`Pinault
`
`[54] METHOD OF MAKING THE USE OF A
`TERMINAL OF A CELLULAR MOBILE
`RADIO SYSTEM MORE SECURE, AND
`CORRESPONDING TERMINAL AND USER
`CARD
`
`[75]
`
`Inventor: Francis Pinault, Bois Colombes,
`France
`
`[73] Assignee: Alcatel Mobile Phones, Paris, France
`
`[21] Appl. No.: 08/777,734
`
`[22] Filed:
`
`Dec. 20, 1996
`
`[30]
`
`Foreign Application Priority Data
`
`Dec. 21, 1995
`
`[FR]
`
`France ................................... 95 15283
`
`Int. Cl.6
`....................................................... H04Q 7/32
`[51]
`[52] U.S. Cl. ........................... 455/558; 455/410; 455/411
`[58] Field of Search ..................................... 455/410, 411,
`455/557, 558; 379/114, 143, 357; 235/380,
`382; 380/21, 28, 30, 23, 3
`
`[56]
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`4,736,419
`5,390,252
`5,444,764
`5,600,708
`5,604,787
`5,617,470
`5,661,806
`5,675,607
`5,742,910
`5,748,720
`5,761,624
`
`4/1988 Roe ........................................... 380/23
`2/1995 Suzuki et al. ........................... 455/411
`8/1995 Galecki ................................... 455/558
`2/1997 Meche et al. ........................... 455/411
`2/1997 Kotzin et al. ........................... 455/558
`4/1997 Depasquale ............................. 379/114
`8/1997 Nevoux et al. ........................... 380/25
`10/1997 Alesio et al.
`........................... 379/114
`4/1998 Gallant et al. .......................... 455/558
`5/1998 Loder ...................................... 455/407
`6/1998 Mooney et al.
`........................ 455/558
`
`I 1111111111111111 11111 lllll 111111111111111 111111111111111 lll111111111111111
`US005913175A
`[11] Patent Number:
`[45] Date of Patent:
`
`5,913,175
`Jun.15,1999
`
`FOREIGN PATENT DOCUMENTS
`
`03 01 740 A2
`
`2/1989 European Pat. Off ..
`
`OTHER PUBLICATIONS
`
`J. K. Omura, "A computer dial access system based on
`public-key techniques", IEEE Communications Magazine,
`Jul. 1987, vol. 25, No. 7, Jul. 1987, ISSN 0163-6804, pp.
`73-79.
`
`Primary Examiner-Dwayne D. Bost
`Assistant Examiner-Jean A. Gelin
`Attorney, Agent, or Firm-Sughrue, Mion, Zinn, Macpeak
`& Seas, PLLC
`
`[57]
`
`ABSTRACT
`
`A terminal of a cellular mobile radio system cooperates with
`a user card and is able to operate in at least two separate
`operating modes, namely a normal mode in which it can be
`used with any user card and a locked mode in which it can
`be used only with the user card to which it is locked, the
`latter constituting a linked user card. To make use of the
`terminal more secure, first locking data is stored in a
`memory area of the linked user card and, in the locked mode,
`the method includes a phase of authentication by the termi(cid:173)
`nal of the user card with which it is cooperating. In the
`authentication phase second locking data is calculated in the
`terminal from the intermediate data read in a memory area
`accessible to the terminal using a calculation function spe(cid:173)
`cific to the terminal, and the first and second locking data is
`compared in the terminal and use of the terminal is autho(cid:173)
`rized only in the event of equality, that is to say if the user
`card with which the terminal is cooperating is authenticated
`as the linked user card.
`
`21 Claims, 5 Drawing Sheets
`
`Page 1 of 13
`
`
`
`U.S. Patent
`
`Jun.15,1999
`
`Sheet 1 of 5
`
`5,913,175
`
`------------------ ----------------------------------------------
`
`CALCULATE 02=A(D1)
`
`1 1
`
`12
`
`D2 = Dl ?
