WO1991001067A2 - Method for authentication and protection of subscribers in telecommunication systems - Google Patents
Method for authentication and protection of subscribers in telecommunication systems Download PDFInfo
- Publication number
- WO1991001067A2 WO1991001067A2 PCT/US1990/003290 US9003290W WO9101067A2 WO 1991001067 A2 WO1991001067 A2 WO 1991001067A2 US 9003290 W US9003290 W US 9003290W WO 9101067 A2 WO9101067 A2 WO 9101067A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- communication unit
- modified
- arbitrary value
- subscriber
- transmitted
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/126—Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
Definitions
- This invention relates generally to communication systems and more particularly to radio frequency (RF) cellular telecommunication systems.
- RF radio frequency
- Cellular radio telephone systems typically include subscriber units (such as mobile or portable units) which communicate with a fixed network communication unit via RF transmissions.
- a typical fixed communication network includes at least a base station and a switching center.
- One responsibility of the fixed network communication unit is to grant use of the communication system to the subscriber unit after the requesting subscriber unit meets the authentication requirements of the system.
- each subscriber unit is assigned a telephone number (mobile identification number) (MIN) and an identification number (or serial number) (SN) which uniquely identifies the subscriber to any fixed network communication unit.
- MIN mobile identification number
- SN identification number
- Each subscriber unit has a unique identification number that distinguishes it from other subscriber units.
- the fixed network communication unit has access to these identification numbers through a database.
- these numbers are used by the fixed network communication units to bill subscribers for the time the subscriber uses the system.
- the subscriber calls another unit, he enters the phone number he wishes to call.
- the dialed phone number becomes the data to be sent to the fixed network communication unit.
- Data may also include other information regarding a third communication unit such as a unit's location.
- Detection of a legitimate subscriber's identification number may be accomplished by RF eavesdropping or by purposeful or inadvertent divulgence of the MIN/SN combination by the radio telephone installer. Once the subscriber's telephone number and identification number is known (stolen), a thief may reprogram another subscriber unit with the stolen identification number causing two or more subscriber units to have the same MIN/SN combination.
- Cellular radio telephone systems have authentication procedures to deny access to subscribers not having legitimate identification numbers, but do not have the capability to detect multiple users or effectively neutralize the effect of an installer leaking subscriber identification numbers. Therefore, the legitimate user is billed for both the thief's use and his own use.
- EIA-553 section 2.3 specifies that each subscriber shall have a MIN and a factory set SN.
- the telephone number which the subscriber is attempting to contact is the data that is transmitted by the subscriber to the fixed network communication unit. Authentication is granted by this system if the MIN and corresponding SN are found in the fixed network communication unit database.
- EIA-553 does not require the encipherment of the MIN or SN before transmission to the fixed network communication unit thereby permitting direct RF detection of any MIN or SN.
- this technique fails to provide protection against a thief that acquires a MIN/SN from an installer.
- GSM Groupe Special Mobile
- This method additionally requires the subscriber to ope y transmit a temporary mobile subscriber ID (TMSI) to the fixed network communication unit; the fixed network communication unit generates and sends a random number (RAND) to the subscriber.
- TMSI temporary mobile subscriber ID
- RAND random number
- the enciphering technique requires the subscriber unit to autonomously retrieve at least three enciphering elements from its memory: a predetermined ciphering key, an SN (individual subscriber authentication key) and a MIN (international mobile subscriber identification number - IMSI).
- the subscriber then enciphers its SN and MIN using the cipher to construct the RAND into a signed response (SRES).
- the subscriber unit transmits this signed response back to the fixed network communication unit where the fixed network communication unit checks the SN, MIN, and ciphering key against its database using the subscriber's temporary ID (TMSI).
- TMSI subscriber's temporary ID
- the fixed network communication unit generates its response to the same random number using the information retrieved from the database and compares the subscriber signed response to the fixed network communication unit generated response. If the responses are substantially equivalent, authentication is confirmed.
- the dialed telephone number is only allowed to be transmitted after authentication is granted. This system affords some protection against a thief that acquires the MIN/SN from an installer by enciphering the SN and reassigning a temporary TMSI each time the subscriber enters a different cell area.
- the authentication method should restrict an illegitimate user's capacity to utilize the system in the case where access is inadvertently granted. Further, an adequate level of security resulting from encipherment should not require additional transmission processes or inject higher error levels during the authentication process.
- This method describes an authentication technique for use between a first communication unit, such as a subscriber unit, and a second communication unit, such as a fixed network communication unit, wherein the first communication unit modifies an ID, known to both the first communication unit and the second communication unit (such as a serial number), using data as one enciphering key and a second ID (such as a Personal Identification Number - PIN) as the other enciphering key.
- An historic non-arbitrary valu ⁇ of predetermined communication events such as a count of the number of telephone calls made by a subscriber, is maintained in both the first and second communication units. This value (count) is historic because it represents past telephone calls attributed to a communication unit, and it is non-arbitrary because this history of transactions (i.e., number of calls made) serves to identify an out-of-sync communication unit.
- the first communication unit transmits (via RF signals) the modified ID and count to a second communication unit.
- the second communication unit compares the count maintained by the first communication unit to the count maintained by the second unit.
- a count discrepancy indicates a different number of calls on one unit indicating a multiple user whose count is out of sequence.
- the second communication unit performs the same enciphering method on the known serial number using the data received and a known second ID.
- the second communication unit compares the received modified serial number and the serial number generated by the fixed network communication unit to determine if the serial number is valid.
- the invention is designed to substantially decrease unauthorized use of a first ID of a communication unit.
- the authentication method does not require the second ID to ever be transmitted by RF.
- This invention provides a means for detecting multiple subscribers using the same serial numbers and telephone numbers. Moreover, if a multiple user copies the information transmitted and uses the same information to access the system, the multiple user will be limited to only calling the telephone number that is in the authentication message; not a telephone number of his own choice.
- This authentication invention also reduces authentication errors by making more efficient use of the data transmitted and a second ID, by using them as a part of the cipher; the enciphering means does not require an additional RAND stream to be sent by a fixed network communication unit to be used as the common enciphering base and thereby eliminates this additional transmission and therefore decreases the probability of errors.
- FIG. 1 is a block diagram of a typical subscriber communication unit and fixed network communication unit.
- FIG. 2 is a flow chart of the identification enciphering method used by a subscriber communication unit.
