WO1999025086A2 - Generation of a seed number - Google Patents

Generation of a seed number Download PDF

Info

Publication number
WO1999025086A2
WO1999025086A2 PCT/FI1998/000879 FI9800879W WO9925086A2 WO 1999025086 A2 WO1999025086 A2 WO 1999025086A2 FI 9800879 W FI9800879 W FI 9800879W WO 9925086 A2 WO9925086 A2 WO 9925086A2
Authority
WO
WIPO (PCT)
Prior art keywords
encryption
algorithm
key
seed number
seed
Prior art date
Application number
PCT/FI1998/000879
Other languages
French (fr)
Other versions
WO1999025086A3 (en
Inventor
Pasi Lahtinen
Original Assignee
Sonera Oyj
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sonera Oyj filed Critical Sonera Oyj
Priority to AU14892/99A priority Critical patent/AU1489299A/en
Priority to NZ504378A priority patent/NZ504378A/en
Priority to EP98958929A priority patent/EP1025739A2/en
Priority to CA002309666A priority patent/CA2309666A1/en
Priority to JP2000519968A priority patent/JP2001523064A/en
Publication of WO1999025086A2 publication Critical patent/WO1999025086A2/en
Publication of WO1999025086A3 publication Critical patent/WO1999025086A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party

Definitions

  • the present invention relates to a method as defined in the preamble of claim 1 for computing the key to an encryption algorithm used to encrypt messages transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobile station.
  • the invention relates to a system as defined in the preamble of claim 7 for computing the key to an encryption algorithm used to encrypt messages transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobi- le station.
  • SIM cards Subscriber Identity Module
  • the encryption algorithm implementing the encryption needs an encryption key.
  • a method is known in which a separate algorithm for computing the encryption key is implemented in the subscriber identity module of a mobile station.
  • the encryption key is stored on the subscriber identity module in conjunction with manufacture.
  • the encryption key is stored on the subscriber identity module when the latter is taken into use.
  • a problem with the prior-art methods is that managing the seed number needed for the computation of the encryption key and/or managing the encryption key is difficult and, e.g.
  • a further problem is that an encryption key permanently stored on the subscriber identity module is not as secure as an encryption key having a variable value.
  • the object of the present invention is to disclose a new type of method that eliminates the problems described above.
  • a further object of the invention is to disclose a system that can be used to implement said method.
  • a specific object of the present invention is to disclose a method and a system that allow flexible and safe management of seed numbers and encryption keys.
  • the encryption key. required by the encryption algorithm used for the encryption of communication is computed from a certain seed number by making use of the subscriber identity module of the mobile station.
  • the mobile station When the mobile station is activated, its subscriber identity module performs an authentication procedure with the mobile communication network. This is done by using an operator- specific authentication algorithm and a seed number consisting of a random number RAND generated by the mobile communication network.
  • the same authentication algorithm can be used to compute an encryption key.
  • the seed number is a number computed on the basis of a ran- dom number RAND generated by the authentication centre AC of the mobile communication network.
  • an application in the subscriber identity module computes the encryption key and stores it in the subscriber identity module. This encryption key is used when messages are to be encrypted and/or decrypted.
  • the present invention has the advantage that it makes the management of seed numbers and encryption keys considerably easier and simpler than before. As the seed numbers and encryption keys are calculated in the subscriber identity module when necessary, they need not be transmitted or set. A further advantage is that no separate equipment is needed for the management of seed numbers and encryption keys, which means that cost savings are achieved.
  • the invention also increases security. In the met- hod of the invention, the encryption key changes continuously and it is not transmitted anywhere, thus considerably reducing the chance of its getting into the hands of outsiders.
  • a seed number is calculated from a random number RAND generated by the authentication centre, producing a seed number such as RA D+1.
  • the encryption key is computed by using an A3 algorithm, which is an operator-specific authentication algorithm.
  • one or more encryption keys are used.