`
`REFUSE USE
`
`AUTHORIZE USE
`
`13
`
`14
`
`I
`
`·------------------ ----------------------------~------------j
`1 o
`Fig. 1
`
`MANUFACTURE
`
`CREATE LINK
`
`51
`
`NORMAL MODE
`
`10
`
`LOCKED MODE
`
`AUTHENTICATE LINK
`
`Fig. 5
`
`Page 2 of 13
`
`
`
`U.S. Patent
`
`Jun.15,1999
`
`Sheet 2 of 5
`
`5,913,175
`
`T
`
`0 c::JDi @
`
`TERMINAL
`
`T
`
`USER CARD
`
`TERMINAL
`
`cu
`o,f?Z.ZJ
`
`USER CARD
`cu
`Dl
`
`Fig. 2A
`
`Fig. 28
`
`cu
`o,r?ZZI
`USER CARD
`Di[=:]
`cu
`01
`USER CARD
`Di
`
`cu
`D1~
`USER CARD
`Di'C:J
`cu
`D1
`USER CARD
`Di'
`
`Fig. 3A
`
`Fig. 3B
`
`Fig. 4A
`
`Fig. 48
`
`R
`
`R
`
`@
`
`T
`
`0
`
`TERMINAL
`
`T
`
`TERMINAL
`
`T
`
`TERMINAL @
`0
`®
`TTERMINAL
`
`t::::J Di"
`
`R
`
`Page 3 of 13
`
`
`
`U.S. Patent
`
`Jun.15,1999
`
`Sheet 3 of 5
`
`5,913,175
`
`NORMAL MODE
`
`63
`
`LOCKING CODE?
`
`NO
`
`CREATE LINK
`
`AUTHENTICATE LINK
`
`LOCKED MODE
`
`BLOCK TERMINAL
`
`UNBLOCK TERMINAL
`
`61
`
`10
`
`62
`
`ELIMINATE
`PREVIOUS LINK
`
`65
`
`66
`
`UNLOCKING CODE?
`
`NO
`
`YES
`
`64
`
`Fig. 6
`
`Page 4 of 13
`
`
`
`U.S. Patent
`
`Jun.15,1999
`
`Sheet 4 of 5
`
`5,913,175
`
`---------------- -----------------,
`CALCULATE= DJ= A(DI}
`
`71
`
`STORE D1
`
`I
`
`I
`
`72
`~61
`---------------- -----------------
`r----------------- ------------------------------------------,
`YES
`BLOCKING COMMAND?
`
`Fig. 7
`
`82
`
`NO
`
`NO
`
`81
`
`MODIFY 01 IN CARD MEMORY
`
`J
`83
`·-------::,::..::..:.r---- ------------------------------------------
`Fig. 8
`65
`
`r----------------- ♦------------------------------------------1
`
`UNBLOCKING COMMAND?
`
`YES
`
`92
`
`91
`
`I
`
`-------
`66
`
`NO
`
`NO
`
`UNBLOCKING CODE?
`
`YiS
`
`REWRITE D1 IN CARD MEMORY
`
`:
`93
`---- ------------------------------------------·
`Fig. 9
`
`I
`
`I
`I
`I
`I
`
`Page 5 of 13
`
`
`
`U.S. Patent
`
`Jun.15,1999
`
`Sheet 5 of 5
`
`5,913,175
`
`T1 FIRST TERMINAL
`
`T2 SECOND TERMINAL
`
`-------,
`Cl
`
`I
`I
`I
`I
`
`USER
`CARD
`
`-------.
`CZ
`:
`
`I
`I
`
`USER
`CARD
`
`101
`
`Fig. 10
`
`r----------------------------
`:SECURITY
`I ENHANCER
`MEMORY
`AREA
`-t---...L-_.....
`
`114
`
`USER CARD
`
`T
`
`cu
`
`110
`
`113
`
`115
`
`116
`
`117
`
`112
`
`AUTH.
`UNIT
`
`------------------- --------·
`
`I
`I
`
`TERMINAL
`
`Fig. 11
`
`1 1 1
`
`Page 6 of 13
`
`
`
`5,913,175
`
`50
`
`BACKGROUND OF THE INVENTION
`
`1
`METHOD OF MAKING THE USE OF A
`TERMINAL OF A CELLULAR MOBILE
`RADIO SYSTEM MORE SECURE, AND
`CORRESPONDING TERMINAL AND USER
`CARD
`
`2
`unauthorized use were proposed, as explained above, the
`same cannot be said in respect to protection of the terminals.
`First generation terminals do not have any particular pro(cid:173)
`tection against unauthorized use. Consequently, a lost or
`5 stolen terminal can be used by anyone holding a valid user
`card. The network verifies the validity of the user card but
`not that of the terminal. In protection terms, the terminal can
`therefore be classified as "passive".
