WO2006047938A1 - Procede permettant a un equipement de reseau de produire un nombre aleatoire d'authentification de carte d'abonne et procede d'authentification - Google Patents

Procede permettant a un equipement de reseau de produire un nombre aleatoire d'authentification de carte d'abonne et procede d'authentification Download PDF

Info

Publication number
WO2006047938A1
WO2006047938A1 PCT/CN2005/001799 CN2005001799W WO2006047938A1 WO 2006047938 A1 WO2006047938 A1 WO 2006047938A1 CN 2005001799 W CN2005001799 W CN 2005001799W WO 2006047938 A1 WO2006047938 A1 WO 2006047938A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
terminal
random number
network
user card
Prior art date
Application number
PCT/CN2005/001799
Other languages
English (en)
Chinese (zh)
Inventor
Kunyang Dong
Zhengwei Wang
Chunyan Zhou
Jie Kong
Zhiming Zhu
Tianzhen Huang
Shangbin Wang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2006047938A1 publication Critical patent/WO2006047938A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the invention relates to an authentication technology, in particular to a method for generating a user card authentication random number by a network device in a mobile communication network and a corresponding authentication method.
  • Most of the current mobile terminals adopt a method of separating the cards, that is, the mobile terminal itself and the user card holding the information for verifying the wireless network users are two independent parts, and they can be combined at the time of use.
  • Current user cards are primarily user identification module cards used in wireless communication systems, such as the Subscriber Identity Module (SIM) card for the Global System for Mobile Communications (GSM) system, the USIM card for the Wideband Code Division Multiple Access (WCDMA) communication system, or UIM cards for code division multiple access (CDMA) communication systems, and the like.
  • SIM Subscriber Identity Module
  • GSM Global System for Mobile Communications
  • WCDMA Wideband Code Division Multiple Access
  • CDMA code division multiple access
  • the use of the machine card separation method brings great convenience to the user, and also causes the mobile terminal to be stolen and robbed. Because in the machine card separation mode, as long as a new user card is replaced on the stolen mobile terminal, it can be used without any hindrance. In this way, the thief can resell the stolen mobile terminal for profit. In this way, the user not only loses economic benefits, but also needs to go through a series of procedures at the communication operator, such as changing the number of contracts. According to the user, it brings great inconvenience to the user. At the same time, the mobile terminal is lost, and the common information stored by the user in the mobile terminal, such as the directory record, etc., is also lost, which will cause great trouble to the user's daily life and work. Impact.
  • the user card can authenticate the mobile communication network. After the authentication is successful, the user card can Normal use, and when the authentication fails, the user card cannot be used normally in the mobile communication network.
  • this method can only solve the problem of user card security in the mobile terminal, and cannot solve the problem of theft of the mobile terminal itself. For example, after a thief steals a mobile terminal of a legitimate user, the user card of the legitimate user can be replaced with a user card, so that the existing authentication method can successfully authenticate the user card, so that the thief can still use the thief.
  • the stolen mobile terminal cannot prohibit the stolen mobile phone from continuing to use, so that the anti-theft function of the mobile terminal cannot be achieved.
  • the second generation mobile communication network does not support the terminal authentication of the terminal separated by the machine card. Therefore, the anti-theft problem cannot be solved. Summary of the invention
  • an object of the present invention is to provide a method for generating a user card authentication random number in a network side device in a mobile communication system, so that the mobile terminal can perform network authentication by using the customized user card authentication random number. Authentication, thereby improving the security of the mobile terminal and preventing the mobile terminal from being stolen.
  • Another object of the present invention is to provide a method for a mobile terminal to authenticate a network by using a user card authentication random number in a mobile communication system, so as to improve the security of the mobile terminal by authenticating the network, thereby preventing the mobile terminal from being stolen. grab.
  • Still another object of the present invention is to provide an authentication method in a mobile communication system to improve the security of the mobile terminal by authenticating the network by the mobile terminal, thereby preventing the mobile terminal from being stolen.
  • a method for generating a user card authentication random number by a network device in a mobile communication system includes:
