[go: up one dir, main page]

WO2000024218A1 - A method and a system for authentication - Google Patents

A method and a system for authentication Download PDF

Info

Publication number
WO2000024218A1
WO2000024218A1 PCT/SE1999/001786 SE9901786W WO0024218A1 WO 2000024218 A1 WO2000024218 A1 WO 2000024218A1 SE 9901786 W SE9901786 W SE 9901786W WO 0024218 A1 WO0024218 A1 WO 0024218A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
electronic device
random number
authentication
removable memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/SE1999/001786
Other languages
French (fr)
Inventor
Magnus HALLENSTÅL
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonaktiebolaget LM Ericsson AB
Original Assignee
Telefonaktiebolaget LM Ericsson AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget LM Ericsson AB filed Critical Telefonaktiebolaget LM Ericsson AB
Priority to AU14222/00A priority Critical patent/AU1422200A/en
Priority to DE19983656T priority patent/DE19983656T1/en
Priority to JP2000577853A priority patent/JP2002528978A/en
Publication of WO2000024218A1 publication Critical patent/WO2000024218A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • the present invention relates to a method and a system for increasing the security in a system comprising and communicating with a removable memory card, such as a SIM card or a smart card.
  • a removable memory card such as a SIM card or a smart card.
  • GSM Global System for Mobile communication
  • SIM-cards Subscriber Identity Module
  • the GSM system provides communication between a base station and one or several Mobile Stations (MS) .
  • MS Mobile Station
  • M Mobile Equipment
  • SIM card for providing each Mobile Station with a unique identity.
  • GSM 02.09 “Digital cellular telecommunications system; Security aspects”
  • GSM 03.20 ETS 300 929) : “Digital cellular telecommunications system; Security related network functions”.
  • the network sends a Random Number (RAND) to the Mobile Station (MS) .
  • the Mobile Equipment (ME) passes the random number to the SIM card.
  • a command "RUN GSM ALGORITHM” is given to the SIM card as described in GSM 03.20 (ETS 300 929) : "Digital cellular telecommunications system; Security related network functions”.
  • the SIM returns the values Signed RESponse calculated by a SIM (SRES) and Cryptographic key (Kc) to the mobile equipment.
  • SRES Signed RESponse calculated by a SIM
  • Kc Cryptographic key
  • the ME sends SRES to the network.
  • the network compares this value with the value of SRES which it calculates for itself. The comparison of these SRES values provides the authentication.
  • the value Kc is used by the ME in any future enciphered communications with the network until the next invocation of this mechanism.
  • This object is obtained by means of adding a new function in the existing SIM card so that the SIM-card will challenge the system.
  • the SIM-card will issue a random number towards the network and the network then has to respond with a correct result. If not the SIM-card will be automatically switched off.
  • the method can also be used in other systems than the GSM system, where it is imperative that the removable memory card should not be cracked.
  • An example is when money are stored on a card ("electronic money") and where the amount can be refilled.
  • Other application areas are also possible.
  • Means for executing the method can be provided in integrated circuits, mobile telephones, modems, etc.
  • An authentication unit for providing additional security can in this manner easily be provided in existing systems.
  • - Fig. 1 is a flow chart illustrating different steps carried out when verifying the authenticity of a SIM-card located in a Mobile Station (MS) communicating with a network.
  • MS Mobile Station
  • FIG. 2 is a flow chart illustrating an alternative scheme according to a second embodiments
  • a flow chart illustrating different steps carried out during authentication in a GSM system is shown.
  • MS Mobile Station
  • ME Mobile Equipment
  • the SIM card then returns a status condition indicating that the status is OK and that a challenge towards the system should be issued before the command "RUN GSM algorithm” can be issued again, step 105.
  • the ME requests the response from the SIM card, step 107 and the SIM card returns the values Signed RESponse calculated by a SIM (SRES) and Cryptographic key (Kc) to the mobile equipment, step 109.
  • SRES Signed RESponse calculated by a SIM
  • Kc Cryptographic key