- FIG. 3 is a flow chart of the authentication method used by a fixed network communication unit in accordance with the invention.
- FIG. 1 generally depicts a subscriber communication unit (10) .such as a subscriber telephone and a fixed network communication unit (20) such as a cellular telephone basesite and switching center.
- the subscriber communication unit (10) is comprised of a microprocessing stage (12), a non-volatile memory unit (11), a radio frequency (RF) stage (13), all as well understood in the art.
- Additional elements include a data input- stage (14) such as a key entry pad on a telephone (to enter a telephone number - data), a subscriber call sequence counter (15), and an output from an enciphering stage referred to as the enciphered serial number (16).
- the non-volatile memory unit (11 ) resides the serial number (18) (for the subscriber unit), the PIN (19), and the subscriber telephone number (17) (which can have, for example, characteristics of a Mobile Identification Number (MIN)).
- the PIN is a second ID known only to the subscriber unit and the fixed network unit. For example, it should not be available to an installer of the subscriber unit, it should only be available to a legitimate user of a subscriber unit and a fixed network communication unit database. The subscriber need only enter the PIN one time to activate it. The PIN may be changed by the subscriber, but the change must also be made known to the fixed network unit.
- These identifiers need not necessarily be numbers but may correspond to any attribute capable of being identified by the fixed network communications unit.
- An alternative embodiment for example, in a cellular system, may include a stored look up table containing multiple sets of serial numbers, PIN's, and telephone numbers with each set of identifiers corresponding to a specific cellular area or fixed network communication u n it.
- the fixed network communication unit (20) includes a switching center which is comprised of a microprocessing stage (22), a database (23), and a link to a basesite radio frequency stage (21 ), all as well understood in the art. Additional elements include a fixed network unit call sequence counter (24) and an enciphered serial number generated by the fixed network unit (25).
- the database includes information regarding the subscriber unit's: serial number (28), PIN (27), and subscriber telephone number (26); the information includes a stored copy of the serial number (28), PIN (27), and the subscriber telephone number (26).
- serial number (18), PIN (19), and telephone number (17) of the subscriber communication unit (10) correspond to the serial number (28), PIN (27), and telephone number (26) as stored in the fixed network communication unit (20).
- Communication between the subscriber communication unit (10) and the fixed network communication unit (20) is accomplished via RF transmissions between the two units in accordance with well understood cellular system techniques.
- FIG. 2 depicts the method used by a subscriber comrhunicaion unit to encipher its serial number before transmission to a fixed network communication unit during an authentication request (29).
- This method requires use of two enciphering . keys. he subscriber unit obtains the called telephone number (data) (30) and obtains PIN (31 ) from memory and uses at least parts of these two components as the enciphering keys to encipher its serial number (32). If PIN and the called telephone number are comprised of bits, the parts of these keys to be used are the contents of the bits and the bit length of each key.
- an enciphered serial number may have a different bit length than the unenciphered serial number, or unmodified first ID, depending on the contents of the PIN or the data. Varying the enciphered SN bit length may also be a function of another event known to both the subscriber and fixed network unit such as the time of day.
- the algorithm to integrate the two enciphering keys may be varied to accommodate various levels of security depending upon the requirement of the system.
- the subscriber identification enciphering method does not require authentication to be confirmed by the fixed network communication unit before data is transmitted. Combining PIN with data adds the ability of the system to encipher a serial number into, a complex code to an extent sufficient to substantially eliminate unauthorized detection by RF eavesdropping and unauthorized divulgence by installers.
- the modified serial number (enciphered SN) becomes a component of the Authentication Request Message (ARM) (35) that is transmitted via RF (36) to the fixed network communication unit.
- ARM Authentication Request Message
- the assigned telephone number is obtained (33) from memory. This number is not enciphered as part of the authentication procedure.
- This identifier is a component of the ARM (35) that informs the fixed network unit that the authentication request is coming from a valid subscriber unit.
- the call sequence count is then obtained (34) and also used in the ARM (35).
- the call sequence count is updated (incremented or decremented) each time a predetermined event occurs such as when the authentication procedure is initiated or a call is completed.
- the count may be maintained by the subscriber and fixed network unit using a rollover type counter such as a ring counter. This count is used by the fixed network communication unit as a means to count the number of calls made by each subscriber. Because a record of the number of calls made by each subscriber is maintained by both the subscriber unit and the fixed network communication unit, another subscriber trying to use the same serial number will be detected because it will not have made the exact same number of calls as the legitimate subscriber.
- the call sequence count information is communicated to the fixed network unit as one component of the Authentication Request Message.
- the ARM can be communicated in any acceptable format or in any number of stages. Components of a typical ARM (35) include data, the enciphered serial number, the call sequence count, and the assigned telephone number.
- An alternative embodiment would include modifying the call sequence count using the same enciphering method that is used to modify the SN. This would further enhance the protection because the count is also disguised using the PIN and data; each subscriber would generate a different value for the same count (number of calls made).
- a fixed network communication unit receives a transmitted ARM and uses this information to determine whether authentication should be granted to the subscriber unit.
- FIG. 3 depicts the authentication method performed by a fixed network unit.
- the ARM is received (37) by the fixed network unit by means of the base RF unit (21 ).
- the fixed network unit has access to assigned telephone number's, serial number's and PIN's of valid subscriber units through its database.
- the fixed network unit determines if the assigned telephone number received in the ARM is valid (39) by obtaining from the fixed network unit database the same assigned telephone number (38). A comparison is made between the received telephone number from the subscriber unit and the valid number found in the database (39). If the assigned telephone number is not recognized by the fixed network unit, authentication is denied (or some other action taken) (40).
- the fixed network unit retrieves from the database the serial number and PIN corresponding to that particular assigned telephone number.
- the fixed network unit uses the PIN from the database and the data received in the ARM as enciphering keys as elements of its enciphering method (44), which is the same method used in the subscriber unit, and generates its own enciphered serial number.
- the fixed network unit compares this enciphered serial number to the serial number enciphered by the subscriber unit(46). If they are not substantially the same, then the system denies access or takes some other predetermined course of action (47).
- the received call sequence count is obtained (48) and compared (50) to the call count maintained by the fixed network communication unit (49). If the counts are substantially equal, authentication may be confirmed (52) which is the first predetermined course of action. At this point, the subscriber may be allowed to communicate with the third communication unit associated with the dialed number. This third unit may more generally be termed a requested communication resource. If the count is not within the acceptable tolerance, authentication may be denied or the authorities may be notified that a multiple user is attempting to access the system (51 ).