  • a network device generates a terminal authentication random number, and generates a terminal message authentication code according to the security key, the terminal authentication sequence number, and the terminal authentication random number;
  • the network device generates a new user card authentication random number according to the terminal authentication random number, the terminal authentication sequence number, and the terminal message authentication code.
  • the step (c) generates a new user card authentication random number according to the terminal authentication random number, the terminal authentication sequence number, and the terminal message authentication code, which is a terminal authentication random number, a terminal authentication sequence number, and a terminal.
  • the message authentication code is combined into a user card authentication random number.
  • the network device is a home location register/verification center HLR/AUC.
  • the method may further comprise: HLR/AUC transmitting the generated user card authentication random number to the MSC/VLR or SGSN.
  • the method may further include: the HLR/AUC generating an authentication set including the user card authentication random number according to the user card authentication random number, and further comprising: the HLR/AUC transmitting the generated authentication set to the MSC/VLR Or SGSN.
  • step b further comprises the step of determining whether to perform the generation of the user card authentication random number according to the security key, and if so, performing step b; otherwise, the step of generating the user card authentication random number according to the security key is not performed.
  • the network device in the mobile communication system Since the network device in the mobile communication system generates a user card authentication random number, a preset security key corresponding to the mobile terminal is used, so that the user card authentication random number of the method of the present invention is different from the prior art.
  • the user card authentication random number without considering the security key is matched with the processing of the mobile terminal after receiving the random number of the user card authentication, so that the mobile terminal can authenticate the network, which is different from the prior art mobile terminal. Only the user card authentication random number is transmitted to the user card, but the mobile terminal itself does not authenticate the random number according to the user card authentication The case of authentication.
  • the mobile terminal authenticates the network
  • the illegal user replaces a user card
  • the security key stored in the mobile terminal corresponds to the network side according to the legitimate user card for the mobile
  • the security key set by the terminal such as the security key set in the subscription information of the legitimate user, is inconsistent with the security key set in the subscription information of the illegal user, so the authentication of the network by the mobile terminal will not pass, thus, The illegal user will not be able to use the mobile terminal normally; or the security key corresponds to the security key set by the network side according to the mobile terminal identifier, so that once the user loses the mobile terminal, the operator changes the network side to correspond to his own mobile.
  • the security key information of the terminal device, the mobile terminal does not pass the authentication of the network, and therefore the mobile terminal will not be able to use normally. Therefore, the authentication of the network by the mobile terminal can effectively improve the security of the mobile terminal and effectively prevent the mobile terminal from being stolen.
  • the new user card authentication random number in the existing authentication method is replaced by a new user card authentication random number obtained according to the terminal authentication random number, the terminal authentication sequence number, and the terminal message authentication code,
  • the invention can be implemented by upgrading the HLR/AUC and the mobile terminal without changing a large number of network devices such as MSC/VLR or SGSN, so that the compatibility between the present invention and the prior art is better, and the implementation of the present invention is more advantageous.
  • a method for authenticating a communication network by a mobile terminal in a mobile communication network includes at least:
  • the mobile terminal After receiving the user card authentication random number generated by the network side device according to the terminal authentication random number, the terminal authentication sequence number and the terminal message authentication code, the mobile terminal obtains the security key and the receiving according to the self-set User card authentication random number to determine whether the authentication of the network is passed
  • the step b is based on the security key set by itself and the received user card authentication.
  • the random number determines whether the authentication of the network passes:
  • the step b3 may further include: determining whether the parsed terminal authentication sequence number and the terminal authentication sequence number set by itself meet the predetermined condition, and if yes, determining that the authentication of the network is passed; otherwise, performing the step of synchronizing the terminal authentication sequence number Hey.
  • the predetermined condition here is that the difference between the parsed terminal authentication sequence number and the terminal authentication sequence number set by itself is within a predetermined range.
  • step b further comprising determining whether to perform a step of determining whether the authentication of the network is passed according to the security key and the user card authentication random number, if yes, performing step b; otherwise, performing terminal authentication on the network is not performed. step.
  • the mobile terminal directly determines whether the authentication of the network is passed according to the security key saved by itself and the received random number of the user card after receiving the random number of the user card authentication, the mobile terminal only differs from the prior art.
  • the user card authentication random number is transmitted to the user card, and the mobile terminal itself does not authenticate the network according to the user card authentication random number.
  • the security of the mobile terminal is improved, and the mobile terminal is effectively prevented from being stolen.
  • an authentication method in a mobile communication network includes at least:
  • a network device respectively setting a security key and a terminal authentication serial number corresponding to the mobile terminal in the network device and the mobile terminal; a network device generates a terminal authentication random number, and generates a terminal message authentication code according to the security key, the terminal authentication sequence number, and the terminal authentication random number;
  • the network device generates a user card authentication random number according to the terminal authentication random number, the terminal authentication sequence number, and the terminal message authentication code, and sends the user card authentication random number to the mobile terminal;
  • the mobile terminal judges whether the authentication of the network passes according to the security key set by itself and the received random number of the user card authentication.
  • determining whether the authentication of the network passes according to the security key set by itself and the received random number of the user card authentication includes:
  • the network device can be HLR/AUC, and the method further includes:
  • the HLR/AUC generates an authentication set including the user card authentication random number according to the authentication key and the user card authentication random number, and sends the authentication set to the MSC/VLR or the SGSN;
  • the MSC/VLR or SGSN retrieves the user card authentication random number from the authentication set, and sends the user card authentication random number to the mobile terminal.
  • the authentication of the network by the mobile terminal itself is realized, the security of the mobile terminal is improved, and the mobile terminal is effectively prevented from being stolen.
  • the new user card authentication random number obtained according to the terminal authentication random number, the terminal authentication sequence number, and the terminal message authentication and encoding is replaced by the existing authentication method.
  • the user card authentication random number can be implemented by simply upgrading the HLR/AUC and the mobile terminal without changing a large number of network devices such as the MSC VLR or the SGSN, so that the compatibility between the present invention and the prior art is better. It is more advantageous to implement the invention.
  • FIG. 1 is a general flow diagram of generating a user card authentication random number by a network device in accordance with the present invention.
  • FIG. 2 is a flow diagram of a specific embodiment of generating a user card authentication random number by a network device in accordance with the present invention.
  • FIG. 3 is a general flow diagram of a mobile terminal authenticating a network in accordance with the present invention.
  • FIG. 4 is a flow diagram of one embodiment of a mobile terminal authenticating a network in accordance with the present invention.
  • FIG. 5 is a flow diagram of the overall authentication operation in accordance with the present invention.
  • FIGS 6A and 6B are flow diagrams of one embodiment of an overall authentication operation in accordance with the present invention.
  • FIGS 7A and 7B are flow diagrams of another embodiment of an overall authentication operation in accordance with the present invention. Mode for carrying out the invention
  • a security key (SKEY) corresponding to the mobile terminal and a terminal authentication sequence number (msSQN) are first set in the network device.
