997-08-01 | 1998-07-31 | System and method for preventing replay attacks in wireless communication |
US09/238,126 US6665530B1 (en) | 1998-07-31 | 1999-01-27 | System and method for preventing replay attacks in wireless communication |
US10/641,785 US20040082313A1 (en) | 1998-07-31 | 2003-08-15 | System and method for preventing replay attacks in wireless communication |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US5444097P | 1997-08-01 | 1997-08-01 | |
US60/054,440 | 1997-08-01 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1999007178A1 true WO1999007178A1 (en) | 1999-02-11 |
Family
ID=21991077
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1998/015995 WO1999007178A1 (en) | 1997-08-01 | 1998-07-31 | System and method for preventing replay attacks in wireless communication |
Country Status (6)
Country | Link |
---|---|
EP (1) | EP1000520A1 (zh) |
JP (1) | JP2001512941A (zh) |
KR (1) | KR100545512B1 (zh) |
CN (1) | CN1124766C (zh) |
AU (1) | AU8680398A (zh) |
WO (1) | WO1999007178A1 (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000067516A1 (en) * | 1999-04-30 | 2000-11-09 | Telefonaktiebolaget Lm Ericsson (Publ) | System and method for reducing network signaling load in a radio telecommunications network |
WO2005032013A1 (en) * | 2003-09-26 | 2005-04-07 | Samsung Electronics Co., Ltd. | Hrpd network access authentication method based on cave algorithm |
JP2011250171A (ja) * | 2010-05-27 | 2011-12-08 | Ntt Communications Corp | サーバ装置、通信サービス提供方法、及びプログラム |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100422826B1 (ko) * | 2001-08-27 | 2004-03-12 | 삼성전자주식회사 | 이동 아이피 망에서 챌린지를 이용한 메시지 재사용에의한 공격방지 방법 |
US20040002878A1 (en) * | 2002-06-28 | 2004-01-01 | International Business Machines Corporation | Method and system for user-determined authentication in a federated environment |
KR100848541B1 (ko) * | 2005-05-13 | 2008-07-25 | 삼성전자주식회사 | 이동 아이피 버전 6에서 재전송 공격을 방지하기 위한 방법 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0532231A2 (en) * | 1991-09-13 | 1993-03-17 | AT&T Corp. | Service provision authentication protocol |
US5559886A (en) * | 1990-03-09 | 1996-09-24 | Telefonaktiebolaget Lm Ericsson | Method of carrying out an authentication check between a base station and a mobile station in a mobile radio system |
-
1998
- 1998-07-31 KR KR1020007000990A patent/KR100545512B1/ko not_active IP Right Cessation
- 1998-07-31 JP JP2000505766A patent/JP2001512941A/ja not_active Withdrawn
- 1998-07-31 WO PCT/US1998/015995 patent/WO1999007178A1/en not_active Application Discontinuation
- 1998-07-31 AU AU86803/98A patent/AU8680398A/en not_active Abandoned
- 1998-07-31 CN CN98807747A patent/CN1124766C/zh not_active Expired - Fee Related
- 1998-07-31 EP EP98938232A patent/EP1000520A1/en not_active Withdrawn
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5559886A (en) * | 1990-03-09 | 1996-09-24 | Telefonaktiebolaget Lm Ericsson | Method of carrying out an authentication check between a base station and a mobile station in a mobile radio system |
EP0532231A2 (en) * | 1991-09-13 | 1993-03-17 | AT&T Corp. | Service provision authentication protocol |
Non-Patent Citations (1)
Title |
---|
PATEL S: "WEAKNESS OF NORTH AMERICAN WIRELESS AUTHENTICATION PROTOCOL", IEEE PERSONAL COMMUNICATIONS, vol. 4, no. 3, June 1997 (1997-06-01), pages 40 - 44, XP000655315 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000067516A1 (en) * | 1999-04-30 | 2000-11-09 | Telefonaktiebolaget Lm Ericsson (Publ) | System and method for reducing network signaling load in a radio telecommunications network |
WO2005032013A1 (en) * | 2003-09-26 | 2005-04-07 | Samsung Electronics Co., Ltd. | Hrpd network access authentication method based on cave algorithm |
AU2004306046B2 (en) * | 2003-09-26 | 2008-04-24 | Beijing Samsung Telecom R & D Center | HRPD network access authentication method based on CAVE algorithm |
US7990930B2 (en) | 2003-09-26 | 2011-08-02 | Samsung Electronics Co., Ltd. | HRPD network access authentication method based on cave algorithm |
JP2011250171A (ja) * | 2010-05-27 | 2011-12-08 | Ntt Communications Corp | サーバ装置、通信サービス提供方法、及びプログラム |
Also Published As
Publication number | Publication date |
---|---|
CN1265813A (zh) | 2000-09-06 |
EP1000520A1 (en) | 2000-05-17 |
CN1124766C (zh) | 2003-10-15 |
KR100545512B1 (ko) | 2006-01-24 |
AU8680398A (en) | 1999-02-22 |
KR20010022410A (ko) | 2001-03-15 |
JP2001512941A (ja) | 2001-08-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6950521B1 (en) | Method for repeated authentication of a user subscription identity module | |
KR101047641B1 (ko) | 보안 장치용 보안 및 프라이버시 강화 | |
US5799084A (en) | System and method for authenticating cellular telephonic communication | |
US6023689A (en) | Method for secure communication in a telecommunications system | |
US5689563A (en) | Method and apparatus for efficient real-time authentication and encryption in a communication system | |
US5943425A (en) | Re-authentication procedure for over-the-air activation | |
US6236852B1 (en) | Authentication failure trigger method and apparatus | |
US6665530B1 (en) | System and method for preventing replay attacks in wireless communication | |
US5572193A (en) | Method for authentication and protection of subscribers in telecommunications systems | |
US20020187808A1 (en) | Method and arrangement for encrypting data transfer at an interface in mobile equipment in radio network, and mobile equipment in radio network | |
US6198823B1 (en) | Method for improved authentication for cellular phone transmissions | |
EP0915630B1 (en) | Strengthening the authentification protocol | |
US20030021413A1 (en) | Method for protecting electronic device, and electronic device | |
JPH05508274A (ja) | 電気通信システムにおける加入者の真正証明及び保護のための方法 | |
WO2002052784A1 (en) | Authentication in data communication | |
JPH09503895A (ja) | 通信システムにおける真正証明のための方法および装置 | |
JP4636423B2 (ja) | 移動網内の認証 | |
CA2063447C (en) | Method for authentication and protection of subscribers in telecommunication systems | |
CA2343180C (en) | Method for improving the security of authentication procedures in digital mobile radio telephone systems | |
KR100545512B1 (ko) | 무선통신에서의 재사용 침입 방지 시스템 및 방법 | |
US8296575B2 (en) | Method for protecting electronic device, and electronic device | |
Arora | Mobile Cloning: A New Threat of Mobile Phone |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 98807747.7 Country of ref document: CN |
|
ENP | Entry into the national phase |
Ref document number: 1999 238126 Country of ref document: US Date of ref document: 19990127 Kind code of ref document: A |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1998938232 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020007000990 Country of ref document: KR |
|
WWP | Wipo information: published in national office |
Ref document number: 1998938232 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
NENP | Non-entry into the national phase |
Ref country code: CA |
|
WWP | Wipo information: published in national office |
Ref document number: 1020007000990 Country of ref document: KR |
|
WWG | Wipo information: grant in national office |
Ref document number: 1020007000990 Country of ref document: KR |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1998938232 Country of ref document: EP |