The present invention relates to a network-access authentication process through a hotspot or the like and, more particularly, but not exclusively to authentications which are performed using the hotspot radius protocol.
Computer network-access through public access points, such as Wi-Fi Hotspots, is becoming increasingly common through services being provided by local enterprises, independent carriers, and Internet Service Providers (ISPs). The public access points are usually supported by IEEE specification for WLAN that is known as 802.11x. This specification 802.11x offers to some extent authentication and access control mechanisms as well as confidentiality, but only in the wireless path.
Moreover, recently Worldwide Interoperability for Microwave Access (WiMAX) has been employed as a technology to link hotspots, primarily as a component in Wireless ISPs or WISPs.
As of today, the most common method for securing access to such a wireless network is to protect access with a password. However, passwords have several notable disadvantages. Passwords are relatively easy to intercept and therefore considered unsafe. Moreover, in order to maintain a relatively high security level, passwords have to be changed on a regular basis and kept secret. This is compounded by the fact that regular users of hotspots may be required to have a different password for each hotspot, and irregular users face the inconvenience of having to register for passing use.
One process, which has been implemented in order to avoid using passwords for acquiring network-access, is the SIM-based authentication procedure used in the Global System for Mobile Communications (GSM). The SIM-based authentication procedure offers a secure alternative in which identification is based on a unique number, which is stored in a GSM subscriber identification module (SIM) card or in a general packet radio service (GPRS) SIM card of a certain subscriber.
The SIM card securely stores a secret key identifying a mobile phone service subscriber, as well as subscription information, preferences, text messages and other information. The equivalent of a SIM in universal mobile telecommunications system (UMTS) is a universal SIM (USIM). As well as the secret key, SIM cards identify users uniquely by holding an international mobile subscriber identity (IMSI).
There are three major components which takes part in the SIM-based authentication procedure: a communication entity, such as a mobile phone (MS), that has a SIM card which provides the user's unique identities, secret and otherwise, a base station subsystem (BSS), including a VLR (visitor location register) and MSC (mobile switching center) which connects the user on a mobile station to other mobile/landline users, and the home location register (HLR).
The SIM-based authentication procedure on GSM networks checks the validity of the subscriber's SIM card and then decides whether the communication entity is allowed on a particular network access or connection. The parties involved in the authentication process are: a) the end user or holder of the SIM card b) the home location register (HLR) of a network operator, such as a GSM service provider, and the VLR/MSC. The user is authenticated to the operator via the SIM based authentication, authorization, and accounting (AAA) mechanism. The network authenticates the subscriber by a challenge-response method that comprises the following steps:
The communication entity receives the challenge from the MSC VLR. Typically a 128-bit random number (RAND), which is transmitted through the air interface and passed to the SIM card. At the SIM card, the challenge is sent through the so-called A3 algorithm together with the card specific secret key (Ki). The SIM card is now expected to produce SRes. Provided that the SIM card knows the correct Ki, then the output of the A3 algorithm is the signed response (SRES). The SIM card then uses the so-called A8 algorithm with challenge and Ki to compute the temporary ciphering key (Kc), which is used to encrypt data for transmission back through the air interface. The triplet (RAND, SRES, and Kc) is called the GSM triplet.
As such, SIM-based authentication procedure requires bidirectional communication between the communication entity and the base station. Thus SIM-based authentication cannot be implemented via a hotspot or any other access point that is configured according to the commonly used protocols. Such a hotspot does not permit bidirectional communication with the communication entity before it has been authenticated and therefore the random number is not forwarded to the communication entity to allow it to generate SRES.
A small number of hotspots do allow the implementation of SIM-based authentication process via hotspots. The Extensible authentication protocol (EAP) method for SIM (EAP-SIM) authentication, and the EAP method for UMTS authentication, and key agreement (EAP-AKA) authentication are standard formats for these kind of hotspots, which are used for implementing SIM-based authentication procedures.