  • each application requiring encryption has its own encryption key, thus increasing security.
  • the encryption key is computed by using one or more successive algorithms so that the result of the preceding algorithm is used as the seed number for the next algorithm. This provides the advantage that the seed number for the new algorithm is changed, which leads to increased security.
  • a certain portion of the random number range used by the mobile communication network is reserved for the calculation of seed numbers.
  • the system of the invention for computing the key to an encryption algorithm used to encrypt messages transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobile station comprises an encryption device and means for the transmission of encrypted messages.
  • the encryption device comprises a me- ans for computing an encryption key from a seed number.
  • the means used to transmit encrypted messages comprise a mobile station and an encryption server.
  • an encryption device is implemented both in the subscriber identity module and in the authentication centre.
  • the encryption device comprises a device for storing the encryption key.
  • the mobile station is GSM compatible.
  • Fig. 2 presents an example representing the hardware configuration of the system of the invention.
  • Fig. la illustrates a method in which the mobile communication network generates a random number RAND and sends it to the subscriber identity module 9. Based on this random number, a seed number RAND+1 is calculated.
  • This seed number 1 and the identification key Kj . 2 are input as starting values to an A3 algorithm 3.
  • the identification key K 2 is a user-specific secret parameter, which has been stored in the subscriber identity module 9 and in the authentication centre 10.
  • the A3 algorithm 3 is the same operator-specific algorithm that is used when the subscriber identity module 9 carries out an authentication procedure with the authentication centre 10 of the mobile communication network upon activation of the mobile station 8.
  • a feature characteristic of the A3 algorithm 3 is that com- puting the encryption key 4 from the seed number 1 and the identification key K ⁇ 2 is easy, but determining the identification key 2 on the basis of the seed number 1 and the encryption key 4 is extremely difficult.
  • the encryption key 4 is the result produced by the algorithm 3. This encryption key 4 is used when messages are to be encrypted and/or decrypted.
  • Fig. lb illustrates a variation of the method of the previous example.
  • the random number range is 0 - 10000. It is divided into two halves so that the random number RAND values 0 - 4999 are reserved for the computation of seed numbers 5.
  • the mobile communication network generates a random number RAND and sends it to the subscriber identity module 9. Based on the random number, a seed number RAND+5000 is calculated.
  • the seed number 5 and the identification key K L 2 are input as starting values to the A3 algorithm 3, which produces a new seed number 6 as a result.
  • the new seed number 6 thus computed and the identification key Kj . 2 are given as starting values to a new algorithm 7.
  • the result obtained is used as the final encryption key .
  • the advantage provided by this alternative is that the seed number ⁇ for the new algorithm 7 is automatically changed.
  • Fig. 2 illustrates a system in which encrypted short messages are transmitted between a GSM telephone 8 and an encryption server 12 in a GSM network.
  • An encryption device 11 has been implemented both in the subscriber identity module 9 of the mobile station 8 and in the authentication 10 of the GSM network.
  • the encryption device 11 comprises a SIM Application Toolkit, an application that computes the encryption key 4.
  • the encryption device 11 stores the compu- ted encryption key 4 for use.
  • the encryption device 11 computes an encryption key 4 on the basis of a seed number 1 and a user-specific identification key Ki 2 both on the SIM card 9 and in the authentica- tion centre 10.
  • an encryption algorithm such as an RSA or 3DES algorithm, implemented both on the SIM card and in the authentication server 12, encrypts/decrypts the message.
  • the key 4 is stored for the next time it is needed, or a new value for the key is computed each time.

Abstract

Method for computing the key to an encryption algorithm used to encrypt messages to be transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key. According to the invention, the seed number used is a number computed from a random number generated by the authentication centre of the mobile communication network, and the encryption key is computed using the authentication algorithm from the seed number and a subscriber identification key.

