1. Field the of the Invention
The present invention relates to a method and system for wireless communication using an extended sequence number.
2. Description of Related Art
Security methods and processes relating to wireless communications have evolved in recent years. In particular, 2G CDMA security evolved into 3G CDMA security, and many of the same characteristics of 3G CDMA security are now incorporated into IMS systems as briefly described below.
As is well known in the art, 2G CDMA security involves cellular authentication and voice encryption (CAVE). Generally, in a 2G CDMA security protocol, a home location register (HLR) or authentication center (AC) of a network sends a challenge including a random number and a secondary key (SSD). The challenge is based on a 64-bit root key commonly referred to as the A-key, which is stored in the HLR or AC. In response to the challenge, the mobile equipment of a subscriber provides a response (AUTHR). The mobile equipment also stores the A-key. Accordingly, the mobile equipment using a CAVE on the random number and secondary key extracted from the challenge, and the A-key, prepares the AUTHR. The AUTHR, which is transmitted back to the HLR, allows the HLR to authenticate the mobile equipment. Conventional 2G CDMA security protocols generally do not provide mutual authentication. Because 2G CDMA security protocols are well-known in the art, further details are not described herein for the sake of brevity.
Conventional 3G CDMA security protocols are based on an authentication key agreement (AKA) and provide mutual authentication meaning (i) the mobile equipment authenticates the network and (ii) the network authenticates the mobile equipment before communications are performed. The well-known AKA security protocols used in 3G CDMA are based on quintuplets. Quintuplets include a random number RAND, expected response XRES, cipher key CK, integrity key IK and network authentication token AUTN. A conventional network authentication token AUTN is based on a sequence number SQN, an anonymity key AK, authentication management field AMF and a message authentication code MAC. It is noted that in conventional 3G CDMA security protocols, the sequence number does not include a hardware identifier of the mobile equipment.
FIG. 1 is a diagram illustrating a method of creating the conventional network authentication token AUTN and a conventional message authentication vector AV, which may be performed by an AC of the network.
As shown in the diagram of FIG. 1, the message authentication code MAC is generated using function f1 to process a secret key K, the authentication management field AMF, a sequence number SQN, and the random number RAND. FIG. 1 also illustrates that the remaining components of the conventional authentication vector AV is created using functions f2-f5 to process the secret key K and the random number RAND to generate an expected response XRES, cipher key CK, integrity key IK, and anonymity key AK, respectively. One skilled in the art will appreciate the functions f1-f5 could be a variety of functions well known in the art and thus, the specifics of the functions are omitted herein for the sake of brevity.
Once the conventional authentication vector AV is generated by the AC of the network, the authentication vector AV is transmitted to a serving system of the network providing service to the mobile equipment of the subscriber. The serving system extracts the network authentication token AUTN and the random number RAND from the authentication vector AV and provides the network authentication token AUTN and the random-number RAND to the mobile equipment.
As mentioned above with respect to FIG. 1, the AUTN includes the sequence number SQN, authentication management field AMF and the message authentication code MAC. The mobile equipment extracts the sequence number SQN and the message authentication code MAC from the network authentication token AUTN and authenticates the network based on the sequence number SQN and message authentication code MAC.
In particular, the mobile equipment generates its own message authentication code MAC based on a sequence number SQN stored in the mobile equipment, a secret key K stored in the mobile equipment, the AMF, and the random number RAND. Then, the message authentication code MAC generated at the mobile equipment is compared with the MAC extracted from the network authentication token AUTN received from the serving system. Still further, the mobile equipment may determine if the sequence number SQN extracted from the network authentication token is an acceptable value. For example, the mobile equipment may determine if the sequence number extracted from the network authentication token is within an acceptable range to verify the sequence number SQN. If the mobile equipment successfully authenticates the network, the mobile equipment prepares a response RES and transmits the response RES back to the serving system of the network. The serving system of the network then compares the expected response XRES with the response RES to authenticate the mobile equipment, thereby completing a mutual authentication according to the conventional AKA security protocol.
If the mobile equipment during the authentication process determines the message authentication code MAC, which was extracted from the network authentication token AUTN, does not match the MAC generated in the mobile equipment, the mobile equipment transmits a failure message to the serving system of the network. Further, if the mobile equipment during the authentication process determines the MAC value, which was extracted from the network authentication token AUTN matches the MAC value generated by the mobile equipment, but that the sequence number SQN is outside of the permissible range, the mobile equipment transmits a resynchronization message to the network. As previously mentioned, the AKA security protocol used in 3G CDMA is well known in the art and thus, further information is not provided herein for the sake of brevity.
Conventional IMS security protocols have essentially incorporated the quintuplet based AKA security protocol described above with respect to 3G CDMA. However, in the IMS security mechanism, an HTTP AKA digest is located in an intermediary network component between the AC and the mobile equipment. For example, the HTTP AKA digest may be included in the S-CSCF of an IMS network. The HTTP AKA digest reconfigures the conventional authentication vector AV to be in the proper format for processing by various other components of the IMS network. Further details on the specifics of the HTTP AKA digest and AKA security protocol conventionally used in an IMS network can be found in the 3GPP TS 33.203 VT.4.0 standard published in December of 2006. As such, further details of the conventional IMS security protocols are omitted herein for the sake of brevity.
While security protocols have evolved by transitioning from 2G CDMA security protocols to 3G CDMA security protocols, which are also implemented in conventional IMS security protocols, some of the hardware equipment used for wireless communications has not been updated and/or is not capable of processing the more highly evolved protocols. For example, some companies which may have invested significant amounts of time, research and money in hardware used to process 2G CDMA security protocols have chosen not to update the hardware for various cost associated reasons. For example, some wireless devices such as mobile phones, PDAs, etc. are only capable of extracting the random number RAND and sequence number SQN from a challenge, as discussed above with respect to the 2G CDMA security protocols, and providing a response AUTHR consistent with the 2G CDMA security protocol. Therefore, some conventional 2G CDMA hardware devices are not currently capable of providing a mutually authenticated communication channel with an IMS network.