Enhanced authentication and/or enhanced identification of a secure element of a communication device

摘要

A method for enhanced authentication and/or enhanced identification of a secure element of a user equipment includes: transmitting a first message to a secure element; receiving a second message, from the secure element at a first server entity, the second message including at least the signed public key and a signature information, wherein the signing message content includes at least one information element that is omitted in the second message; transmitting a third message, to the second server entity, the third message including at least the signed public key and the signature information, wherein the signing message content is accessible to or derivable by the second server entity in view of a verification of the signature information contained in the second message for authentication and/or identification purposes.

主权项

1. A method for enhanced authentication and/or enhanced identification of a secure element of a user equipment, the secure element being associated with a subscriber of a mobile communication network, wherein a communication link is established between the user equipment and a first server entity, wherein the secure element comprises a signed public key and a private key, wherein the secure element and/or the user equipment is authenticated and/or identified by a second server entity, the method comprising:
transmitting a first message to the secure element; receiving, by a processor of the first server entity, a second message, subsequent to the transmission of the first message, from the secure element at the first server entity, the second message comprising at least the signed public key and a signature information, the signature information being generated from a signing message content using the private key, wherein the signing message content comprises at least one information element that is omitted in the second message; and transmitting a third message, subsequent to the transmission of the second message, to the second server entity, the third message comprising at least the signed public key and the signature information, wherein the signing message content is accessible to or derivable by the second server entity in view of a verification of the signature information contained in the second message for authentication and/or identification purposes; wherein a certificate is used as the signed public key, comprising a public key together with a subject and a signature, and wherein the second server entity retrieves the at least one information element from the subject of the certificate, wherein the subject is an identification information of the secure element.