  • the MS then returns the SRES and the Kc to the GSM network as an authentication of the SIM card as described above, step 111.
  • the ME issues a request for a random number to the SIM card, step 113 as a response to the message in step 105, which indicated that a challenge should be transmitted to the GSM network.
  • the SIM card then returns a random number and a status OK message, step 115.
  • the MS issues a request towards the GSM network for authentication thereof by means of transmitting the random (RAND) number to the GSM network.
  • the GSM network then has to respond to this request, preferably by means of returning an SRES, which then can be verified by the SIM, see below.
  • the GSM network responds with a SRES value to the MS, step 119.
  • the SRES received by the MS is the transmitted from the ME to the SIM card, step 121.
  • the SIM card then verifies that the SRES value is the correct value and, if so, returns a status: OK message to the ME, step 123.
  • the ME will start over again with the authentication process of the GSM system, thus starting the procedure with step 113.
  • the ME will continue to execute this process until the system replies with a correct answer, or until a certain, pre-set random numbers have been issued, without the system replying with a correct number.
  • the SIM will indicate when no more challenges can be issued in the response indication in step 115.
  • the SIM card turns itself off, i.e. it does not respond to any requests sent to it.
  • a Mobile Station receives a random number from the GSM network, step 201.
  • the Mobile Equipment (ME) of the MS issues a command "RUN GSM- algorith ", step 203.
  • the SIM card then returns a status condition indicating that the status is not OK and that a challenge towards the system should be issued, step 205. This could for example be carried out by adding a new code as a response to the command "RUN GSM algorithm" .
  • the Mobile Equipment issues a request for a random number to the SIM card, step 207.
  • the SIM card returns a random number (RAND2) together with a status: OK message, step 209.
  • This random number is then transmitted towards the system by the mobile station, step 211.
  • the GSM system then returns an SRES value (SRES2), step 213.
  • the ME transmits the SRES value (SRES2) to the SIM card, step 215.
  • the SIM card compares this value with the value of SRES2 which it calculates for itself. The comparison of these SRES values provides the system authentication and the SIM returns an acknowledge message (status: OK) to the Mobile Equipment if the compared SRES2 values match, step 217.
  • the ME will start over again with the authentication process of the GSM system, thus starting the procedure with step 207.
  • the ME will continue to execute this procedure, until the system replies with a correct answer, or until a certain, pre-set random numbers have been issued, without the system replying with a correct number.
  • the SIM will indicate when no more challenges can be issued in the response indication in step 209.
  • the SIM card turns itself off, i.e. it does not respond to any requests sent to it.
  • the ME issues the command RUN GSM algorithm towards the SIM card, step 219.
  • the SIM card the responds with a status: OK message, step 221.
  • the ME issues a command GET RESPONSE towards the SIM card, step 223.
  • the SIM card the responds with the SRES and the Kc as described above, step 225.
  • the SRES and the Kc is then transmitted by the MS to the GSM system as authentication of the SIM card, step 227.
  • the SIM card only challenges the system, i.e. sends a random number to the system, every N time, N being a positive integer > 1, that the system challenges the SIM card.
  • the method and system as described herein can also be employed in other kinds of systems than the systems described above.
  • the method is possible to use in any system provided with means for authenticating an electronic device connected to the system.
  • the system will then comprise a first authentication unit which then communicates with a second authentication unit located in the electronic device using a method corresponding to the method described above.
  • the method and system as described herein provides a significantly increased security for different kinds of removable memory card, such as SIM cards, smart cards, and other kinds of systems where a mutual authentication process between an electronic device and the system is required for ensuring an acceptable security.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