An example of implementation of such a SIM-based authentication is disclosed in Patent Application No. 2006/0046693 published on Mar. 2, 2006. The Patent Application discloses a method, WLAN client, and WLAN service node (WSN) that allows an EAP-SIM module of the WLAN client to extract subscriber credentials from a SIM card, and to package the credentials into the EAP-SIM format and further into the TCP/IP format, before sending them to the WSN via a serving access point. The WSN receives the credentials and unpacks them from the TCP/IP format and further from the EAP-SIM format, and authenticates/authorizes the WLAN client. WLAN access is authorized for the WLAN client upon successful authorization.
The aforementioned methods and systems can however only be implemented on a hotspot or an access point that supports Wi-Fi protected access (WPA) protocols or on a hotspot with an EAP-SIM-based authentication process in the GSM networks. Such protocols are not currently widely supported and thus, most existing hotspots and access points cannot implement such SIM-based authentications without substantial hardware or firmware modification.
There is thus a widely recognized need for, and it would be highly advantageous to have, a way for allowing bi-directional authentication of network subscribers, for use at conventional hotspots, which is devoid of the above limitations.
According to one aspect of the present invention there is provided a method for challenge-based authentication of a communication entity to an access network, the access network using a password-based communication protocol. The method comprises: a) pre-supplying to the communication entity a challenge, thereby allowing the communication entity to provide a challenge response, b) supplying to the communication entity a password request, c) receiving via the password request the challenge response, and d) authenticating the communication entity if the challenge response is correct.
Preferably, the pre-supplying is performed via an IP-based network connection, to provide the communication entity with challenges for future connections to access networks.
More preferably, the pre-supplying comprises pre-supplying multiple challenges to the communication entity.
Preferably, communication entity comprises a member of the following group: a subscriber identification module (SIM) card and a universal SIM card.
More preferably, the authenticating comprises checking that the SIM card is still valid by requesting a new challenge substantially simultaneously with the authentication.
Preferably, the pre-supplying is via a temporary IP session on the access network.
Preferably, the challenge is a GSM authentication challenge.
More preferably, the method further comprises a step before step a) of receiving an international mobile subscriber identity (IMSI).
More preferably, the method further comprises a step before step a) of using the IMSI to obtain the challenge.
Preferably, the communication entity comprises a member of the following group: a laptop, a notebook computer, a notebook computer equipped with personal computer memory card industry association (PCMCIA) card, a dual-mode phone, a wireless personal digital assistant (PDA), a mobile phone with a wireless local area network (WLAN) connection, and an arrangement of a SIM based mobile phone and a communication device with a WLAN connection.
Preferably, the challenge is acquired from a home location register (HLR) of a cellular network.
More preferably, the challenge is a random number challenges (RAND) of a GSM triplet generated by the HLR.
More preferably, the challenge response is a signed response (SRES) of a GSM triplet generated by the HLR.
According to another aspect of the present invention there is provided an authentication server for managing challenge based authentication from a cellular network on access networks configured for password-based authentication. The server comprises a pre-supply unit for pre-supplying a challenge to a communication entity, a credential-receiving unit for receiving data sent as a password to the access network as a response to the pre-supplied challenge, and an authorization unit for authorizing the authorization unit if the credentials correctly correspond to the pre-supplied challenge.
Preferably, the pre-supply unit is configured to send the challenge via predefined IP-based connection.
Preferably, the pre-supply is configured to pre-supply the challenge to the communication entity by opening a temporary IP connection over an access unit.
Preferably, the pre-supply unit is configured to send the challenge as a response to an authorization request that is received from the communication entity.
Preferably, the pre-supply unit is configured to communicate with a home location register (HLR) of a cellular network.
Preferably, the challenge is a random number challenges (RAND) of a GSM triplet generated by the HLR.
According to another aspect of the present invention there is provided a subscriber information module (SIM)-card based client for acquiring a network access, the SIM-card based client comprises a challenge request module for acquiring a GSM challenge, a challenge response module configured for generating a challenge response, and a response module for sending the challenge response as a password in a post request, thereby carrying out bi-directional authentication over a password-enabled access connection.
