 Tunable antenna apparatus and method for use with superheterodyne receivers |
| The foregoing and other objects of the invention are accomplished by providing antenna tuning ... |
|
| Railway signalling system |
| According to the present invention from one aspect there is provided a railway signalling system ... |
|
| Communication network system and rebuilding method thereof |
| Under the circumstances, it is an object of the invention to provide a communications network ... |
|
| Remote-control system for large rooms with free grouping |
| The present invention solves this problem by means of storage devices, which are programmed as an ... |
|
| Remotely actuated door lock light |
| What is claimed is: 1. A door lock assembly comprising a lock plug having a key receiving opening, ... |
|
| System for monitoring the condition of tires |
| OF THE PREFERRED EMBODIMENT In FIG. 1 individual speed sensors 10, 11, 12, 13 sense the rotational ... |
|
| Communication process device and method therefor |
| Accordingly, it is an object of the present invention to provide a device for attaching an earphone ... |
|
| Card-edge connector and card member |
| It is an object of the present invention to provide a card edge connector allowing a minimum of ... |
|
| Transmission line switching system |
| It is, therefore, an object of the present invention to provide a transmission line switching ... |
|
| Location and velocity measurement system using atomic clocks in moving objects and receivers |
| These objects and others are realized by the invention which is directed broadly to apparatus for ... |
|
|
Authentication between communicating parties in a telecommunications network
| Details |
Inventors: Juopperi, Jari;
Assignee: Nokia Telecommunications Oy (Espoo, FI)
Primary Examiner: Zimmerman; Brian
Assistant Examiner: Dalencourt; Yves
Attorney, Agent or Firm: Altera Law Group, LLC
In known telecommunications systems using multiple access the terminal equipment assumes that the network element is genuine while the network element assumes that the terminal equipment is genuine. This allows false terminal equipment, a false network element or a third party to penetrate the system. The proposed commitment protocol applies bit block commitment known from cryptography and a shared encryption key and the authentication is divided into two parts, whereby one part of it is done by the terminal equipment and the other part is done by the network. The terminal equipment (MS) sends to the network element (BTS) a pseudo identifier (AMSI) which it has formed, whereupon encryption keys (MKEY, BKEY) are exchanged. Only when the network element has revealed its true identity, will the terminal equipment send the required information (IMSI, RND.sub.1, RND.sub.2) encrypted with a combination of the keys. Finally, the network element authenticates the terminal equipment by using the identity information which it has revealed. Only then can operation commence. |
|
DETAILED DESCRIPTION What is claimed is: 1.
Method of authentication between communicating parties in a telecommunications network, wherein a network element and terminal equipment perform authentication of each other and wherein the network element in response to an access message of the terminal equipment allocates a traffic channel on which the traffic is carried out, the method comprising: forming in the terminal equipment a pseudo identifier by applying a one-way hash function to content elements comprising a true identifier of the terminal equipment and two random numbers; sending the pseudo identifier and one of the random numbers in the access message; forming in the terminal equipment a first partial key; sending the first partial key to the network element on the traffic channel; forming in the network element a second partial key; sending the second partial key and the pseudo identifier to the terminal equipment on the traffic channel; performing in the terminal equipment authentication of the network element; forming in the terminal equipment, after successful authentication, a new message containing the true identifier non-encrypted; and sending to the network element on the traffic channel the new message encrypted with both partial keys.
2.
Method as defined in claim 1, wherein when the pseudo identifier received by the terminal equipment and the pseudo identifier which it formed earlier are identical, the terminal equipment will perform authentication of the network element.
3.
Method as defined in claim 2, wherein after a successful authentication the terminal equipment will form a new message containing content elements of the hash function and will send the new message to the network element encrypted with the first and second partial keys.
4.
Method as defined in claim 3, wherein the network element deciphers the encryption of the new message using the first and second partial keys and performs authentication of the content elements.
5.
Method as defined in claim 4, wherein in the authentication the network element: applies a hash function to the content elements and compares the result with that pseudo identifier which it has received earlier in the access message, it compares to find out whether the second random number stated in the message is identical to the one which it received earlier in the access message
|
|
Coded 