`1. Field of the Invention
`Each terminal of a cellular mobile radio system is a costly
`The field of the invention is that of cellular mobile radio
`10 device, whether the cost is met by the subscriber or by the
`systems with terminals ( also called mobile stations). In the
`operator. There is therefore an obvious benefit in attempting
`field of cellular mobile radio, European standards include
`to make its use more secure, in particular in the event of loss
`the GSM (Global System for Mobile communications)
`of theft.
`standard, covering public mobile radio systems operating in
`Making the use of a terminal more secure generally
`the 900 MHz band.
`15 consists in proposing, in addition to the normal operating
`To be more precise, the invention concerns a method of
`mode, a so-called locked mode in which the terminal can be
`making the use of a terminal of a cellular mobile radio
`used only with a user card with which it is "locked", called
`system more secure. The method of the invention can be
`the linked user card. In other words, a link is established
`used in a GSM system, but is not exclusive to that system.
`between the terminal and a particular user card (the linked
`2. Description of the Prior Art
`20 user card).
`A cellular mobile radio system is implemented within a
`One technique for implementing a locked mode of this
`network of geographical cells through which the mobile
`kind is described in patent U.S. Pat. No. 4,868,846, assigned
`stations ( or terminals) travel. A base station is associated
`to NOKIA MOBILE PHONES LTD. The method described
`with each cell and a mobile station communicates through
`25 in the above patent includes a phase of creating a terminal/
`the base station of the cell in which it is located.
`user card link and a phase of verifying the terminal/user card
`The expression mobile station or terminal (both of which
`link.
`are used interchangeably in this description) refer to the
`In the link creation phase, the terminal reads the user
`physical equipment employed by the user of the network to
`identification data stored on the user card and stores it in its
`access the telecommunication services offered. There are
`various types of terminals, such as vehicle-mounted, por- 30 memory.
`table and hand-portable terminals.
`During the link verification phase the terminal reads the
`user identification data stored on the user card with which it
`When a user uses a terminal, they generally have to
`is cooperating and compares it with that stored in its memory
`connect a user card that they retain in order for the latter to
`during the link creation phase, authorizing operation of the
`communicate their subscriber number to the terminal. In the
`35 terminal or not according to whether the data read and that
`case of the GSM system, the user card that the user must
`stored are identical or not.
`connect to the terminal is a removable memory card called
`This prior art technique therefore prevents a terminal
`the Subscriber Identity Module (SIM), which communicates
`being used with a user card other than that with which it has
`to the terminal the user's International Mobile Subscriber
`been locked. This prevents unauthorized use of a terminal
`Identity (IMSI) number.
`40 lost or stolen without its linked user card. This contributes to
`In other words, all of the personalized information con(cid:173)
`reducing the number of terminal thefts.
`cerning the subscriber is stored on the user card ( or SIM
`card). Thus, in the general case, any terminal can be used
`Note that even if the terminal is lost or stolen with its
`with any user card.
`linked user card, it can be used only with the latter. As
`already explained, the subscriber can tell the operator that
`An authentication mechanism prevents unauthorized use
`45 their user card has been lost or stolen, so that its use can be
`of the identity of a network subscriber. It must not be
`barred at system level. Stealing the terminal is therefore of
`possible for a person knowing only the identity ( or IMSI) of
`no benefit in this case either.
`a subscriber to pass themselves off as that subscriber to the
`network. To this end, the user card also contains an indi(cid:173)
`This prior art technique of making the use of a terminal
`vidual authentication key and an authentication algorithm.
`more secure nevertheless has at least two major drawbacks.
`After the subscriber has identified himself or herself, the
`Firstly, it does not totally eliminate all risks of unautho(cid:173)
`network can therefore check their identity and break off the
`rized use of the terminal. The terminal/user card link is based
`procedure if the authentication procedure fails.
`on the storage in the memory of the terminal of the user
`Subscribers may inform the network operator or manager
`identification data (read by the terminal from the user card
`that their card has been lost or stolen. This means that any
`55 during the link creation phase). There is nothing to stop a
`attempt by a third party to use their user card can be detected
`person directly modifying the content of the terminal
`and barred at system level.