- the fixed network unit call counter maintains the number of times authentication is granted to a subscriber. Each subscriber has its own call counter. Having a continuous call counting scheme between a subscriber and a fixed network communication unit prevents another subscriber from using some other subscriber's identification number because the thief would not have made the identical number of calls that the legitimate subscriber made. This discrepancy is flagged by the fixed network unit when it compares the two counts.
- Protection against illegitimate users is further enhanced by the encipherment method's use of the enciphered dialed telephone number and the PIN (which is not transmitted). Without an illegitimate user knowing a subscriber's PIN and the exact algorithm that enciphers the serial number, a thief is limited to merely copying the authentication message of a subscriber and repeating this message. Each time a subscriber dials a different telephone number, a different authentication request message is generated because each subscriber has a different PIN; each subscriber generates a different authentication request message for the same telephone number.
- a thief may detect the call sequence count (because it is not enciphered in the ARM) and update it, a correct count would only allow the thief to gain authentication for the enciphered dialed telephone number he intercepted. Therefore the illegitimate user can only communicate to the subscriber whose enciphered telephone number matches that copied from the ARM.
- An alternative embodiment comprising the call sequence count may allow each subscriber to maintain more than one call counter where a separate call counter is required for each fixed network communication unit. This embodiment would find use in a cellular communication system which allowed a subscriber to use multiple fixed network communication units.
- Another alternative embodiment to the flow in FIG. 3 may require the step of comparing the call sequence counts (50) to occur before the step involving the comparison of enciphered serial numbers (46).
Abstract
Radio frequency based cellular telecommunication systems often require a subscriber to maintain a proprietary identifier or serial number which is transmitted to a fixed network communication unit to verify the authenticity of the subscriber. Unauthorized detection of these proprietary ID's is substantially decreased by this invention. This invention describes an enciphering method (32) and call sequencing method (34), which when combined (35), provides substantial protection for the subscriber against unauthorized detection of their proprietary identifiers.
Description
METHOD FOR AUTHENTICATION AND PROTECTION OF
SUBSCRIBERS IN TELECOMMUNICATION
SYSTEMS.
TECHNICAL FIELD
This invention relates generally to communication systems and more particularly to radio frequency (RF) cellular telecommunication systems.
BACKGROUND OF THE INVENTION
Cellular radio telephone systems typically include subscriber units (such as mobile or portable units) which communicate with a fixed network communication unit via RF transmissions. A typical fixed communication network includes at least a base station and a switching center. One responsibility of the fixed network communication unit is to grant use of the communication system to the subscriber unit after the requesting subscriber unit meets the authentication requirements of the system. In a typical cellular telephone communication system, each subscriber unit is assigned a telephone number (mobile identification number) (MIN) and an identification number (or serial number) (SN) which uniquely identifies the subscriber to any fixed network communication unit. Each subscriber unit has a unique identification number that distinguishes it from other subscriber units. The fixed network communication unit has access to these identification numbers through a database. Often these numbers are used by the fixed network communication units to bill subscribers for the time the subscriber uses the system. When the subscriber calls another unit, he enters the phone number he wishes to call. The dialed phone number becomes the data to be sent to
the fixed network communication unit. Data may also include other information regarding a third communication unit such as a unit's location.
Detection of a legitimate subscriber's identification number may be accomplished by RF eavesdropping or by purposeful or inadvertent divulgence of the MIN/SN combination by the radio telephone installer. Once the subscriber's telephone number and identification number is known (stolen), a thief may reprogram another subscriber unit with the stolen identification number causing two or more subscriber units to have the same MIN/SN combination. Cellular radio telephone systems have authentication procedures to deny access to subscribers not having legitimate identification numbers, but do not have the capability to detect multiple users or effectively neutralize the effect of an installer leaking subscriber identification numbers. Therefore, the legitimate user is billed for both the thief's use and his own use.
Several authentication techniques are known. EIA-553 section 2.3 specifies that each subscriber shall have a MIN and a factory set SN. The telephone number which the subscriber is attempting to contact is the data that is transmitted by the subscriber to the fixed network communication unit. Authentication is granted by this system if the MIN and corresponding SN are found in the fixed network communication unit database. Unfortunately, EIA-553 does not require the encipherment of the MIN or SN before transmission to the fixed network communication unit thereby permitting direct RF detection of any MIN or SN. In addition, this technique fails to provide protection against a thief that acquires a MIN/SN from an installer.
Another authentication technique is described in European cellular communication system recommendations generated by the Groupe Special Mobile (GSM); see sections:
02.09, 02.17, 03.20, and 12.03. This method additionally requires the subscriber to ope y transmit a temporary mobile subscriber ID (TMSI) to the fixed network communication unit; the fixed network communication unit generates and sends a random number (RAND) to the subscriber. The enciphering technique requires the subscriber unit to autonomously retrieve at least three enciphering elements from its memory: a predetermined ciphering key, an SN (individual subscriber authentication key) and a MIN (international mobile subscriber identification number - IMSI). The subscriber then enciphers its SN and MIN using the cipher to construct the RAND into a signed response (SRES). The subscriber unit transmits this signed response back to the fixed network communication unit where the fixed network communication unit checks the SN, MIN, and ciphering key against its database using the subscriber's temporary ID (TMSI).
The fixed network communication unit generates its response to the same random number using the information retrieved from the database and compares the subscriber signed response to the fixed network communication unit generated response. If the responses are substantially equivalent, authentication is confirmed. The dialed telephone number is only allowed to be transmitted after authentication is granted. This system affords some protection against a thief that acquires the MIN/SN from an installer by enciphering the SN and reassigning a temporary TMSI each time the subscriber enters a different cell area.
Although one technique enciphers the subscriber's serial number before transmission, neither system detects multiple users. Detection of thieves once they acquire access is important to maintaining a secure system. Moreover, the random number transmission (required for encipherment) necessitates additional communication between the subscriber unit and the fixed network communication unit each time a call
is made which increases the probability of transmission error and adds a transmission step to the fixed network communication unit's authentication protocol routine. In addition, authentication must be verified before the system will aliow dπta to be accepted. Therefore data must be sent after the steps of the authentication procedure are complete.
