PRIVACY AND AUTHENTICATION ON A PORTABLE COMMUNICATIONS-SYSTEM

It is expected that, in the near future, Portable Communications Systems (PCS's) will provide wireless access to the wireline telephone network for a large number of telephone calls. PCS's transmit conversations via radio, making them more susceptible to eavesdropping than are conversations carried via wires. Also, the mobility of PCS users presents new problems relating to 1) authentication-ensuring service is not obtained fraudulently, and 2) the privacy of information about the PCS user's location. It is important that PCS provide privacy (of conversation and location) and fraud control comparable to that of the wireline network. Provision of privacy and authentication hinges on the key agreement and authentication protocol. Such protocols can employ private-key and/or public-key cryptographic techniques. Public-key techniques hold the promise of simplifying the network infrastructure required to provide privacy and authentication. However, these techniques have heretofore been considered impractical for use in a low-cost low-power portable to private-telephone due to their higher computational complexity relative-key techniques. Three new public-key/private-key hybrid key agreement and authentication protocols, specially designed to be practical for implementation in a low-cost low-power portable telephone, are presented in this paper. The public-key protocols described herein have differing levels of security and complexity; and the tradeoffs are discussed.