`
`(12) United States Patent
`Macchi
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8.442,231 B2
`May 14, 2013
`
`(54) METHOD AND SYSTEM FOR IMPROVING
`ROBUSTNESS OF SECURE MESSAGING INA
`MOBILE COMMUNICATIONS NETWORK
`(75) Inventor: Ilario Macchi, Rome (IT)
`(73) Assignee: Telecom Italia S.p.A., Milan (IT)
`
`(*) Notice:
`
`(21) Appl. No.:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 438 days.
`11/632,859
`
`Jul. 22, 2004
`PCT/EP2004/051581
`
`(22) PCT Filed:
`(86). PCT No.:
`S371 (c)(1),
`Aug. 6, 2008
`(2), (4) Date:
`(87) PCT Pub. No.: WO2006/007879
`
`PCT Pub. Date: Jan. 26, 2006
`
`(65)
`
`Prior Publication Data
`US 2008/O292101 A1
`Nov. 27, 2008
`
`(2006.01)
`
`(51) Int. Cl.
`H04L 29/06
`(52) U.S. Cl.
`USPC ........................................... 380/270; 713/150
`(58) Field of Classification Search .................. 380/270;
`713/150
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`4,972.478 A 1 1/1990 Dabbish
`5,909,491. A
`6, 1999 Luo ........................... 380,270
`6,041,123 A * 3/2000 Colvin, Sr. .................... T13,153
`6,741,704 B1* 5/2004 Virtanen ....................... 380.247
`7.269,261 B1* 9/2007 Jennings ..
`380286
`2009.0034721 A1* 2, 2009 Yan et al. .
`... 380/42
`2009, 0210936 A1* 8, 2009 Omar et al. ..................... T26/14
`
`
`
`EP
`WO
`WO
`W
`WO
`
`FOREIGN PATENT DOCUMENTS
`1 035 684 A2
`9, 2000
`WO95/34970
`12/1995
`WO99,04583
`1, 1999
`W 994, s A1
`$38,
`WOO3,OO3772 A2
`1, 2003
`OTHER PUBLICATIONS
`“Digital cellular telecommunication system (Phase 2+)"; Universal
`Mobile Telecommunications System (UMTS); Security Mechanisms
`for the (U)SIM application toolkit: Stage 2 (3GPP TS 23.048 version
`5.7.0 Release 5), ETSI TS 123 048, vol. 3-T3, No. V570, pp. 1-37
`(Jun. 2003).
`NIST (National Institute of Standards and Technology: “FIPS PUB
`46-3: Data Encryption Standard (DES)”. Federal Information Pro
`cessing Standards Publication, pp. 1-22, (Oct. 25, 1999).
`
`* cited by examiner
`Primary Examiner — Farid Homayounmehr
`Assistant Examiner — Lisa Lewis
`(74) Attorney, Agent, or Firm — Finnegan, Henderson,
`Farabow, Garrett & Dunner, L.L.P.
`
`ABSTRACT
`(57)
`A mobile communications network has mobile communica
`tions capabilities and Supports a secure messaging service,
`Such as an SMS messaging Service, that allows a message
`sender and at least one message receiver (at least one among
`the message sender and the message receiver being a user of
`the mobile communications network) to exchange messages
`encrypted by means of a cryptographic process performed by
`the message sender, so as to obtain an encrypted message that
`can be decrypted by a corresponding cryptographic process
`performed by the intended message receiver. End-to-end
`security of the exchanged message is thus achieved. A cryp
`tographic algorithm, exploited by the user of the mobile com
`munications network for performing the cryptographic pro
`cess, is modified by exploiting the mobile communications
`capabilities of the mobile communications network. Robust
`-
`-
`- -
`-
`ness and reliability over time of the end-to-end security mes
`Saging is improved.
`19 Claims, 5 Drawing Sheets
`
`APPLE 1017
`
`1
`
`
`
`0---·-·-·-·-·-·-�--
`PARAMETERS,
`ENCR.