There exists a need for a substantially enhanced authentication technique for a cellular telecommunication system that detects fraudulent users and efficiently protects identification numbers from unauthorized detection. The authentication method should restrict an illegitimate user's capacity to utilize the system in the case where access is inadvertently granted. Further, an adequate level of security resulting from encipherment should not require additional transmission processes or inject higher error levels during the authentication process.
BRIEF SUMMARY OF THE INVENTION
These needs and others are substantially met through provision of the method for authentication and protection of subscribers in telecommunication systems disclosed below. This method describes an authentication technique for use between a first communication unit, such as a subscriber unit, and a second communication unit, such as a fixed network communication unit, wherein the first communication unit modifies an ID, known to both the first communication unit and the second communication unit (such as a serial number), using data as one enciphering key and a second ID (such as a Personal Identification Number - PIN) as the other enciphering key. An historic non-arbitrary valu^ of predetermined communication events, such as a count of the number of telephone calls made
by a subscriber, is maintained in both the first and second communication units. This value (count) is historic because it represents past telephone calls attributed to a communication unit, and it is non-arbitrary because this history of transactions (i.e., number of calls made) serves to identify an out-of-sync communication unit.
The first communication unit transmits (via RF signals) the modified ID and count to a second communication unit. The second communication unit compares the count maintained by the first communication unit to the count maintained by the second unit. A count discrepancy indicates a different number of calls on one unit indicating a multiple user whose count is out of sequence. The second communication unit performs the same enciphering method on the known serial number using the data received and a known second ID. The second communication unit compares the received modified serial number and the serial number generated by the fixed network communication unit to determine if the serial number is valid. The invention is designed to substantially decrease unauthorized use of a first ID of a communication unit. The authentication method does not require the second ID to ever be transmitted by RF.
This invention provides a means for detecting multiple subscribers using the same serial numbers and telephone numbers. Moreover, if a multiple user copies the information transmitted and uses the same information to access the system, the multiple user will be limited to only calling the telephone number that is in the authentication message; not a telephone number of his own choice. This authentication invention also reduces authentication errors by making more efficient use of the data transmitted and a second ID, by using them as a part of the cipher; the enciphering means does not require an additional RAND stream to be sent by a fixed network communication unit to be used as the common
enciphering base and thereby eliminates this additional transmission and therefore decreases the probability of errors.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram of a typical subscriber communication unit and fixed network communication unit. FIG. 2 is a flow chart of the identification enciphering method used by a subscriber communication unit. FIG. 3 is a flow chart of the authentication method used by a fixed network communication unit in accordance with the invention.
BEST MODE OF OPERATION
FIG. 1 generally depicts a subscriber communication unit (10) .such as a subscriber telephone and a fixed network communication unit (20) such as a cellular telephone basesite and switching center. The subscriber communication unit (10) is comprised of a microprocessing stage (12), a non-volatile memory unit (11), a radio frequency (RF) stage (13), all as well understood in the art. Additional elements include a data input- stage (14) such as a key entry pad on a telephone (to enter a telephone number - data), a subscriber call sequence counter (15), and an output from an enciphering stage referred to as the enciphered serial number (16).
Within the non-volatile memory unit (11 ) resides the serial number (18) (for the subscriber unit), the PIN (19), and the subscriber telephone number (17) (which can have, for example, characteristics of a Mobile Identification Number (MIN)). The PIN is a second ID known only to the subscriber unit and the fixed network unit. For example, it should not be available to an installer of the subscriber unit, it should only be available to a legitimate user of a subscriber unit and a
fixed network communication unit database. The subscriber need only enter the PIN one time to activate it. The PIN may be changed by the subscriber, but the change must also be made known to the fixed network unit. These identifiers need not necessarily be numbers but may correspond to any attribute capable of being identified by the fixed network communications unit. An alternative embodiment, for example, in a cellular system, may include a stored look up table containing multiple sets of serial numbers, PIN's, and telephone numbers with each set of identifiers corresponding to a specific cellular area or fixed network communication u n it.
The fixed network communication unit (20) includes a switching center which is comprised of a microprocessing stage (22), a database (23), and a link to a basesite radio frequency stage (21 ), all as well understood in the art. Additional elements include a fixed network unit call sequence counter (24) and an enciphered serial number generated by the fixed network unit (25). The database includes information regarding the subscriber unit's: serial number (28), PIN (27), and subscriber telephone number (26); the information includes a stored copy of the serial number (28), PIN (27), and the subscriber telephone number (26). The serial number (18), PIN (19), and telephone number (17) of the subscriber communication unit (10) correspond to the serial number (28), PIN (27), and telephone number (26) as stored in the fixed network communication unit (20). Communication between the subscriber communication unit (10) and the fixed network communication unit (20) is accomplished via RF transmissions between the two units in accordance with well understood cellular system techniques.
When authentication is required of the subscriber communication unit (10), the subscriber unit enciphers its
serial number (18) and increments its call sequence counter (15). FIG. 2 depicts the method used by a subscriber comrhunicaion unit to encipher its serial number before transmission to a fixed network communication unit during an authentication request (29). This method requires use of two enciphering . keys. he subscriber unit obtains the called telephone number (data) (30) and obtains PIN (31 ) from memory and uses at least parts of these two components as the enciphering keys to encipher its serial number (32). If PIN and the called telephone number are comprised of bits, the parts of these keys to be used are the contents of the bits and the bit length of each key. For example, an enciphered serial number may have a different bit length than the unenciphered serial number, or unmodified first ID, depending on the contents of the PIN or the data. Varying the enciphered SN bit length may also be a function of another event known to both the subscriber and fixed network unit such as the time of day. The algorithm to integrate the two enciphering keys may be varied to accommodate various levels of security depending upon the requirement of the system. The subscriber identification enciphering method does not require authentication to be confirmed by the fixed network communication unit before data is transmitted. Combining PIN with data adds the ability of the system to encipher a serial number into, a complex code to an extent sufficient to substantially eliminate unauthorized detection by RF eavesdropping and unauthorized divulgence by installers.
The modified serial number (enciphered SN) becomes a component of the Authentication Request Message (ARM) (35) that is transmitted via RF (36) to the fixed network communication unit. Once encipherment is complete, the assigned telephone number is obtained (33) from memory. This number is not enciphered as part of the authentication procedure. This identifier is a component of the ARM (35) that
informs the fixed network unit that the authentication request is coming from a valid subscriber unit.