  • the network device first generates a terminal authentication random number (msRAND) when generating a RAND for a mobile terminal.
  • the network device generates a terminal message authentication code (msMAC) based on the SKEY, msSQN, and the generated msRAND corresponding to the mobile terminal.
  • the network device generates RANDo based on msRA D, msSQN, and msMAC
  • FIG. 2 illustrates a specific embodiment of a network device generating RAND.
  • the network device here is HLR/AUCo.
  • HLR/AUCo As is well known to those skilled in the art, the HLR and AUC are usually integrated in one device, which functions as both a home location register and a verification center, so the device is referred to herein as HLR/AUC.
  • step 201 the SKEY and msSQN of the corresponding mobile terminal are first saved in the HLR/AUC.
  • step 202 the HLR/AUC generates an msRAND using its own random number generator.
  • step 203 the HLR/AUC generates the msMAC using the SKEY, msSQN, and msRAND of the corresponding mobile terminal set in advance.
  • the HLR/AUC combines msRAND generated in step 202, msMAC generated in step 203, and known msSQN into RAND.
  • the HLR/AUC generates an authentication set using its own stored authentication key (KI) and RAND.
  • HLR/AUC uses its saved KI and RAND to calculate the expected response (XRES), encryption key CCK, integrity key (IK) and authentication token (AUTN), and RAND, XRES, CK, IK, and AUTN form a five-tuple authentication set for the mobile terminal.
  • XRES expected response
  • AUTN authentication token
  • RAND RAND
  • XRES user card message authentication code
  • SQN user card authentication sequence number
  • AMF authentication management domain
  • RAND the AUTN is generated by the SQN, the AMF, and the MAC.
  • HLR/AUC utilizes its own stored authentication key (KI) and RAND calculates a symbol response (SRES), a cryptographic key (KC), and combines RAND, SRES, and KC into a triplet authentication set of the mobile terminal.
  • KI stored authentication key
  • RAND calculates a symbol response (SRES), a cryptographic key (KC), and combines RAND, SRES, and KC into a triplet authentication set of the mobile terminal.
  • KI stored authentication key
  • KC cryptographic key
  • the HLR/AUC sends the authentication set to the MSC/VLR.
  • the MSC and the VLR are usually integrated in one device, the device is called an MSC VLR.
  • step 207 upon authentication, the MSC/VLR extracts the RAND in the corresponding authentication set of the mobile terminal and sends it to the mobile terminal.
  • the MSC/VLR also sends the AUTN to the mobile terminal.
  • step 204 combining msRAND, msMAC, and msSQN into RAND in step 204 may simply be to join them together.
  • the existing protocol stipulates that the RAND sent by the HLR/AUC to the MSC/VLR should be 128 bits, so the random number generated by the HLR/AUC using the random number generator in the prior art is 128 bits.
  • a 64-bit msRAND can be generated, or a generated 128-bit random number can be divided into two 64-bit msRANDs for use.
  • both msSQN and msMAC are 32 bits, so that the 32-bit msMAC and the 32-bit msSQN are connected in parallel to the 64-bit msRAND to form a new 128-bit RAND specified by the protocol.
  • the new RAND includes the msSQN information and the msMAC information, and the msMAC generation process considers the SKEY information, so the new RAND of the present invention includes the SKEy information, which is different from the pure one in the prior art.
  • the random number enables the mobile terminal to authenticate the network by using the SKEY, thereby improving the security of the mobile terminal and preventing the mobile terminal from being stolen.
  • the authentication set is a triplet, which includes SRES and KC in addition to RAND. These three parameters are sent to the MSC/VLR and saved by the MSC/VLR, where SRES It is used when the MSC/VLR authenticates the mobile terminal, and the KC is used for data encryption and decryption.
  • the authentication set is one.
  • a quintuple in addition to RAND, also includes XRES, CK, IK, and AUTN. These four parameters are sent to the MSC/VLR for storage by the MSC/VLR, where XRES is used when the MSC VLR authenticates the mobile terminal, CK is used for data encryption and decryption, and IK is used for data integrity verification.
  • step 202 a step of determining whether to perform a user card authentication random number according to the SKEY may be further included, and if yes, performing step 202 and subsequent steps; otherwise, directly generating a 128-bit terminal authentication random number according to the existing process RAND authenticates the random number as a user card and then performs subsequent processing.
  • Determining whether to execute RAND according to SKEY may be pre-set a security flag. If the security flag indicates that the value of RAND needs to be generated according to SKEY, for example, 1 means that RAND needs to be generated according to SKEY, if the security flag indicates that it is not required according to SKEY Generating a value of RAND, such as 0, means that there is no need to generate a RAND based on SKEY.
