CN113596824A - Encryption method for authentication failure plaintext information in 5G security protocol - Google Patents

Encryption method for authentication failure plaintext information in 5G security protocol Download PDF

Info

Publication number
CN113596824A
CN113596824A CN202110869672.6A CN202110869672A CN113596824A CN 113596824 A CN113596824 A CN 113596824A CN 202110869672 A CN202110869672 A CN 202110869672A CN 113596824 A CN113596824 A CN 113596824A
Authority
CN
China
Prior art keywords
information
failure
authentication
terminal equipment
serial number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110869672.6A
Other languages
Chinese (zh)
Inventor
车向北
李曼
欧阳宇宏
林子钊
康文倩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Power Supply Bureau Co Ltd
Original Assignee
Shenzhen Power Supply Bureau Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Power Supply Bureau Co Ltd filed Critical Shenzhen Power Supply Bureau Co Ltd
Priority to CN202110869672.6A priority Critical patent/CN113596824A/en
Publication of CN113596824A publication Critical patent/CN113596824A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a method for encrypting authentication failure plaintext information in a 5G security protocol, which comprises the following steps that S1, a service network sends an authentication request message to terminal equipment, and the terminal equipment verifies the authentication request message to generate a verification result; wherein the verification result comprises success or failure; step S2, when the verification result is failure, the terminal equipment generates plaintext information and generates a random encryption value through a preset random function and the serial number of the terminal equipment, and the plaintext information is encrypted according to the random encryption value; in step S3, the terminal device transmits the encrypted plaintext information to the service network. The invention realizes the effect of protecting the plaintext information which fails in authentication of the 5G security protocol.

