CN101102552A - Update method and system for service secret key - Google Patents
Update method and system for service secret key Download PDFInfo
- Publication number
- CN101102552A CN101102552A CNA200710143661XA CN200710143661A CN101102552A CN 101102552 A CN101102552 A CN 101102552A CN A200710143661X A CNA200710143661X A CN A200710143661XA CN 200710143661 A CN200710143661 A CN 200710143661A CN 101102552 A CN101102552 A CN 101102552A
- Authority
- CN
- China
- Prior art keywords
- business cipher
- cipher key
- key
- renewal
- business
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The method comprises: 102) the broadcast multicast service center (BM-SC) determines the cycle of updating the service key, generates the updated service key before the service key update validation point and sends the updated service key notice to the terminal; the update service key notice carries a service key ID corresponding to the updated service key; 104) after receiving the service key request message sent by the terminal based on the service key ID, the BM-SC sends down the service key; the terminal saves the obtained updated service key; 106) when the service key goes into effect, the BM-SC uses the updated service key to pack the transmission key and sends it the terminal; 108) the terminal uses the updated service key to decode the packed transmission key.
Description
Technical field
The present invention relates to mobile Multimedia Broadcast Multicast Service field, relate to a kind of business cipher key update method and system more specifically.
Background technology
The multi-medium multi-packet broadcasting broadcast service is the new focus of 3G business field.MBMS (Multimedia Broadcast Multicast Service, multimedia broadcast multicast services) in the System security architecture document renewal of business cipher key is stipulated: business cipher key MSK (MBMS Service Key, MBMS Service Key) must often upgrade to guarantee the fail safe of business tine, when business cipher key will be changed, the active push key is given the registered user, can allow the registered user continue the service that the acquisition system provides like this.The active update mode of MSK is to send a MIKEY bag earlier, (the MBMS Service KeyIdentifier of MSK ID wherein, the MBMS Service Key sign) Key Number part (cipher key number sign) is changed to 0x0, informs that user terminal need upgrade current MSK key.
But brought into use the user under the situation of MBMS service, such update mode can go wrong.When some business have a plurality of user's registrations, if business cipher key that should business upgrades, then need a plurality of users' of internal trigger more new technological process at one time, because what user terminal triggered the back request is current key, therefore, this triggering should be after key comes into force, otherwise the key that the user obtains must be not upgrade.And, must cause the unexpected increase of data traffic because issuing of business cipher key is point-to-point transmission, cause network congestion.Even it is congested to adopt certain update strategy to control, such as time-sequencing etc., still can cause some using professional registered user because the business cipher key after can not obtaining immediately to upgrade causes deciphering the business tine failure, the disabled situation of short-term takes place in service.
Therefore,, user's bad experience be can cause, the popularization and the development of BroadCast MultiCast Service are unfavorable for if the renewal process of business cipher key can not effectively address the above problem.
Summary of the invention
One or more problems in view of the above, the present invention proposes a kind of business cipher key method for updating and system, this system and method upgrades the time point that comes into force by disassociation service key updating generation and business cipher key, before the business cipher key renewal comes into force, generate and controlledly issue the business cipher key of renewal, can well address the above problem.
Business cipher key update method according to the present invention mainly may further comprise the steps: S102, broadcast multicast service center is determined the business cipher key update cycle, before the business cipher key renewal comes into force a little, generate the business cipher key of renewal and the business cipher key of active push renewal and notify, carrying and the business cipher key corresponding service key identification that upgrades during the renewal business cipher key is notified to terminal.S104, broadcast multicast service center issues the business cipher key of renewal after receiving the request message to business cipher key of terminal according to the business key label initiation, and terminal is preserved the business cipher key of the renewal that obtains according to upgrading principle.S106, under the situation about arriving in the business cipher key entry-into-force time, broadcast multicast service center encapsulates and is handed down to terminal with the business cipher key that upgrades to transmission security key.S108, the business cipher key of terminal by the renewal of having preserved is decrypted the transmission security key of the encapsulation that receives.
Wherein, computing capability and the network capabilities control key according to broadcast multicast service center pushes the time.Broadcast multicast service center is packaged into key packet with transmission security key.The business cipher key update method is used for multimedia broadcast multicast service system.