The call sequence count is then obtained (34) and also used in the ARM (35). The call sequence count is updated (incremented or decremented) each time a predetermined event occurs such as when the authentication procedure is initiated or a call is completed. The count may be maintained by the subscriber and fixed network unit using a rollover type counter such as a ring counter. This count is used by the fixed network communication unit as a means to count the number of calls made by each subscriber. Because a record of the number of calls made by each subscriber is maintained by both the subscriber unit and the fixed network communication unit, another subscriber trying to use the same serial number will be detected because it will not have made the exact same number of calls as the legitimate subscriber. The call sequence count information is communicated to the fixed network unit as one component of the Authentication Request Message. The ARM can be communicated in any acceptable format or in any number of stages. Components of a typical ARM (35) include data, the enciphered serial number, the call sequence count, and the assigned telephone number. An alternative embodiment would include modifying the call sequence count using the same enciphering method that is used to modify the SN. This would further enhance the protection because the count is also disguised using the PIN and data; each subscriber would generate a different value for the same count (number of calls made).
A fixed network communication unit receives a transmitted ARM and uses this information to determine whether authentication should be granted to the subscriber unit. FIG. 3 depicts the authentication method performed by a fixed network unit. The ARM is received (37) by the fixed network unit by means of the base RF unit (21 ). The fixed
network unit has access to assigned telephone number's, serial number's and PIN's of valid subscriber units through its database. The fixed network unit determines if the assigned telephone number received in the ARM is valid (39) by obtaining from the fixed network unit database the same assigned telephone number (38). A comparison is made between the received telephone number from the subscriber unit and the valid number found in the database (39). If the assigned telephone number is not recognized by the fixed network unit, authentication is denied (or some other action taken) (40).
If the assigned telephone number is determined to be valid (it is found in the database), the fixed network unit then retrieves from the database the serial number and PIN corresponding to that particular assigned telephone number. The fixed network unit then, uses the PIN from the database and the data received in the ARM as enciphering keys as elements of its enciphering method (44), which is the same method used in the subscriber unit, and generates its own enciphered serial number. The fixed network unit compares this enciphered serial number to the serial number enciphered by the subscriber unit(46). If they are not substantially the same, then the system denies access or takes some other predetermined course of action (47). If they are within the acceptable tolerance, the received call sequence count is obtained (48) and compared (50) to the call count maintained by the fixed network communication unit (49). If the counts are substantially equal, authentication may be confirmed (52) which is the first predetermined course of action. At this point, the subscriber may be allowed to communicate with the third communication unit associated with the dialed number. This third unit may more generally be termed a requested communication resource. If the count is not within the acceptable tolerance, authentication may be denied or the
authorities may be notified that a multiple user is attempting to access the system (51 ).
The fixed network unit call counter maintains the number of times authentication is granted to a subscriber. Each subscriber has its own call counter. Having a continuous call counting scheme between a subscriber and a fixed network communication unit prevents another subscriber from using some other subscriber's identification number because the thief would not have made the identical number of calls that the legitimate subscriber made. This discrepancy is flagged by the fixed network unit when it compares the two counts.
Protection against illegitimate users is further enhanced by the encipherment method's use of the enciphered dialed telephone number and the PIN (which is not transmitted). Without an illegitimate user knowing a subscriber's PIN and the exact algorithm that enciphers the serial number, a thief is limited to merely copying the authentication message of a subscriber and repeating this message. Each time a subscriber dials a different telephone number, a different authentication request message is generated because each subscriber has a different PIN; each subscriber generates a different authentication request message for the same telephone number.
Although a thief may detect the call sequence count (because it is not enciphered in the ARM) and update it, a correct count would only allow the thief to gain authentication for the enciphered dialed telephone number he intercepted. Therefore the illegitimate user can only communicate to the subscriber whose enciphered telephone number matches that copied from the ARM.
An alternative embodiment comprising the call sequence count may allow each subscriber to maintain more than one call counter where a separate call counter is required for each fixed network communication unit. This embodiment would
find use in a cellular communication system which allowed a subscriber to use multiple fixed network communication units. Another alternative embodiment to the flow in FIG. 3 may require the step of comparing the call sequence counts (50) to occur before the step involving the comparison of enciphered serial numbers (46).
Claims
1 . A method for facilitating communications between a first communication unit and a second communication unit, comprising the steps of:
A) providing the first communication unit with at least one ID and data, having post authentication utility, to be transmitted;
B) providing the second communication unit with information regarding the ID;
C) in the first communication unit, modifying the ID at least in part as a function of at least part of the data, having post authentication utility, to be transmitted to provide a modified ID;
D) transmitting, from the first communication unit to the second communication unit, at least the modified ID and at least part of the data, having post authentication utility, to be transmitted.
2. A method for facilitating communications between a first communication unit and a second communication unit, comprising the steps of:
A) providing the first communication unit with at least a first and second ID and data, having post authentication utility, to be transmitted;
B) providing the second communication unit with information regarding the first and second ID;
C) in the first communication unit, modifying the first ID as a function of at least part of the data, having post authentication utility, to be transmitted and the second ID to provide a modified first ID;
D) transmitting, from the first communication unit to the second communication unit, at least the modified first ID and at least part of the data, having post authentication utility, to be transmitted.
3. The method of claim 2 wherein the second ID is not transmitted in the transmitting step.
4. The method of claim 1 or 2 wherein the data, having post authentication utility, to be transmitted includes at least identifying information regarding a third communication unit.
5. The method of claim 4 wherein the identifying information includes a telephone number.
6. A method for facilitating communications between a first communication unit and a second communication unit, comprising the steps of:
A) maintaining an historic non-arbitrary value in both the first and Second communication units, of predetermined communication events as between the first and second communication units;
B) transmitting, at least from time to time, from the first communication unit to the second communication unit, count information as maintained by the first communication unit;
C) receiving, at the second communication unit, the historic non-arbitrary value information;
D) comparing, at the second communication unit, the historic non-arbitrary value information as received from the first communication unit with count information as maintained by the second communication unit;
E) when the historic non-arbitrary value information as received from the first communication unit is substantially the same as the historic non-arbitrary value information as maintained by the second communication unit, taking a first predetermined course of. action;
F) when the historic non-arbitrary value information as received from the first communication unit is substantially different from the historic non-arbitrary value information as maintained by the second communication unit, taking a second predetermined course of action.
