Method and system for authenticating in a communication system

摘要

A method and system for authenticating in a communication system are provided. The method includes, in a first authenticator, sending an authenticator relocation request to a second authenticator transmitting a hash value for an authentication parameter of a Mobile Terminal (MT), a random parameter 1, and a random parameter 2 from the second authenticator to the first authenticator; in the first authenticator, transmitting the hash value received from the second authenticator and the random parameter 1 to an Authentication, Authorization, and Accounting (AAA) server; in the AAA server, determining a validity of the hash value received from the first authenticator, and in the AAA server, transmitting the authentication parameter ever used at the time of authenticating the MT, to the first authenticator.

主权项

1. A method for authenticating a Mobile Station (MS) in a communication system, the method comprising:
sending a first message from a first authenticator to a second authenticator, wherein the first message includes ID information of the first authenticator; sending a second message from the second authenticator to the first authenticator in response to the first message, wherein the second message includes a first hash value, a first random parameter, and a second random parameter, the first hash value generated based on a hash function using the first random parameter; sending a third message from the first authenticator to an Authentication, Authorization, and Accounting (AAA) server other than the second authenticator, wherein the third message includes the first hash value, the first random parameter, the ID information of the first authenticator; in the AAA server, determining a validity of the first hash value; when the AAA server determines that the first hash value is valid, sending a fourth message from the AAA server to the first authenticator in response to the third message, the fourth message including an authentication parameter of the MS; sending a fifth message from the first authenticator to the second authenticator, wherein the fifth message includes a second hash value and the second hash value is generated based on a hash function using the second random parameter; in the second authenticator, determining a validity of the second hash value; and sending a sixth message from the second authenticator to the first authenticator in response to the fifth message.