In a method and a system for increasing the security in a system comprising and communicating with a removable memory card, such as a SIM card or smart card a new function is added in the existing SIM card so that the SIM-card will challenge the system. Thus, the SIM-card will issue a random number towards the network and the network then has to respond with a correct result. If not the SIM-card will be automatically switched off. The use of the method and the system will reduce the risque for someone to find out the correct code of the removable memory card by means of a massive test. The method can also be employed in other systems where the system communicates with an electronic device.

Description

A METHOD AND A SYSTEM FOR AUTHENTICATION TECHNICAL FIELD
The present invention relates to a method and a system for increasing the security in a system comprising and communicating with a removable memory card, such as a SIM card or a smart card.
BACKGROUND OF THE INVENTION AND PRIOR ART
In existing mobile telecommunication systems, for example the GSM (Global System for Mobile communication) system, SIM-cards (Subscriber Identity Module) are used for providing each user with a unique identity. Thus, the GSM system provides communication between a base station and one or several Mobile Stations (MS) . Each Mobile Station (MS) comprises a Mobile Equipment (ME) for handling the communication between the Mobile Station (MS) and a SIM card for providing each Mobile Station with a unique identity.
The security aspects of GSM are described in the normative references GSM 02.09 (ETS 300 920): "Digital cellular telecommunications system; Security aspects" and GSM 03.20 (ETS 300 929) : "Digital cellular telecommunications system; Security related network functions".
One important security aspect is the authentication of the subscriber identity to the network. Below the authentication and cipher key generation procedure according to the GSM standard is outlined:
First, the network sends a Random Number (RAND) to the Mobile Station (MS) . The Mobile Equipment (ME) passes the random number to the SIM card. At the same time a command "RUN GSM ALGORITHM" is given to the SIM card as described in GSM 03.20 (ETS 300 929) : "Digital cellular telecommunications system; Security related network functions". The SIM returns the values Signed RESponse calculated by a SIM (SRES) and Cryptographic key (Kc) to the mobile equipment. The ME sends SRES to the network. The network compares this value with the value of SRES which it calculates for itself. The comparison of these SRES values provides the authentication. The value Kc is used by the ME in any future enciphered communications with the network until the next invocation of this mechanism.
The security provided by the GSM system has until now been sufficient. However, using modern technology it has become possible to crack the very secret unique key stored in each SIM card and also the secret algorithm used in the authentication process. "The method used is to send a very large amount of test samples to the SIM card and then analyze the results returned by the SIM card. In this manner it has become possible to clone SIM cards.
SUMMARY
It is an object of the present invention to increase the security on SIM-cards, smart cards and similar devices, and in particular to increase the security for a GSM SIM-card and to avoid that the SIM card can be cracked.
This object is obtained by means of adding a new function in the existing SIM card so that the SIM-card will challenge the system. Thus, the SIM-card will issue a random number towards the network and the network then has to respond with a correct result. If not the SIM-card will be automatically switched off.
The use of such a new functionality on the SIM-card will significantly increase the security thereof. Thus, it will reduce the risque for someone to find out the correct code of the SIM card by means of a massive test.
The method can also be used in other systems than the GSM system, where it is imperative that the removable memory card should not be cracked. An example is when money are stored on a card ("electronic money") and where the amount can be refilled. Other application areas are also possible. Thus, it is possible to use the method as described herein in many kinds of electronic devices. Means for executing the method can be provided in integrated circuits, mobile telephones, modems, etc. An authentication unit for providing additional security can in this manner easily be provided in existing systems. BRIEF DESCRIPTION OF THE DRAWINGS
The present invention will now be described in more detail by way of non-limiting examples and with reference to the accompanying drawings, in which:
- Fig. 1 is a flow chart illustrating different steps carried out when verifying the authenticity of a SIM-card located in a Mobile Station (MS) communicating with a network.
- Fig. 2 is a flow chart illustrating an alternative scheme according to a second embodiments
DESCRIPTION OF PREFERRED EMBODIMENTS
In Fig. 1 a flow chart illustrating different steps carried out during authentication in a GSM system is shown. Thus, first a Mobile Station (MS) receives a random number from the GSM network, step 101. Thereupon, the Mobile Equipment (ME) of the MS issues a command "RUN GSM algorithm", as described above, step 103. The SIM card then returns a status condition indicating that the status is OK and that a challenge towards the system should be issued before the command "RUN GSM algorithm" can be issued again, step 105. This could for example be carried out by adding a new code as a response to the command "RUN GSM algorithm".