Business cipher key update system according to the present invention comprises: business cipher key generates and pusher 202, be used for determining the business cipher key update cycle, generated the business cipher key and the active push renewal business cipher key that upgrade and notify to terminal before the business cipher key renewal comes into force a little, the renewal business cipher key carrying and business cipher key corresponding service key identification in notifying.Transmitting apparatus 204 under the business cipher key, are used for issuing the business cipher key of renewal after receiving the request message to business cipher key of terminal according to the business key label initiation, make terminal preserve the business cipher key of the renewal that obtains according to upgrading principle.Transmission security key encapsulation and following transmitting apparatus 206, under the situation that is used for arriving in the business cipher key entry-into-force time, transmission security key is encapsulated and is handed down to terminal with the business cipher key that upgrades, the business cipher key that terminal can be by the renewal of having preserved is decrypted the transmission security key of the encapsulation that receives.
Wherein business cipher key generation and pusher push the time according to the computing capability and the network capabilities control key of broadcast multicast service center.Transmission security key encapsulation and following transmitting apparatus are packaged into key packet with transmission security key.The business cipher key that upgrades comprises business key label.The business cipher key update system is used for multimedia broadcast multicast service system.
By method and system of the present invention, there is the key that carries out of control to push renewal, avoid a plurality of users to ask to cause network congestion simultaneously.Separate cipher code renewal time and key updating entry-into-force time, the key after making terminal obtain in advance upgrading when new key comes into force, avoids occurring user's the disabled problem of service short-term.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart according to business cipher key update method of the present invention;
Fig. 2 is the block diagram according to business cipher key update system of the present invention;
Fig. 3 is according to MBMS system applies environment schematic diagram of the present invention; And
Fig. 4 is the flow chart that upgrades according to MSK business cipher key of the present invention.
Embodiment
Below with reference to accompanying drawing, describe the specific embodiment of the present invention in detail.
Fig. 1 is the flow chart according to business cipher key update method of the present invention.As shown in Figure 1, this method may further comprise the steps:
S102, broadcast multicast service center is determined the business cipher key update cycle, generated the business cipher key of renewal and the business cipher key of active push renewal and notify to terminal before the business cipher key renewal comes into force a little, the renewal business cipher key is notified and is carried and the business cipher key corresponding service key identification that upgrades.
S104, broadcast multicast service center issues the business cipher key of renewal after receiving the request message to business cipher key of terminal according to the business key label initiation, and terminal is preserved the business cipher key of the renewal that obtains according to upgrading principle.
S106, under the situation about arriving in the business cipher key entry-into-force time, broadcast multicast service center encapsulates and is handed down to terminal with the business cipher key that upgrades to transmission security key.
S108, the business cipher key of terminal by the renewal of having preserved is decrypted the transmission security key of the encapsulation that receives.
Wherein, computing capability and the network capabilities control key according to broadcast multicast service center pushes the time.Broadcast multicast service center is packaged into key packet with transmission security key.The business cipher key that upgrades comprises business key label.The business cipher key update method is used for multimedia broadcast multicast service system.
Fig. 2 is the block diagram according to business cipher key update system of the present invention.As shown in Figure 2, this system comprises: business cipher key generates and pusher 202, be used for determining the business cipher key update cycle, generated the business cipher key of renewal and the business cipher key of active push renewal and notify to terminal before the business cipher key renewal comes into force a little, the renewal business cipher key carrying and business cipher key corresponding service key identification in notifying.Transmitting apparatus 204 under the business cipher key, are used for issuing the business cipher key of renewal after receiving the request message to business cipher key of terminal according to the business key label initiation, make terminal preserve the business cipher key of the renewal that obtains according to upgrading principle.Transmission security key encapsulation and following transmitting apparatus 206, under the situation that is used for arriving in the business cipher key entry-into-force time, transmission security key is encapsulated and is handed down to terminal with the business cipher key that upgrades, the business cipher key that terminal can be by the renewal of having preserved is decrypted the transmission security key of the encapsulation that receives.
Wherein business cipher key generation and pusher push the time according to the computing capability and the network capabilities control key of broadcast multicast service center.Transmission security key encapsulation and following transmitting apparatus are packaged into key packet with transmission security key.The business cipher key that upgrades comprises business key label.The business cipher key update system is used for multimedia broadcast multicast service system.
Fig. 3 is according to MBMS system applies environment schematic diagram of the present invention.As shown in Figure 3, this is a cover MBMS system, and four part: BM-SC (Broadcast-MulticastService Centre, broadcast multicast service center) platform 302, core net 304, Access Network 306 and terminal 308 are arranged.
The wherein service of certain business of terminal request can be preserved this professional MSK and sign thereof.When MBMS provided the encryption multicast/broadcast of this business, terminal can be resolved the encrypted content of receiving, seeks the MSK value that is stored in this locality according to MSK identification index wherein encrypted content is further deciphered.When business cipher key is the MSK renewal, the encrypted content real-time update, terminal need be deciphered the ciphering multimedia content that be subjected to this moment with the key that upgrades.
