USRE45873EExpiredUtilityPatentIndex 51
Subscriber authentication
Est. expiryMar 30, 2020(expired)· nominal 20-yr term from priority
Inventors:NYBERG KAISA
H04W 12/06H04W 12/02H04W 12/037
51
PatentIndex Score
0
Cited by
33
References
31
Claims
Abstract
To provide reliable and customized authentication, a parameter to be used in authentication is defined for the operator. A secret which may be stored e.g. in a subscriber identity module is calculated from the operator parameter and a subscriber key. An authentication response is calculated from the secret and the challenge to be used in authentication with a one-way function.
Claims
exact text as granted — not AI-modifiedThe invention claimed is:
1. A method, comprising:
providing a first secret calculated using a first one-way function to calculate a first secret from only two inputs comprising a predefined key and a predefined operator parameter, wherein the key is predefined for a subscriber and the operator parameter is predefined as an operator-specific parameter having a value selected by an operator associated with the subscriber;
using a second one-way function to calculate an output from only two different inputs, the two different inputs comprising a challenge and the calculated provided first secret, wherein the challenge comprises a generated random number;
extracting the an authentication response from the output calculated by the second one-way function; and
authenticating the subscriber with the extracted authentication response,
wherein the first and second one-way functions are configured to each receive exactly two inputs.
2. The method of claim 1 , where the first secret is stored in a subscriber identity module, and further comprising:
storing the calculated first secret in a subscriber identity module; and
calculating the output in the subscriber identify identity module with the second one-way function using the challenge and the stored first secret as the two inputs.
3. The method of claim 1 , wherein the first one-way function is a hash function and the second one-way function is an encryption algorithm.
4. A method, comprising:
providing a first secret calculated using a first one-way function to calculate a first secret from two inputs comprising a predefined key and a predefined operator parameter wherein the predefined key is determined for a subscriber and the operator parameter is predefined as an operator-specific parameter having a value selected by an operator associated with the subscriber;
using a second one-way function to calculate a second secret from said two inputs;
calculating, with a third one-way function, an intermediate output from two different inputs, the two different inputs comprising a challenge and the provided first secret, wherein the challenge comprises a random number;
calculating, with a fourth one-way function, an output from two additional inputs, the two additional inputs comprising the intermediate output and the second secret;
forming an authentication response by extracting the authentication response from the output; and
authenticating the subscriber with the authentication response,
wherein each of the first, second, third, and fourth one-way functions is configured to only receive exactly two inputs, and
wherein a new challenge is required in subsequent authentications of the subscriber while the predefined key and the predefined operator parameter are allowed to be reused in the subsequent authentications of the subscriber.
5. The method of claim 4 , further comprising:
masking the predefined key and the operator parameter with a first mask before the first secret is calculated;
calculating the first secret using, as the two inputs for the first one-way function, the predefined key and the operator parameter masked with the first mask:
masking the predefined key and the operator parameter with a second mask before calculating the second secret; and
calculating the second secret using, as the two inputs for the second one-way function, the predefined key and the operator parameter masked with the second mask.
6. The method of claim 4 where the first secret is stored in a subscriber identity module, and further comprising:
storing the first and the second secret in a subscriber identity module; and
calculating, with the third one-way function, the intermediate output in the subscriber identity module using the challenge and the stored first secret as the two inputs; and
calculating, with the fourth one-way function, the output using the intermediate output and the stored second secret as said two additional inputs.
7. The method of claim 4 wherein the first and the second one-way functions comprise hash functions, and the third and the fourth one-way functions comprise encryption algorithms.
8. The method of claim 3 wherein the hash function comprises an RIPEMD-128 function; and the encryption algorithm utilizes a DES algorithm.
9. The method of claim 1 wherein the operator parameter of the subscriber's operator comprises an operator code identifying the operator and an operator secret.
10. The method of claim 1 , further comprising extracting an encryption key from the output in addition to extracting said authentication response.