`memory in order to modify the existing locking link. In this
`case, the identification data of the linked user card is
`The operator often offers an additional degree of protec(cid:173)
`replaced in the terminal memory with new identification
`tion of the user card. For this, a Personal Identity Number
`60 data from another user card. In this way, although it is in the
`(PIN) is stored on the user card. Subscribers are asked to
`locked mode, unauthorized use of the terminal is possible
`enter their PIN code on the keypad of the terminal each time
`since it sees the other user card as that with which it is
`the card is inserted into the terminal or each time that the
`linked.
`terminal is switched on. This prevents anyone using a lost or
`stolen user card if they do not know the PIN code associated
`Moreover, this prior art technique is generally combined
`with that user card.
`65 with protection by requiring subscribers to enter their PIN
`Although in the early days of cellular mobile radio
`code each time their user card is inserted into the terminal or
`systems various means of protecting user cards against
`each time the latter is switched on. Entering the PIN code
`
`Page 7 of 13
`
`
`
`3
`can become a nuisance if it has to be carried out many times
`a day. For this reason, some subscribers leave their terminal
`switched on in order to avoid having to enter their PIN code
`several times. Then, even if the locked mode is selected,
`stealing the terminal when it is switched on and cooperating 5
`with its linked user card enables a person to access the
`services of the network until this is barred at system level
`after the subscriber has reported the loss of theft of their user
`card. It must be remembered that, in respect of the use of
`stolen terminals, there is no barring procedure at system 10
`level equivalent to that which exists for stolen user cards.
`One objective of the invention is to overcome these
`drawbacks of the prior art.
`To be more precise, one objective of the present invention
`is to provide a method of making the use of a cellular mobile
`radio system terminal more secure that completely elimi(cid:173)
`nates all risk of unauthorized use of the terminal.
`An additional objective of the invention is to provide a
`method of the above kind that does not require users to enter
`their PIN code each time they insert their user card into the
`terminal or each time they switch the latter on.
`A further object of the invention is to provide a method of
`the above kind that offers not only the advantages offered by
`the prior art method described in patent U.S. Pat. No.
`4,868,846, referred to above, but has additional advantages
`that cannot be offered by the prior art method.
`In other words, one objective of the invention is to
`provide a method of the above kind which, like the prior art
`method, allows operation in locked mode in which the 30
`terminal can be used only with a particular user card.
`A further objective of the invention is to provide a method
`of the above kind which allows a terminal to be left switched
`on with its user card inside it but which nevertheless
`prevents unauthorized use of the terminal, which is not
`possible with the prior art method.
`A further objective of the invention is to provide a method
`of the above kind enabling local or remote blocking (total
`prohibition of operation) or unblocking ( authorization of
`operation in locked mode) of a terminal.
`Another objective of the invention is to provide a method
`of the above kind enabling a subscriber having more than
`one terminal for the same subscription to have at all times at
`least one terminal providing various "passive reception"
`functions ( answering machine type operation), such as 45
`incoming call storage.
`
`25
`
`40
`
`SUMMARY OF THE INVENTION
`These various objectives, and others that will emerge
`hereinafter, are achieved in accordance with the invention by 50
`a method of making the use of a terminal of a cellular mobile
`radio system more secure, said terminal being of the type
`adapted to cooperate with a user card and being able to
`operate in at least two separate operating modes, namely a
`normal mode in which it can be used with any user card and 55
`a locked mode in which it can be used only with the user
`card to which it is locked, constituting a linked user card,
`wherein first locking data is stored in a memory area of
`said linked user card,
`and, in said locked mode, the method includes a phase of
`authentication by said terminal of the user card with which
`it is cooperating, said authentication phase including the
`following steps:
`second locking data is calculated in said terminal from
`said intermediate data read in a memory area accessible to
`said terminal using a calculation function specific to said
`terminal, and
`
`5,913,175
`
`20
`
`4
`said first and second locking data is compared in said
`terminal and use of said terminal is authorized only in the
`event of equality, that is to say if said user card with which
`said terminal is cooperating is authenticated as said linked
`user card.
`The general principle of the invention is to establish a link
`between a terminal and a user card by storing locking data
`on the user card ( called the linked user card). This principle
`is fundamentally different from that proposed in the previ(cid:173)
`ously mentioned patent U.S. Pat. No. 4,868,846. Although
`the prior art principle also establishes a link between the
`terminal and a user card, it is based on storing locking data
`in the terminal (and not on the linked user card).
`In this way the method of the invention enables operation
`15 in locked mode in which the terminal can be used only with
`the linked user card.
