1. Field of the Invention
The present invention relates generally to a mobile communication system, and in particular, to a method and apparatus for performing authentication and security by a Mobile Node (MN) in a mobile communication network.
2. Description of the Related Art
In mobile communication systems such as Code Division Multiple Access (CDMA) 1× Evolution Data Only (EV-DO) defined by 3rd Generation Partnership Project 2 (3GPP2), a Base Station (BS) controls many aspects of radio-related resources, and a Packet Data Serving Node (PDSN), which is a separate entity of the core network, performs a procedure related to communication of packet data.
Since the mobile communication system operates based on Point-to-Point Protocol (PPP), either Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) is used as the framework for user/device authentication. However, these authentication methods are unsuitable in Ultra Mobile Broadband (UMB), which is an improved 3GPP2 scheme that aims to transmit more data at a higher speed. Therefore, an authentication and security scheme capable of more efficiently supporting UMB is now under discussion.
The authentication and security method used in the conventional CDMA 1×EV-DO system causes security problems in that it cannot completely block channel hijacking and prevent the fraudulent use of services without due payment. In addition, the conventional system cannot make a service denial against the message attack in both the Radio Frequency (RF) and the protocol levels. Therefore, there is a demand for a system and communication network capable of more secure communication.
Meanwhile, in providing mobility of an MN, the security method needs a long time to execute the security procedure despite its importance. In addition, since various security keys are used for the security, a method for systematically generating and managing these security keys is also needed for fast security setting and management.