11. A telecommunications system comprising:
a subscriber identity module;
an authentication center; and
a processor configured to use a challenge comprising a generated random number in authentication and to authenticate a subscriber by comparing an authentication response calculated by the subscriber identity module with an authentication response calculated by the authentication center,
wherein at least one operator parameter is predefined as an operator-specific parameter, a value of which has been selected by an operator associated with the subscriber;
wherein the authentication center is configured to:
store authentication information relating to the subscriber, the authentication information comprising at least a subscriber key defined for the subscriber and the operator parameter;
calculate, with a first one-way function, a first secret using only two inputs, the two inputs used by the first one-way function being the subscriber key and the operator parameter;
calculate, with a second one-way function, an output from only two different inputs, the two different inputs used by the second one-way function being the first secret calculated with the first one way function and the challenge; and
extract an the authentication response from the output;
wherein the subscriber identity module is configured to:
store the first secret therein,
calculate an output using the first secret and the challenge as the two inputs for the second one-way function, and
extract an authentication response from the output.
12. A telecommunications system comprising
a subscriber identify identity module;
an authentication center; and
a processor configured to:
use a challenge comprising a generated random number; and
authenticate a subscriber by comparing an authentication response calculated by the subscriber identity module with an authentication response calculated by the authentication center;
wherein at least one operator parameter is predefined as an operator-specific parameter, a value of which has been selected by an operator of the subscriber;
wherein the authentication center is configured to:
store authentication information on the subscriber, the authentication information including at least a subscriber key; and the operator parameter;
calculate, with a first one-way function, a first secret from only two inputs, the two inputs for the first one-way function being the subscriber key and the operator parameter;
calculate, with a second one-way function, a second secret from said two inputs,
calculate, with a third one-way function, an intermediate output from only two different inputs, the two different inputs for the third one-way function being the first secret calculated with the first one-way function and the challenge;
calculate, with a fourth one-way function, an output from only two other inputs, the two other inputs for the fourth one-way function being the second secret and the intermediate output; and
extract an the authentication response from the output;
wherein the subscriber identity module comprises a first and a second secret and is configured to:
calculate an intermediate output with the third one-way function;
calculate an output from the second secret and the intermediate output with the fourth one-way function; and
extract an the authentication response from the output.
13. An authentication center, the authentication center comprising:
a memory configured to store a subscriber key defined for a subscriber and an operator parameter defined for an operator of the subscriber, the operator parameter being an operator-specific parameter, a value of which has been selected by the operator;
a random number generator that generates challenges; and
a processor configured to:
calculate, with a first one-way function, a first secret from only two inputs comprising the stored subscriber key and the stored operator parameter;
calculate, with a second one-way function, an output from only two different inputs comprising the first secret and a challenge generated by the random number generator; and
extract, from the output, an authentication response to be used in authentication.
14. Au authentication center, comprising:
a memory configured to store a first secret calculated with a first one-way function using only two inputs which are a subscriber key defined for a subscriber and an operator parameter defined for an operator of the subscriber, the operator parameter being an operator-specific parameter, value of which has been selected by the operator;
a random number generator for generating challenges; and
a processor configured to:
calculate an output using a second one-way function having only two different inputs comprising the stored first secret and a challenge generated by the random number generator; and
extract, from the output, an authentication response to be used in authentication.
15. An authentication center, comprising:
a memory configured to store a subscriber key defined for a subscriber and an operator parameter defined for an operator associated with the subscriber, the operator parameter being an operator-specific parameter, a value of which has been selected by the operator;
a random number generator that generates challenges; and
a processor configured to:
calculate, with a first one-way function, a first secret from only two inputs comprising the stored subscriber key and the stored operator parameter;
calculate, with a second-way function, a second secret using said two inputs;
calculate, with a third one-way function, an intermediate output from only two different inputs comprising the first secret and a challenge generated by the random number generator;
calculate, with a fourth one-way function, an output from only two other inputs comprising the second secret and the intermediate output; and
extract an authentication response from the output.
16. An authentication center, comprising:
a memory configured to store a first secret calculated with a first one-way function from only two inputs comprising a subscriber key defined for a subscriber and an operator parameter defined for an operator associated with the subscriber,
the operator parameter being an operator-specific parameter, a value of which has been selected by the operator and a second secret calculated with a second one-way function using said two inputs;
a random number generator that generates challenges; and
a processor configured to:
calculate, with a third one-way function, an intermediate output using only two different inputs comprising the stored first secret and a challenge generated by the random number generator,
calculate, with a fourth one-way function, an output using only two other inputs comprising the stored second secret and the intermediate output; and
extract an authentication response from the output.