Description

GENERATION OF A SEED NUMBER
The present invention relates to a method as defined in the preamble of claim 1 for computing the key to an encryption algorithm used to encrypt messages transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobile station. Moreover, the invention relates to a system as defined in the preamble of claim 7 for computing the key to an encryption algorithm used to encrypt messages transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobi- le station.
In the near future, it is to be expected that further applications will be designed for mobile station subscriber identity modules, such as SIM cards (Subscriber Identity Module, SIM) , in which encryption of communication is required. The encryption algorithm implementing the encryption needs an encryption key. In prior art, a method is known in which a separate algorithm for computing the encryption key is implemented in the subscriber identity module of a mobile station. In another prior-art method, the encryption key is stored on the subscriber identity module in conjunction with manufacture. In yet another previously known method, the encryption key is stored on the subscriber identity module when the latter is taken into use. A problem with the prior-art methods is that managing the seed number needed for the computation of the encryption key and/or managing the encryption key is difficult and, e.g. in solutions based on an RSA algorithm, separate equipment is needed. A further problem is that an encryption key permanently stored on the subscriber identity module is not as secure as an encryption key having a variable value. The object of the present invention is to disclose a new type of method that eliminates the problems described above. A further object of the invention is to disclose a system that can be used to implement said method.
A specific object of the present invention is to disclose a method and a system that allow flexible and safe management of seed numbers and encryption keys. As for the features characteristic of the present invention, reference is made to the claims.
In the method of the invention, the encryption key. required by the encryption algorithm used for the encryption of communication is computed from a certain seed number by making use of the subscriber identity module of the mobile station. When the mobile station is activated, its subscriber identity module performs an authentication procedure with the mobile communication network. This is done by using an operator- specific authentication algorithm and a seed number consisting of a random number RAND generated by the mobile communication network. The same authentication algorithm can be used to compute an encryption key. The seed number is a number computed on the basis of a ran- dom number RAND generated by the authentication centre AC of the mobile communication network. Using the seed number and a subscriber identification key Ki as starting values for the authentication algorithm, an application in the subscriber identity module computes the encryption key and stores it in the subscriber identity module. This encryption key is used when messages are to be encrypted and/or decrypted.
As compared with prior art, the present invention has the advantage that it makes the management of seed numbers and encryption keys considerably easier and simpler than before. As the seed numbers and encryption keys are calculated in the subscriber identity module when necessary, they need not be transmitted or set. A further advantage is that no separate equipment is needed for the management of seed numbers and encryption keys, which means that cost savings are achieved. The invention also increases security. In the met- hod of the invention, the encryption key changes continuously and it is not transmitted anywhere, thus considerably reducing the chance of its getting into the hands of outsiders.
In an embodiment of the method, a seed number is calculated from a random number RAND generated by the authentication centre, producing a seed number such as RA D+1.
In an embodiment of the method, the encryption key is computed by using an A3 algorithm, which is an operator-specific authentication algorithm.
In an embodiment of the method, one or more encryption keys are used. In this case, each application requiring encryption has its own encryption key, thus increasing security. In an embodiment of the method, the encryption key is computed by using one or more successive algorithms so that the result of the preceding algorithm is used as the seed number for the next algorithm. This provides the advantage that the seed number for the new algorithm is changed, which leads to increased security.