  • determining whether to perform RAND generation according to SKEY may be determining whether SKEY is a specific value, for example, 0. If yes, it means that it is not necessary to generate RAND according to SKEY, and if it is not 0 but other arbitrary values, it indicates that it needs to be based on SKEY generates RAND.
  • the HLR/AUC updates the msSQN once each time an authentication set is generated.
  • each authentication set has a different msSQN.
  • the msSQN update it can be performed according to a certain algorithm. The algorithm generates a new msSQN based on the original msSQN.
  • the above describes the process of generating RAND on the network device side, and the RAND is sent to the corresponding mobile terminal after the network device generates the RA D.
  • the following describes the processing performed after the mobile terminal receives the RAND.
  • FIG. 3 shows an overall method flow for a mobile terminal to authenticate a communication network in a mobile communication network.
  • the mobile terminal in step 301, the mobile terminal first sets a SKEY and an msSQN, where the SKEY and msSQN and the network device side are set and saved corresponding to Your own SKEY and msSQN are basically the same.
  • the mobile terminal After receiving the RAND from the network device side, the mobile terminal If yes, the network can be normally accessed in step 303. If it is not passed, it is determined that it is illegal, and in step 304, its normal use is stopped.
  • Stopping your normal use here may not allow you to access the network, or directly power off or shut down, etc., and may also, for example, send a short message to notify relatives or relatives or security agencies.
  • the mobile terminal first saves a SKEY and an msSQN, where the SKEY is consistent with the SKEY stored on the network device side corresponding to itself.
  • the terminal and the network side respectively store a pair of symmetric keys, which are usually the same for symmetric keys.
  • step 402 upon authentication, the mobile terminal first parses out msRA D, msSQN and msMAC after receiving the RAND from the MSC/VLR.
  • step 403 the mobile terminal calculates an msMAC value according to its SKEY and the msRAND and msSQN parsed from the RAND, and compares whether the calculated msMAC value and the msMAC value parsed from the RAND are consistent. If they are inconsistent, In step 404, it is determined that the authentication of the network fails; if they are consistent, the mobile terminal determines whether RAND is acceptable in step 405, and if yes, determines that the authentication of the network is passed in step 406; otherwise, in step 407, a msSQN is initiated to the network. Synchronize commands.
  • the msSQN synchronization method can be performed using the SQN synchronization method.
  • whether or not RAND is acceptable is determined by judging the msSQN therein.
  • the mobile terminal and the network side pre-save a synchronized msSQN, so that the terminal receives
  • the predetermined condition may be the msSQN parsed in the RAND and the mobile terminal itself saved.
  • the difference between msSQN is within a predetermined range. If the mobile terminal judges that the difference between the msSQN parsed in the RAND and the msSQN saved by itself is within the predetermined range, it is determined that the RAND is acceptable, otherwise it is determined that the RAND is unacceptable.
  • the mobile terminal After the mobile terminal determines that the RAND is acceptable, it updates its saved msSQN with the msSQN parsed from the user card authentication random number.
  • a step of determining whether to perform authentication on the network according to SKEY may be further included. If yes, step 402 is performed; otherwise, the step of authenticating the network according to SKEY is not performed.
  • Flag if the security flag is a value indicating that the network needs to be authenticated according to SKEY, for example, 1 means that the network needs to be authenticated according to SKEY, if the security flag is a value indicating that the network is not required to be authenticated according to SKEY For example, 0 means that there is no need to authenticate the network according to SKEY.
  • determining whether to perform authentication according to the SKEY may be determining whether the SKEY is a specific value, for example, 0. If yes, it means that the network is not required to be authenticated according to the SKEY, if not 0, but other Any value means that the network needs to be authenticated according to SKEY.
  • a SKEY and an msSQN of the corresponding mobile terminal are simultaneously set in the network device and the mobile terminal.
  • the SKEY may be an SKEY set corresponding to the mobile terminal characteristic information, or may be an SKEY set corresponding to the IMSI of the user card, or may be set according to the user's mobile terminal number MSISDN.
  • step 502 the network device first generates an msRAND when generating a RAND for a mobile terminal.
  • step 5Q3 the network device generates the msMAC using the SKEY, msSQN, and the generated msRAND corresponding to the mobile terminal.