Description

Encryption method for authentication failure plaintext information in 5G security protocol
Technical Field
The invention relates to the technical field of communication, in particular to an encryption method of authentication failure plaintext information in a 5G security protocol.
Background
With the rapid development of information technology and mobile communication technology, the mobile communication technology has become an important part of our daily life, and our mobile devices rely on the development and application of the mobile communication technology when connecting to internet services. From the previous 3G technology to the 4G technology, we know that the 4G technology has promoted the development of the mobile internet to a great extent and has spawned a number of emerging internet industries. 4G has been developed and applied for many years, and 5G has come to bear, and 5G rapidly develops in China and even in the whole world due to the characteristics of higher speed, larger bandwidth, interconnection of everything and the like.
The 5G technology has a number of drawbacks that make it flawless, but it has some drawbacks that it has since its design. When the personal terminal device UE and the network service perform security authentication, two pieces of information, namely MAC (Medium access control) and SQN (Sequence number) need to be checked, and the UE can perform bidirectional communication with the network only when both authentication are successful. The Authentication of the UE and the network adopts a security Authentication and Key Agreement (5G AKA), and the 5G AKA has defects in Authentication. In the field of mobile communication security, authentication is the first line of defense, and the security of the authentication also determines the degree of 5G commercial use to some extent. The 5G AKA protocol has two defects, one is a malicious attack which can bring chaining property, and the other is a SUCI interception attack threat.
Both of the above-mentioned drawbacks pose a security threat to users, where the link attack existed in 3G in the early days, which is a big pain point in the security field of mobile communication in recent years. To solve this problem, many technical experts also specifically study this drawback, but additionally increase communication overhead, storage overhead and calculation overhead. In 5G, delay is a large requirement, so adding this much overhead goes against the characteristics of 5G itself. The other threat is eavesdropping attack threat, when a malicious attacker attacks the UE equipment through broadcasting, the 5G AKA security authentication protocol shows the vulnerability, and sends plaintext information of authentication failure when MAC verification and SQN verification fail, and the plaintext information exactly gives the possibility that the malicious attacker steals user information.
Disclosure of Invention
The invention aims to provide encryption of authentication failure plaintext information in a 5G security protocol, and solves the technical problem that in the prior art, the plaintext information which fails in authentication is sent when verification fails, so that the security is poor.
On one hand, the method for encrypting the authentication failure plaintext information in the 5G security protocol comprises the following steps:
step S1, the service network sends the authentication request message to the terminal device, the terminal device verifies the authentication request message, and generates the verification result; wherein the verification result comprises success or failure;
step S2, when the verification result is failure, the terminal equipment generates plaintext information and generates a random encryption value through a preset random function and the serial number of the terminal equipment, and the plaintext information is encrypted according to the random encryption value;
in step S3, the terminal device transmits the encrypted plaintext information to the service network.
Preferably, the step S1 includes:
the terminal equipment acquires the authentication request message and identifies the authentication request message to acquire authentication token information and preset random function information;
analyzing the obtained authentication token information to obtain MAC information and serial number information;
and verifying the MAC information and the serial number information through a preset authentication and key agreement protocol to obtain a verification result.
Preferably, the step S2 includes:
when the MAC information is successfully verified and the serial number information is failed to be verified, acquiring preset random function information and a serial number of the terminal equipment; generating a random encryption value according to preset random function information and a serial number of the terminal equipment;
and generating plaintext information through a preset authentication and key agreement protocol, and encrypting the generated plaintext information according to the random encryption value.
Preferably, the random secret is generated according to the following formula:
SYNfailure=f2*(synfailure,<SQNUE,nrand>)
wherein, SYNfailureIndicating a failed check of the sequence number information, SQNUEIndicating the terminal equipment serial number, f2 indicating the encryption algorithm, nrandRepresenting preset random function information.
Preferably, the plaintext information is encrypted according to the following formula:
RES*=SYNfailure||MACS=f1*(K,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, SQNUEDenotes the terminal equipment serial number, K denotes the key, f1 denotes the encryption algorithm, nrandRepresenting preset random function information.
Preferably, the step S2 includes:
when the MAC information check fails, acquiring preset random function information and a serial number of the terminal equipment; generating a random encryption value according to preset random function information and a serial number of the terminal equipment;
and generating plaintext information through a preset authentication and key agreement protocol, and encrypting the generated plaintext information according to the random encryption value.
Preferably, the random secret is generated according to the following formula:
MACfailure=f2*(MACfailure,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, MACfailureIndicating MAC information check failure, SQNUEIndicating the terminal equipment serial number, f2 indicating the encryption algorithm, nrandRepresenting a randomly encrypted value.
Preferably, the plaintext information is encrypted according to the following formula:
RES*=MACfailure||MACS=f1*(K,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, SQNUEDenotes the terminal equipment serial number, K denotes the key, f1 denotes the encryption algorithm, nrandRepresenting a randomly encrypted value.