In an embodiment of the method, a certain portion of the random number range used by the mobile communication network is reserved for the calculation of seed numbers.
The system of the invention for computing the key to an encryption algorithm used to encrypt messages transmitted over a telecommunication network and for generating the seed number needed for the computation of the encryption key by making use of the subscriber identity module of a mobile station comprises an encryption device and means for the transmission of encrypted messages. The encryption device comprises a me- ans for computing an encryption key from a seed number. The means used to transmit encrypted messages comprise a mobile station and an encryption server.
In an embodiment of the system, an encryption device is implemented both in the subscriber identity module and in the authentication centre.
In an embodiment of the system, the encryption device comprises a device for storing the encryption key. In an embodiment of the system, the mobile station is GSM compatible.
In the following, the invention will be described by the aid of an embodiment example by referring to the attached drawings, wherein Fig. la and lb illustrate an example representing the method of the invention in the form of logic diagrams; and
Fig. 2 presents an example representing the hardware configuration of the system of the invention. Fig. la illustrates a method in which the mobile communication network generates a random number RAND and sends it to the subscriber identity module 9. Based on this random number, a seed number RAND+1 is calculated. This seed number 1 and the identification key Kj. 2 are input as starting values to an A3 algorithm 3. The identification key K 2 is a user-specific secret parameter, which has been stored in the subscriber identity module 9 and in the authentication centre 10. The A3 algorithm 3 is the same operator-specific algorithm that is used when the subscriber identity module 9 carries out an authentication procedure with the authentication centre 10 of the mobile communication network upon activation of the mobile station 8. A feature characteristic of the A3 algorithm 3 is that com- puting the encryption key 4 from the seed number 1 and the identification key K± 2 is easy, but determining the identification key 2 on the basis of the seed number 1 and the encryption key 4 is extremely difficult. The encryption key 4 is the result produced by the algorithm 3. This encryption key 4 is used when messages are to be encrypted and/or decrypted.
Fig. lb illustrates a variation of the method of the previous example. In this case, it is assumed that the random number range is 0 - 10000. It is divided into two halves so that the random number RAND values 0 - 4999 are reserved for the computation of seed numbers 5. the mobile communication network generates a random number RAND and sends it to the subscriber identity module 9. Based on the random number, a seed number RAND+5000 is calculated. The seed number 5 and the identification key KL 2 are input as starting values to the A3 algorithm 3, which produces a new seed number 6 as a result. The new seed number 6 thus computed and the identification key Kj. 2 are given as starting values to a new algorithm 7. The result obtained is used as the final encryption key . The advantage provided by this alternative is that the seed number β for the new algorithm 7 is automatically changed.
Fig. 2 illustrates a system in which encrypted short messages are transmitted between a GSM telephone 8 and an encryption server 12 in a GSM network. An encryption device 11 has been implemented both in the subscriber identity module 9 of the mobile station 8 and in the authentication 10 of the GSM network. The encryption device 11 comprises a SIM Application Toolkit, an application that computes the encryption key 4. In addition, the encryption device 11 stores the compu- ted encryption key 4 for use. When messages to be encrypted and/or decrypted are transmitted, the encryption device 11 computes an encryption key 4 on the basis of a seed number 1 and a user-specific identification key Ki 2 both on the SIM card 9 and in the authentica- tion centre 10. Based on this encryption key 4, an encryption algorithm, such as an RSA or 3DES algorithm, implemented both on the SIM card and in the authentication server 12, encrypts/decrypts the message. The key 4 is stored for the next time it is needed, or a new value for the key is computed each time.
The invention is not restricted to the examples of its embodiments described above, but many variations are possible within the scope of the inventive idea defined by the claims.

