| 摘要 |
The invention relates to a simple and efficient option for verifying that service data originates from a reliable source. This is achieved by a method and a device for generating a session key for decoding service data that has been transmitted by a service network node (DN) to at least one telecommunications terminal (MS) via a communications network. According to the invention, at least one access key (BAK-I) that has been transmitted by the service network node (DN) and at least one transmitted sequence value (SEQ) are stored in an identification card (UICC) of a communications terminal (MS), a validity value (MAC-I) is calculated in the service network node (DN) and sent, together with the service data and an additional sequence value (nSEQ), to the communications terminal (MS). Upon receipt of the data, the validity value (MAC-I) is compared with a validity value (SD-MAC-I) that has been calculated in the identification card (UICC). In the identification card (UICC), the additional sequence value (nSEQ) that has been sent with the data is compared with the sequence value (SEQ) that has been stored on the identification card (UICC). A session key for decoding the data of a service, said key being generated by the identification card (UICC), is only forwarded to the terminal (T) of the telecommunications terminal (MS) if the result of the comparison of the two validity values (MAC-I/SD-MAC-I) and the two sequence values (SEQ/nSEQ) is positive. |
