CN1655497A - Method for realizing multimedia broadcasting / multicasting service key dispensing - Google Patents

Method for realizing multimedia broadcasting / multicasting service key dispensing Download PDF

Info

Publication number
CN1655497A
CN1655497A CN 200410039255 CN200410039255A CN1655497A CN 1655497 A CN1655497 A CN 1655497A CN 200410039255 CN200410039255 CN 200410039255 CN 200410039255 A CN200410039255 A CN 200410039255A CN 1655497 A CN1655497 A CN 1655497A
Authority
CN
China
Prior art keywords
time
user
broadcast
key
group
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 200410039255
Other languages
Chinese (zh)
Other versions
CN1300974C (en
Inventor
张文林
黄迎新
张海
陈德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB2004100392555A priority Critical patent/CN1300974C/en
Priority to PCT/CN2005/000096 priority patent/WO2005078992A1/en
Publication of CN1655497A publication Critical patent/CN1655497A/en
Application granted granted Critical
Publication of CN1300974C publication Critical patent/CN1300974C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04HBROADCAST COMMUNICATION
    • H04H60/00Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
    • H04H60/09Arrangements for device control with a direct linkage to broadcast information or to broadcast space-time; Arrangements for control of broadcast-related services
    • H04H60/14Arrangements for conditional access to broadcast information or to broadcast-related services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04HBROADCAST COMMUNICATION
    • H04H60/00Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
    • H04H60/09Arrangements for device control with a direct linkage to broadcast information or to broadcast space-time; Arrangements for control of broadcast-related services
    • H04H60/14Arrangements for conditional access to broadcast information or to broadcast-related services
    • H04H60/23Arrangements for conditional access to broadcast information or to broadcast-related services using cryptography, e.g. encryption, authentication, key distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Disclosed is a method for realizing multimedia broadcasting / multicasting service key dispensing which comprises the steps of, the network assigning a time T to each group user, notifying the time T to corresponding user terminal, the broadcasting / multicasting server renewing the shared key, the network dispatching effective message of the new keys to all users in the current group, each user terminal that has received the new key effective message starting the timer corresponding to allocated time T of itself, when the time set by the timer is due, the user terminal dispatching request key message to the broadcasting / multicasting server, and the broadcasting / multicasting server dispatching new shared key to the requesting user terminal.