Claims

1. Method for computing the key (4) to an encryption algorithm used to encrypt messages to be transmitted over a telecommunication network and for generating the seed number (1, 5) needed for the computation of the encryption key (4) by making use of the subscriber identity module (9) of a mobile station (8), in which method the key to the encryption algorithm is computed from the seed number (1, 5) using a certain algorithm ( 3 , 7 ) , c h a r a c t e r i s e d in that
- the seed number (1, 5) used is a number computed from a random number RAND generated by the authentication centre (AC) (19) of the mobile communication network; and - using the authentication algorithm (3) of the mobile communication network, the encryption key (4) required by the encryption algorithm is computed from the seed number (1, 5) and a subscriber identification key K┬▒ (2) .
2. Method as defined in claim 1, characteri sed in that the seed number is calculated from the random number RAND generated by the authentication centre (10), producing a seed number such as RAND+1.
3. Method as defined in claim 1 or 2, c h a - racteri sed in that the encryption key (4) is computed by using an A3 algorithm (3) .
4. Method as defined in any one of claims 1 -
3, characterised in that one or more encryption keys are used.
5. Method as defined in any one of claims 1 -
4, characterised in that the encryption key is computed by using one or more successive algorithms (3, 7) in such manner that the result of the preceding algorithm (3) is used as the seed number for the next algorithm (7).
6. Method as defined in any one of claims 1 -
5 , c h a r a c t e r i s e d in that a certain portion of the random number range used by the mobile communication network is reserved for the computation of seed numbers (1, 5) .
7. System for computing the key (4) to an en- cryption algorithm used to encrypt messages to be transmitted over a telecommunication network and for generating the seed number (1, 5) needed for the computation of the encryption key by making use of the subscriber identity module (9) of a mobile station (8), said system comprising an encryption device (11) and means (8, 12) for the transmission of encrypted messages, characterised in that
- the encryption device (11) comprises a means for computing the encryption key (4) from the seed nu - ber (1, 5) ; and the means used to transmit encrypted messages comprise a mobile station (8) and an encryption server (12) .
8. System as defined in claim 7, charac- terised in that an encryption device (11) is implemented both in the subscriber identity module (9) and in the authentication centre (10).
9. System as defined in claim 7 or 8, characterised in that the encryption device (11) comprises a device for storing the encryption key (4).
10. System as defined in any one of claims 7 - 9, characterised in that the mobile station (8) is GSM compatible.
PCT/FI1998/000879 1997-11-11 1998-11-11 Generation of a seed number WO1999025086A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
AU14892/99A AU1489299A (en) 1997-11-11 1998-11-11 Generation of a seed number
NZ504378A NZ504378A (en) 1997-11-11 1998-11-11 A method allowing flexible and safe management of seed numbers and encryption keys
EP98958929A EP1025739A2 (en) 1997-11-11 1998-11-11 Generation of a seed number
CA002309666A CA2309666A1 (en) 1997-11-11 1998-11-11 Generation of a seed number
JP2000519968A JP2001523064A (en) 1997-11-11 1998-11-11 Generate seed count

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI974198A FI105253B (en) 1997-11-11 1997-11-11 Generation of start value
FI974198 1997-11-11

Publications (2)

Publication Number Publication Date
WO1999025086A2 true WO1999025086A2 (en) 1999-05-20
WO1999025086A3 WO1999025086A3 (en) 1999-10-28

Family

ID=8549914

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI1998/000879 WO1999025086A2 (en) 1997-11-11 1998-11-11 Generation of a seed number

Country Status (7)

Country Link
EP (1) EP1025739A2 (en)
JP (1) JP2001523064A (en)
AU (1) AU1489299A (en)
CA (1) CA2309666A1 (en)
FI (1) FI105253B (en)
NZ (1) NZ504378A (en)
WO (1) WO1999025086A2 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1101331A1 (en) * 1999-06-29 2001-05-23 Samsung Electronics Co., Ltd. Apparatus for securing user's information in a mobile communication system connected to the internet and method thereof
WO2002028020A2 (en) * 2000-09-29 2002-04-04 The Regents Of The University Of California Ad hoc network accessing using distributed election of a shared transmission schedule
EP1374473A1 (en) * 2001-03-29 2004-01-02 Arcot Systems, Inc. Method and apparatus for secure cryptographic key generation, certification and use
US6754349B1 (en) * 1999-06-11 2004-06-22 Fujitsu Services Limited Cryptographic key, or other secret material, recovery
EP1443795A1 (en) * 2003-01-30 2004-08-04 Nokia Corporation Generating asymmetric keys in a telecommunications system
WO2005091148A1 (en) 2004-03-19 2005-09-29 Nokia Corporation Storing of encrypted data in the memory of a portable electronic device
US6983375B2 (en) * 2001-04-13 2006-01-03 Ge Medical Technology Services, Inc. Method and system to grant indefinite use of software options resident on a device
WO2006026925A1 (en) * 2004-09-08 2006-03-16 Huawei Technologies Co., Ltd. A method for setting the authentication key
JP2007234030A (en) * 2000-03-30 2007-09-13 Nokia Corp Subscriber authentication
US7925895B2 (en) 2005-02-22 2011-04-12 Kyocera Mita Corporation Data management apparatus, data management method, and storage medium
US8370638B2 (en) 2005-02-18 2013-02-05 Emc Corporation Derivative seeds
US20140298027A1 (en) * 2013-04-02 2014-10-02 Mastercard International Incorporated Integrated contactless mpos implementation