`
`GATEWAY
`--·-·-·-·-----
`SMS
`
`125
`SMSC
`,------------L-�--------
`BSC
`MANAG�ENT
`SECURITY
`MESSAGING
`
`MSC
`
`145
`
`SMS MSG
`
`DB
`
`ALGORITHM
`
`SERVaR
`
`NCR. KEY(S),
`
`IE
`
`=N
`
`FIG. 1
`
`00��
`
`r.,;_
`d
`
`Ul
`....
`
`0
`....
`
`w "'""'
`'N
` N
`
`130
`
`135
`
`TO OTHER BSSs
`
`150
`
`BSS
`--}
`_ _ TO OTHER BTSs
`BTS '-----�
`120m \� )
`.(� �120s \
`110
`,,. , .,,,,,.----
`-·-I
`":. _ ·-·-·-·-·-·-·-·-
`105
`
`('D .....
`
`
`
`rJJ=('D
`
`
`....�
`
`0
`
`...N
`
`
`....�
`
`�
`�
`
`115
`,
`I) ,.'
`
`,,.
`✓
`
`,I
`
`...
`
`'
`
`...
`
`
`00•
`
`�
`
`�
`� ��
`�
`
`·-·-·
`
`........ ' ' '
`
`100
`
`�
`
` [
` -.
` -.
` -.
` -.
` -.
`-.
`-·
`
`GPRS
`
`2
`
`
`
`U.S. Patent
`
`May 14, 2013
`
`Sheet 2 of 5
`
`US 8.442,231 B2
`
`09 I
`
`
`
`Z 'OIH
`
`
`
`
`
`
`
`on :&#EST)
`
`H Z - u o zu -
`
`3
`
`
`
`
`
`NOILYTIVISNINOLLVITIddv2axoD
`
`
`
`
`
`
`
`1NOTLdAdI39VLiVGANIINI
`
`
`
`
`$$390UdO1dAdD
`
`NOILVYNIIANODNOILdAYING
`
`U.S. Patent
`
`May 14
`
`’
`
`2013
`
`Sheet 3 of 5
`
`4
`
`
`
`aaVNYWNOLLVIINAWWO2
`
`Orr
`
`(azQvVOT)
`
`FUNLVNIIS
`
`
`
`9SWSWS
`
`varsIazA
`
`awaTIdwOD
`
`
`
` =UagvNVW3402
`
`US 8,442,231 B2
`
`ANISNA3
`
`
`
`¢Dd
`
`4
`
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`May 14, 2013
`May14, 2013
`
`Sheet 4 of 5
`Sheet 4 of 5
`
`US 8.442,231 B2
`US 8,442,231 B2
`
`
`
`
`
`405
`
`
`
`FIG. 4A
`FIG, 4A
`
`5
`
`
`
`U.S. Patent
`
`May 14, 2013
`
`Sheet 5 of 5
`
`US 8.442,231 B2
`
`[[
`
`?jEQyBH
`
`
`
`NOLLy21 Tddy
`
`SIS
`
`Ty 119IQ 0 IS
`
`
`
`ER'n LyNºIS
`
`G9 #79 88 28
`
`IS OS 6.2 82 / 2
`
`2 I
`
`TTTTTTTTTTTTTILL
`
`
`
`
`
`
`
`
`
`6
`
`
`
`US 8,442,231 B2
`
`1.
`METHOD AND SYSTEM FOR IMPROVING
`ROBUSTNESS OF SECUREMESSAGING INA
`MOBILE COMMUNICATIONS NETWORK
`
`CROSS REFERENCE TO RELATED
`APPLICATION
`
`This application is a national phase application based on
`PCT/EP2004/051581, filed Jul 22, 2004, the content of
`which is incorporated herein by reference.