Next, the ME requests the response from the SIM card, step 107 and the SIM card returns the values Signed RESponse calculated by a SIM (SRES) and Cryptographic key (Kc) to the mobile equipment, step 109. The MS then returns the SRES and the Kc to the GSM network as an authentication of the SIM card as described above, step 111.
Next, the ME issues a request for a random number to the SIM card, step 113 as a response to the message in step 105, which indicated that a challenge should be transmitted to the GSM network. The SIM card then returns a random number and a status OK message, step 115. Thereupon, the MS issues a request towards the GSM network for authentication thereof by means of transmitting the random (RAND) number to the GSM network. The GSM network then has to respond to this request, preferably by means of returning an SRES, which then can be verified by the SIM, see below. Thus, the GSM network responds with a SRES value to the MS, step 119.
The SRES received by the MS is the transmitted from the ME to the SIM card, step 121. The SIM card then verifies that the SRES value is the correct value and, if so, returns a status: OK message to the ME, step 123.
If the GSM system does not respond or the SRES returned by the GSM system is not the correct one, the ME will start over again with the authentication process of the GSM system, thus starting the procedure with step 113. The ME will continue to execute this process until the system replies with a correct answer, or until a certain, pre-set random numbers have been issued, without the system replying with a correct number. The SIM will indicate when no more challenges can be issued in the response indication in step 115.
If the system fails to reply with a correct number or code, the SIM card turns itself off, i.e. it does not respond to any requests sent to it.
In Fig. 2 a second embodiment for authenticating the GSM network is shown. Thus, first a Mobile Station (MS) receives a random number from the GSM network, step 201. Thereupon, the Mobile Equipment (ME) of the MS issues a command "RUN GSM- algorith ", step 203. The SIM card then returns a status condition indicating that the status is not OK and that a challenge towards the system should be issued, step 205. This could for example be carried out by adding a new code as a response to the command "RUN GSM algorithm" .
Next, the Mobile Equipment issues a request for a random number to the SIM card, step 207. The SIM card returns a random number (RAND2) together with a status: OK message, step 209.
This random number is then transmitted towards the system by the mobile station, step 211. The GSM system then returns an SRES value (SRES2), step 213. Next, the ME transmits the SRES value (SRES2) to the SIM card, step 215. The SIM card then compares this value with the value of SRES2 which it calculates for itself. The comparison of these SRES values provides the system authentication and the SIM returns an acknowledge message (status: OK) to the Mobile Equipment if the compared SRES2 values match, step 217.
If the GSM system does not respond or the SRES2 returned by the GSM system is not the correct one, the ME will start over again with the authentication process of the GSM system, thus starting the procedure with step 207. The ME will continue to execute this procedure, until the system replies with a correct answer, or until a certain, pre-set random numbers have been issued, without the system replying with a correct number. The SIM will indicate when no more challenges can be issued in the response indication in step 209.
If the system fails to reply with a correct number or code, the SIM card turns itself off, i.e. it does not respond to any requests sent to it.
As a response to the message in step 217 the ME issues the command RUN GSM algorithm towards the SIM card, step 219. The SIM card the responds with a status: OK message, step 221. Next, the ME issues a command GET RESPONSE towards the SIM card, step 223. The SIM card the responds with the SRES and the Kc as described above, step 225. The SRES and the Kc is then transmitted by the MS to the GSM system as authentication of the SIM card, step 227.
In a preferred embodiment the SIM card only challenges the system, i.e. sends a random number to the system, every N time, N being a positive integer > 1, that the system challenges the SIM card.
The method and system as described herein can also be employed in other kinds of systems than the systems described above. Thus, the method is possible to use in any system provided with means for authenticating an electronic device connected to the system. The system will then comprise a first authentication unit which then communicates with a second authentication unit located in the electronic device using a method corresponding to the method described above.
The method and system as described herein provides a significantly increased security for different kinds of removable memory card, such as SIM cards, smart cards, and other kinds of systems where a mutual authentication process between an electronic device and the system is required for ensuring an acceptable security.