Fig. 4 is the flow chart that upgrades according to MSK business cipher key of the present invention.As shown in Figure 4, the MSK business cipher key upgrades and may further comprise the steps:
S402, business is issued, and determines the professional MSK key updating cycle.
S404, determine that cipher code renewal time adds one or more key updating cycle for the service distribution time, determine that this time point is the key updating entry-into-force time, promptly arrive this time point, the key after the renewal comes into force, simultaneously, select time is o'clock between two key updating entry-into-force times, be the key updating rise time, at this moment between point, generate the business cipher key of following one-period.
S406, after generating business cipher key of following one-period, the business cipher key notice after BM-SC cipher key function module active push is upgraded, (MSKID) is sent to terminal with the corresponding service key identification, allows terminal understand business cipher key and upgrades.The Key Number Part of the MSKID that carries (MBMSService Key Identifier, MBMS Service Key sign) upgrades back key for this.
S408, terminal is initiated the HTTP request message of MSK, and carries the MSKID of renewal.
S410, BM-SC issue the business cipher key after the renewal.
S412, terminal is preserved the corresponding professional more new key that obtains according to upgrading principle.
S414, the business cipher key entry-into-force time arrives, and BM-SC carries out the MIKEY package with new business cipher key to MTK.
S416 issues the MIKEY bag (multicast and broadcast mode) of MTK (MBMS Traffic Key, the MBMS Traffic Key) key after the renewal.
S418, terminal has been stored new business cipher key, can in time decipher program stream.
Wherein, for fear of a plurality of key request at a time occurring, at S406, can adopt control key to push time method, promptly computing capability and the network capabilities according to BM-SC sends the request of propelling movement in batches successively.
Under the situation that certain business is used by a large number of users, separate key updating point and key updating entry-into-force time point, before new key comes into force, send and upgrade, make the user before key comes into force, obtain key, just can avoid following problem in the new key renewal when coming into force, a large number of users request new key causes network data congested during promptly owing to key updating, the user can not in time obtain key, and it is unavailable to occur service in a short time.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (8)
1. a business cipher key update method is characterized in that, may further comprise the steps:
S102, broadcast multicast service center is determined the business cipher key update cycle, generated the business cipher key and the described renewal business cipher key of active push that upgrade and notify to terminal before the business cipher key renewal comes into force a little, described renewal business cipher key notice carries the business cipher key corresponding service key identification with described renewal;
S104; Described broadcast multicast service center issues the business cipher key of described renewal after receiving the request message to business cipher key of described terminal according to described business key label initiation, described terminal is preserved the business cipher key of the described renewal that obtains according to upgrading principle;
S106, under the situation about arriving in the business cipher key entry-into-force time, described broadcast multicast service center encapsulates and is handed down to described terminal with the business cipher key of described renewal to transmission security key; And
S108, the business cipher key of described terminal by the described renewal of having preserved is decrypted the transmission security key of the encapsulation that receives.
2. business cipher key update method according to claim 1 is characterized in that, according to the computing capability and the network capabilities control key propelling movement time of described broadcast multicast service center.
3. business cipher key update method according to claim 1 is characterized in that described broadcast multicast service center is packaged into key packet with described transmission security key.
4. according to each described business cipher key update method in the claim 1 to 3, it is characterized in that described method is used for multimedia broadcast multicast service system.
5. a business cipher key update system is characterized in that, comprising:
Business cipher key generates and pusher, be used for determining the business cipher key update cycle, before the business cipher key renewal comes into force a little, generate the business cipher key and the described renewal business cipher key of active push that upgrade and notify, carry business cipher key corresponding service key identification in the described renewal business cipher key notice with described renewal to terminal;
Transmitting apparatus under the business cipher key, be used for after receiving the request message to business cipher key of described terminal according to described business key label initiation, issue the business cipher key of described renewal, make described terminal preserve the business cipher key of the described renewal that obtains according to upgrading principle; And
Transmission security key encapsulation and following transmitting apparatus, under the situation that is used for arriving in the business cipher key entry-into-force time, business cipher key with described renewal encapsulates and is handed down to described terminal to transmission security key, the business cipher key that described terminal can be by the described renewal of having preserved is decrypted the transmission security key of the encapsulation that receives.
6. business cipher key update system according to claim 5 is characterized in that, described business cipher key generation and pusher push the time according to the computing capability and the network capabilities control key of described broadcast multicast service center.
7. business cipher key update system according to claim 6 is characterized in that, described transmission security key encapsulation and following transmitting apparatus are packaged into key packet with described transmission security key.
