| 主权项 |
1. A circuit arrangement employed by a home network, comprising:
a memory configured to store a first encryption key, wherein the home network is to generate a first authentication vector, using the first encryption key, for authentication between a mobile station and the home network of the mobile station; and a key-generator configured to:
receive a request for a second encryption key from a visited network;derive, in response to the request, the second encryption key from a combination of the first encryption key and a mobile country code (MCC) or a mobile network code (MNC) of the home network or the visited network,provide the second encryption key to the visited network from the home network in an encapsulated message, wherein a challenge-response scheme is used to establish a direct roaming connection between the mobile station and the visited network, wherein, as part of the challenge response scheme:the visited network is to generate a second authentication vector, based on the second encryption key, received from the home network, and a random number received from the mobile station in a registration request,the mobile station is to generate the second encryption key, generate an authentication vector, based on the second encryption key and the random number, and send the authentication vector to the visited network; andthe visited network is to compare the second authentication vector with the authentication vector received from the mobile station for authentication and establishment of the direct roaming connection between the mobile station and the visited network when the second authentication vector and the authentication vector received from the mobile station are identical. |