Description

A kind of method that realizes the multimedia broadcast/group broadcast service key distribution
Technical field
The present invention relates to the key handling technology, refer to a kind of method that realizes the multimedia broadcast/group broadcast service key distribution especially.
Background technology
Development along with the 3G (Third Generation) Moblie technology, 3G (Third Generation) Moblie can provide than the more service of high data rate of second generation mobile communication, thereby support the multiple business form, such as: services such as Internet network are downloaded, browsed at a high speed to visual telephone, picture.Wherein, have a class business features to be: can be simultaneously give customized in the wireless network should business all users send, such as: send weather forecast, news film, sports tournament collection of choice specimens or the like.So, 3G (Third Generation) Moblie has been introduced the notion of broadcast/group broadcast, so-called broadcasting/packet service is meant: the unidirectional bearer service that a bit arrives multiple spot, data are sent to a plurality of receiving entities by a source entity, this professional transmission principle as shown in Figure 1, node 1 is a source entity, and node 1 sends to receiving entity with the data that will send--node 2; After node 2 is received data, can be used as source entity data copied as two parts, be distributed to receiving entity--node 20 and 21; After node 20 is received data, be re-used as source entity data copied as two parts, be distributed to receiving entity--node 201 and 202, by that analogy.
Fig. 2 is for supporting the wireless network architecture schematic diagram of broadcasting/packet service, as shown in Figure 2, under existing third generation partner program (3GPP) framework, support that the wireless network architecture of broadcasting/packet service is a broadcasting/packet service server (BM-SC) 201, BM-SC 201 is by Gmb interface or Gi interface and critical point GPRS Support Node (GGSN, Gateway GPRS Support Node) 202 link to each other, and a BM-SC201 can link to each other with a plurality of GGSN 202; GGSN 202 links to each other by Gn/Gp interface and Serving GPRS Support Node (SGSN, Serving GPRS Support Node) 203, and a GGSN 202 can link to each other with a plurality of SGSN 203; SGSN 203 can link to each other with universal mobile telecommunications system (UMTS) land radio access web (UTRAN) 204 by the Iu interface, UTRAN 204 links to each other with user terminal (UE) 207 by the Uu interface then, SGSN 203 also can strengthen wireless access network (GERAN) 205 by Iu/Gb interface and global system for mobile communications (GSM) and link to each other, and GERAN 205 links to each other with UE 206 by Um Interface then.Here, described broadcast/multicast server can be a functional entity newly-increased in existing wireless communications network, also can be certain functional entity in the existing wireless communications network or the combination of certain several functional entity.
In certain zone, the user who has subscribed to broadcasting/packet service can enjoy the service of broadcasting/packet service.So, in broadcasting/packet service, has only the key that user and broadcast/multicast server know in the broadcasting/packet service group for preventing from not subscribe to the service that broadcasting/packet service or unpaid user enjoy broadcasting/packet service, just need in broadcasting/packet service, being provided with.In this case, broadcast/multicast server not only has the function that the broadcasting/packet service service is provided, and also has the function that key generates management simultaneously.
All users share the key that is provided with in broadcast/multicast server and the group, key is shared by the group that can be referred to as broadcasting/packet service, broadcast/multicast server user in group sends this shared key, this process of transmitting is that the user carries out one to one in broadcast/multicast server and each group, and usually will be to this shared secret key encryption when sending.Carry out mutual authentication by authentication and key agreement protocol (AKA) between user and the broadcast/multicast server in the group, in mutual authentication process, user and broadcast/multicast server generate simultaneously and have an encryption key (KEK) in the group, and this encryption key is used for encrypting sharing key.Each user's encryption key is unique in the group, that is: the encryption key that the user has in the group has nothing in common with each other.The corresponding encryption keys of user is shared key in broadcast/multicast server employing and each group, to send to user in the corresponding group through the shared key of encrypting again, the user uses corresponding encryption key to sharing secret key decryption in this group, realizes that finally the key between the user is shared in broadcast/multicast server and the group.Afterwards, broadcast/multicast server is used and is shared secret key encryption broadcasting/packet service information, sends to each user in the group, and the user uses the secret key decryption broadcasting/packet service information of sharing in the group, obtain broadcasting/packet service information, enjoy the service of broadcasting/packet service.
For preventing that the user outside the group from enjoying broadcasting/packet service, sharing key needs often to upgrade, and sharing the key updating process also is to carry out one to one between the user in broadcast/multicast server and the group.Generally, broadcast/multicast server initiates to share the key updating process according to trigger condition, and after the triggering renewal process, broadcast/multicast server each user in group sends the shared key after the renewal simultaneously.This renewal process after broadcast/multicast server is upgraded shared key, sends the new key efficient message to user terminal shown in the step 301 among Fig. 3~303, this message represents that new shared key is effective; After user terminal is received the new key efficient message, can send the request key message, ask a new shared key to broadcast/multicast server; After broadcast/multicast server is received and asked key message, the corresponding new key of sharing is sent to initiation requesting users terminal; After described user terminal is successfully received new shared key, should share that key is preserved and used afterwards.
In process shown in Figure 3, broadcast/multicast server is sent the step of new key efficient message, and promptly step 301 is optional.User terminal can send the request key message after receiving the new key efficient message, also can initiatively initiate more new technological process at any time, sends the request key message to broadcast/multicast server.Initiatively initiating more, the prerequisite of new technological process is: active user's terminal does not have new shared key and has added this broadcasting/packet service; Or active user's terminal received some shielded contents, and these contents are used and shared key and protect.Process shown in Figure 3 is equally applicable to just add the group user of broadcasting/packet service, and this user does not share key, and the current shared key that has of broadcast/multicast server is exactly the new key of sharing for this user.But what the application was primarily aimed at is the situation that step 301 exists.
From said process as can be seen, sharing the key updating process has two time points: one is newly to share key to become effective time point, and behind this time point, user terminal can be to the new shared key of network application; Another is that network is enabled the new time point of sharing key, and after this time point, network uses the new key of sharing that data are protected, and user terminal uses the new key of sharing to receive data.
