1. Field of the Invention
This invention relates to a method for authenticating a smart card in a messaging network, preferably a GSM network, according to the preamble of claim 1.
2. Description of Related Art
In GSM systems it is known that for using the smart card (subscriber identity module, SIM) the user must usually first identify himself as an authorized user by means of a personal identification number (PIN). In order to avoid abuse at this point, it is known to provide an error counter for the PIN entry to prevent further use of the card after a permissible number of failed attempts is exceeded.
A further system-relevant security measure is to authenticate the card vis-à-vis the mobile network. A secret key inaccessible from outside and an algorithm like-wise inaccessible from outside are stored in the card. For authentication a random number is generated by the network or a network component and transferred to the card. The card then calculates from the random number and secret key by means of the algorithm present in the card a response which it transfers to the network. This response is analyzed in the network and, if the result is positive, access to the network functions is allowed. The corresponding procedure is described in the relevant GSM specifications.
A network protected as stated above involves the danger that attacks on the algorithm used for authentication permit the network to be simulated in a computer for example by e.g. selected “random numbers” being transmitted to the SIM card according to the standardized protocol and the secret key of the smart card being determined therefrom, after several authentication attempts. If the algorithm of the card is additionally known, essential functional elements of the card can be simulated or duplicated after determination of the secret key.