In summary, the embodiment of the invention has the following beneficial effects:
the encryption method for the authentication failure plaintext information in the 5G security protocol provided by the invention protects the defect that an attacker authenticates the plaintext transmission of the corresponding message by using authentication, and encrypts the plaintext information in a way of negotiating with a network to generate a new random number to solve the defect; therefore, because the malicious UE and the malicious base station forged by the malicious attacker do not know the generation function of the new random number, when the malicious UE and the malicious base station construct a malicious authentication request message and send the malicious authentication request message to the target UE, the malicious UE and the malicious base station cannot attack the next step according to the encrypted information even if receiving the corresponding information of the target UE, and the effect of protecting the plaintext information which fails in authentication of the 5G security protocol is realized.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is within the scope of the present invention for those skilled in the art to obtain other drawings based on the drawings without inventive exercise.
Fig. 1 is a diagram illustrating a 5G AKA protocol security authentication process in the prior art.
Fig. 2 is a main flow diagram of an encryption method for authentication failure plaintext information in a 5G security protocol according to an embodiment of the present invention.
Fig. 3 is a logic diagram illustrating an encryption method for authentication failure plaintext information in a 5G security protocol according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings.
As shown in fig. 1, the authentication process for the 5G AKA security authentication protocol is as follows:
1) the home network HN generates a security authentication vector AV (RAND, AUTN, HXRES, K)AUSF) Subsequently, the authentication vector is sent to the service network SN;
2) the SN combines two parameters RAND and AUTN in the AV and two parameters ngKSI and ABBA left by the combined authentication and sends the information to the UE;
3) UE carries on message authentication code MAC check and synchronous serial number SQN check, if MAC and SQN check pass, calculate and produce response code RES to send to SN, transmit to HN carry on two-way check subsequently;
4) if the SN and HN response codes are verified successfully, the bidirectional authentication is successful, and the UE and the service network perform normal communication mutually;
5) if the SQN check fails, the UE returns check failure information of a plaintext and is accompanied by AUTS;
6) and if the MAC check fails, the UE returns MAC check failure information of the plaintext.
For the above 5G AKA protocol, a malicious attacker may use the plaintext of the authentication corresponding message to perform two attacks, the first attack is as follows:
1) an attacker places a detection tool near target UE and continuously monitors plaintext authentication information of the target UE, and because SN sends two key parameters of RAND and AUTN to the target UE, the attacker obtains the two parameters through eavesdropping;
2) after the attacker has two key parameters of RAND and AUTN, the two parameters are used for constructing authentication request information to be broadcast, and all nearby UE (user equipment) receive the authentication request information;
3) after receiving the authentication information forged by the attacker, MAC and SQN checks are carried out. The MAC check is: checking xMAC and SQN obtained from AUTNHNWhether the regenerated MAC is the same. The SQN checks that the UE judges that the SQN isHNIn the range of (1), i.e. SQNHNWhether it is greater than SQNUE. Only if both checks are successful will the parties authenticate each other successfully and authentication information is returned. When the MAC check fails, the target UE returns MAC verification failure information in plain text to the network. If the MAC check is successful and the SQN check fails, the UE replies plaintext information of SQN synchronization failure to the network. After the malicious attacker rebroadcasts the authentication request, the MAC authentication request of the target UE still passes, but the SQN check fails because the SQN is not within the target range. Meanwhile, other UEs may return MAC authentication failure information due to MAC authentication failure. And a malicious attacker obtains the feedback messages of all the UEs, and because the feedback messages are plaintext, the attack can be carried out by judging the types of the feedback messages. According to the corresponding message, if the SQN synchronization failure information exists, the target UE is nearby; if all received messages are information that the MAC authentication fails, the target UE is not nearby.
Based on the above analysis, the attacker obtains the locations of the target UEs and attacks at these locations. The first drawback is due to the openness of RAND, AUTN over the air interface, since by this property it is easy for a malicious attacker to obtain these two important parameters and to forge the authentication information.
The attacker also makes a second attack, which is as follows:
1) an attacker intercepts authentication request information of target UE, and builds malicious UE and a malicious base station near the target UE.
2) An attacker modifies logout request information and sends the logout request information to victim UE, the victim UE starts to send a registration request to a malicious base station, the malicious base station discards a registration request message and sends the registration request message to the malicious UE, the malicious UE sends an authentication request to a legal base station, and the legal base station sends an authentication request vector to the malicious UE, wherein the vector contains two important parameters RAND and AUTN. And after the malicious base station sends the authentication vector to the target UE, the target UE carries out MAC and SQN verification. So far, the malicious attacker can obtain the corresponding verification information. Whether the target UE is determined by whether the corresponding content is yes.
3) After the location information of the target UE exists, the malicious base station and the malicious UE can obtain a traffic entrance of the target UE by forging the network, and can analyze traffic to construct and obtain privacy information of the target user.
