In Global System for Mobile Communications (GSM) network and Wideband Code Division Multiple Access (WCDMA) network, authentication is realized synergically by Mobile station (MS), Mobile Switching Center/Visit Location Register (MSC/VLR) or Serving GPRS Support Node (SGSN), and Home Location Register/Authentication center (HLR/AUC). An authentication key KI is stored in a Subscriber Identity Module (SIM) card or a UMTS Subscriber Identity Module (USIM) card. The HLR/AUC also contains an authentication key KI, the value of which is consistent with the value of the KI in the SIM card or the USIM card. An authentication parameter is computed by the MS and the AUC respectively, and compared by the MSC/VLR or the SGSN. Therefore, the validity of the MS may be verified by the network.
In the authentication in a 3rd Generation (3G) system, such as Universal Mobile Telecommunication System (UMTS), an authentication quintuplet is used, and the mobile terminal and the network authenticate each other; and the mobile terminal and the network both store the authentication key KI.
The authentication quintuplet generated by the network includes: a random challenge RAND, an expected response XRES, a cipher key CK, an integrity key IK and an authentication token AUTN. This quintuplet is used by the terminal subscriber card USIM and the network to authenticate each other. The authentication token AUTN is 16 bytes in length and comprises: 1) SQNHE^ AK, in which the sequence number SQNHE and the anonymity key AK are 6 bytes in length respectively; the USIM will check whether the SQNHE generated by the AUC is up to date, which is an important part of the authentication process; 2) an authentication management field AMF, which is 2 bytes in length; 3) a message authentication code MAC-A, which is 8 bytes in length and used to verify the data integrity of the RAND, SQN HE and AMF, and is used by the USIM to authenticate the network.
In addition, to authenticate the USIM via the network during resynchronization, the USIM sends a message authentication code MAC-S to the network.
By means of the aforementioned authentication method, the security of the network may be improved. But, similar to the 2nd Generation (2G) communication network, the keys KI stored in the HLR/AUC and the USIM are usually constant, so it will bring about some hidden troubles to the security. For example, if a USIM is cloned, the subscriber cloned may suffer a loss due to free calls on the subscriber's expense through illegal means by a cloner; the service provider may also suffer a loss. For example, the call charge as a reward to one subscriber may be used by two individuals. In another example, in order to reduce operation cost, some service providers entrust a card manufacturer to manufacture a batch of USIM cards and write corresponding data including KI into the subscriber card in advance. If the KI data of these USIM cards divulge from the card manufacturer, it may also cause hidden troubles to the security.
In addition, during the network-locked terminal-lease process, handset manufacturers need to set an initial security key IKey in a User Equipment (UE) and store the IKey on the network; the mobile terminal authenticates the validity of the network according to this IKey, so as to ensure security of the mobile terminal. In such a case, problems also exist. For example, IKey may divulge from handset manufacturers passively, such as, being carried over and brought to light by vicious employees, or being embezzled by hackers. In the aforementioned cases, if the key is not updated, the network may face a great threat to security.
Therefore, it has become an urgent problem that how the key can be updated conveniently so as to improve the network security without modifying the existing communication protocols, adding signaling or authentication parameters and increasing the operation cost.