7. The method of claim 6 wherein the first predetermined course of action includes providing the first communication unit with a requested communication resource.
8. The method of claim 6 wherein the historic non-arbitrary value may be a count.
9. The method of claim 6 wherein the predetermined communication events are comprised of the telephone calls attributed to the first communication unit.
10. The method of claim 6 wherein the historic non-arbitrary value is maintained by a ring counter.
11 . A method for facilitating communications between a first communication unit and a second communication unit, comprising the steps of:
A) providing the first communication unit with at least one ID, data, having post authentication utility, and an historic non- arbitrary value to be transmitted;
B) providing the second communication unit with information regarding the ID;
C) in the first communication unit, modifying the ID and the historic non-arbitrary value at least in part as a function of at least part of the data, having post authentication utility, to be transmitted to provide a modified ID and a modified historic non-arbitrary value;
D) transmitting, from the first communication unit to the second communication unit, at least the modified ID, the modified historic non-arbitrary value, and at least part of the data, having post authentication utility, to be transmitted.
12. A method for facilitating communications between a first communication unit and a second communication unit, comprising the steps of:
A) providing the first communication unit with at least a first, a second ID, an historic non-arbitrary value, and data, having post authentication utility, to be transmitted;
B) providing the second communication unit with information regarding the first and second ID;
C) in the first communication unit, modifying the first ID and the historic non-arbitrary value as a function of at least part of the data, having post authentication utility, to be transmitted and the second ID to provide a modified first ID and a modified historic non-arbitrary value;
D) transmitting, from the first communication unit to the second communication unit, at least the modified first ID, the modified historic non-arbitrary value, and at least part of the data, having post authentication utility, to be transmitted.
13. A method for facilitating communications between a first communication unit and a second communication unit, comprising the steps of:
A) providing the first communication unit with at least a first and second ID;
B) providing the second communication unit with information regarding the first and second ID;
C) in the first communication unit, modifying the first ID as a function of an event, known to both the first communication unit and the second communication unit, resulting in a modified first ID with at least a modified attribute of the unmodified first ID;
D) transmitting, from the first communication unit to the second communication unit, at least the modified first ID; E) receiving, at the second communication unit, at least the modified first ID;
F) in the second communication unit, modifying the first ID as a function of an event, known to both the first communication unit and the second communication unit, resulting in a modified first ID with at least a modified attribute of an unmodified first ID;
G) comparing, at the second communication unit, the modified first ID as received from the first communication unit with the modified first ID generated by the second communication unit;
H) when then modified first ID as received from the first communication unit is substantially the same as the modified first ID as generated by the second communication unit, taking a first predetermined course of action; I) when the modified first ID as received from the first communication unit is substantially different from the modified first ID as generated by the second communication unit, taking a second predetermined course of action.
14. The method of Claim 13 wherein the modified attribute of the first ID is comprised of a modified bit length of the unmodified first ID.
15. The method of Claim 13 wherein the event known is data, having post authentication utility, communicated.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US37872189A | 1989-07-12 | 1989-07-12 | |
| US378,721 | 1989-07-12 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO1991001067A2 true WO1991001067A2 (en) | 1991-01-24 |
| WO1991001067A3 WO1991001067A3 (en) | 1992-11-26 |
Family
ID=23494291
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US1990/003290 WO1991001067A2 (en) | 1989-07-12 | 1990-06-14 | Method for authentication and protection of subscribers in telecommunication systems |
Country Status (7)
| Country | Link |
|---|---|
| JP (1) | JP2684118B2 (en) |
| AU (1) | AU6034790A (en) |
| CA (1) | CA2063447C (en) |
| IL (1) | IL94467A (en) |
| MX (1) | MX166091B (en) |
| MY (1) | MY107083A (en) |
| WO (1) | WO1991001067A2 (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2678459A1 (en) * | 1991-06-26 | 1992-12-31 | Remery Patrick | Method of authenticating a subscriber making a call, for telephone billing |
| EP0554093A2 (en) * | 1992-01-29 | 1993-08-04 | Kabushiki Kaisha Toshiba | Radio telecommunication apparatus |
| EP0584725A1 (en) * | 1992-08-19 | 1994-03-02 | Nippon Telegraph And Telephone Corporation | Method of authentication with improved security for secrecy of authentication key |
| EP0634852A2 (en) * | 1993-07-16 | 1995-01-18 | GRUNDIG E.M.V. Elektro-Mechanische Versuchsanstalt Max Grundig GmbH & Co. KG | Method of remote interrogation of access authorisation for subscriber equipment |
| EP0647079A1 (en) * | 1993-10-01 | 1995-04-05 | Advanced Micro Devices, Inc. | Method and apparatus for protecting cordless telephone account authentication information |
| DE4336995A1 (en) * | 1993-10-29 | 1995-05-04 | Sel Alcatel Ag | Method and device for determining the assignment of a mobile radio device to device lists |
| WO1995015066A1 (en) * | 1993-11-24 | 1995-06-01 | Telefonaktiebolaget Lm Ericsson | Authentication for analog communication systems |
| EP0663124A1 (en) * | 1993-06-29 | 1995-07-19 | Motorola, Inc. | Method and apparatus for efficient real-time authentication and encryption in a communication system |
| EP0717898A1 (en) * | 1994-07-05 | 1996-06-26 | Motorola, Inc. | A method of messaging in a communication system |
| WO1996038994A1 (en) * | 1995-06-02 | 1996-12-05 | Dsc Communications Corporation | Apparatus and method of authenticating a subscriber terminal in a wireless telecommunications system |