Fig. 2 and fig. 3 are schematic diagrams illustrating an embodiment of an encryption method for plaintext information that fails to be authenticated in a 5G security protocol according to the present invention. In this embodiment, the method comprises the steps of:
step S1, the service network sends the authentication request message to the terminal device, the terminal device verifies the authentication request message, and generates the verification result; wherein the verification result comprises success or failure; it can be understood that the service network sends an authentication request message to the terminal device, and the terminal device performs MAC and SQN verification after receiving the information (RAND, AUTN), and performs MAC and SQN verification in the same 5G AKA protocol, and then generates and sends the authentication request message to the service network when the authentication is passed.
In a specific embodiment, the terminal equipment acquires and identifies an authentication request message to acquire authentication token information and preset random function information;
analyzing the obtained authentication token information to obtain MAC information and serial number information;
and verifying the MAC information and the serial number information through a preset authentication and key agreement protocol to obtain a verification result.
Step S2, when the verification result is failure, the terminal equipment generates plaintext information and generates a random encryption value through a preset random function and the serial number of the terminal equipment, and the plaintext information is encrypted according to the random encryption value; it will be appreciated that a new random number n is usedrandThe feedback information of the plaintext is encrypted, which is different from directly transmitting the plaintext feedback information to the SN in the 5G AKA protocol, and RES is carried by the MACS, which makes the SN know that RES is from the real UE. Even if the malicious attacker intercepts the RES, the malicious attacker cannot know whether the information is the result of MAC authentication failure or SQN authentication failure, and cannot attack the information by using the two security defects. Since both the SN/HN and the UE know the generation function g of the new random number, the SN and HN can also pass g and the old oneGenerating a new random number by the rand, nrandSN and HN know the content of RES.
In the specific embodiment, when the MAC information is successfully verified and the serial number information is unsuccessfully verified, acquiring preset random function information and a serial number of the terminal equipment; generating a random encryption value according to preset random function information and a serial number of the terminal equipment; wherein the random secret is generated according to the following formula:
SYNfailure=f2*(synfailure,<SQNUE,nrand>)
wherein, SYNfailureIndicating a failed check of the sequence number information, SQNUEIndicating the terminal equipment serial number, f2 indicating the encryption algorithm, nrandRepresenting preset random function information;
generating plaintext information through a preset authentication and key agreement protocol, and encrypting the generated plaintext information according to a random encryption value, wherein the plaintext information is encrypted according to the following formula:
RES*=SYNfailure||MACS=f1*(K,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, SQNUEDenotes the terminal equipment serial number, K denotes the key, f1 denotes the encryption algorithm, nrandRepresenting preset random function information.
Specifically, when the MAC information check fails, acquiring preset random function information and a serial number of the terminal equipment; generating a random encryption value according to preset random function information and a serial number of the terminal equipment; wherein the random secret is generated according to the following formula:
MACfailure=f2*(MACfailure,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, MACfailureIndicating MAC information check failure, SQNUEIndicating the terminal equipment serial number, f2 indicating the encryption algorithm, nrandRepresenting a randomly encrypted value.
Generating plaintext information through a preset authentication and key agreement protocol, and encrypting the generated plaintext information according to a random encryption value, wherein the plaintext information is encrypted according to the following formula:
RES*=MACfailure||MACS=f1*(K,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, SQNUEDenotes the terminal equipment serial number, K denotes the key, f1 denotes the encryption algorithm, nrandRepresenting a randomly encrypted value.
In step S3, the terminal device transmits the encrypted plaintext information to the service network. The method protects the defect that an attacker utilizes authentication to authenticate the plaintext transmission of the corresponding message, and encrypts plaintext information in a mode of negotiating with a network to generate a new random number to solve the defect. Aiming at the security defect of the SUCI request authentication vector, the malicious UE and the malicious base station forged by a malicious attacker do not know the generation function of the new random number, so when the malicious UE constructs a malicious authentication request message and sends the malicious authentication request message to the target UE, even if the malicious authentication request message receives the corresponding information of the target UE, the next attack can not be carried out according to the encrypted information, and the attack needs to know the failed feedback information content.
In summary, the embodiment of the invention has the following beneficial effects:
the encryption method for the authentication failure plaintext information in the 5G security protocol provided by the invention protects the defect that an attacker authenticates the plaintext transmission of the corresponding message by using authentication, and encrypts the plaintext information in a way of negotiating with a network to generate a new random number to solve the defect; therefore, because the malicious UE and the malicious base station forged by the malicious attacker do not know the generation function of the new random number, when the malicious UE and the malicious base station construct a malicious authentication request message and send the malicious authentication request message to the target UE, the malicious UE and the malicious base station cannot attack the next step according to the encrypted information even if receiving the corresponding information of the target UE, and the effect of protecting the plaintext information which fails in authentication of the 5G security protocol is realized.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.