Preferably, the SIM card based client further comprises a cache for storing the challenge until authorization is required.
Preferably, the SIM-card has an international mobile subscriber identity (IMSI), the challenge request module being configured to send the IMSI as a credential a username password post request.
Preferably, the GSM challenge is acquired via an IP-based connection.
Preferably, the IP-based connection is a direct connection with an authentication, authorization, accounting (AAA) server of a cellular network.
Preferably, the challenge request module is configured to instruct the AAA server to establish a temporary connection, the acquiring being via the temporary connection.
Preferably, the SIM-card based client is a member of the following group: a laptop, a notebook computer, a notebook computer equipped with personal computer memory card industry association (PCMCIA) card, a dual-mode phone, a wireless personal digital assistant (PDA), a mobile phone with a wireless local area network (WLAN) connection, and an arrangement of a SIM based mobile phone and a communication device with a WLAN connection.
According to another aspect of the present invention there is provided an access point for authenticating an access network for a communication entity. The access point comprises a temporary access module for: a) communicating with a cellular authorization authority to provide the communication entity with a temporary connection, and b) to allow uploading a challenge to the communication entity during the temporary connection.
Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The materials, methods, and examples provided herein are illustrative only and not intended to be limiting.
Implementation of the method and system of the present invention involves performing or completing certain selected tasks or steps manually, automatically, or a combination thereof. Moreover, according to actual instrumentation and equipment of preferred embodiments of the method and system of the present invention, several selected steps could be implemented by hardware or by software on any operating system of any firmware or a combination thereof. For example, as hardware, selected steps of the invention could be implemented as a chip or a circuit. As software, selected steps of the invention could be implemented as a plurality of software instructions being executed by a computer using any suitable operating system. In any case, selected steps of the method and system of the invention could be described as being performed by a data processor, such as a computing platform for executing a plurality of instructions.
The invention is herein described, by way of example only, with reference to the accompanying drawings. With specific reference now to the drawings in detail, it is stressed that the particulars shown are by way of example and for purposes of illustrative discussion of the preferred embodiments of the present invention only, and are presented in order to provide what is believed to be the most useful and readily understood description of the principles and conceptual aspects of the invention. In this regard, no attempt is made to show structural details of the invention in more detail than is necessary for a fundamental understanding of the invention, the description taken with the drawings making apparent to those skilled in the art how the several forms of the invention may be embodied in practice.
In the drawings:
The present embodiments comprise an apparatus and a method for allowing SIM-type authentication on conventional hotspots or access points. The GSM challenge is placed in advance on the SIM card and the password field provided by the standard hotspot authentication is used to return the challenge response (SRES).
Advance placement of the GSM challenge is carried out during a previous IP session with the communication entity. Two alternatives are provided for such a previous IP session. A first method is to obtain challenges during existing IP sessions and cache them for future use, so that the communication entity has a challenge ready in its cache should it connect to a hotspot. A request for authentication is issued to the cellular network and a challenge is produced and cached at both the network and the communication entity for later use.
A second method is carried out directly at the hotspot and involves authorizing the hotspot to allow a full IP connection for a short space of time, during which the challenge is transferred. The connection is then closed.
The principles and operation of a network node and method according to the present invention may be better understood with reference to the drawings and accompanying description.
Before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not limited in its application to the details of construction and the arrangement of the components set forth in the following description or illustrated in the drawings. The invention is capable of other embodiments or of being practiced or carried out in various ways. In addition, it is to be understood that the phraseology and terminology employed herein is for the purpose of description and should not be regarded as limiting.
A communication entity may be understood as a laptop or notebook computer, preferably equipped with personal computer memory card industry association (PCMCIA) card, a dual-mode phone, a wireless personal digital assistant (PDA), a mobile phone with a WLAN connection, or any other type of terminal that supports WLAN connections. The communication entity may also be understood as an arrangement of a SIM based mobile phone and a communication entity with a WLAN connection which are associated with a common subscriber or any other arrangement of a communication entity which is designed to be connected to a cellular network and a communication entity which is designed to be connected to a computer network.