| WO1997037508A1 (en) * | 1996-03-29 | 1997-10-09 | Ericsson Inc. | Apparatus and method for deriving a random reference number from paging and originating signals |
| EP0774845A3 (en) * | 1995-11-16 | 1999-07-28 | Siemens Aktiengesellschaft | Method and apparatus for authenticating users of a subscriber line |
| EP0781063A3 (en) * | 1995-12-21 | 1999-08-11 | Siemens Aktiengesellschaft | Method and system for generating random numbers in telecommunication apparatus of a wireless communication system |
| WO2000078078A1 (en) * | 1999-06-15 | 2000-12-21 | Siemens Aktiengesellschaft | Method and system for verifying the authenticity of a first communication participants in a communications network |
| WO2001037586A2 (en) * | 1999-11-16 | 2001-05-25 | Siemens Aktiengesellschaft | Method for authenticating a radio communication network vis-a-vis a mobile station |
| US7613456B2 (en) | 1996-07-15 | 2009-11-03 | At&T Mobility Ii Llc | System and method for automatic registration notification for over-the-air activation |
| CN112164220A (en) * | 2020-09-22 | 2021-01-01 | 江西锦路科技开发有限公司 | Expressway service area congestion monitoring and automatic guidance system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4023012A (en) * | 1974-07-08 | 1977-05-10 | Omron Tateisi Electronics Co. | System for verifying the user of a card |
| US4315101A (en) * | 1979-02-05 | 1982-02-09 | Atalla Technovations | Method and apparatus for securing data transmissions |
| US4535333A (en) * | 1982-09-23 | 1985-08-13 | Chamberlain Manufacturing Corporation | Transmitter and receiver for controlling remote elements |
| US4814741A (en) * | 1986-04-30 | 1989-03-21 | Mitsubishi Denki K.K. | Digital remote control device |
-
1990
- 1990-05-22 IL IL9446790A patent/IL94467A/en not_active IP Right Cessation
- 1990-06-14 WO PCT/US1990/003290 patent/WO1991001067A2/en active Application Filing
- 1990-06-14 CA CA002063447A patent/CA2063447C/en not_active Expired - Lifetime
- 1990-06-14 AU AU60347/90A patent/AU6034790A/en not_active Abandoned
- 1990-06-14 JP JP2510364A patent/JP2684118B2/en not_active Expired - Lifetime
- 1990-07-03 MX MX021438A patent/MX166091B/en unknown
- 1990-07-12 MY MYPI90001171A patent/MY107083A/en unknown
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4023012A (en) * | 1974-07-08 | 1977-05-10 | Omron Tateisi Electronics Co. | System for verifying the user of a card |
| US4315101A (en) * | 1979-02-05 | 1982-02-09 | Atalla Technovations | Method and apparatus for securing data transmissions |
| US4535333A (en) * | 1982-09-23 | 1985-08-13 | Chamberlain Manufacturing Corporation | Transmitter and receiver for controlling remote elements |
| US4814741A (en) * | 1986-04-30 | 1989-03-21 | Mitsubishi Denki K.K. | Digital remote control device |
Cited By (42)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2678459A1 (en) * | 1991-06-26 | 1992-12-31 | Remery Patrick | Method of authenticating a subscriber making a call, for telephone billing |
| US5437053A (en) * | 1992-01-29 | 1995-07-25 | Kabushiki Kaisha Toshiba | Radio telecommunication apparatus |
| EP0554093A2 (en) * | 1992-01-29 | 1993-08-04 | Kabushiki Kaisha Toshiba | Radio telecommunication apparatus |
| EP0554093A3 (en) * | 1992-01-29 | 1993-11-18 | Toshiba Kk | Radio telecommunication apparatus |
| EP0584725A1 (en) * | 1992-08-19 | 1994-03-02 | Nippon Telegraph And Telephone Corporation | Method of authentication with improved security for secrecy of authentication key |
| EP0663124A1 (en) * | 1993-06-29 | 1995-07-19 | Motorola, Inc. | Method and apparatus for efficient real-time authentication and encryption in a communication system |
| EP0663124A4 (en) * | 1993-06-29 | 2000-04-05 | Motorola Inc | Method and apparatus for efficient real-time authentication and encryption in a communication system |
| EP0634852A2 (en) * | 1993-07-16 | 1995-01-18 | GRUNDIG E.M.V. Elektro-Mechanische Versuchsanstalt Max Grundig GmbH & Co. KG | Method of remote interrogation of access authorisation for subscriber equipment |
| EP0634852A3 (en) * | 1993-07-16 | 2000-01-19 | GRUNDIG Aktiengesellschaft | Method of remote interrogation of access authorisation for subscriber equipment |
| EP0647079A1 (en) * | 1993-10-01 | 1995-04-05 | Advanced Micro Devices, Inc. | Method and apparatus for protecting cordless telephone account authentication information |
| DE4336995A1 (en) * | 1993-10-29 | 1995-05-04 | Sel Alcatel Ag | Method and device for determining the assignment of a mobile radio device to device lists |
| US5561853A (en) * | 1993-10-29 | 1996-10-01 | Alcatel Sel Aktiengesellschaft | Method and apparatus for determining the assignment of a mobile station to equipment lists |
| WO1995015066A1 (en) * | 1993-11-24 | 1995-06-01 | Telefonaktiebolaget Lm Ericsson | Authentication for analog communication systems |
| US5557676A (en) * | 1993-11-24 | 1996-09-17 | Telefonaktiebolaget Lm Ericsson | Authentication for analog communication systems |
| AU677482B2 (en) * | 1993-11-24 | 1997-04-24 | Telefonaktiebolaget Lm Ericsson (Publ) | Authentication for analog communication systems |
| EP0717898A1 (en) * | 1994-07-05 | 1996-06-26 | Motorola, Inc. | A method of messaging in a communication system |
| EP0717898A4 (en) * | 1994-07-05 | 1999-09-01 | Motorola Inc | A method of messaging in a communication system |
| WO1996038994A1 (en) * | 1995-06-02 | 1996-12-05 | Dsc Communications Corporation | Apparatus and method of authenticating a subscriber terminal in a wireless telecommunications system |
| EP0774845A3 (en) * | 1995-11-16 | 1999-07-28 | Siemens Aktiengesellschaft | Method and apparatus for authenticating users of a subscriber line |
| EP0781063A3 (en) * | 1995-12-21 | 1999-08-11 | Siemens Aktiengesellschaft | Method and system for generating random numbers in telecommunication apparatus of a wireless communication system |
| WO1997037508A1 (en) * | 1996-03-29 | 1997-10-09 | Ericsson Inc. | Apparatus and method for deriving a random reference number from paging and originating signals |
| US8301140B2 (en) | 1996-07-15 | 2012-10-30 | At&T Mobility Ii Llc | System and method for automatic registration notification for over-the-air activation |
| US8515423B2 (en) | 1996-07-15 | 2013-08-20 | At&T Mobility Ii Llc | System and method for automatic registration notification for over-the-air activation |
| US8874109B2 (en) | 1996-07-15 | 2014-10-28 | At&T Mobility Ii Llc | System and method for automatic registration notification for over-the-air activation |
