The present invention generally relates to methods and systems for authenticating the identification of mobile stations in radiocommunication systems and, more particularly to authentication methods and systems which can be used in analog radiocommunication systems and in radio local loop (RLL) systems.
In radiocommunication systems, mobile stations (including, for example, automobile-mounted and hand-portable units) are not connected permanently to a network but instead communicate wirelessly through a so-called "air interface" with a base station which is connected to an exchange. This feature, of course, provides the great flexibility which radiocommunication systems are known for, since a user can readily transport a portable unit without the restriction of being physically linked to a communication system. This same feature, however, also creates difficulties with respect to securing radiocommunication systems from fraudulent use.
For example, in ordinary wired telephone systems, the exchange can identify a particular subscriber to be billed for use of a telephone set by the communication line to which it is physically attached. Thus, fraudulent use of a subscriber's account typically involves a physical connection to be made to the subscriber's line which presents serious risk of discovery problems to a would-be fraudulent user.
Radiocommunication systems, on the other hand, pose no such connection problem for the would-be fraudulent user since these systems communicate over an air interface. Absent protection schemes, fraudulent users can access a subscriber's account by using the subscriber's identification code without fear of detection.
In the European GSM standard (Global System for Mobile Communication), the American EIA/TIA IS-54 standard and the Pacific Digital Cellular Standard radiocommunication systems, these problems are solved by using a challenge response method. According to the challenge response method, each mobile station is associated with a unique secret key that is stored both in the mobile station and in a database in the network. An algorithm, which is unique for the system, is stored in each mobile station and in desired network nodes. When authentication is requested, the network sends a challenge (random number) to the mobile station. Based on the received challenge and the stored secret key, the mobile station calculates a response using the algorithm which is then returned to the network. Simultaneously, the network calculates an "expected" response based on the same challenge and network stored secret key. The network then receives the mobile station's calculated response and compares the mobile station's calculated response with the network's calculated response. If a mismatch occurs, appropriate actions will take place, e.g., the access could be denied or a warning flag could be set.
The EIA/TIA IS-54 specification provides for a call number to be used in connection with authentication. However, the call number is transmitted over the air interface in a field of its own.
Adapting, for example, the Advanced Mobile Phone System (AMPS) and Total Access Communication System (TACS) to incorporate the challenge response method would result in many changes to these systems since the specification of the information to be transmitted over the air interface between a mobile station and the system during access would need to be changed. Naturally, such changes would be virtually impossible since the air interface for these systems has already been standardized.