Claims

1. A method of authentication in a system comprising and communicating with a removable memory card, characterized by the steps of:
- issuing a random number from the card,
- returning a number from the system to the card, and that the card authenticates the system if the returned number is a correct number as verified by an algorithm stored on the card, which is fed with the same random number.
2. A method according to claim 1, characterized in that the card turns itself off if the returned number is incorrect.
3. A method according to claim 2 , characterized in that the card only turns itself off if the system returns an incorrect number N consecutive times, N being a positive integer > 1.
4. A method according to any of claims 1 - 3, when the system is a cellular radio system, in particular a GSM system, and the removable memory card is a SIM card, characterized in that the authentication of the system is issued in conjunction with the authentication of the SIM card by the mobile telephone system.
5. A method according to claim 4, when the system is a GSM system, characterized in that the authentication of the GSM system is carried out using an algorithm for calculating a SRES.
6. A method according to any of claims 1 - 5, characterized in that the card only challenges the system, i.e. sends a random number to the system, every N time, N being a positive integer > 1, that the system challenges the card.
7. A removable memory card arranged to receive and issue information from and towards a system having means for authenticating the removable memory card, characterized by - means for issuing a random number towards the system, and - means for authenticating the system if a number returned from the system the is a correct number as verified by an algorithm stored on the card, which is fed with the same random number.
8. A removable memory card according to claim 7, characterized by
- means for turning off the card if the returned number is incorrect.
9. A removable memory card according to claim 8, characterized by
- means for only turning off the card if the system returns an incorrect number N consecutive times, N being a positive integer > 1.
10. A removable memory card according to any of claims 7 - 9, when the system is a cellular radio system, in particular a GSM system, and the removable memory card is a SIM card, characterized by
- means for issuing an authentication of the system in conjunction with the authentication of the SIM card by the radio system.
11. A removable memory card according to claim 10, when the system is a GSM system, characterized in that the authentication of the GSM system is arranged to use an algorithm for calculating a SRES.
12. A removable memory card according to any of claims 7 - 11, characterized by means for only challenging the system, i.e. sending a random number to the system, every N time, N being a positive integer > 1, that the system challenges the card.
13. A mobile telephone comprising a removable memory card according to any of claims 7 - 12.
14. A method of authentication in a system comprising and a first unit authentication unit communicating with a second authentication unit located in an electronic device, characterized by the steps of:
- issuing a random number from the electronic device,
- returning a number from the system to the electronic device, and that the electronic device authenticates the system if the returned number is a correct number as verified by an algorithm stored in the second authentication unit, which is fed with the same random number.
15. A method according to claim 14, characterized in that the electronic device turns itself off if the returned number is incorrect.
16. A method according to claim 15, characterized in that the electronic device only turns itself off if the system returns an incorrect number N consecutive times, N being a positive integer > 1.
17. A method according to any of claims 14 - 16, characterized in that the electronic device only challenges the system, i.e. sends a random number to the system, every N time, N being a positive integer > 1, that the system challenges the electronic device.
18. An electronic device arranged to receive and issue information from and towards a system having means for authenticating the electronic device, characterized by
- means for issuing a random number towards the system, and
- means for authenticating the system if a number returned from the system the is a correct number as verified by an algorithm stored in an authentication unit located in the electronic device, which is fed with the same random number.
19. An electronic device according to claim 18, characterized by
- means for turning off the electronic device if the returned number is incorrect.
20. An electronic device according to claim 19, characterized by
- means for only turning off the electronic device if the system returns an incorrect number N consecutive times, N being a positive integer > 1.
21. An electronic device according to any of claims 18 - 20, characterized by means for only challenging the system, i.e. sending a random number to the system, every N time, N being a positive integer > 1, that the system challenges the electronic device.
PCT/SE1999/001786 1998-10-19 1999-10-06 A method and a system for authentication Ceased WO2000024218A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
AU14222/00A AU1422200A (en) 1998-10-19 1999-10-06 A method and a system for authentication
DE19983656T DE19983656T1 (en) 1998-10-19 1999-10-06 A method and system for authentication
JP2000577853A JP2002528978A (en) 1998-10-19 1999-10-06 Authentication method and system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE9803569-4 1998-10-19
SE9803569A SE9803569L (en) 1998-10-19 1998-10-19 Authentication procedure and system

Publications (1)

Publication Number Publication Date
WO2000024218A1 true WO2000024218A1 (en) 2000-04-27

