1. Field of the Invention
The present invention relates to communications; more specifically, the security of the authentication process used in communication systems.
2. Description of the Related Art
FIG. 1 illustrates a base station 10, its associated cell 12 and mobile 14 within cell 12. When mobile station 14 first registers or attempts communications with base station 10, base station 10 authenticates or verifies the mobile's identity before allowing the mobile access to the communication network. The authentication of mobile 14 involves communicating with authentication center 16. Authentication center 16 then accesses a home location register 22 which is associated with mobile 14. Home location register 22 may be associated with the terminal or mobile by an identifier such as the mobile's telephone number. The information contained in the home location register is used to generate encryption keys and other information. This information is used to supply base station 10 with information that is transmitted to mobile 14 so that mobile 14 can respond and thereby be authenticated as a mobile that is entitled to receive communication services.
FIGS. 2a and 2b illustrate the authentication process used for an IS-41 compliant network. IS-41 compliant networks are networks that use, for example, AMPS, TDMA or CDMA protocols. In this system, both the mobile and home location register contain a secret value called AKEY. Before the actual authentication process can start, a key update is performed by providing the mobile with keys that will be used with encryption functions for authentication and communication. The AKEY value stored in the home location register associated with the mobile is used to produce the keys. The keys values calculated are the SSDA (Shared Secret Data A) and SSDB (Shared Secret Data B) values. These values are calculated by performing the CAVE algorithm or function using a random number RS as an input and the value AKEY as the key input. The CAVE algorithm is well known in the art and is specified in the IS-41 standard. The network then updates the key values SSDA and SSDB that will be used by the mobile by transmitting RS to the mobile. The mobile then calculates SSDA and SSDB in the same fashion as calculated by the authentication center. Now that the mobile and home location register both contain the SSDA and SSDB values, the authentication process may take place.
FIG. 2b illustrates how a mobile is authenticated to a network after both the mobile and home location register have received the keys SSDA and SSDB. The authentication center challenges the mobile by sending a random number RN to the mobile. At this point both the mobile and authentication center calculate the value AUTHR, where AUTHR is equal to the output of the CAVE algorithm using the random number RN as an input and the SSDA value as the key input. The mobile then transmits the calculated value AUTHR to the authentication center. The authentication center compares its calculated value of AUTHR and the value received from the mobile. If the values match, the mobile is authenticated and it is given access to the network. In addition, both the mobile and the authentication center calculate the value of cipher key KC where the value KC is equal to the output of the CAVE algorithm using the value RN as an input and the value SSDB as the key input. At this point, communications between the mobile and network are permitted and may be encrypted using a cryptographic function where the inputs are the message to be encrypted and the key value is KC.
As illustrated above, many of today's wireless voice networks such as CDMA, TDMA, GSM and AMPS networks provide for securely communicating encryption or cipher keys between a network and a mobile terminal. Unfortunately, this capability is not available in other networks.