`Moreover, it totally eliminates all risks of unauthorized
`use of the terminal. It is therefore free of the vulnerability of
`the prior art method. The terminal/user card link is
`dependent, firstly, on first data stored on the linked user card
`and, secondly, on a calculation function specific to the
`terminal. Under no circumstances can an unauthorized user
`discover this calculation function as it is not accessible in
`read mode. Moreover, unless the linked user card is stolen
`with the terminal, the unauthorized user does not know the
`first data stored either. Consequently, the unauthorized user
`cannot modify a user card in their possession so that the
`terminal sees the latter as the user card to which it is linked.
`It is clear that, in the manner that is known in itself, if the
`linked user card is stolen with the terminal the subscriber can
`advise the network operator or manager so that use of their
`user card can be barred at system level.
`The method of the invention offers operation in locked
`35 mode that is sufficiently secure for the user not to need to
`enter their PIN code again each time that they insert their
`user card into the terminal or each time that they switch it on.
`Said authentication phase is advantageously effected:
`each time the terminal is switched on, and/or
`each time the user card cooperating with the terminal is
`changed.
`The authentication phase can advantageously be repeated
`in accordance with a predetermined strategy, for example at
`predetermined time intervals, regular or otherwise.
`Said calculation function specific to the terminal is pref(cid:173)
`erably an encryption function using a predetermined algo(cid:173)
`rithm and said first and second locking data are preferably
`encrypted using this encryption function.
`This makes the use of the terminal even more secure.
`In a first preferred embodiment of the invention, the step
`of storing first locking data in a memory area of the linked
`user card is effected during preliminary personalization of
`said linked user card.
`This preliminary personalization is carried out during
`fabrication of the user card, for example, during commis(cid:173)
`sioning of the user card (by the manufacturer, operator or
`distributor) or during the putting together of a personalized
`system comprising the terminal and its user card. In other
`60 words, the user card is personalized either in the factory or
`by a distributor. In so far as its operation in locked mode is
`concerned, the user card is therefore linked to a particular
`terminal as soon as it is personalized, this terminal being the
`one whose specific calculation function calculates, from
`65 intermediate data, second locking data identical to the first
`locking data stored on the linked user card. In other words,
`the user card can be locked only to this particular terminal.
`
`Page 8 of 13
`
`
`
`5,913,175
`
`5
`
`20
`
`5
`In a second preferred embodiment of the invention, the
`step of storing first locking data in a memory area of the
`linked user card is effected on each change from the normal
`mode to the locked mode, new first data to be stored being
`calculated in the terminal from said intermediate data by
`said calculation function specific to said terminal.
`In this case, the user card is not linked to a terminal
`beforehand and can therefore be locked to any terminal. It is
`only on changing from the normal mode to the locked mode
`that the link with the terminal is created (so that the terminal 10
`is that with which the user card is cooperating).
`On each change from the locked mode to the normal
`mode, the content of the memory area of the previously
`linked user card in which the first locking data is stored is
`advantageously modified, at least in part, to delete the 15
`authentication link between the terminal and the previously
`linked user card.
`This makes it certain that before the next change to the
`locked mode there is no user card linked to the terminal. In
`other words, in normal mode no user card holds in its
`memory any trace of an earlier link with the terminal, and
`this applies even to the user card that was previously locked
`to the terminal.
`In said locked mode, the terminal can advantageously be
`used with at least one other user card, referred hereinafter as
`the other linked user card, in a multi-user session starting
`after a multi-user code has been transmitted to the terminal
`and ending either when said other linked user card is no
`longer cooperating with the terminal or when the terminal is
`switched off and then switched on again.
`In this case, the terminal operates in the locked mode with
`either of the two linked user cards. When the multi-user
`session allowing the use of a second linked user card
`terminates, the system reverts to the link between the
`terminal and the first linked user card. The linked user card 35
`with which the terminal cooperates can therefore be replaced
`by another user card without it being necessary to go through
`the normal mode. Consequently, the use of the terminal
`remains totally secure, even if there are two linked user
`cards, rather than only one.
`Said intermediate data is preferably stored in a memory
`area of the terminal.
`In a first preferred embodiment, said intermediate data is
`stored in a memory area of a user card with which the
`terminal cooperates.
`In a second preferred embodiment that combines the
`previous two solutions, part of said intermediate data is
`stored in a memory area of the terminal and the remainder
`in a memory area of the user card with which the terminal
`cooperates.