Family

ID=20413006

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE1999/001786 Ceased WO2000024218A1 (en) 1998-10-19 1999-10-06 A method and a system for authentication

Country Status (6)

Country Link
JP (1) JP2002528978A (en)
CN (1) CN1326654A (en)
AU (1) AU1422200A (en)
DE (1) DE19983656T1 (en)
SE (1) SE9803569L (en)
WO (1) WO2000024218A1 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002013568A1 (en) * 2000-08-03 2002-02-14 Orange Personal Communications Services Limited Authentication in a mobile communications network
WO2002060210A1 (en) * 2001-01-24 2002-08-01 Telenor Asa Method for enabling pki functions in a smart card
WO2002101981A1 (en) * 2001-06-12 2002-12-19 Nokia Corporation Method and arrangement for encrypting data transfer at an interface in mobile equipment in radio network, and mobile equipment in radio network
EP1206157A3 (en) * 2000-11-10 2003-07-16 Nokia Corporation Method for identification
EP1612639A1 (en) * 2004-06-30 2006-01-04 ST Incard S.r.l. Method for detecting and reacting against possible attack to security enforcing operation performed by a cryptographic token or card
EP1737201A4 (en) * 2004-08-29 2007-04-11 Huawei Tech Co Ltd A method for the safe protecting of the user card
RU2323530C2 (en) * 2001-11-28 2008-04-27 Теленор Аса Method for registration and activation of pki functions
CN105632533A (en) * 2014-11-07 2016-06-01 天津春子郡科技发展有限公司 Portable storage device with secure encryption function
EP2509351A4 (en) * 2010-02-10 2017-06-21 ZTE Corporation Smart card authentication device and method
US11483709B2 (en) 2019-03-14 2022-10-25 At&T Intellectual Property I, L.P. Authentication technique to counter subscriber identity module swapping fraud attack

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004040717A (en) * 2002-07-08 2004-02-05 Matsushita Electric Ind Co Ltd Device authentication system
CN100449990C (en) * 2003-08-19 2009-01-07 华为技术有限公司 User Authentication Device and Method for Fixed Network Terminal
WO2005032201A1 (en) * 2003-09-26 2005-04-07 Telefonaktiebolaget Lm Ericsson (Publ) Enhanced security design for cryptography in mobile communication systems
KR100511317B1 (en) * 2003-10-31 2005-08-31 엘지전자 주식회사 Fraud protection method and apparatus for contactless card in mobile communication terminal
JP4612637B2 (en) * 2003-11-11 2011-01-12 シーメンス アクチエンゲゼルシヤフト Method for protecting data traffic between a first terminal device and a first network and a second terminal device and a second network

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0651533A2 (en) * 1993-11-02 1995-05-03 Sun Microsystems, Inc. Method and apparatus for privacy and authentication in a mobile wireless network
WO1997015161A1 (en) * 1995-10-17 1997-04-24 Nokia Telecommunications Oy Subscriber authentication in a mobile communications system
FI971620A7 (en) * 1997-04-16 1998-10-17 Nokia Telecommunications Oy Authentication method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0651533A2 (en) * 1993-11-02 1995-05-03 Sun Microsystems, Inc. Method and apparatus for privacy and authentication in a mobile wireless network
WO1997015161A1 (en) * 1995-10-17 1997-04-24 Nokia Telecommunications Oy Subscriber authentication in a mobile communications system
FI971620A7 (en) * 1997-04-16 1998-10-17 Nokia Telecommunications Oy Authentication method