8. according to each described business cipher key update system in the claim 5 to 7, it is characterized in that described system is used for multimedia broadcast multicast service system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710143661.XA CN101102552B (en) | 2007-08-16 | 2007-08-16 | Update method and system for service secret key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710143661.XA CN101102552B (en) | 2007-08-16 | 2007-08-16 | Update method and system for service secret key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101102552A true CN101102552A (en) | 2008-01-09 |
| CN101102552B CN101102552B (en) | 2012-12-19 |
Family
ID=39036594
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200710143661.XA Expired - Fee Related CN101102552B (en) | 2007-08-16 | 2007-08-16 | Update method and system for service secret key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101102552B (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010142193A1 (en) * | 2009-06-10 | 2010-12-16 | 中兴通讯股份有限公司 | Method, system and service center for transmitting service key |
| CN101621390B (en) * | 2008-07-01 | 2011-10-26 | 中兴通讯股份有限公司 | Protection method and system thereof for data download service in broadcast multicast |
| CN102333280A (en) * | 2011-09-26 | 2012-01-25 | 中兴通讯股份有限公司 | Business secret key renewing method and system and business processing server |
| CN102387500A (en) * | 2011-10-25 | 2012-03-21 | 中兴通讯股份有限公司 | Service key management method and system |
| CN101521656B (en) * | 2008-02-26 | 2012-12-19 | 华为技术有限公司 | Method and system for updating cryptographic-key used for encrypting group service |
| WO2013004103A1 (en) * | 2011-07-05 | 2013-01-10 | 中兴通讯股份有限公司 | Updating method for pws key in wireless communication system, network side apparatus and terminal |
| WO2014063626A1 (en) * | 2012-10-25 | 2014-05-01 | 华为终端有限公司 | Group transient key updating method and related apparatus and system |
| CN106332073A (en) * | 2015-06-16 | 2017-01-11 | 北京信威通信技术股份有限公司 | Cluster group root key updating method |
| CN106936794A (en) * | 2015-12-30 | 2017-07-07 | 阿里巴巴集团控股有限公司 | Method, the device of a kind of method, device and setting key for changing key |
| CN110035396A (en) * | 2019-04-15 | 2019-07-19 | 湖南科大天河通信股份有限公司 | Bluetooth broadcast key updating method, apparatus and system |
| CN111200491A (en) * | 2018-11-20 | 2020-05-26 | 千寻位置网络有限公司 | Key updating method, data decrypting method, device, client and interactive system |
| CN113757909A (en) * | 2021-11-08 | 2021-12-07 | 国网浙江省电力有限公司绍兴供电公司 | Air conditioner cluster control method based on quantum encryption technology |
| WO2022036600A1 (en) * | 2020-08-19 | 2022-02-24 | Oppo广东移动通信有限公司 | Key update methods, apparatus and devices, and storage medium |
| WO2022174802A1 (en) * | 2021-02-20 | 2022-08-25 | 华为技术有限公司 | Method for updating cryptographic key, and apparatus |
| WO2022257108A1 (en) * | 2021-06-11 | 2022-12-15 | 华为技术有限公司 | Method for updating vehicle-to-everything (v2x) communication key, and communication apparatus |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030053629A1 (en) * | 2001-09-14 | 2003-03-20 | Koninklijke Philips Electronics N.V. | USB authentication interface |
| CN100362785C (en) * | 2003-05-29 | 2008-01-16 | 华为技术有限公司 | Method for updating shared key |
| CN100344160C (en) * | 2004-07-21 | 2007-10-17 | 华为技术有限公司 | Method for realizing acquisition of user on-line information |
-
2007
- 2007-08-16 CN CN200710143661.XA patent/CN101102552B/en not_active Expired - Fee Related
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101521656B (en) * | 2008-02-26 | 2012-12-19 | 华为技术有限公司 | Method and system for updating cryptographic-key used for encrypting group service |
| CN101621390B (en) * | 2008-07-01 | 2011-10-26 | 中兴通讯股份有限公司 | Protection method and system thereof for data download service in broadcast multicast |
| CN101583131B (en) * | 2009-06-10 | 2012-05-09 | 中兴通讯股份有限公司 | Service key transmission method and system |
| WO2010142193A1 (en) * | 2009-06-10 | 2010-12-16 | 中兴通讯股份有限公司 | Method, system and service center for transmitting service key |
| WO2013004103A1 (en) * | 2011-07-05 | 2013-01-10 | 中兴通讯股份有限公司 | Updating method for pws key in wireless communication system, network side apparatus and terminal |
| CN102333280A (en) * | 2011-09-26 | 2012-01-25 | 中兴通讯股份有限公司 | Business secret key renewing method and system and business processing server |
| WO2012155702A1 (en) * | 2011-09-26 | 2012-11-22 | 中兴通讯股份有限公司 | Method, system, service processing server for updating service key |