`The step of storing the intermediate data is advanta(cid:173)
`geously effected:
`during manufacture of the terminal, in the case of inter(cid:173)
`mediate data stored in a memory area of the terminal, and 55
`during manufacture of the user card, in the case of
`intermediate data stored in a memory area of the user card.
`Changing the terminal from the normal mode to the
`locked mode preferably requires the transmission to the
`terminal of a predetermined locking/unlocking code and 60
`changing the terminal from the locked mode to the normal
`mode requires the transmission to the terminal of said
`locking/unlocking code.
`This makes use of the terminal even more secure.
`Said locking/unlocking code is advantageously entered by
`a user of the terminal through a keypad connected to the
`terminal.
`
`6
`In one advantageous embodiment of the invention, in said
`locked mode, the method further comprises:
`a step of blocking of the terminal during which the content
`of the memory area of the linked user card in which said first
`locking data is stored is at least partially modified to render
`the terminal unusable even if the user card with which it is
`cooperating is the linked user card, and
`a step of unblocking the terminal during which said first
`locking data is rewritten into the memory area of the linked
`user card to render the terminal usable again if the user card
`with which it is cooperating is the linked user card.
`Accordingly, when it is in the locked mode, the terminal
`can be rendered unusable ( complete blocking preventing
`unauthorized use) without being switched off. In this
`"switched on but blocked" condition, the terminal can
`implement various "passive reception" functions (answering
`machine type operation), such as storing incoming calls.
`Said blocking step is preferably effected when a blocking
`command is transmitted to the terminal and said unblocking
`step is preferably effected when an unblocking command is
`transmitted to the terminal.
`Accordingly, the method of the invention enables local or
`remote blocking (total barring of operation) or unblocking
`( authorization of operation in locked mode) of the terminal.
`Said blocking and unblocking commands are advanta(cid:173)
`geously ignored by the terminal unless they are accompa(cid:173)
`nied by a predetermined blocking/unblocking code.
`This makes use of the terminal even more secure.
`Said blocking and unblocking commands are preferably
`transmitted to the terminal by means of a Short Messages
`Service.
`In a preferred embodiment, said blocking and unblocking
`commands are transmitted to the terminal using a Data
`Transmission Service.
`In a preferred embodiment of the invention, said blocking
`and unblocking commands are transmitted to said terminal,
`constituting a first terminal, from another terminal, consti(cid:173)
`tuting a second terminal, and the user card with which said
`40 second terminal cooperates and the user card with which
`said first terminal cooperates correspond to the same sub(cid:173)
`scription.
`Accordingly, the method of the invention enables a sub(cid:173)
`scriber having more than one terminal for the same sub-
`45 scription to have at all times at least one terminal provide an
`answering machine type service (for example to store
`incoming calls).
`The invention also concerns a terminal and a user card for
`implementing the method as explained hereinabove.
`The terminal of the invention includes means for making
`its use more secure including:
`first means for reading first locking data in a memory area
`of said linked user card;
`second means for reading intermediate data in a memory
`area accessible to said terminal;
`means for calculating second locking data from said
`intermediate data using a calculation function specific to
`said terminal;
`means for comparing said first and second locking data;
`and
`selective authorization means allowing use of said termi(cid:173)
`nal only in the case of equality, that is to say if the user card
`with which the terminal is cooperating is authenticated as
`65 the linked user card.
`The user card of the invention includes a memory area to
`receive first locking data.
`
`25
`
`30
`
`50
`
`Page 9 of 13
`
`
`
`5,913,175
`
`7
`Other features and advantages of the invention will
`emerge from a reading of the following description of
`various preferred embodiments of the invention given by
`way of illustrative and non-limiting example and from the
`accompanying drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`5
`
`20
`
`8
`use of the terminal is authorized (13) only in the event of
`equality, i.e. if the user card with which the terminal is
`cooperating is authenticated as the linked user card. If not,
`use of the terminal is refused (14).
`The authentication phase 10 is carried out each time the
`terminal is switched on and each time the user card coop(cid:173)
`erating with the terminal is changed, for example. It can also
`be carried out repetitively, in accordance with a predeter(cid:173)
`mined strategy (for example, at regular time intervals during
`10 operation in locked mode).