A computer network may be understood as an. IP-based network, the Internet, a local Ethernet, a Virtual Private Network (VPN), a WLAN, a LAN, a wireless network, or the combination thereof.
An access point may be understood as a hotspot, a Wi-Fi access point, a Wi-max access point, any other access point that allows a subscriber to access a computer network a communication entity, or the combination thereof.
Reference is now made to
As depicted in
In order to achieve the above, the acquiring module 2 comprises a pre-supply sub-module 4, which is used for pre-supplying a challenge to a communication entity, as described above, and a credential-receiving sub-module 5 for receiving data that has been sent as a password to the access network, preferably as a response to the pre-supplied challenge, as will be explained below. Such data can be encoded as the credentials of HTTP POST and HTTP GET commands.
Another module is an authentication module 3, which is used for communicating with one or more access points and verifying that the correct challenge response has been received. Such an interface enables the authentication node 1 with the ability to be responsible for authenticating and authorizing access for a subscriber, associated with a certain SIM, to a hotspot. The authentication node 1 is designed to receive an authentication request from an access point (not shown) and to reply, as described below. The authentication module itself compares the challenge it has previously cached with the answer that the SIM has made based on its cached challenge.
Reference is now made to
As depicted in
As depicted in
The access point 101 is preferably a WLAN access point that functions according to the IEEE's specification 802.1x. The access point 101 communicates, via an appropriate communication interface, with a computer network 100 that is preferably an IP based network, and may for example be the Internet. At the same time, the access point 101 may also be connected, via an appropriate communication interface, to the authentication node 1.
It should be noted that the depicted access point 101 may be one out of a number of access points that are connected to the authentication node 1 and to the computer network 100 which are, for the sake of clarity, not depicted in
Reference is now made jointly to
The method for SIM-based authentication, which is depicted in
In particular, when a subscriber of a communication entity desires to establish a connection with the computer network 100, via the access point 101, it first establishes an IP connection with the authentication node 1. As shown at 200, the connection allows the communication entity 102 to send a challenge request with its IMSI. As shown at 201, the authentication node 1 extracts the IMSI from the request and sends it, in a SS7 MAP Authentication request, to the HLR 103. The HLR 103 receives the MAP Authentication request and extracts the IMSI. Based on the received IMSI, the HLR 103 then generates a GSM triplet, as described in the background section. The RAND, which is preferably a 128-bit challenge, the SRES and the Kc are then forwarded to the authentication node 1, as shown at 203. The authentication node 1 extracts the RAND from the message received from the HLR and forwards it to the communication entity 102, via the IP connection (not shown), as shown at 204. The RAND is preferably cached in the communication entity for future use when connecting via a hotspot. In parallel, the authentication node 1 caches the RAND, the SRES and the Kc for authentication in the following steps, as described below in relation to step 209.
Now, after the communication entity 102 acquired the challenge, the first stage is completed. During the next stage, which is described hereinafter, the communication entity 102 can issue a respective SRES and use it for authenticating a network access, as described below. It should be noted that the next step does not have to occur immediately after the completion of the first stage. The challenge that has been acquired and stored during the first step can be used later on with one or more access points, which are connected to the authentication node 1.
The second stage occurs when, as shown at 205, the communication entity 102, now armed with a cached SRes, establishes a connection with the access point by issuing an HTTP GET command to the access point 101.
As shown at 206, the access point 101 redirects the request to a designated webpage, which is designed to receive a password and preferably a subscriber name, all in accordance with the hotspot Radius or Diameter protocols. Then, as shown at 207, the communication entity 102 uses the RAND, which has been retrieved in step 204, to produce the SRES. The process of producing SRES from RAND is generally well known and is as described above in the background.