`
`10
`
`FIELD OF THE INVENTION
`
`The present invention relates generally to the field of tele
`communications, and particularly to wireless, mobile com
`15
`munications networks, particularly mobile telephony net
`works such as GSM and UMTS networks (and their
`counterparts in the United States and Japan). More specifi
`cally, the invention focuses on messaging over a mobile com
`munications network, and concerns methods (and related sys
`tems for the implementation thereof) that relies on encryption
`for making the messaging secure.
`
`BACKGROUND OF THE INVENTION
`
`25
`
`30
`
`35
`
`In the past decade, mobile telephony networks have expe
`rienced an enormous spread, especially after the introduction
`of second-generation mobile cellular networks, and particu
`larly digital mobile cellular networks such as those comply
`ing with the Global System for Mobile communications
`(GSM) standard (and its United States and Japanese counter
`parts).
`Mobile telephony networks were initially conceived for
`enabling Voice communications, similarly to the wired, Pub
`lic Switched Telephone Networks (PSTNs), but between
`mobile users. The services offered by these networks, espe
`cially the digital ones, in addition to plain Voice communica
`tions have however rapidly increased in number and quality.
`In particular, a very popular service offered by GSM net
`works is the Short Message Service (SMS). This service
`40
`offers to the users of a GSM network the possibility of
`exchanging short messages.
`An SMS message normally includes a payload field, whose
`maximum length is relatively small, typically 140 Bytes. The
`SMS message can be a text message, or a data message. A text
`SMS message is an SMS message that carries, in the payload
`field, a string of alphanumeric characters; adopting an eight
`bits coding for the alphanumeric characters, a string of 140
`characters can be sent in a single message, whereas by coding
`the alphanumeric characters over 7 bits, text messages of up
`50
`to 160 characters can be sent. A data SMS message is an SMS
`message that carries data for, e.g., a Software application
`resident in the intended destination mobile phone, such as the
`WAP browser or the ringing tone player; network operators
`use for example data SMS messages to deliver data for spe
`cific applications running in the mobile phones of the Sub
`scribers.
`In very general terms, the SMS operates in the following
`way: the SMS message is sent, from the mobile station (i.e.,
`the mobile phone) of the user originating the message, to a
`SMS center, which manages the delivery of the SMS message
`to the intended destination user. To perform this task, the SMS
`center works in a “store & forward' way: in case the SMS
`message received from the origin mobile station cannot be
`delivered to the intended destination mobile station, for
`example because the latter is temporarily unavailable, e.g.
`because switched off or out of coverage, the SMS message is
`
`45
`
`55
`
`60
`
`65
`
`2
`stored at the SMS center, which retries to deliver the SMS
`message at a later time, typically as soon as the destination
`mobile station becomes available.
`This conventional implementation of the SMS is affected
`by some problems, relating to security issues, which make the
`SMS messaging unsuitable for specific applications, such as
`for example electronic commerce ('e-commerce') via
`mobile phones (when for example sensitive data Such as
`credit card numbers need to be provided by the users), or,
`simply, when there is the need to guarantee an adequate level
`of privacy of the text messages exchanged between different
`USCS.
`Under this respect, a point of real weakness in the system is
`represented by the storage of the messages at the SMS center.
`Another weak point resides in the fact that the plain text of
`the SMS message travels along the telecommunications net
`work, the information traveling in encrypted form only
`through the wireless path (“airlink”) between the sender/
`receiver mobile station and the competent Base Transceiver
`Station (BTS) of the GSM network; thus, unauthorized third
`parties, using relatively simple equipment such as a digital
`receiver, may read the message content when this travels in
`the ground GSM network.
`In the art, the problem of messaging security has already
`been recognized and faced.
`For example, in the International application No. WO
`00/484.16, the problem of how to produce a secure and
`encrypted message traffic between applications on the SIM
`(Subscriber Identity Module) of the mobile telephone and
`service provider applications is recognized, and a method and
`system making possible to implement secure message com
`munication with a mobile station are disclosed. In particular,
`a distinct SIM space is set apart for storage of the keys needed
`for the encryption/decryption and/or signature of messages,
`and new encryption keys can be loaded into Such a SIM space
`via an “On The Air (OTA) interface. As stated in that docu
`ment, the OTA interface makes it considerably easier to set
`new encryption/decryption keys on the SIM.
`As another example, the International application No. WO
`99/04583 discloses a method providing a functionality that
`allows mobile stations of users having certain access rights to
`display in intelligible form messages (short messages) broad
`cast on a common channel in a cell. The messages, before
`being broadcast, are encrypted using a predefined encryption
`key, and the mobile stations having a corresponding access
`right are provisioned with the corresponding decryption key.
`The decryption keys are transmitted to the mobile stations
`using a point-to-point data transfer protocol; in particular, in
`order to provision the mobile stations with the decryption key,
`a remote provisioning procedure is used, involving a remote
`SIM updating message being transmitted to the mobile sta
`tion, or using the “data download via SMS-PP data down
`load procedure. In order to ensure long-term security of the
`encryption method, the encryption keys used to encrypt the
`message texts are periodically changed.
`
`SUMMARY OF THE INVENTION
`
`The Applicant observes that the solutions known in the art,
`although satisfactory under many respects and significantly
`improving the level of security of the conventional SMS
`messaging services, are however not free of problems.
`In particular, the Applicant observes that while the problem
`of changing the encryption/decryption keys used for encrypt
`ing/decrypting messages has been faced in the art, nobody
`seems to have realized that this may be insufficient.
`
`7
`
`
`
`US 8,442,231 B2
`
`5
`
`10
`
`15
`
`25
`
`30
`
`35
`
`3
`The Applicant has instead realized that it may happen that
`the cryptographic algorithm exploited by users, for example
`belonging to a users’ group, for encrypting/decrypting SMS
`messages exchanged between the users may be cracked. If
`this happens, the end-to-end security and confidentiality of
`the SMS messages exchanged between the users can no
`longer be guaranteed. In order to restore the desired security
`level, it is not sufficient to update the encryption/decryption
`keys: as a consequence of the cracking of the cryptographic
`algorithm, merely changing the keys does not ensure the
`secrecy of the exchanged messages. In Such situations, it
`might be necessary to replace the SIM cards of all the users of
`the group using the same cryptographic algorithm with new
`SIM cards, with a different cryptographic algorithm embed
`ded therein. This is not an easy task, especially if the number
`of users in the group is relatively high, and may require
`shipping to all the users of the group a new, substitutive SIM
`card.
`The Applicant has tackled the problem of how increasing
`the robustness of the message encryption systems and meth
`ods known in the art, so that they can resist relatively hard
`attacks.
`The Applicant has found that Such an increased robustness
`can be achieved if the cryptographic algorithm intended to
`run at the mobile stations for encrypting/decrypting the
`exchanged messages, e.g. SMS messages, is upgraded "Over
`The-Air' (OTA). In this way, even if the cryptographic algo
`rithm is cracked, or in cases where there is the reasonable
`doubt that the security of the system may have been broken or
`at least is in danger, it is no more necessary to replace all the
`SIM cards of the group of users enabled to exchange cipher
`text messages.
`In particular, the Applicant has found that distinctive
`advantages derive from exploiting a parametric crypto
`graphic algorithm. For the purposes of the present invention,
`by parametric cryptographic algorithm there is intended any
`cryptographic algorithm offering the possibility of being con
`figured via configuration parameters which specify the way
`the algorithm is implemented to encrypt/decrypt the data. A
`40
`parametric cryptographic algorithm may be a cryptographic
`algorithm resulting by a specific one of several (at least two)
`possible combinations of variably combinable basic crypto
`graphic algorithms or routines, the specific type of combina
`tion being determined by a set of one or more configuration
`parameters. It is worth pointing out that the cryptographic
`algorithm or the configuration parameters for the crypto
`graphic algorithm are not to be confused with the encryption/
`decryption keys used by the algorithm to encrypt/decrypt a
`plaintext into a ciphertext: encryption/decryption keys can in
`fact be viewed as "inputs' to the cryptographic algorithm, just
`as the plaintext to be ciphered or the ciphertext to be
`decrypted, while the configuration parameters determines the
`very nature of the cryptographic process to be performed.
`The Applicant has found that by using Such a parametric
`cryptographic algorithm, flexibility is significantly increased,
`because instead of modifying the whole cryptographic algo
`rithm (i.e., modifying one or more of the basic cryptographic
`routines that make up the cryptographic algorithm), it may in
`some cases suffice to modify (still OTA) the configuration
`parameters thereof, i.e. the specific way the various basic
`cryptographic routines are combined. In this way, the task of
`updating the cryptographic process performed at the mobile
`stations to encrypt/decrypt the exchanged messages is ren
`dered even simpler (particularly, less data need to be delivered
`to the mobile stations for updating the cryptographic algo
`rithm).
`
`50
`
`45
`
`55
`
`60
`
`65
`
`4
`Thus, according to an aspect of the present invention, a
`method for increasing robustness of secure messaging in a
`wireless, particularly a mobile communications network is
`provided.
`Summarizing, in a mobile communications network hav
`ing mobile communications capabilities and Supporting a
`secure messaging service that allows a message sender and at
`least one message receiver (at least one among the message
`sender and the message receiver being a user of the mobile
`communications network) exchanging messages encrypted
`by means of a cryptographic process performed by the mes
`sage sender, so as to obtain an encrypted message that can be
`decrypted by a corresponding cryptographic process per
`formed by the intended message receiver, the method accord
`ing to this aspect of the present invention comprises modify
`ing a cryptographic algorithm exploited by said user of the
`mobile communications network for performing said crypto
`graphic process, wherein said modifying the cryptographic
`algorithm is accomplished by exploiting the mobile commu
`nications capabilities of the mobile communications net
`work.
`Preferably, said cryptographic algorithm comprises a para
`metric cryptographic algorithm, comprising at least two com
`binable basic cryptographic algorithms and configuration
`parameters defining a combination of the at least two basic
`cryptographic algorithms. Said modifying the cryptographic
`algorithm may thus comprise modifying at least one of the
`basic cryptographic algorithms, and/or modifying said con
`figuration parameters defining a specific combination of the
`at least two basic cryptographic algorithms.
`In a preferred embodiment of the present invention, the
`method may further comprise modifying encryption/decryp
`tion keys to be used by said user of the mobile communica
`tions network for encrypting/decrypting a message, said
`modifying the encryption/decryption keys being accom
`plished by exploiting the communications capabilities of the
`mobile communications network.
`In particular, the at least one of the basic cryptographic
`algorithms, the configuration parameters and the encryption/
`decryption keys may be modified according to respective
`time schedules, e.g. the keys are modified more frequently,
`whereas the configuration parameters are modified less fre
`quently, and the basic cryptographic algorithms are modified
`only from now and then.
`The communications capabilities of the mobile communi
`cations network exploited for modifying the cryptographic
`algorithm may include a messaging service of the network,
`particularly an SMS service, or a packet radio service of the
`network, particularly a GPRS service.
`According to another aspect of the present invention, a
`secure messaging system is provided.
`The system comprises:
`a mobile communications network having mobile commu
`nications capabilities and Supporting a messaging service;
`a message sender and at least one message receiver,
`wherein at least one among the message sender and the mes
`sage receiver is a user of the mobile communications net
`work;
`a cryptographic process performed by the message sender
`to encrypt a message to be sent to the at least one receiver, and
`a corresponding cryptographic process performed by the
`message receiver to decrypt the encrypted message once
`received.
`The mobile communications network is adapted to modify
`a cryptographic algorithm exploited by said user of the
`
`8
`
`
`
`5
`mobile communications network for performing said crypto
`graphic process by exploiting the mobile communications
`capabilities thereof.
`In particular, said cryptographic algorithm includes a para
`metric cryptographic algorithm, comprising at least two com
`binable basic cryptographic algorithms, and configuration
`parameters defining a combination of the at least two basic
`cryptographic algorithms; the mobile communications net
`work is adapted to modify either one or the other or both of
`said basic cryptographic algorithm and configuration param
`eters.
`In one embodiment of the present invention, the system
`includes a messaging security manager server connected to
`the mobile communications network, for managing modifi
`cations to the cryptographic algorithm. The messaging Secu
`rity manager server may in particular be adapted to commu
`nicating with the user of the mobile communications network
`via a network messaging service, particularly an SMS ser
`vice, or via a network packet radio service, particularly a
`GPRS Service.
`According to the still another aspect of the present inven
`tion, a mobile station for use in a mobile communications
`network having mobile communications capabilities and Sup
`porting a messaging service is provided.
`The mobile station is adapted to implement a crypto
`graphic process for encrypting/decrypting messages to be
`sent to/received from a message destination/sender, and it is
`further adapted to have a cryptographic algorithm, exploited
`for performing said cryptographic process, modified by
`exploiting the communications capabilities of the mobile
`communications network, particularly one or both among a
`messaging service, particularly an SMS service, and a packet
`radio service, particularly a GPRS service.
`In particular, the mobile station is further adapted to man
`age the cryptographic algorithm as a parametric crypto
`35
`graphic algorithm, including at least two combinable basic
`cryptographic algorithms, and configuration parameters
`defining a combination of the basic cryptographic algorithms.
`The mobile station may in this case be adapted to manage
`modifications of either one or both of the at least two basic
`cryptographic algorithms and the configuration parameters.
`Preferably, the mobile station is further adapted to have
`encryption/decryption keys exploited by the cryptographic
`process for encrypting/decrypting messages modified by
`exploiting the mobile communications capabilities of the
`mobile communications network.
`The mobile station may comprise a user terminal equip
`mentanda Subscriber Identity Module operatively associated
`thereto. In one embodiment of the invention, at least one
`among the cryptographic process and operations for the
`modification of the cryptographic algorithm are performed by
`the user terminal equipment. In another embodiment of the
`invention, at least one among the cryptographic process and
`operations for the modification of the cryptographic algo
`rithm, possibly both, are performed by the Subscriber Identity
`Module.
`According to still another aspect of the present invention, a
`Subscriber Identity Module is provided, adapted to be opera
`tively associated with a user terminal equipment for forming
`a mobile station adapted for use in a mobile communications
`network having mobile communications capabilities and Sup
`porting a messaging service, wherein the mobile station is
`adapted to implement a cryptographic process for encrypting/
`decrypting messages to be sent to/received from a message
`destination/sender.
`The Subscriber Identity Module is adapted to have a cryp
`tographic algorithm, exploited by the mobile station for per
`
`6
`forming said cryptographic process, modified exploiting the
`communications capabilities of the mobile communications
`network.
`In particular, the Subscriber Identity Module may be fur
`ther adapted to perform said cryptographic process.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The features and the advantages of the present invention
`will be made apparent by the following detailed description of
`an embodiment thereof, provided merely by way of non
`limitative example, description that will be conducted mak
`ing reference to the attached drawings, wherein:
`FIG. 1 schematically shows a GSM telephony network,
`Supporting an SMS messaging service;
`FIG. 2 illustrates very schematically a security manage
`ment server that, in one embodiment of the present invention,
`is provided in the GSM telephony network for managing
`operations Such as updating/upgrading cryptographic algo
`rithms resident in the mobile stations;
`FIG. 3 schematically shows, in terms of functional blocks
`relevant to the understanding of the exemplary invention
`embodiment to be described, a Mobile Station (MS) imple
`menting the method according to the described embodiment
`of the present invention;
`FIG. 4A is a schematic flowchart showing, in very simpli
`fied way, the operation of a generic MS in respect of the
`operations allowing to update/upgrade the cryptographic pro
`cess that the MS is capable of performing, in one embodiment
`of the present invention;
`FIG. 4B is a schematic flowchart showing, in very simpli
`fied way, the operation of the generic MS as far as the man
`agement of secure SMS messages is concerned, in one
`embodiment of the present invention; and
`FIG.5 schematically shows the structure of SMS messages
`used for updating/upgrading, over-the-air, the cryptographic
`process that the MS, in one embodiment of the present inven
`tion.