  • the network device combines msRAND, msSQN, and msMAC into RAND, and when authenticating, sends RAND to the corresponding mobile terminal.
  • step 505 after receiving the RAND from the network device side, the mobile terminal determines whether the authentication of the network is passed according to the RAND and the SKEY saved by itself. If yes, the network can be normally accessed in step 506. If not, At step 507, it stops its normal use.
  • the mobile terminal After the mobile terminal determines that the authentication of the network is passed, it updates its saved msSQN using the msSQN in the received RAND.
  • Figures 6A and 6B illustrate an embodiment in a WCDMA system application environment.
  • step 601 SKEY and msSQN corresponding to the authentication of the mobile terminal are simultaneously saved in the HLR/AUC and the mobile terminal.
  • the HLR/AUC generates an msRAND.
  • a random number generator on the HLR/AUC, through which the msRAND can be directly generated, or after generating a temporary random number, the msRAND can be obtained by transforming.
  • the msRAND is required to be 64 bits, and the random number generated by the actual random number generator is 128 bits.
  • the 128-bit follow-up step 603 and the HLR/AUC can use the SKEY of the corresponding mobile terminal saved in advance.
  • msSQN and msRAND generate msMAC.
  • the HLR/AUC combines msRAND, msSQN, and msMAC into RA D.
  • the combination here can be simply to join them together, for example, 64-bit msRAND, 32-bit msSQN and 32-bit msMAC are combined to form a 128-bit RAND.
  • the HLR/AUC generates an authentication set using its own saved KI and RAND.
  • HLR/AUC calculates XRES, CK and IK using its saved KI and RAND, calculates MAC using KI, SQN, AMF and RAND, and generates AUTN based on SQN, AMF and MAC, and RA D, XRES, CK, IK And AUTN form a five-tuple authentication set.
  • SQN and AMF are known, and therefore, they will not be described in detail herein.
  • the HLR 7AUC sends the authentication set to the MSC/VLR.
  • step 607 upon authentication, the MSC/VLR extracts RAND in the corresponding authentication set of the mobile terminal and sends it to the mobile terminal.
  • the AUTN is also sent to the terminal, that is, the MSC/VLR extracts the RAND and the AUTN in the corresponding authentication set of the mobile terminal, and sends the RAND and the AUTN to the mobile terminal.
  • the mobile terminal After receiving the RAND from the MSC/VLR, the mobile terminal first parses out msRAND, msSQN, and msMAC.
  • step 609 the mobile terminal calculates an msMAC value according to its SKEY and the msRAND.msSQN parsed from the RAND, and compares the calculated msMAC value with the msMAC value parsed from the RAND. If they are inconsistent, then In step 610, it is determined that the authentication of the network has failed. Otherwise, that is, if they are consistent, it is determined in step 611 whether RAND is acceptable. If yes, it is determined in step 612 that the authentication of the network is passed; otherwise, in step 613, the mobile terminal proceeds to The network initiates a msSQN synchronization command.
  • the mobile terminal determines whether the RAND is acceptable according to the parsed msSQN and the saved msSQN. For example, it is determined whether the difference between the parsed msSQN and the saved msSQN is within a predetermined range. If yes, the RAND is determined. It is acceptable; otherwise, it is determined that the RAND is unacceptable. When the mobile terminal determines that the RAND is unacceptable, it can send a synchronization command of the synchronization msSQN to the network side, and synchronize the terminal and the msSQN saved by the network through the synchronization process.
  • the mobile terminal transmits RAND and AUTN to the user card.
  • step 615 the user card uses its own KI and the received RAND, AUTN to determine whether the authentication of the network is passed, and whether synchronization of the SQN is required, and after the network authentication is passed, XRES, CK, and IK are generated.
  • the user card transmits the generated XRES to the mobile terminal.
  • the mobile terminal transmits the X ES received from the subscriber card to the MSC/VLR.
  • the MSC/VLR compares whether the XRES received from the mobile terminal and the corresponding authentication set XRES of the mobile terminal received from the HLR/AUC are consistent. If they are consistent, it is determined in step 619 that the network authenticates the mobile terminal; otherwise, in step 620, it is determined that the network failed to authenticate the mobile terminal.
  • the step 614 and the subsequent steps are processed for the network to authenticate the mobile terminal, and the user card and the network negotiate the communication keys such as CK, IK, etc., which are described in detail in the existing authentication process. The invention will not be described again.
  • the RAND sent by the mobile terminal to the user card is customized, instead of the random RAND generated by the random number generator in the existing authentication process, so The mobile terminal can authenticate the network by using the RAND and its saved SKEY, msSQN, and the like.