Claims (8)

1. A method for encrypting plaintext information failed in authentication in a 5G security protocol is characterized by comprising the following steps:
step S1, the service network sends the authentication request message to the terminal device, the terminal device verifies the authentication request message, and generates the verification result; wherein the verification result comprises success or failure;
step S2, when the verification result is failure, the terminal equipment generates plaintext information and generates a random encryption value through a preset random function and the serial number of the terminal equipment, and the plaintext information is encrypted according to the random encryption value;
in step S3, the terminal device transmits the encrypted plaintext information to the service network.
2. The method of claim 1, wherein the step S1 includes:
the terminal equipment acquires the authentication request message and identifies the authentication request message to acquire authentication token information and preset random function information;
analyzing the obtained authentication token information to obtain MAC information and serial number information;
and verifying the MAC information and the serial number information through a preset authentication and key agreement protocol to obtain a verification result.
3. The method of claim 2, wherein the step S2 includes:
when the MAC information is successfully verified and the serial number information is failed to be verified, acquiring preset random function information and a serial number of the terminal equipment; generating a random encryption value according to preset random function information and a serial number of the terminal equipment;
and generating plaintext information through a preset authentication and key agreement protocol, and encrypting the generated plaintext information according to the random encryption value.
4. A method according to claim 3, wherein the random secret is generated according to the following formula:
SYNfailure=f2*(synfailure,<SQNUE,nrand>)
wherein, SYNfailureIndicating a failed check of the sequence number information, SQNUEIndicating the terminal equipment serial number, f2 indicating the encryption algorithm, nrandRepresenting preset random function information.
5. The method of claim 4, wherein the plaintext information is encrypted according to the following formula:
RES*=SYNfailure||MACS=f1*(K,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, SQNUEDenotes the terminal equipment serial number, K denotes the key, f1 denotes the encryption algorithm, nrandRepresenting preset random function information.
6. The method of claim 2, wherein the step S2 includes:
when the MAC information check fails, acquiring preset random function information and a serial number of the terminal equipment; generating a random encryption value according to preset random function information and a serial number of the terminal equipment;
and generating plaintext information through a preset authentication and key agreement protocol, and encrypting the generated plaintext information according to the random encryption value.
7. The method of claim 6, wherein the random secret is generated according to the following formula:
MACfailure=f2*(MACfailure,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, MACfailureIndicating MAC information check failure, SQNUEIndicating the terminal equipment serial number, f2 indicating the encryption calculationMethod, nrandRepresenting a randomly encrypted value.
8. The method of claim 7, wherein the plaintext information is encrypted according to the following formula:
RES*=MACfailure||MACS=f1*(K,<SQNUE,nrand>)
wherein RES represents encrypted plaintext information, SQNUEDenotes the terminal equipment serial number, K denotes the key, f1 denotes the encryption algorithm, nrandRepresenting a randomly encrypted value.
CN202110869672.6A 2021-07-30 2021-07-30 Encryption method for authentication failure plaintext information in 5G security protocol Pending CN113596824A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110869672.6A CN113596824A (en) 2021-07-30 2021-07-30 Encryption method for authentication failure plaintext information in 5G security protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110869672.6A CN113596824A (en) 2021-07-30 2021-07-30 Encryption method for authentication failure plaintext information in 5G security protocol

Publications (1)

Publication Number Publication Date
CN113596824A true CN113596824A (en) 2021-11-02

Family

ID=78252363

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110869672.6A Pending CN113596824A (en) 2021-07-30 2021-07-30 Encryption method for authentication failure plaintext information in 5G security protocol

Country Status (1)