`
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENTS OF THE INVENTION
`
`With reference to the drawings, particularly to FIG. 1, a
`wireless, particularly a mobile communications network, in
`particular a cellular mobile communications network 100,
`even more particularly (albeit this is not to be construed as
`limitative to the present invention, which is applicable irre
`spective of the particular network type) a GSM network, is
`schematically shown.
`The mobile communications network 100 typically com
`prises a plurality of Base Station Subsystems (BSSs), each
`one providing coverage for cellular communications in a
`respective geographic region; for simplicity of the drawing,
`only one BSS is shown in FIG. 1, identified therein by 105.
`The generic BSS, such as the BSS 105 shown in the draw
`ing, normally comprises a plurality of Base Transceiver Sta
`tions (BTSs), each one covering a respective geographic area
`(a network “cell') within the region covered by the BSS:
`again, for simplicity of the drawing, only one BTS is shown in
`FIG. 1, schematically represented by an antenna identified by
`110, and the associated cell is schematically depicted and
`identified by 115.
`The generic BTS, such as the BTS 110, communicates with
`users MSs, typically GSM cellular phones, or other user
`equipment adapted to access and be connected to the GSM
`network, Such as for example Personal Digital Assistants
`(PDAs), pocket computers, portable computers and the like,
`
`US 8,442,231 B2
`
`10
`
`15
`
`25
`
`30
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`9
`
`
`
`US 8,442,231 B2
`
`5
`
`10
`
`15
`
`25
`
`30
`
`35
`
`7
`which are located in the BTS's cell, such as the two MSs 120s
`(which in the following will be assumed to represent an SMS
`message sender mobile station) and 120r (in the following, an
`SMS message receiver mobile station) shown in FIG.1 within
`the cell 115.
`Typically, a plurality of BTSs are connected to a same Base
`Station Controller (BSC) that controls the BTSs: for example,
`all the BTSs of a same BSS are connected to a same BSC,
`such as the BSC 125 shown in FIG.1. Roughly speaking, the
`BTSs handle the actual transmission/reception of signals
`to/from the MSs, whereas the BSC instructs the different
`BTSs of which data to transmit on specified radio communi
`cation channels, and performs at least part of the operations
`involved in the authentication of the MSs necessary to con
`nect to the network.
`The BSCs of the different BSSs, such as the BSC 125 of the
`BSS 105, are typically connected to a same Mobile Switching
`Center (MSC), such as the MSC schematically represented in
`FIG. 1 and identified by 130. The MSC 130 performs the
`function of gateway to other MSCs (not shown) of the cellular
`network 100, as well as to other communications networks
`such as one or more wired, fixed telephony networks (Public
`Switched Telephone Networks, shortly PSTNs) and/or one or
`more other mobile telephony (cellular) networks, all these
`other communications networks being globally identified by
`135 in the drawing. As known in the art, the MSC is associated
`with a Home Location Register (HLR), containing Subscrip
`tion data of users Subscriber to the mobile communications
`network 100, particularly mobile phone numbers, and with a
`Visitor Location Register (VLR), containing information on
`where the various users are, at a given point of time, located,
`i.e. under which cell of the network 100 they are currently
`registered.
`The GSM network 100 implements a messaging service
`such as the SMS, offering to the users the possibility of
`exchanging short messages (hereinafter, SMS messages).
`Without entering into excessive details, known per-se in
`the art, the messaging service is managed by a Short Message
`Service Center (SMSC) 140, generally connected to the MSC
`130 via an SMS gateway 145.