`The calculation function A specific to the terminal is an
`encryption function using a predetermined algorithm, for
`example, with the result that the first and second locking
`data Dl and D2 consist of data encrypted by this encryption
`15 function A
`Each of the three pairs of FIGS. (2A, 2B), (3A, 3B) and
`(4A, 4B) shows a different implementation of the authenti(cid:173)
`cation phase 10 from FIG. 1.
`In each pair, the first FIG. 2A, 3A or 4A shows in
`schematic form the distribution between the terminal T and
`the user card CU of elements enabling implementation of the
`method of the invention. These elements include the first
`locking data Dl, the calculation function A specific to the
`terminal, a comparison function C and the intermediate data
`Di. By the very nature of the invention, the first locking data
`Dl is always stored on the linked user card CU. By
`definition, the calculation function A specific to the terminal
`and the comparison function C are stored in the terminal T.
`On the other hand, depending on the technique adopted, the
`intermediate data Di may be stored in the terminal (see
`FIGS. 2A and 2B), on the user card CU (see FIGS. 3A and
`3B) or divided between the terminal T and the user card CU
`(see FIGS. 4A and 4B).
`The second FIG. 2B, 3B or 4B shows in schematic form
`the phase of authentication of the user card CU by the
`terminal T.
`Using a first technique (see FIG. 2A and 2B), the inter(cid:173)
`mediate data Di is stored in a memory area of the terminal
`40 T. The link authentication phase is as follows (see FIG. 2B):
`the terminal reads the first locking data Dl on the user card
`and compares (C) it to second locking data D2 that it
`calculates from the intermediate data Di stored in it using the
`calculation function A The result R of this comparison
`45 authorizes or refuses use of the terminal T.
`Using a second technique (see FIGS. 3A and 3B), the
`intermediate data Di is stored in a memory area of the user
`card CU with which the terminal T is cooperating. The link
`authentication phase (see FIG. 3B) is identical to that for the
`50 first technique except that the terminal T reads the interme(cid:173)
`diate data Di from the user card CU.
`Using a third technique (see FIGS. 4A and 4B), a portion
`Di" of the intermediate data Di is stored in a memory area
`of the terminal T and the remainder Di' is stored in a memory
`55 area of the user card CU with which the terminal is coop(cid:173)
`erating. The link authentication phase (see FIG. 4B) is
`identical to that for the first technique except that, using a
`combination function fc, the terminal T combines the inter(cid:173)
`mediate data Di" stored in it and the intermediate data Di'
`60 stored on the user card and uses the result DiR of this
`combination to calculate the second locking data D2 using
`the calculation function A
`Note that more than one terminal can have the same
`encryption function. In this case, the authentication phase 10
`65 is preferably executed using the first or third technique
`described above. Intermediate data Di, Di' stored in a
`memory area of the terminal but which differ from one
`
`FIG. 1 is used to explain the general principle of the
`method of the invention, being a simplified flowchart of the
`terminal/user card link authentication phase.
`Each of the three pairs of FIGS. (2A, 2B), (3A, 3B) and
`( 4A, 4B) shows a separate implementation of the FIG. 1
`authentication phase, with for each pair a separate mode of
`storing intermediate data, each pair comprising:
`a first FIG. 2A, 3A or 4A showing in schematic form the
`distribution between the terminal and the user card of
`elements for implementing the method of the invention,
`a second FIG. 2B, 3B or 4B showing in schematic form
`the phase of authentication of the user card by the terminal.
`FIG. 5 shows a simplified flowchart of a first embodiment
`of the method of the invention.
`FIG. 6 shows a simplified flowchart of a second embodi(cid:173)
`ment of the method of the invention.
`FIG. 7 shows the link creation phase from FIG. 6 in more 25
`detail.
`FIG. 8 shows the terminal blocking phase from FIG. 6 in
`more detail.
`FIG. 9 shows the terminal unblocking phase from FIG. 6
`in more detail.
`FIG. 10 shows in schematic form a particular embodiment
`of the method of the invention using two terminals.
`FIG. 11 shows a simplified schematic of a particular
`embodiment of a terminal and a user card of the invention.
`
`30
`
`35
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`The invention concerns a method of making the use of a
`terminal or a cellular mobile radio system more secure. The
`terminal is of the type designed to cooperate with a user card
`and able to operate in at least two different operating modes,
`namely a normal mode in which it can be used with any user
`card and a locked mode in which it can be used only with the
`user to which it is l