1. Field of the Invention
The present invention relates to an authentication vector generation device, a subscriber identity module, a wireless communication system, an authentication vector generation method, a calculation method, and a subscriber authentication method.
2. Related Background of the Invention
In IMT-2000 (International Mobile Telecommunication 2000), which is a third generation mobile communication system, and GSM (Global System for Mobile Communications), which is a second generation mobile communication system that is compatible with IMT-2000, authentication has been standardized in the following manner. A subscriber identity module (USIM: Universal Subscriber Identity Module, or SIM: Subscriber Identity Module), issued by a network operator, a service provider or the like to which a subscriber of a mobile communication network is contracted, is mounted on subscriber side terminal equipment (ME: Mobile Equipment, for example a mobile telephone, cellular phone or other wireless terminal), thereby realizing mutual authentication between the mobile communication network (to be referred to as the “home network” hereafter) that is serviced by the network operator, a service provider or the like to which the subscriber is contracted, and the subscriber identity module of the home network, during outgoing-call, incoming-call, and so on.
In IMT-2000 and GSM, the mobile communication network comprises the following network nodes for performing authentication: an authentication vector generation device (HLR: Home Location Register) for generating an authentication vector (AV) used to authenticate the subscriber identity module, and an authentication device (VLR: Visitor Location Register) for performing authentication processing with the subscriber identity module. In IMT-2000 and GSM, subscriber identity module authentication processing is performed in the following manner. First, an authentication device transmits to the subscriber identity module predetermined data included in an authentication vector generated by the authentication vector generation device. A calculation is then performed in the subscriber identity module using the predetermined data. The calculation result is transmitted to the authentication device, and verified in the authentication device using the predetermined data included in the authentication vector. This is described in “3GPP TS 33. 102 V3. 13. 0 (2002-12): “3rd Generation Partnership Project (3GPP); Technical Specification Group Services and System Aspects; 3G Security; Security Architecture (Release 1999)”” (Non-patent Document 1), for example.
In IMT-2000 and GSM, authentication using the authentication vector described above has been standardized for use in a wireless local area network (LAN) connected to the mobile communication network produced by IMT-2000 and GSM. This is described in “3GPP TS 23. 234 V6. 0. 0 (2004-03): “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System to Wireless Local Area Network (WLAN) interworking; System description (Release 6)”” (Non-patent Document 2), for example.