  • the processing flow is the same as the existing processing flow, so the invention can be applied without any upgrade.
  • 7A and 7B illustrate an embodiment in a GSM system application environment. As shown in FIG. 7A and FIG. 7B, in step 701, SKEY and msSQN corresponding to the authentication of the mobile terminal are simultaneously saved in the HLR/AUC and the mobile terminal.
  • the HLR/AUC generates an msRAND.
  • step 703 the HLR/AUC generates the msMAC using the SKEY, msSQN, and msRAND of the corresponding mobile terminal stored in advance.
  • the HLR/AUC combines msRAND, msSQN, and msMAC into RANDo
  • the HLR/AUC generates an authentication set using its own saved KI and RAND.
  • HLR/AUC calculates SRES and KC using its saved KI and RAND, and combines RAND, SRES and KC into a triple authentication set.
  • the HLR/AUC sends the authentication set to the MSC/VLR.
  • step 707 upon authentication, the MSC/VLR extracts RAND in the corresponding authentication set of the mobile terminal and sends it to the mobile terminal.
  • the mobile terminal first parses out msRAND, msSQN, and msMAC after receiving the RAND from the MSC/VLR.
  • step 709 the mobile terminal calculates an msMAC value according to its SKEY and the msRAND and msSQN parsed from the RAND, and compares the calculated msMAC value with the msMAC value parsed from the RAND. If they are inconsistent, then In step 710, it is determined that the authentication of the network fails. Otherwise, that is, if they are consistent, it is determined in step 711 whether RAND is acceptable. If yes, it is determined in step 712 that the authentication of the network is passed; otherwise, in step 713, the mobile terminal proceeds to The network initiates a msSQN synchronization command.
  • the mobile terminal determines whether the RAND is acceptable according to the parsed msSQN and the saved msSQN, for example, determining whether the difference between the parsed msSQN and the saved msSQN is within a predetermined range. If yes, determining that the RAND is OK Accept Otherwise, it is determined that the RAND is unacceptable.
  • the mobile terminal may send a synchronization command of the synchronized msSQN to the network side, and synchronize the terminal with the msSQN saved by the network through the synchronization process.
  • step 4 the mobile terminal sends RAND to the user card.
  • the user card generates SRES using its own KI and the received RAND.
  • the user card transmits the generated SRES to the mobile terminal.
  • the mobile terminal transmits the SRES received from the subscriber card to the MSC/VLR.
  • the MSC/VLR compares the SRES received from the mobile terminal with the received
  • step 719 Whether the corresponding authentication set SRES of the mobile terminal of the HLR/AUC is consistent. If they are consistent, it is determined in step 719 that the network authenticates the mobile terminal; otherwise, in step 720, it is determined that the network failed to authenticate the mobile terminal.
  • step 714 and the subsequent steps here are for the network to authenticate the mobile terminal, and the communication key of the user card and the network negotiation CK, etc., which are described in detail in the existing authentication process, and can be specifically referred to The GSM related protocol, which is not described in detail herein.
  • the above MSC/VLR is a circuit domain device, and for a packet domain network, corresponding
  • the MSC VLR device can be an SGSN.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé d'authentification dans un réseau de télécommunication mobile. Le procédé comporte les étapes suivantes: préétablir dans l'équipement de réseau et le terminal mobile une clé de sécurité et un numéro de série d'authentification de terminal correspondant au terminal mobile; lors de l'authentification, l'équipement de réseau produit un nombre aléatoire d'authentification de terminal ainsi qu'un codage d'authentification de message de terminal selon la clé de sécurité, le numéro de série d'authentification de terminal et le nombre aléatoire d'authentification de terminal; l'équipement de réseau produit ensuite un nombre aléatoire d'authentification de carte d'abonné selon le nombre aléatoire d'authentification de terminal, le numéro de série d'authentification du terminal et le codage d'authentification de message de terminal, et envoie le nombre aléatoire d'authentification de carte d'abonné au terminal mobile; le terminal mobile décide ensuite de s'authentifier auprès du réseau au moyen de la clé de sécurité établie et du nombre aléatoire d'authentification de carte d'abonné reçu. L'invention concerne aussi un procédé permettant à un équipement de réseau de produire un nombre aléatoire d'authentification de carte d'abonné, et un procédé permettant à un terminal de s'authentifier par rapport au réseau.
PCT/CN2005/001799 2004-11-02 2005-10-31 Procede permettant a un equipement de reseau de produire un nombre aleatoire d'authentification de carte d'abonne et procede d'authentification WO2006047938A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200410086872.0 2004-11-02
CNB2004100868720A CN100518056C (zh) 2004-11-02 2004-11-02 网络设备生成用户卡鉴权随机数的方法及鉴权方法

