The various cellular type radio access technologies typically establish some security between the network and the mobile device (more generically referred to as a user equipment or UE) to better ensure that a) only authorized UEs utilize the resources of a given network, and b) the network that the UE accesses is a preferred network when more than one network is available. In the Third Generation Partnership Project (3GPP) radio access technologies (RATs), information security is based on an authentication procedure such as for example an Authentication and Key Agreement (AKA; for background see 3GPP TS 33.102 v11.5.0, December 2012). The AKA procedure produces security keys, also known in the wireless arts as a security context, which are used in confidentiality and data integrity procedures in the UE and in the network.
Global System for Mobile Communications (GSM) provides for an authentication procedure that results in the establishment of a GSM security context which helps protect the network against unauthorized use and also helps protect the GSM public land mobile network (PLMN) subscribers by denying the possibility for intruders to impersonate authorized users. The GSM authentication procedure only authenticates the UE; that is, the GSM authentication procedure does not provide a means for the UE to authenticate the network that initiated the authentication procedure.
The inventors have identified a security “hole” in which a security context established using the GSM authentication procedure can be used as the basis for establishing security in a different RAT whose native security protocol would establish a mutual authentication between the UE and the network. Mutual authentication between a UE and a wireless network means that the UE authenticates the network and the network authenticates the UE. More generally, these teachings prevent a UE's context established in one RAT from being be re-used in another RAT for the case in which the earlier-established security context is not sufficiently secure for the other RAT.