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007019711A (en) * 2005-07-06 2007-01-25 Kyocera Mita Corp Data management apparatus and program therefor
JP5847345B1 (en) * 2015-04-10 2016-01-20 さくら情報システム株式会社 Information processing apparatus, authentication method, and program

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4797672A (en) * 1986-09-04 1989-01-10 Octel Communications Corp. Voice network security system
US5144665A (en) * 1990-02-21 1992-09-01 Hitachi, Ltd. Cryptographic communication method and system
US5201000A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Method for generating public and private key pairs without using a passphrase
EP0688929A2 (en) * 1994-06-21 1995-12-27 Microchip Technology Inc. Secure self-learning
US5590200A (en) * 1993-12-09 1996-12-31 News Datacom Ltd. Apparatus and method for securing communication systems
WO1997012461A1 (en) * 1995-09-27 1997-04-03 Telefonaktiebolaget Lm Ericsson (Publ) Method for encryption of information

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4797672A (en) * 1986-09-04 1989-01-10 Octel Communications Corp. Voice network security system
US5144665A (en) * 1990-02-21 1992-09-01 Hitachi, Ltd. Cryptographic communication method and system
US5201000A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Method for generating public and private key pairs without using a passphrase
US5590200A (en) * 1993-12-09 1996-12-31 News Datacom Ltd. Apparatus and method for securing communication systems
EP0688929A2 (en) * 1994-06-21 1995-12-27 Microchip Technology Inc. Secure self-learning
WO1997012461A1 (en) * 1995-09-27 1997-04-03 Telefonaktiebolaget Lm Ericsson (Publ) Method for encryption of information

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
M. Mouley, M.B. Pautet: The GSM System for Mobile Communications, Frans 1992; sections 7.2.2 & 7.2.3 *

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8429720B2 (en) 1997-12-23 2013-04-23 Ca, Inc. Method and apparatus for camouflaging of data, information and functional transformations
US6754349B1 (en) * 1999-06-11 2004-06-22 Fujitsu Services Limited Cryptographic key, or other secret material, recovery
EP1101331A4 (en) * 1999-06-29 2005-07-06 Samsung Electronics Co Ltd Apparatus for securing user's information in a mobile communication system connected to the internet and method thereof
EP1101331A1 (en) * 1999-06-29 2001-05-23 Samsung Electronics Co., Ltd. Apparatus for securing user's information in a mobile communication system connected to the internet and method thereof
JP2007234030A (en) * 2000-03-30 2007-09-13 Nokia Corp Subscriber authentication
USRE45873E1 (en) 2000-03-30 2016-01-26 Nokia Technologies Oy Subscriber authentication
US8503676B2 (en) 2000-03-30 2013-08-06 Nokia Corporation Subscriber authentication
WO2002028020A2 (en) * 2000-09-29 2002-04-04 The Regents Of The University Of California Ad hoc network accessing using distributed election of a shared transmission schedule
WO2002028020A3 (en) * 2000-09-29 2003-03-06 Univ California Ad hoc network accessing using distributed election of a shared transmission schedule
EP1374473A1 (en) * 2001-03-29 2004-01-02 Arcot Systems, Inc. Method and apparatus for secure cryptographic key generation, certification and use
US7328350B2 (en) 2001-03-29 2008-02-05 Arcot Systems, Inc. Method and apparatus for secure cryptographic key generation, certification and use
US8559639B2 (en) 2001-03-29 2013-10-15 Ca, Inc. Method and apparatus for secure cryptographic key generation, certification and use
EP1374473A4 (en) * 2001-03-29 2006-08-02 Arcot Systems Inc Method and apparatus for secure cryptographic key generation, certification and use
US7739725B1 (en) 2001-04-13 2010-06-15 Ge Medical Technology Services, Inc. Method and system to grant indefinite use of software options resident on a device
US6983375B2 (en) * 2001-04-13 2006-01-03 Ge Medical Technology Services, Inc. Method and system to grant indefinite use of software options resident on a device
US7424115B2 (en) 2003-01-30 2008-09-09 Nokia Corporation Generating asymmetric keys in a telecommunications system
EP1443795A1 (en) * 2003-01-30 2004-08-04 Nokia Corporation Generating asymmetric keys in a telecommunications system
US8161295B2 (en) * 2004-03-19 2012-04-17 Nokia Corporation Storing of data in a device
WO2005091148A1 (en) 2004-03-19 2005-09-29 Nokia Corporation Storing of encrypted data in the memory of a portable electronic device
WO2006026925A1 (en) * 2004-09-08 2006-03-16 Huawei Technologies Co., Ltd. A method for setting the authentication key
US8370638B2 (en) 2005-02-18 2013-02-05 Emc Corporation Derivative seeds
US7925895B2 (en) 2005-02-22 2011-04-12 Kyocera Mita Corporation Data management apparatus, data management method, and storage medium
US10135614B2 (en) * 2013-04-02 2018-11-20 Mastercard International Incorporated Integrated contactless MPOS implementation
US20140298027A1 (en) * 2013-04-02 2014-10-02 Mastercard International Incorporated Integrated contactless mpos implementation