Then, as shown at 208, the communication entity 102 issues a POST request, that includes a subscriber name and a password and submits it to the access point 101 via the web page. The subscriber name and the password are included in the body of the post as credentials. The password is generated according to the produced SRES and the RAND. The subscriber name is preferably the IMSI of the communication entity 102 and a predefined domain term. In the drawings, the predefined domain term is “REALM”, giving a user name of the form IMSI@REALM.
Then, as shown at 209, the access point 101 receives the request, unpacks the subscribers' credentials, and maps them from the remote authentication dial-in subscriber server/service (RADIUS) message, into an authentication request, which is sent to the authentication node 1.
The authentication node 1, in combination with the HLR 103, authenticates and authorizes the communication entity 102, and if the authentication and authorization are successful, the authentication node 1 returns a validity message to the access point 101. In particular, in order to authenticate the communication entity 102 for granting network-access, the authentication node 1 matches the earlier cached RAND and SRES with the RAND and SRES, which are included in the message, received from the communication entity 102. Preferably, the IMSI included in the user name is used to identify the correct cached Rand and corresponding SRES at the authentication node.
Preferably, in order to verify the current service subscription of the relevant subscriber, the access point 101 is designed to extract the IMSI from the received message and to forward it to the authentication node 1 in an additional authentication request, as before an SS7 MAP authentication request with the received IMSI. The request is forwarded to the HLR 103, as shown at 210. The HLR receives the IMSI, verifies whether the SIM card, which is associated with the received IMSI, is still valid or not, and issues a further GSM triplet, as shown at 211, as the HLR thinks this is a regular authorization. However, this latter GSM triplet is not used directly in an authorization procedure. Rather the very fact that the triplet is issued is used by the authorization server to ascertain that the IMSI is still valid. Such a precaution is used here because the basic authentication is based on a challenge that may have been issued days or weeks before, and in the meantime the HLR may know that the particular SIM card has been lost, stolen or otherwise invalidated.
Returning to the authentication process and if the cached RAND and SRES match the credentials received from the mobile device, then, as long as the HLR approves the IMSI, the authentication node 1 sends a message, such as an Auth Reply Accept message, to the access point 101. Then, as shown at 212, the access point 101 sends a success notification to the communication entity 102. The success notification tells the access point to allow the requested network connection and billing may be carried out through the user's GSM telephone account. At that point, as the access point 101 receives the authorization message, the access point 101 allows data traffic to be exchanged between the computer network 100 and the communication entity 102.
In such an embodiment, it becomes possible to implement the 802.1x authentication mechanism without the need to update all the access points that support 802.1x, because the system implements authentication functionality into a single authentication node 1 instead of into a number of access points.
Reference is now made to
During the first step of the first stage, as shown at 400 of
During the first step of the second step, as shown at 406 of
Reference is now made jointly to
As described above, the method for SIM-based authentication in network-access that is depicted in
In particular, during the authentication process, as shown at 301, when a subscriber of a communication entity desires to establish a connection with the computer network 100, via the access point 101, it issues a HTTP GET command for the access point 101. Then, as shown at 302, the access point 101 redirects the request to a webpage that is designed to receive a password and preferably a subscriber name. At this point, as shown at 303, the communication entity 102 issues an HTTP POST command. The communication entity 102 fills the subscriber field in the HTTP POST command with its IMSI and a predefined domain code, herein shown as “REALM”, preferably as described above. The password field is left empty. As such, HTTP POST commands can be submitted without any authorization from the computer network 100 or the access point 101, the message can be sent before any network connection has been authorized, as other HTTP POST commands.