Publications (1)

Publication Number Publication Date
WO2006047938A1 true WO2006047938A1 (fr) 2006-05-11

Family

ID=36318883

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2005/001799 WO2006047938A1 (fr) 2004-11-02 2005-10-31 Procede permettant a un equipement de reseau de produire un nombre aleatoire d'authentification de carte d'abonne et procede d'authentification

Country Status (2)

Country Link
CN (1) CN100518056C (fr)
WO (1) WO2006047938A1 (fr)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100525503C (zh) * 2006-10-17 2009-08-05 中国移动通信集团公司 鉴权方法、验证鉴权序列号的方法、通信系统及用户卡
CN102638794B (zh) * 2007-03-22 2016-03-30 华为技术有限公司 鉴权和密钥协商方法、认证方法、系统及设备
CN101119381B (zh) * 2007-09-07 2013-01-16 中兴通讯股份有限公司 防止重放攻击的方法及系统
CN101588579B (zh) * 2008-05-20 2011-09-14 华为技术有限公司 一种对用户设备鉴权的系统、方法及其基站子系统
CN101938741A (zh) * 2009-06-30 2011-01-05 大唐移动通信设备有限公司 双向认证的方法、系统及装置
CN101990201B (zh) * 2009-07-31 2013-09-04 中国移动通信集团公司 生成gba密钥的方法及其系统和设备
CN103297970B (zh) * 2013-05-24 2016-06-15 北京创毅讯联科技股份有限公司 移动终端的鉴权方法、鉴权终端、移动终端和鉴权系统
CN105635089B (zh) * 2014-11-28 2020-10-09 珠海汇金科技股份有限公司 动态密码锁的鉴权方法、开锁方法和开锁系统

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1266341A (zh) * 1999-03-03 2000-09-13 Lg情报通信株式会社 管理移动站操作参数的方法
CN1489874A (zh) * 2001-11-21 2004-04-14 �����ɷ� 移动电话的认证
CN1541015A (zh) * 2003-10-31 2004-10-27 大唐微电子技术有限公司 应用国际移动设备识别码实现手机防盗的方法及其系统

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1266341A (zh) * 1999-03-03 2000-09-13 Lg情报通信株式会社 管理移动站操作参数的方法
CN1489874A (zh) * 2001-11-21 2004-04-14 �����ɷ� 移动电话的认证
CN1541015A (zh) * 2003-10-31 2004-10-27 大唐微电子技术有限公司 应用国际移动设备识别码实现手机防盗的方法及其系统

Also Published As

Publication number Publication date
CN100518056C (zh) 2009-07-22
CN1770682A (zh) 2006-05-10

Similar Documents

Publication Publication Date Title
EP1758417B1 (fr) Procede d'authentification
JP4263384B2 (ja) ユーザ加入識別モジュールの認証についての改善された方法
JP4688808B2 (ja) 移動体通信システムにおける暗号化の強化セキュリティ構成
EP1976322A1 (fr) Procédé d'authentification
KR100987899B1 (ko) 서비스 제공자로부터 수신된 챌린지에 대한 응답을 생성하기 위한 의사―비밀 키 생성 방법 및 장치
CN112291064B (zh) 认证系统,注册及认证方法、装置,存储介质及电子设备
WO2006128364A1 (fr) Procede et systeme de mise a jour d'une cle secrete
WO2006047938A1 (fr) Procede permettant a un equipement de reseau de produire un nombre aleatoire d'authentification de carte d'abonne et procede d'authentification
JP2003524353A (ja) 通信システムにおける完全性のチェック
JP4664050B2 (ja) 認証ベクトル生成装置、加入者認証モジュール、移動通信システム、認証ベクトル生成方法、演算方法及び加入者認証方法
TW200952424A (en) Authenticating a wireless device in a visited network
EP1121822B1 (fr) Authentification dans un systeme de communication mobile
CN1894996B (zh) 用于无线通信中的认证的方法和装置
CN101163003A (zh) Sim卡使用umts终端和umts系统时终端认证网络的系统和方法
US8670567B2 (en) Recovery of expired decryption keys
WO2011124051A1 (fr) Procédé et système d'authentification de terminal
US8229398B2 (en) GSM authentication in a CDMA network
US7200750B1 (en) Method for distributing encryption keys for an overlay data network
WO2004098144A1 (fr) Dispositif et procede de protection des communications
CN100396156C (zh) 一种同步sqn的处理方法
WO2006050663A1 (fr) Procede de definition de code de securite
WO2007124657A1 (fr) Procédé, système et dispositif d'authentification

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 05807049

Country of ref document: EP

Kind code of ref document: A1