Also Published As

Publication number Publication date
NZ504378A (en) 2002-03-28
CA2309666A1 (en) 1999-05-20
FI974198A (en) 1999-05-12
FI105253B (en) 2000-06-30
AU1489299A (en) 1999-05-31
EP1025739A2 (en) 2000-08-09
WO1999025086A3 (en) 1999-10-28
FI974198A0 (en) 1997-11-11
JP2001523064A (en) 2001-11-20

Similar Documents

Publication Publication Date Title
US4956863A (en) Cryptographic method and apparatus for public key exchange with authentication
EP0841770B1 (en) Method for sending a secure message in a telecommunications system
US8223970B2 (en) Message deciphering method, system and article
US7716483B2 (en) Method for establishing a communication between two devices
US5544245A (en) Mutual authentication/cipher key delivery system
CA2303048C (en) Security method for transmissions in telecommunication networks
EP0735723B1 (en) Cryptographic communication method and cryptographic communication device
US5915021A (en) Method for secure communications in a telecommunications system
US5602917A (en) Method for secure session key generation
CN101217362B (en) RFID communication security mechanism established based on dynamic randomization DRNTRU public key encryption system
US6111956A (en) Method for secure key distribution over a nonsecure communications network
US6047072A (en) Method for secure key distribution over a nonsecure communications network
EP0792042A3 (en) Method of effecting communications using common cryptokey
KR20040004703A (en) Method for ensuring data transmission security, communication system and communication device
US7620186B2 (en) Method for establishing an encrypted communication by means of keys
EP1025739A2 (en) Generation of a seed number
US20040250073A1 (en) Protocol for hybrid authenticated key establishment
US20020199102A1 (en) Method and apparatus for establishing a shared cryptographic key between energy-limited nodes in a network
FI964926A (en) Verification of the correctness of the parties to the data transmission in the telecommunications network
EP1763192A1 (en) Cascaded personalization of an end-to-end encryption module
JPS6346028A (en) Cryptographic key distribution system
JPH0373633A (en) Cryptographic communication system
JPH0897813A (en) Method and equipment for communication
JP2565893B2 (en) Shared key generation method
Smith et al. Identity-based cryptography for securing mobile phone calls

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWE Wipo information: entry into national phase

Ref document number: 1998958929

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 504378

Country of ref document: NZ

ENP Entry into the national phase

Ref document number: 2309666

Country of ref document: CA

Ref country code: CA

Ref document number: 2309666

Kind code of ref document: A

Format of ref document f/p: F

NENP Non-entry into the national phase

Ref country code: KR

WWE Wipo information: entry into national phase

Ref document number: 14892/99

Country of ref document: AU

WWP Wipo information: published in national office

Ref document number: 1998958929

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1998958929

Country of ref document: EP