When a mobile device roams and initiates communication with a visited network, it is often necessary to perform authentication to confirm that the mobile device is who it appears to be. The mobile device may also wish to perform authentication to confirm that the visited or home network is who it appears to be. Assuming authentication is successful, it is also often necessary to establish one or more keys that can be used for securely transmitting data to/from the mobile device.
The 3rd Generation Partnership Project (3GPP) document ETSI TS 133 102 v3.5.0, “Universal Mobile Telecommunications Systems (UMTS); 3G Security; Security Architecture”, 3G TS 33.102 version 3.5.0 Release 1999, defines one mechanism for performing such authentication and key generation in a 3GPP system.
In this 3GPP document, the specific cryptographic functions used to perform the authentication and the key generation are not standardized. Rather, in this 3GPP document, as well as in the related 3GPP document ETSI TS 133 105 v3.4.0, “Universal Mobile Telecommunications Systems (UMTS); 3G Security; Cryptographic Algorithm Requirements”, 3G TS 33.105 version 3.4.0 Release 1999, the inputs and outputs to the cryptographic functions are specified, as well as the generic requirements for such functions (e.g. their resilience to attacks and restrictions on their use).
Therefore, in a system that conforms to the 3GPP documents discussed above, an operator may design his or her own cryptographic functions for the authentication and key generation, as long as they conform to the requirements of these (and any other pertinent) 3GPP documents. Currently, however, it is common practice for many operators to use the example cryptographic functions outlined in the 3GPP document ETSI TS 135 205 v.10.0.0 “Universal Mobile Telecommunications Systems (UMTS); LTE; 3G Security; Specification of the MILENAGE algorithm set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5* Document 1: General”, 3GPP TS 35.205 version 10.0.0 Release 10.
Aside from systems that deploy 3GPP, in many mobile communication systems it is generally desired for a network to perform authentication to confirm that the mobile device is who it appears to be, and to possibly generate one or more keys for securing communication to/from the mobile device.
Like reference numerals are used in different figures to denote similar elements.