| US7613456B2 (en) | 1996-07-15 | 2009-11-03 | At&T Mobility Ii Llc | System and method for automatic registration notification for over-the-air activation |
| EP1326470A2 (en) * | 1999-06-15 | 2003-07-09 | Siemens Aktiengesellschaft | Method and device for authenticating a subscriber in a communications network |
| EP1326469A2 (en) * | 1999-06-15 | 2003-07-09 | Siemens Aktiengesellschaft | Method and device for authenticating subscribers in a communications network |
| EP1326469A3 (en) * | 1999-06-15 | 2004-01-07 | Siemens Aktiengesellschaft | Method and device for authenticating subscribers in a communications network |
| EP1326470A3 (en) * | 1999-06-15 | 2004-01-07 | Siemens Aktiengesellschaft | Method and device for authenticating a subscriber in a communications network |
| US6980796B1 (en) | 1999-06-15 | 2005-12-27 | Siemens Aktiengesellschaft | Method and system for verifying the authenticity of a first communication participants in a communications network |
| US7139550B2 (en) | 1999-06-15 | 2006-11-21 | Siemens Aktiengesellschaft | Method and system for verifying the authenticity of a first communication participants in a communications network |
| CN1314277C (en) * | 1999-06-15 | 2007-05-02 | 西门子公司 | Method and device for testing first communication side truth and reliability in communication network |
| CN1316834C (en) * | 1999-06-15 | 2007-05-16 | 西门子公司 | Method and device for testing first communication side truth and reliability in communication network |
| USRE40791E1 (en) | 1999-06-15 | 2009-06-23 | Siemens Aktiengesellschaft | Method and system for verifying the authenticity of a first communication participants in a communications network |
| US8565429B2 (en) | 1999-06-15 | 2013-10-22 | Siemens Aktiengesellschaft | Method and system for veryfying the authenticity of a first communication participants in a communications network |
| AU760714B2 (en) * | 1999-06-15 | 2003-05-22 | Siemens Aktiengesellschaft | Method and system for verifying the authenticity of a first communication participants in a communications network |
| WO2000078078A1 (en) * | 1999-06-15 | 2000-12-21 | Siemens Aktiengesellschaft | Method and system for verifying the authenticity of a first communication participants in a communications network |
| WO2001037586A2 (en) * | 1999-11-16 | 2001-05-25 | Siemens Aktiengesellschaft | Method for authenticating a radio communication network vis-a-vis a mobile station |
| US7627122B1 (en) | 1999-11-16 | 2009-12-01 | Siemens Aktiengesellschaft | Method for authentication of a radio communications network with a mobile station, and radio communications network and a mobile station |
| DE19955096B4 (en) * | 1999-11-16 | 2009-10-01 | Siemens Ag | A method of authenticating a radio communication network to a mobile station and a radio communication network and a mobile station |
| WO2001037586A3 (en) * | 1999-11-16 | 2002-02-28 | Siemens Ag | Method for authenticating a radio communication network vis-a-vis a mobile station |
| CN112164220A (en) * | 2020-09-22 | 2021-01-01 | 江西锦路科技开发有限公司 | Expressway service area congestion monitoring and automatic guidance system |
Also Published As
| Publication number | Publication date |
|---|---|
| IL94467A0 (en) | 1991-03-10 |
| MY107083A (en) | 1995-09-30 |
| JPH05503816A (en) | 1993-06-17 |
| MX166091B (en) | 1992-12-17 |
| IL94467A (en) | 1995-12-31 |
| JP2684118B2 (en) | 1997-12-03 |
| CA2063447A1 (en) | 1991-01-13 |
| CA2063447C (en) | 1997-03-25 |
| AU6034790A (en) | 1991-02-06 |
| WO1991001067A3 (en) | 1992-11-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5572193A (en) | Method for authentication and protection of subscribers in telecommunications systems | |
| CA2141318C (en) | Method and apparatus for efficient real-time authentication and encryption in a communication system | |
| US5239294A (en) | Method and apparatus for authenication and protection of subscribers in telecommunication systems | |
| US5708710A (en) | Method and apparatus for authentication in a communication system | |
| US6427073B1 (en) | Preventing misuse of a copied subscriber identity in a mobile communication system | |
| US5457737A (en) | Methods and apparatus to verify the identity of a cellular mobile phone | |
| EP1562394B1 (en) | Apparatus and method for setting use restriction of mobile communication terminal | |
| US5513245A (en) | Automatic generation of private authentication key for wireless communication systems | |
| EP1168870B1 (en) | An improved method for an authentication of a user subscription identity module | |
| EP0872151B1 (en) | Management of authentication keys in a mobile communication system | |
| CA2063447C (en) | Method for authentication and protection of subscribers in telecommunication systems | |
| EP1502467B1 (en) | Paired sim card function | |
| US20030061488A1 (en) | Cloning protection for electronic equipment | |
| US6532290B1 (en) | Authentication methods | |
| US6665530B1 (en) | System and method for preventing replay attacks in wireless communication | |
| US6934531B1 (en) | Method for improving the security of authentication procedures in digital mobile radio telephone systems | |
| KR100320322B1 (en) | Improved security in cellular telephones | |
| WO1999049688A1 (en) | System and method of authenticating a mobile station's identity and handling authentication failures in a radio telecommunications network | |
| JPH11510019A (en) | Access restriction process for communication networks, communication systems and units for such systems | |
| WO1999007178A1 (en) | System and method for preventing replay attacks in wireless communication | |
| JPH05336109A (en) | Radio communication system | |
| MXPA99010399A (en) | Processing of emergency calls in wireless communications system with fraud protection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A2 Designated state(s): AU CA JP KR |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): AT BE CH DE DK ES FR GB IT LU NL SE |
|
| WWE | Wipo information: entry into national phase |
Ref document number: 2063447 Country of ref document: CA |
|
| AK | Designated states |
Kind code of ref document: A3 Designated state(s): AU CA JP KR |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): AT BE CH DE DK ES FR GB IT LU NL SE |
|
| CFP | Corrected version of a pamphlet front page |
Free format text: REVISED ABSTRACT RECEIVED BY THE INTERNATIONAL BUREAU AFTER COMPLETION OF THE TECHNICAL PREPARATIONS FOR INTERNATIONAL PUBLICATION |