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2385661A3 (en) * 2000-08-03 2014-01-15 Orange Authentication in a mobile communications network
WO2002013568A1 (en) * 2000-08-03 2002-02-14 Orange Personal Communications Services Limited Authentication in a mobile communications network
EP1206157A3 (en) * 2000-11-10 2003-07-16 Nokia Corporation Method for identification
US7024226B2 (en) 2001-01-24 2006-04-04 Telenor Asa Method for enabling PKI functions in a smart card
RU2258324C2 (en) * 2001-01-24 2005-08-10 Теленор Аса Method for activation of pki functions on intellectual card
WO2002060210A1 (en) * 2001-01-24 2002-08-01 Telenor Asa Method for enabling pki functions in a smart card
WO2002101981A1 (en) * 2001-06-12 2002-12-19 Nokia Corporation Method and arrangement for encrypting data transfer at an interface in mobile equipment in radio network, and mobile equipment in radio network
RU2323530C2 (en) * 2001-11-28 2008-04-27 Теленор Аса Method for registration and activation of pki functions
EP1612639A1 (en) * 2004-06-30 2006-01-04 ST Incard S.r.l. Method for detecting and reacting against possible attack to security enforcing operation performed by a cryptographic token or card
EP1737201A4 (en) * 2004-08-29 2007-04-11 Huawei Tech Co Ltd A method for the safe protecting of the user card
US7650139B2 (en) 2004-08-29 2010-01-19 Huawei Technologies Co., Ltd. Method for ensuring security of subscriber card
EP2509351A4 (en) * 2010-02-10 2017-06-21 ZTE Corporation Smart card authentication device and method
CN105632533A (en) * 2014-11-07 2016-06-01 天津春子郡科技发展有限公司 Portable storage device with secure encryption function
US11483709B2 (en) 2019-03-14 2022-10-25 At&T Intellectual Property I, L.P. Authentication technique to counter subscriber identity module swapping fraud attack

Also Published As

Publication number Publication date
SE9803569D0 (en) 1998-10-19
CN1326654A (en) 2001-12-12
AU1422200A (en) 2000-05-08
JP2002528978A (en) 2002-09-03
DE19983656T1 (en) 2001-09-13
SE9803569L (en) 2000-04-20

Similar Documents

Publication Publication Date Title
US7630495B2 (en) Method for protecting electronic device, and electronic device
EP1371255B1 (en) Method for enabling pki functions in a smart card
US20020187808A1 (en) Method and arrangement for encrypting data transfer at an interface in mobile equipment in radio network, and mobile equipment in radio network
JP4263384B2 (en) Improved method for authentication of user subscription identification module
CN101076190B (en) Management of authentication keys in a mobile communication system
CA2104092C (en) Wireless device for verifying identification
US5537474A (en) Method and apparatus for authentication in a communication system
US6690930B1 (en) Process to control a subscriber identity module (SIM) in mobile phone system
US8611536B2 (en) Bootstrapping authentication using distinguished random challenges
US20060141987A1 (en) Identification of a terminal with a server
WO2000024218A1 (en) A method and a system for authentication
AU2002230306A1 (en) Method for enabling PKI functions in a smart card
KR100837583B1 (en) Authentication vector generation device, subscriber identity module, mobile communication system, authentication vector generation method, calculation method, and subscriber authentication method
KR20160143333A (en) Method for Double Certification by using Double Channel
CN109492371B (en) Digital certificate null sending method and device
US8121580B2 (en) Method of securing a mobile telephone identifier and corresponding mobile telephone
CA2343180C (en) Method for improving the security of authentication procedures in digital mobile radio telephone systems
US8296575B2 (en) Method for protecting electronic device, and electronic device
US7650139B2 (en) Method for ensuring security of subscriber card
JPH05183507A (en) Mobile communication verification method
EP1623592A1 (en) Authentication of a subscriber station
CN108040349A (en) Based on more virtual SIM card methods built in virtual SIM card
MXPA97010347A (en) Method for mutual authentication for safe supply of services inalambri
KR20160143336A (en) Method for Dual Authentication using Dual Channel
KR20160143335A (en) System and Method for Dual Certification based Dual Channel

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 99812336.6

Country of ref document: CN

ENP Entry into the national phase

Ref document number: 2000 14222

Country of ref document: AU

Kind code of ref document: A

AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
ENP Entry into the national phase

Ref document number: 2000 577853

Country of ref document: JP

Kind code of ref document: A

RET De translation (de og part 6b)

Ref document number: 19983656

Country of ref document: DE

Date of ref document: 20010913

WWE Wipo information: entry into national phase

Ref document number: 19983656

Country of ref document: DE

122 Ep: pct application non-entry in european phase