Authenticating a telecommunication terminal in a telecommunication network

摘要

A method for authenticating a telecommunications terminal having an identity module includes: storing a first private key, a first public key and a first signature, the first signature being based on signing the first public key using a second private key; generating identity information and a second signature, the second signature being based on signing the identity information using the first private key; transmitting the first public key, the identity information, and the first and second signatures to a server device; verifying, by the server device, the authenticity of the first public key using a second public key; and verifying, by the server device, the authenticity of the identity information using the verified first public key. The identity information includes International Mobile Subscriber Identity (IMSI) information.

主权项

1. A method for authenticating, on a server device in a telecommunications network, a telecommunications terminal comprising an identity module, wherein identity information uniquely allocated to the identity module is used for the authentication using asymmetric cryptography, wherein a first key pair comprising a first public key and a first private key is allocated to the identity module, and wherein a second key pair comprising a second public key and a second private key is allocated to the server device, the method comprising;
storing, at the identity module, the first private key, the first public key and a first signature, the first signature being based on signing the first public key using the second private key; generating the identity information and a second signature, the second signature being based on signing the identity information using the first private key; transmitting the first public key, the identity information, and the first and second signatures to the server device; verifying, by the server device, the authenticity of the first public key using the second public key; and verifying, by the server device, the authenticity of the identity information using the verified first public key; wherein the identity information comprises International Mobile Subscriber Identity (IMSI) information corresponding to the identity module.