17. A subscriber identity module, comprising:
a memory configured to store a subscriber key defined for a subscriber and an operator parameter defined for an operator associated with the subscriber, the operator parameter being an operator-specific parameter, a value of which has been selected by the operator; and
a processor configured to:
calculate, with a first one-way function, a first secret from only two inputs comprising the stored subscriber key and the stored operator parameter;
calculate, with a second one-way function, an output from only two different inputs comprising the first secret and a received challenge; and
extract, from the output, an authentication response used in authentication.
18. A subscriber identify identity module, comprising:
a memory configured to store a first secret calculated with a first one-way function from only two inputs comprising a subscriber key defined for a subscriber and an operator parameter defined for an operator associated with the subscriber, the operator parameter being an operator specific parameter, a value of which has been selected by the operator; and
a processor configured to:
calculate, with a second one-way function, an output from only two different inputs comprising the stored first secret and a received challenge; and
extract, from the output, an authentication response used in authentication.
19. A subscriber identity module, comprising
a memory configured to store a subscriber key defined for a subscriber and an operator parameter defined for an operator associated with the subscriber, the operator parameter being an operator-specific parameter, a value of which has been selected by the operator first secret calculated with a first one-way function from only two inputs comprising a subscriber key defined for a subscriber and an operator parameter defined for an operator associated with the subscriber, the operator parameter being an operator specific parameter, a value of which has been selected by the operator, and
a processor configured to:
calculate, with a first one-way function, a first secret from only two inputs comprising the stored subscriber key and the stored operator parameter;
calculate, with a second one-way function, a second secret from said two inputs;
calculate, with a third one-way function, an intermediate output from only two different inputs comprising the first secret and a received challenge;
calculate, with a fourth one-way function, an output from only two other inputs comprising the second secret and the intermediate output; and
extract, from the output, an authentication response used in authentication.
20. A subscriber identity module, comprising:
a memory configured to store:
a first secret calculated with a first one-way function from only two inputs comprising a subscriber key defined for a subscriber and an operator parameter defined for an operator associated with the subscriber, the operator parameter being an operator-specific parameter, a value of which has been selected by the operator, and
a second secret calculated with a second one-way function from said two inputs;
a processor configured to:
calculate, with a third one-way function, an intermediate output from only two different inputs comprising a random number challenge and the stored first secret;
calculate, with a fourth one-way function, an output from only two other inputs comprising the intermediate output and the stored second secret; and
extract an authentication response from the output.
21. A method, comprising:
calculatingproviding a first secret calculated with a hash function using only two inputs comprising a predefined key and a predefined operator parameter, the key being predefined for a subscriber and the operator parameter being predefined as an operator-specific parameter, a value of which has been selected by the operator, the first secret being stored in a subscriber identity module;
storing the first secret in a subscriber identify module;
calculating, during authentication in the subscriber identity module, an output with an encryption algorithm using only two different inputs comprising a random number challenge and the stored first secret;
extracting an authentication response from the output; and
authenticating the subscriber with the authentication response.
22. A method comprising:
masking a predefined key and a predefined operator parameter with a first mask, the key being predefined for a subscriber and the parameter being predefined for an operator associated with the subscriber as an operator-specific parameter, a value of which has been selected by the operator;
calculating, with a first one-way function, a first secret from only two inputs comprising the masked key and the masked operator parameter;
masking the key and the operator parameter with a second mask;
calculating, with a second one-way function, a second secret using only two different inputs comprising the key masked with the second mask and the parameter masked with the second mask;
storing the first and the second secret in a subscriber identity module;
generating a random number challenge used in authentication of the subscriber;
calculating, in the subscriber identity module during authentication, an intermediate output with a third one-way function using only two further inputs comprising the challenge and the stored first secret;
calculating, in the subscriber identity module during authentication, an output with a fourth one-way function using only two additional inputs comprising the intermediate output and the stored second secret;
extracting an authentication response from the output; and
authenticating the subscriber with the authentication response.
