This invention relates to an authentication system and, more particularly, to an authentication system for ensuring the validity of a remote device, for example, a wireless telephone or smartcard.
Various forms of remote devices are required by users to effectively communicate and conduct commercial transactions remotely. Such remote devices include credit cards, debit cards, calling cards (when used to conduct transactions over the Internet), smartcards, as well as wireless or radio telephones. Equally important, users rely on such remote devices to communicate, access remote services or engage in commercial transactions in which privacy and/or security is desired and, in many cases, expected. However, a growing epidemic of Internet credit card and wireless telephone communications fraud has deprived, and continues to deprive, both consumers and service providers of hundreds of millions of dollars per year. For example, a typical fraudulent ploy for the theft of wireless communications services includes programning the equipment number of a legitimate user""s wireless telephone into another wireless telephone to enable a fraud perpetrator to charge calls to the legitimate user""s account. With regard to credit cards, different fraudulent ploys are used for illegally acquiring a user""s credit card number for subsequent theft of services. Those fraudulent ploys include intercepting the credit card information during transmission over the Internet while the user is engaged in a commercial transaction.
Using wireless telephones as an example, currently, when a wireless telephone user places a call, his or her wireless telephone indicates to the service provider identification information, including the identity of the caller (e.g. telephone number and equipment number of the wireless telephone) for billing purposes. Although privacy and security of this information is clearly desired, it may not be encrypted. If an interloper eavesdrops at the right time, he or she can obtain the user""s identification information. Thereafter, the interloper can program his or her wireless telephone to impersonate the legitimate user to fraudulently obtain services. Alternately, an interloper can impose himself/herself into an established call and overpower the user""s wireless telephone equipment by transmitting more power. The call can then be redirected to the interloper""s purpose by sending certain control codes to the service provider. Basically, such piracy succeeds because the service provider has no mechanism for independently authenticating the identity of the caller at the time the connection is established and/or while the connection is active.
Several standard cryptographic methods exist for solving the general sort of remote user authentication problem that exists in wireless telephony, however, these methods each have significant limitations. One such method includes a classical challenge/response protocol, using a private key cryptographic algorithm. In this approach, a caller""s wireless telephone is issued a key code number, which is also known by a home system. When the caller authentication system wishes to authenticate a caller, it applies to the home system for a challenge and a response for the particular caller to use. One problem with this approach is that often the caller authentication system is unable to contact the home system quickly enough to allow authentication of a call setup or the database software on the home system is unable to look up the caller""s key code number and compose the challenge/response pair quickly enough, resulting in unacceptable delays. Another problem with this approach is that the caller""s key code number is transmitted in its natural state over the wireless communication network, thus, a hacker or interloper can intercept the key code number.
Technology is available to permit an eavesdropper to intercept a remote user""s identification information. In particular, with regard to wireless telephones, technology exists to automatically scan all of the wireless frequencies in a given cell for such identification information. Consequently, piracy of wireless telephone services is rampant. Also, the lack of enciphering of the speech signals lays bare to eavesdroppers the content of conversations.
Although some advanced variations on this theme use a Personal Identification Number (PIN) peculiar to a remote device (e.g., credit cards), the problem with many of these approaches is that the PIN is transmitted in its natural state by the open communication network (e.g., the Internet) along with other user identification information (e.g. the credit card number), thus, these variations suffer some of the same limitations described above.
In short, there is a clear and present need for an effective means to authenticate remote devices that use various forms of open communication, in particular, wireless telephony communication and the Internet.
The problems associated with remote device authentication are reduced or overcome by an arrangement in accordance with the principles of the invention in which a remote device and an authentication center each store an identical key code index which includes a plurality of key code numbers. The remote device and authentication center communicate with each other through first and second keys, that each specify a particular key code number from the key code index. Specifically, the remote device translates the first key received from the authentication center to determine the particular key code number and then generates a second key also specifying the particular key code number. Thereafter, the authentication center translates the second key to determine a second key code and compares the first and second key code numbers. If the two key code numbers match, the remote device is authenticated. The remote device may be, for example, (1) a wireless telephone, (2) a smartcard or (3) a credit card used in conjunction with an Internet access device such as a personal computer (PC) and the authentication center may be, for example, a wireless base station or a credit/smartcard authentication center.
In one illustrative embodiment, the authentication center determines whether the remote device is a registered remote device from identification information received from a particular remote device. If so, the authentication center generates a first key using a first random number that specifies a first key code number via a xe2x80x9cnumber modulo Nxe2x80x9d technique (where N is an integer equal to the number of key codes in the key code index). This first key is then transmitted to the remote device over an open communication system. The remote device uses the first key in conjunction with the number modulo N technique to determine the first key code number. If the remote device recognizes the first key code number from among the stored plurality of key code numbers, the remote device generates a second random number that specifies a second key code number via the number modulo N technique. Using the second random number, a second key is generated and transmitted to the authentication center over the open communication system.
From the second key, the authentication center determines the second key code number using the second random number and the number modulo N technique. If the first and second key code numbers match, the remote device is authenticated, otherwise the remote device is not authenticated.