At this time, as shown at 304, the access point that receives the HTTP POST command forwards it as an ordinary RADIUS access request to the authentication node 1. In the following step 305, the authentication node extracts the IMSI from the message and uses the IMSI in an SS7 MAP Authentication request that is forwarded to the HLR 103. The HLR 103 chooses a 128-bit challenge RAND and produces accordingly a GSM triplet, including the expected answer SRES as further described above and shown at 306. Then, as shown at 307, the HLR 103 sends the GSM triplet to the authentication node 1. The authentication node 1 extracts the credentials of the received GSM triplet and caches them. Then, as shown at 308, the authentication node 1 sends an Auth Reply Accept message back to the access point 101. The Auth Reply Accept message defines a certain period, such as 30 seconds. The access point 101 extracts the period from the received message and accordingly allows a temporary network connection, which is preferably limited to a duration equivalent to the extracted period. The access point 101 then sends a success notification to the communication entity 102 and preferably a notification that the access is enabled, as respectively shown at 309 and 310.
The enabled connection allows the communication entity 102 to issue a proprietary RAND request and to send it directly to the authentication node 1. In the following steps, as shown at 311 and 312, the authentication node 1 receives the RAND request and issues a RAND reply with the RAND that has been cached in its memory, as described in relation to step 307. When the period expires, the connection is terminated. Thus the GSM challenge is now stored at the communication entity 102.
At this time, the communication entity 102 can use the received RAND to authenticate access to the computer network 100, via the access point 101.
At this point, the temporary connection has been terminated and there are no active connections between the access point 101 and the communication entity 1. The communication entity 1, having received the 128-bit RAND from the authentication node establishes a standard network connection with the hotspot.
In the following step, as shown at 313, the communication entity 1 establishes a connection with the access point 101 and issues an HTTP GET command, as described above. The access point redirects the request as described in relation to step 302. The communication entity 1 uses the 128-bit RAND to produce the SRES, as described in relation to
As shown at 315, the Access point passes the HTTP POST command as an ordinary RADIUS request to the authentication node 1, as described above. The authentication node 1 can now match the RAND and SRES from the RADIUS request with the RAND and SRES, which have been previously cached, as described in relation to step 308, thereby authenticating the data received from the communication entity 1. As shown at 316 and 317 the authentication node 1 sends an Auth Reply Accept to the access point 101, and the access point accordingly issues a success notification and sends it to the communication entity 1. The success notification enables the establishment of a regular network connection without a time limit between the communication entity 1 and the computer network 100, and allows the user's GSM account to be billed for the access.
Reference is now made to
During the first step 500 of the first stage that is depicted in
As described above, the communication entity acquires network access according to a SIM-based authentication procedure, where the access network is acquired over an access point supporting only a password-based communication protocol. In order to allow the implementation of such a SIM-based authentication procedure, the communication entity comprises a modified user client, which is a regular GSM authentication module with the difference that it is able to cache Rand challenges for later use, and is then able to post the challenge result over a username/password request. In the one case, the client acquires a challenge from a cellular network via an IP-based connection as per
It is expected that during the life of this patent many relevant devices and systems will be developed and the scope of the terms herein, particularly of the terms node, authentication, network, communication, an access point, Wi-Fi, wireless, etc. are intended to include all such new technologies a priori.
It is appreciated that certain features of the invention, which are, for clarity, described in the context of separate embodiments, may also be provided in combination in a single embodiment. Conversely, various features of the invention, which are, for brevity, described in the context of a single embodiment, may also be provided separately or in any suitable sub-combination.
Although the invention has been described in conjunction with specific embodiments thereof, it is evident that many alternatives, modifications and variations will be apparent to those skilled in the art. Accordingly, it is intended to embrace all such alternatives, modifications and variations that fall within the spirit and broad scope of the appended claims. All publications, patents, and patent applications mentioned in this specification are herein incorporated in their entirety by reference into the specification, to the same extent as if each individual publication, patent or patent application was specifically and individually indicated to be incorporated herein by reference. In addition, citation or identification of any reference in this application shall not be construed as an admission that such reference is available as prior art to the present invention.
The present application claims the benefit of U.S. Provisional Patent Application No. 60/739,932, filed on Nov. 28, 2005, the contents of which are hereby incorporated by reference.
Number | Date | Country | |
---|---|---|---|
60739932 | Nov 2005 | US |