Cellular communication devices such as cellular telephones typically use integrated circuit chips, referred to as subscriber identification modules (SIMs), to authenticate with cellular network providers. A SIM stores what is known as an international mobile subscriber identity (IMSI) number, as well as various configuration information that is specific to the issuing network provider. A SIM also stores unique, secret cryptography keys, and has a processor that performs encryption and decryption based on the secret keys.
The network provider maintains a database, referred to as an authentication center (AuC), that stores the secret keys of each issued SIM. In order to authenticate with a cellular communication system, a device sends the SIM's IMSI to the network provider. The network provider refers to the AuC to find the secret keys of the SIM. The network provider then sends a random value (RAND) to the device. The device passes the random number to the SIM, and the SIM generates a digital signature of the RAND using the secret keys. The digital signature is passed back to the network provider and compared to the digital signature of the RAND that has been computed by the network provider using the secret keys. If the digital signature provided by the device matches the digital signature computed by the network provider, the device is considered to be authenticated and is given access to the cellular network. The SIM performs a similar digital signature check to validate the network provider request. Further communications are encrypted and decrypted using a session keys that are established between the device and the network provider AuC.