Abstract: A method for a Mobile Mobility Entity (MME) to carry out mutual authentication with a group of Machine Type Communication (MTC) devices includes receiving group-related authentication data from a leader, transmitting the received information and an identification number of the MME, to a HSS, receiving from the HSS a random value, an Authentication Vector and information of group members, broadcasting the random value and the first authentication token to the MTC device group based on information received from the HSS, receiving from the leader a leader authentication response that the leader generates by using a local master key value calculated by using the first secret key value, authenticating the leader by comparing the leader authentication response with a leader authentication value received from the HSS, and authenticating members within the MTC device group according to the leader authentication result.

Abstract: The present invention discloses a method for a Mobile Mobility Entity (MME) to carry out mutual authentication with a group of Machine Type Communication (MTC) devices. The method can comprise receiving group-related authentication data from a leader; transmitting the received information and Serving Network-ID, an identification number of the MME, to a HSS; receiving from the HSS a random value, an Authentication Vector and information of group members; broadcasting the random value and the first authentication token to the MTC device group based on information received from the HSS; receiving from the leader a leader authentication response that the leader generates by using a local master key value calculated by using the first secret key value; authenticating the leader by comparing the leader authentication response with a leader authentication value received from the HSS; and authenticating members within the MTC device group according to the leader authentication result.

Abstract: A method of and an authentication server for distributing a key are disclosed. According to an embodiment of the present invention, the method of distributing a key, which is distributed by an authentication server connected with wireless terminals through a communication network, for encrypting and decrypting data in accordance with providing a service can include: obtaining characteristic information by decrypting encrypted characteristic information that has been received from each of n number of wireless terminals; generating a random key; generating a group key used for encrypting and decrypting data in accordance with providing a service; and generating a distribution key by using the random key, the group key and the characteristic information, and transmitting the distribution key to each wireless terminal.

Abstract: Provided is a binding update method in MIPv6 which includes: a first step of generating, with a mobile node, a HoTI (Home Test Init) message and transmitting the HoTI message to a corresponding node; a second step of generating a CoTI (Care of Test Init) message and transmitting the CoTI message to the corresponding node; a third step of generating, with the corresponding node, a HoT (Home of Test) message and transmitting the HoT message to the mobile node; a fourth step of generating a CoT (Care-of Test) message and transmitting the CoT message to the mobile node; a fifth step of generating, with the mobile node, a BU (Binding Update) message and transmitting the BU message to the corresponding node; and a sixth step of verifying, with the corresponding node, the BU message and transmitting a BA (Binding Ack) message to the mobile node.

Abstract: IP state-vector manager determines state vector value by updating token numbers of IP state vector according to source and destination IP addresses of the received packet, and obtains state number of state vector value by counting state vector value. Port-number state-vector manager determines state vector value by updating token numbers of port-number state vector according to source and destination token numbers of packet, and obtains state number of state vector value by counting state vector value. Entropy calculator calculates entropies related to IP address and port number, based on number and state number of state vector values related to IP state vector and port-number state vector. Anomalous event determiner determines whether there is anomalous event in network based on calculated entropies. Anomalous event can be efficiently detected with minimized false negative and positive rates.

Abstract: A method of mobile authentication with enhanced mutual authentication and handover security is disclosed. The method of mutual authentication in a mobile network in accordance with an embodiment of the present invention includes: generating at least one service ticket and session key corresponding to a mobile station in accordance with an authentication data request for the mobile station; encrypting the service ticket and the session key by using a user security key pre-assigned in accordance with the mobile station; sending the encrypted service ticket and session key to the mobile station by using a control message; and authenticating the mobile station by analyzing user mutual authentication information received from the mobile station. The present invention, therefore, can provide a more powerful and effective mutual authentication method in a mobile network.

Abstract: Provided is a resynchronization method of a mobile communication terminal. The resynchronization method for a mobile communication terminal connected to a home location register and a mobile communication network, includes: extracting a communication network serial number corresponding to a terminal authentication request instruction received from a mobile communication network; comparing the communication network serial number with a terminal serial number stored in a predetermined memory; generating nth terminal synchronization failure information if the communication network serial number is smaller than the terminal serial number, where n is a nature number; and transmitting the generated nth terminal synchronization failure information to the home location register. The home location register ends a resynchronization procedure if the nth terminal synchronization failure information is smaller than previously stored (n?1)th communication network synchronization failure information.

Abstract: IP state-vector manager determines state vector value by updating token numbers of IP state vector according to source and destination IP addresses of the received packet, and obtains state number of state vector value by counting state vector value. Port-number state-vector manager determines state vector value by updating token numbers of port-number state vector according to source and destination token numbers of packet, and obtains state number of state vector value by counting state vector value. Entropy calculator calculates entropies related to IP address and port number, based on number and state number of state vector values related to IP state vector and port-number state vector. Anomalous event determiner determines whether there is anomalous event in network based on calculated entropies. Anomalous event can be efficiently detected with minimized false negative and positive rates.

Abstract: A binding update method in MIPv6 is provided which includes: a first step of allowing a mobile node to generate a HoTI (Home Test Init) message including a HoA (Home Address) encoded with a product of a first prime number and a second prime number and to transmit the HoTI message to a corresponding node through a home agent along with a first index; a second step of allowing the mobile node to generate a CoTI (Care of Test Init) message including a CoA (Care-of Address) encoded with a product of the first prime number and a third prime number and to transmit the CoTI message directly to the corresponding node along with a second index; a third step of allowing the corresponding node to generate a HoT (Home of Test) message including a first nonce and to transmit the HoT message to the mobile node through the home agent; a fourth step of allowing the corresponding node to generate a CoT (Care-of Test) message including a second nonce and to transmit the CoT message to the mobile node; a fifth step of allowing

Abstract: A method of and an authentication server for distributing a key are disclosed. According to an embodiment of the present invention, the method of distributing a key, which is distributed by an authentication server connected with wireless terminals through a communication network, for encrypting and decrypting data in accordance with providing a service can include: obtaining characteristic information by decrypting encrypted characteristic information that has been received from each of n number of wireless terminals; generating a random key; generating a group key used for encrypting and decrypting data in accordance with providing a service; and generating a distribution key by using the random key, the group key and the characteristic information, and transmitting the distribution key to each wireless terminal.

Abstract: A method of mobile authentication with enhanced mutual authentication and handover security is disclosed. The method of mutual authentication in a mobile network in accordance with an embodiment of the present invention includes: generating at least one service ticket and session key corresponding to a mobile station in accordance with an authentication data request for the mobile station; encrypting the service ticket and the session key by using a user security key pre-assigned in accordance with the mobile station; sending the encrypted service ticket and session key to the mobile station by using a control message; and authenticating the mobile station by analyzing user mutual authentication information received from the mobile station. The present invention, therefore, can provide a more powerful and effective mutual authentication method in a mobile network.

Abstract: Provided is a resynchronization method of a mobile communication terminal. The resynchronization method for a mobile communication terminal connected to a home location register and a mobile communication network, includes: extracting a communication network serial number corresponding to a terminal authentication request instruction received from a mobile communication network; comparing the communication network serial number with a terminal serial number stored in a predetermined memory; generating nth terminal synchronization failure information if the communication network serial number is smaller than the terminal serial number, where n is a nature number; and transmitting the generated nth terminal synchronization failure information to the home location register. The home location register ends a resynchronization procedure if the nth terminal synchronization failure information is smaller than previously stored (n?1)th communication network synchronization failure information.