23. A non-transitory memory embodying program instructions therein executable by a processor operably coupled to the memory which, when executed by the processor, carry out the functions of:
calculating a first secret with a first one-way function from only two inputs, the two inputs for the first one-way function comprising a predefined key and a predefined parameter, the predefined key being predefined for a subscriber and the predefined parameter being predefined for an operator associated with the subscriber as an operator-specific parameter, a value of which has been selected by the operator;
calculating an output with a second one-way function using only two different inputs, the two different inputs for the second one-way function comprising a challenge and the calculated first secret, the challenge being a random number generated for use in authentication; and
extracting an authentication response from the output.
24. A non-transitory memory embodying program instructions therein executable by a processor operably coupled to the memory which, when executed by the processor, carry out the functions of:
calculating with a first one-way function a first secret from only two inputs comprising a predefined key and a predefined operator parameter, the key being defined for a subscriber and the operator parameter being defined for an operator associated with the subscriber as an operator-specific parameter, a value of which has been selected by the operator;
calculating with a second one-way function a second secret using only two different inputs comprising the key and the operator parameter;
calculating with a third one-way function an intermediate output using only two additional inputs comprising a random number challenge and the first secret;
calculating with a fourth one-way function an output using only two other inputs comprising the intermediate output and the second secret; and
extracting an authentication response from the output.
25. A non-transitory memory embodying program instructions therein executable by a processor operably coupled to the memory which, when executed by the processor, carry out the functions of:
masking a predefined key and a predefined operator parameter with a first mask, the key being defined for a subscriber and the operator parameter being for an operator associated with the subscriber as an operator-specific parameter a value of which has been selected by the operator;
calculating with a first one-way function a first secret from only two inputs comprising the masked key and the masked parameter;
masking the key and the operator parameter with a second mask;
calculating with a second one-way function a second secret using only two different inputs comprising the key masked with the second mask and the operator parameter masked with the second mask;
calculating, during authentication, an intermediate output with a third one-way function using only two further inputs comprising a random number challenge and the first secret;
calculating, during authentication, an output with a fourth one-way function using only two additional inputs comprising the intermediate output and the second secret; and
extracting an authentication response from the output.
26. A non-transitory memory embodying program instructions therein executable by a processor operably coupled to the memory which, when executed by the processor, carry out the functions of:
calculating, during authentication, an intermediate output with a first one-way function from only two inputs comprising a challenge and a first secret, the first secret being pre-calculated with a second one-way function using only two different inputs comprising a subscriber key masked with a first mask and an operator parameter masked with the first mask, the key being predefined for a subscriber and the operator parameter being predefined for an operator associated with the subscriber as an operator-specific parameter, a value of which has been selected by the operator;
calculating, during authentication, an output with a third one-way function using only two further inputs comprising the intermediate output and a second secret, the second secret being precalculated with a fourth one-way function using only two other inputs comprising the key masked with a second mask and the operator parameter masked with the second mask; and
extracting an authentication response from the output.
27. The method of claim 1 , further comprising using a new challenge in each subsequent authentication of the subscriber, wherein the same key and the same operator parameter may be used in subsequent authentications of the subscriber.
28. The method of claim 1 , further comprising reusing the operator parameter for all subscribers associated with the operator.
29. A mobile station, comprising:
a receiver configured to receive an authentication challenge from a network via a radio connection and to provide the authentication challenge to a subscriber identification module; a transmitter configured to transmit an authentication response, provided from the subscriber identification module, to the network via the radio connection, the authentication response being derived in accordance with predetermined functions and at least one secret that comprise: a first secret derived by a first one-way function from only two inputs comprising a subscriber key defined for a subscriber and an operator parameter defined for an operator that is associated with the subscriber, the operator parameter being an operator specific parameter, a value of which has been selected by the operator; and a second one-way function used to calculate, from only two different inputs comprising the first secret and the received challenge, the authentication response.
30. The mobile station of claim 29, where the subscriber identification module comprises part of the mobile station.
31. The mobile station of claim 29, where the second one-way function is used to calculate a second secret from said two different inputs.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.