`40
`The SMSC 140 may be, and preferably is, connected to the
`one or more fixed telephony networks (PSTNs) and/or one or
`more other mobile telephony (cellular) networks 135; the
`SMSC 140 may also be connected to a packet-based data
`communications network such as the Internet 137. In this
`way, SMS messages to a generic destination MS, registered
`under the network 100, can be sent not only by the user of an
`MS registered under the network 100, but also from an MS
`registered under a different mobile communication network,
`or from a suitable telephone set of a user connected to a
`PSTN, or even from the Personal Computer (PC), a PDA, a
`pocket computer or the like of a user connected to the Internet.
`In order to transmit an SMS message from an SMS mes
`sage sender, for example (but not at all limitatively) a generic
`MS connected to the network 100, e.g. the sender MS 120s, to
`an intended SMS message destination, such as for example
`the receiver MS 120r, the sender MS 120s sets up a signaling
`connection to the MSC 130, through the BTS 110 and the
`BSC 125, and the SMS message (after having been compiled
`at the sender MS) is then transmitted by the sender MS 120s
`60
`to the SMSC 140, via the SMS gateway 145. From the SMSC
`140, the SMS message is then delivered to the intended des
`tination, in the example herein considered the receiving MS
`120r, via a signaling connection: to this purpose, the SMS
`message is forwarded, via the SMS gateway 145, to the MSC
`65
`in charge of the intended destination MS, in this example, for
`simplicity, the same MSC 130, which delivers the SMS mes
`
`50
`
`45
`
`55
`
`8
`sage to the intended destination MS 120r, through the proper
`BSC and BTS, in the example herein considered, for simplic
`ity, again the BSC 125 and BTS 110.
`As mentioned in the introduction of the present descrip
`tion, the SMS is a “store-and-forward” service: if at the time
`the SMS message is received at the SMSC 140, the destina
`tion MS 120r cannot be reached, for example because it is
`temporarily out of the coverage of the network's BSSs, or it is
`switched off, the SMS message cannot be delivered to the
`intended destination. The SMS message is thus stored at the
`SMSC 140, in a SMS message database 150 held by the
`SMSC 140, for allowing the SMSC 140 perform future deliv
`ery attempts, so that the SMS message can be delivered to the
`intended destination MS 120r as soon as possible, when the
`MS becomes available. To this purpose, an automatic “alert”
`process may be started at the MSC 130, which causes the
`SMSC 140 to be notified of when the destination MS 120r
`connects to the network 100.
`In order to increase the level of security of the conven
`tional, plain messaging service, encryption of the SMS mes
`sages is implemented, by providing the sender and the receiv
`ing MSs with an SMS message cryptographic engine capable
`of encrypting/decrypting the SMS messages to be sent/re
`ceived, based on a specified cryptographic algorithm, work
`ing with encryption/decryption keys. Any one of the known
`cryptographic processes may in principle be used, perform
`ing either a symmetric encryption/decryption (a crypto
`graphic process wherein single key is used for both encrypt
`ing and decrypting the message) or an asymmetric
`encryption/decryption (an encryption/decryption scheme
`that uses a couple of keys: a public key, used for encrypting
`the plaintext, and a corresponding private key for decrypting
`the ciphertext).
`In particular, according to an embodiment of the present
`invention, the possibility is offered to, e.g., the network
`operator, such as the operator of the network 100, of modify
`ing, more or less heavily, depending on the needs or desires,
`the way in which the cryptographic (encryption/decryption)
`process is carried out, in an OTA way, i.e. exploiting the
`communications capabilities of the mobile communications
`network 100.
`Even more particularly, according to an embodiment of the
`present invention, in case parametric cryptographic algo
`rithms are used at the mobile stations for encrypting/decrypt
`ing messages, the cryptographic algorithm resident in a
`generic mobile station can be substituted tout court with a
`different cryptographic algorithm, or at least the co
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ ChargeStill Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site