Authentication vector generation device, subscriber identity module, wireless communication system, authentication vector generation method, calculation method, and subscriber authentication method

Abstract

According to the present invention, a subscriber identity module in a wireless local area network is authenticated using an authentication vector with no decrease in the confidentiality of the calculation processing, even when a triplet is employed as the authentication vector. An HLR of a mobile communication network comprises an attachment unit for attaching to a RAND field of an authentication vector, which is used to authenticate an SIM in a wireless local area network, information specifying calculation information that is constituted by at least one of an algorithm and secret information for use in the authentication calculation. The SIM, which is mounted on a wireless LAN terminal, comprises a calculation information storage unit storing in advance a plurality of the calculation information, a specification unit for specifying the calculation information to be used in the calculation from the plurality of calculation information stored in the calculation information storage unit by referring to information specifying the calculation information, and a calculation unit for performing the calculation on the basis of the specified calculation information.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This application is a divisional of U.S. application Ser. No. 11 / 332,534, filed Jan. 17, 2006, the entire contents of which is incorporated herein by reference, and is based upon and claims the benefit of priority from prior Japanese Patent Application No. 2005-025440, filed Feb. 1, 2005.BACKGROUND OF THE INVENTION[0002]1. Field of the Invention[0003]The present invention relates to an authentication vector generation device, a subscriber identity module, a wireless communication system, an authentication vector generation method, a calculation method, and a subscriber authentication method.[0004]2. Related Background of the Invention[0005]In IMT-2000 (International Mobile Telecommunication 2000), which is a third generation mobile communication system, and GSM (Global System for Mobile Communications), which is a second generation mobile communication system that is compatible with IMT-2000, authentication has been standardized in the fo...

AI Technical Summary

Benefits of technology

[0008]In the specification described the above Non-patent Document 1, there are two types of authentication vector, namely a quintet and a triplet. The quintet comprises five fields: RAND, XRES, CK, IK, and AUTN. The above specification cites an example in which the AUTN field includes information specifying an algorithm, selected from a plurality of algorithms stored in the subscriber identity module, for use in the authentication calculation. In the subscriber identity module, the algorithm to be used in the authentication calculation is specified from among the plurality of algorithms on the basis of this information, whereupon the calculation is performed. As a result, the confidentiality of the calculation processing is increased, enabling highly secure authentication. Further, using a similar method to that described above, in which information specifying an algorithm is included in the AUTN field, secret information for use in the calculation may also be specified from among a plurality of information in the subscriber identity module with the aim of improving the confidentiality of the calculation processing and the security of the authentication.

[0011]It is therefore an object of the present invention to provide an authentication vector generation device, a subscriber identity module, a wireless communication system, an authentication vector generation method, a calculation method, and a subscriber authentication method, with which subscriber identity module authentication can be performed with no decrease in the confidentiality of the calculation processing, even when the subscriber identity module is located within a wireless local area network and the home network uses a triplet as an authentication vector.

[0015]During the authentication processing performed in this wireless communication system, first the information specifying the calculation information, which is constituted by at least one of an algorithm and secret information, is included by the authentication vector generation device in the random number field including the data transmitted to the subscriber identity module. The data in the random number field are transmitted to the subscriber identity module for use in the calculation, and therefore even when the authentication vector is a triplet, the data including the information specifying the calculation information can be received by the subscriber identity module. As a result, the authentication calculation is performed with specified calculation information. Thus a subscriber identity module in a wireless local area network can be authenticated using an authentication vector with no decrease in the confidentiality of the calculation processing, even when a triplet is employed as the authentication vector. Moreover, the authentication vector generation device provided in the system, and particularly the attaching means thereof, has a novel constitution. Also, the subscriber identity module provided in the system, and particularly the specifying means and calculating means thereof, has a novel constitution.

[0020]According to the present invention, information specifying the calculation information, which is constituted by at least one of an algorithm and secret information, is included by the authentication vector generation device in the random number field including the data transmitted to the subscriber identity module. As a result, the authentication calculation is performed in the subscriber identity module with specified calculation information. Therefore, a subscriber identity module in a wireless local area network can be authenticated using an authentication vector with no decrease in the confidentiality of the calculation processing, even when a triplet is employed as the authentication vector.

Problems solved by technology

This leads to a decrease in the confidentiality of the calculation processing.

Furthermore, this problem, whereby calculation using an algorithm specified from among a plurality of algorithms cannot be performed, occurs similarly in the secret information, known only to the authentication vector generation device of the home network and the subscriber identity module, used in the calculation performed to improve the confidentiality of the authentication process.

Images