| CN102387500B (en) * | 2011-10-25 | 2015-10-28 | 中兴通讯股份有限公司 | A kind of business cipher key management method and system |
| CN102387500A (en) * | 2011-10-25 | 2012-03-21 | 中兴通讯股份有限公司 | Service key management method and system |
| US9332438B2 (en) | 2012-10-25 | 2016-05-03 | Huawei Device Co., Ltd. | Method for updating group temporal key, related apparatus and system |
| WO2014063626A1 (en) * | 2012-10-25 | 2014-05-01 | 华为终端有限公司 | Group transient key updating method and related apparatus and system |
| CN106332073A (en) * | 2015-06-16 | 2017-01-11 | 北京信威通信技术股份有限公司 | Cluster group root key updating method |
| CN106332073B (en) * | 2015-06-16 | 2019-06-21 | 北京信威通信技术股份有限公司 | A kind of cluster group root key update method |
| CN106936794A (en) * | 2015-12-30 | 2017-07-07 | 阿里巴巴集团控股有限公司 | Method, the device of a kind of method, device and setting key for changing key |
| CN111200491A (en) * | 2018-11-20 | 2020-05-26 | 千寻位置网络有限公司 | Key updating method, data decrypting method, device, client and interactive system |
| CN110035396A (en) * | 2019-04-15 | 2019-07-19 | 湖南科大天河通信股份有限公司 | Bluetooth broadcast key updating method, apparatus and system |
| WO2022036600A1 (en) * | 2020-08-19 | 2022-02-24 | Oppo广东移动通信有限公司 | Key update methods, apparatus and devices, and storage medium |
| WO2022174802A1 (en) * | 2021-02-20 | 2022-08-25 | 华为技术有限公司 | Method for updating cryptographic key, and apparatus |
| CN114979962A (en) * | 2021-02-20 | 2022-08-30 | 华为技术有限公司 | Method and device for updating key |
| WO2022257108A1 (en) * | 2021-06-11 | 2022-12-15 | 华为技术有限公司 | Method for updating vehicle-to-everything (v2x) communication key, and communication apparatus |
| CN113757909A (en) * | 2021-11-08 | 2021-12-07 | 国网浙江省电力有限公司绍兴供电公司 | Air conditioner cluster control method based on quantum encryption technology |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101102552B (en) | 2012-12-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101102552B (en) | Update method and system for service secret key | |
| US8600059B2 (en) | Short message service cipher | |
| ES2397109T3 (en) | Determination of a session encryption key during a broadcast / multicast service session using a secure real-time transport protocol | |
| CN102137290B (en) | Method and apparatus for time-based charging for broadcast-multicast services (Bcmcs) in a wireless communication system | |
| CN104618902B (en) | The network operation solution not encrypted | |
| US8619993B2 (en) | Content protection for OMA broadcast smartcard profiles | |
| RU2530331C2 (en) | Multicast key negotiation method suitable for group calling system and respective system | |
| KR101465263B1 (en) | Method for security key distrubution in broadcast system and the system therefor | |
| CN101981864A (en) | Method and apparatus for providing broadcast service using encryption key in a communication system | |
| US20130288641A1 (en) | Wireless communication system providing the verification of the network identify | |
| CN101808286B (en) | Multicast key agreement method and system for clustered system | |
| CN110234102A (en) | Communication means and equipment | |
| CN103813272A (en) | Cluster group calling downlink transmission method | |
| CN103546767B (en) | Content protection method and system of multimedia service | |
| CN101217358A (en) | An activation method of digital broadcast service system and digital broadcast service | |
| CN101056169B (en) | Method and system for improving the multicast service security of the radio communication system | |
| CN100544429C (en) | A kind of mobile phone TV services content protecting method | |
| CN101621390B (en) | Protection method and system thereof for data download service in broadcast multicast | |
| CN107644169A (en) | A kind of data guard method and data protection system | |
| CN100354789C (en) | Content group digital copyright protection method and system | |
| CN108307324A (en) | A kind of broadcast message safe transmission method and device | |
| CN101162997B (en) | Method of updating broadcast sharing cipher between electronic equipment interfaces | |
| CN102123390B (en) | Method, device and terminal for processing service keys | |
| CN101267533B (en) | Method, system and mobile terminal for playing program stream at different platform terminals | |
| CN100583743C (en) | Distributing method for transmission key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121219 Termination date: 20200816 |