发明名称 |
Authenticating a telecommunication terminal in a telecommunication network |
摘要 |
A method for authenticating a telecommunications terminal having an identity module includes: storing a first private key, a first public key and a first signature, the first signature being based on signing the first public key using a second private key; generating identity information and a second signature, the second signature being based on signing the identity information using the first private key; transmitting the first public key, the identity information, and the first and second signatures to a server device; verifying, by the server device, the authenticity of the first public key using a second public key; and verifying, by the server device, the authenticity of the identity information using the verified first public key. The identity information includes International Mobile Subscriber Identity (IMSI) information. |
申请公布号 |
US9184913(B2) |
申请公布日期 |
2015.11.10 |
申请号 |
US201214239560 |
申请日期 |
2012.08.22 |
申请人 |
DEUTSCHE TELEKOM AG |
发明人 |
Froels Martin;Tessmer Martin |
分类号 |
H04K1/00;H04L9/14;H04W12/06;H04L9/32;H04L29/06 |
主分类号 |
H04K1/00 |
代理机构 |
Leydig, Voit & Mayer, Ltd. |
代理人 |
Leydig, Voit & Mayer, Ltd. |
主权项 |
1. A method for authenticating, on a server device in a telecommunications network, a telecommunications terminal comprising an identity module, wherein identity information uniquely allocated to the identity module is used for the authentication using asymmetric cryptography, wherein a first key pair comprising a first public key and a first private key is allocated to the identity module, and wherein a second key pair comprising a second public key and a second private key is allocated to the server device, the method comprising;
storing, at the identity module, the first private key, the first public key and a first signature, the first signature being based on signing the first public key using the second private key; generating the identity information and a second signature, the second signature being based on signing the identity information using the first private key; transmitting the first public key, the identity information, and the first and second signatures to the server device; verifying, by the server device, the authenticity of the first public key using the second public key; and verifying, by the server device, the authenticity of the identity information using the verified first public key; wherein the identity information comprises International Mobile Subscriber Identity (IMSI) information corresponding to the identity module. |
地址 |
Bonn DE |