Country Link
CN (1) CN113596824A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115002750A (en) * 2022-05-25 2022-09-02 中国电信股份有限公司 Communication authentication method and related equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110041046A1 (en) * 2006-12-05 2011-02-17 You-Sung Kang Apparatus and method for protecting rfid data
US20160013933A1 (en) * 2013-02-28 2016-01-14 Nec Corporation Order-preserving encryption system, device, method, and program
CN105453482A (en) * 2013-08-02 2016-03-30 日本电气株式会社 Authenticated encryption device, authenticated encryption method, and program for authenticated encryption
CN110536292A (en) * 2019-04-28 2019-12-03 中兴通讯股份有限公司 The method and apparatus and authentication method and device of transmission terminal serial number
WO2020147602A1 (en) * 2019-01-18 2020-07-23 华为技术有限公司 Authentication method, apparatus and system
US20200366462A1 (en) * 2019-05-14 2020-11-19 Baffle Inc. System and method for performing equality and less than operations on encrypted data with quasigroup operations

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110041046A1 (en) * 2006-12-05 2011-02-17 You-Sung Kang Apparatus and method for protecting rfid data
US20160013933A1 (en) * 2013-02-28 2016-01-14 Nec Corporation Order-preserving encryption system, device, method, and program
CN105453482A (en) * 2013-08-02 2016-03-30 日本电气株式会社 Authenticated encryption device, authenticated encryption method, and program for authenticated encryption
WO2020147602A1 (en) * 2019-01-18 2020-07-23 华为技术有限公司 Authentication method, apparatus and system
CN110536292A (en) * 2019-04-28 2019-12-03 中兴通讯股份有限公司 The method and apparatus and authentication method and device of transmission terminal serial number
US20200366462A1 (en) * 2019-05-14 2020-11-19 Baffle Inc. System and method for performing equality and less than operations on encrypted data with quasigroup operations

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115002750A (en) * 2022-05-25 2022-09-02 中国电信股份有限公司 Communication authentication method and related equipment

Similar Documents

Publication Publication Date Title
CN109347809B (en) Application virtualization secure communication method oriented to autonomous controllable environment
CN111314056B (en) Heaven and earth integrated network anonymous access authentication method based on identity encryption system
KR100832893B1 (en) A method for the access of the mobile terminal to the WLAN and for the data communication via the wireless link securely
CN102315937B (en) System and method for secure transaction of data between wireless communication device and server
US8468347B2 (en) Secure network communications
CN102868665B (en) The method of data transmission and device
CN108809637B (en) LTE-R vehicle-ground communication non-access stratum authentication key agreement method based on mixed password
CN100571124C (en) Prevent the method for Replay Attack and guarantee the unduplicated method of message SN
CN105828332B (en) improved method of wireless local area network authentication mechanism
CN101242274B (en) Method for guaranteeing non-duplicate message SN and preventing from re-play attack and mobile terminal
US20030095663A1 (en) System and method to provide enhanced security in a wireless local area network system
CN1770681A (en) Conversation key safety distributing method under wireless environment
CN111294212A (en) Security gateway key negotiation method based on power distribution
CN112399407B (en) 5G network authentication method and system based on DH ratchet algorithm
CN112333705B (en) Identity authentication method and system for 5G communication network
Leu et al. Improving security level of LTE authentication and key agreement procedure
CN113596824A (en) Encryption method for authentication failure plaintext information in 5G security protocol
CN103986716B (en) Establishing method for SSL connection and communication method and device based on SSL connection
CN110248334B (en) LTE-R vehicle-ground communication non-access stratum authentication method
Zhu et al. Research on authentication mechanism of cognitive radio networks based on certification authority
JP2004194196A (en) Packet communication authentication system, communication controller and communication terminal
CN102104872A (en) Method, device and system for securely accessing WAPI network
CN114928503A (en) Method for realizing secure channel and data transmission method
CN115038084A (en) Decentralized trusted access method for cellular base station
Yan et al. Security Verification and Improvement of 5G AKA Protocol Based on Petri-net

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination