The description relates to authentication protocols.
When a service provider provides services (e.g., phone, e-mail, and Internet services) to an access terminal (e.g., mobile phone or computer), it is useful to authenticate the access terminal to, e.g., control access to the services and ensure that the correct entity is billed for the services provided. Several protocols have been developed for authentication. For example, Challenge Handshake Authentication Protocol (CHAP) has been used by many cellular phones and other mobile devices as the authentication protocol for gaining access to Internet Protocol (IP) networks through either communication links that comply with Point-to-Point Protocol (PPP) or Mobile IP. More recently, Third Generation Partnership Project 2 (3GPP2) has chosen Internet Key Exchange v2/IP security (IKEv2/IPSec) as the access method to provide authentication and secure tunnel over wireless links for IP based wireless networks.
In some examples, account information (e.g., name and address of owners of access terminals, identification codes of the access terminals) and security information (e.g., passwords) are stored at a central server, referred to as the authentication, authorization, and accounting (AAA) sever (also called the authentication server). A security gateway that serves as a gate keeper to the networks of the service provider can be configured to communicate with various kinds of access terminals using various kinds of communications protocols. The security gateway communicates with the AAA server to determine whether to grant access to a particular access terminal. If access is granted, the security gateway connects the access terminal to an application server that provides services to the access terminal. The security gateway may establish a secure link with the access terminal to prevent eavesdropping and avoid third party attacks to the networks of the service provider.
The access terminals can be, e.g., wireless communication devices that comply with, e.g., 1×EV-DO protocol, which has been standardized by the Telecommunication Industry Association (TIA) as TIA/EIA/IS-856, “CDMA2000 High Rate Packet Data Air Interface Specification,” 3GPP2 C.S0024-0, Version 4.0, Oct. 25, 2002, herein incorporated by reference. Revision A to this specification has been published as TIA/EIA/IS-856A, “CDMA2000 High Rate Packet Data Air Interface Specification,” 3GPP2 C.S0024-A, Version 2.0, July 2005. Revision A is also incorporated by reference. Other wireless communication protocols may also be used.