If existence can be enjoyed the user of broadcasting/packet service service in a large number in the group, all user terminals all can be shared key to the network application after receiving the effective message of expression new key.So, a large number of users terminal sends information simultaneously to network phenomenon will occur, so can cause the amount of information in the cordless communication network to be increased sharply, the communication of cordless communication network is blocked in moment; Simultaneously, broadcast/multicast server also can cause and can not in time handle because of there being a large number of users please look for novelty shared key simultaneously.How can avoid all user terminals shared key of please looking for novelty simultaneously as far as possible, improve broadcast/multicast server, also not propose effective solution at present user's processing of request speed.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method that realizes the multimedia broadcast/group broadcast service key distribution, can make different user initiate request constantly in difference as far as possible, thereby solve the network service congestion problems that a large number of users terminal produces to the newly shared key of network application simultaneously.
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of method that realizes the multimedia broadcast/group broadcast service key distribution, this method may further comprise the steps:
A. network distributes a time T for each group user, and with the time T notice relevant user terminals of being distributed;
B. after broadcast/multicast server was upgraded and shared key, network all users in current group issued the new key efficient message, and the user terminal that each receives the new key efficient message starts the timer that distributes the time T correspondence for self;
C. when the described timer of step b then after, this timer corresponding user terminal sends the request key message to broadcast/multicast server; After broadcast/multicast server is received the request key message, send the new key of sharing to initiating the requesting users terminal.
In the such scheme, further comprise between step a and the step b: after each user terminal is received the time T of distributing to self, produce a random number as the additional delay time; Then among the step b, receive the user terminal of new key efficient message, start-up time, length was the timer that time T adds the additional delay time.Perhaps, among the step c timer then after, further comprise: this timer corresponding user terminal produces a random number as the additional delay time, and after continue postponing the duration of additional delay time, sends the request key message to broadcast/multicast server again.Perhaps, when step b user terminal starts timer, further comprise: produce a random number as the additional delay time; Then among the step c timer then after, continue to postpone the duration of additional delay time after, user terminal sends the request key message to broadcast/multicast server again.Perhaps, step b user terminal further comprises: produce a random number as the additional delay time after starting timer; Then among the step c timer then after, continue to postpone the duration of additional delay time after, user terminal sends the request key message to broadcast/multicast server again.
In above-mentioned several scheme, network described in the step a distributes time T to be specially for user in each group: broadcast/multicast server is distributed time T for each group user.This broadcast/multicast server is distributed time T for this group user when group user adds multimedia broadcast/group broadcast service; Or broadcast/multicast server is distributed time T for this group user after group user adds multimedia broadcast/group broadcast service; Or broadcast/multicast server is being that this group user is distributed time T when key is shared in the group user transmission.
Wherein, the value of described time T is positioned at: put broadcast/multicast server desired user group effective time and finish the time span that Centralized requests is shared key operating time point from the new key of sharing, and the user finally obtains newly sharing between the time span difference that key needs from initiating request to, and satisfies evenly on probability and distribute.Described time T can produce by random function, and the sample point of this random function is obeyed on probability evenly and distributed; Also can produce by delivery method or HASH function method.
In the such scheme, the described additional delay time under current initiation request user terminal current discrete point and the time interval T of next discrete point XThe interior generation, and on probability, obey [0, T X) even distribution.
The method of realization multimedia broadcast/group broadcast service key distribution provided by the present invention, because for each user in the group distributes a timer, and according to the unified value of obeying equally distributed timer that is provided with of certain rule, further determine the request initiation moment of respective user terminal according to the timer due in, so, can make in the same group numerous users receive new share the key efficient message after, send the request key message to network with the uniformly discrete moment, thereby avoided the congested of network service, improved broadcast/multicast server to user's processing of request speed, reduced of the disposal ability requirement of each network-node server, saved network cost bursts of traffic.
Description of drawings
Fig. 1 is the transmission principle schematic diagram of multicast service;
Fig. 2 is for supporting the wireless network architecture schematic diagram of broadcasting/packet service;
Fig. 3 is a schematic flow sheet of sharing key updating process between broadcast/multicast server and the group user;
Fig. 4 is the realization flow figure of the inventive method;
Fig. 5 is the schematic diagram that concerns between the various time points related among the present invention;
Fig. 6 is the schematic diagram that concerns between the discrete time point that is produced in the inventive method;
Fig. 7 is the schematic diagram that concerns between additional delay time and the discrete time point.
Embodiment
Core concept of the present invention is: unified for each user in the same group distributes a time, all users' even discrete distribution of distribution time can determine further that according to this distribution time the time is initiated in the request of each user in the group.After the user receives the effective message of new key in each group, send the request key message in the one's own request time of initiating to broadcast/multicast server respectively, after broadcast/multicast server is received request, return the new key of sharing to corresponding user.Here, the distribution time of each group user can also can be obtained by rolling counters forward by the timer timing.
The present invention realizes the method for key distribution, as shown in Figure 4, specifically may further comprise the steps:
Step 401: network is respectively each group user and distributes a time T by mutual with the point-to-point of group user, and the notice relevant user terminals.
Here, described network can be a mobile communications network, also can be wire net.Because broadcast/multicast server is used for finishing whole control, therefore, distributing the entity of time in the network each group user generally is exactly broadcast/multicast server.Broadcast/multicast server by with the distribution of point-to-point reciprocal process deadline of each group user, wherein, broadcast/multicast server can distributed the time to group user under three kinds of situations: 1. when certain group user adds multimedia broadcast/group broadcast service; 2. after certain group user adds multimedia broadcast/group broadcast service; When 3. will share key and send to certain group user, give that this group user is new distributes a time.For the third situation, if this group user has had a distribution time, just illustrate that broadcast/multicast server will be this group user time of distribution again, in other words, the distribution time can upgrade.
Need follow following criterion for the time T range of choice of distributing to the user in the step 401: supposition wishes that to broadcast/multicast server it is TA that groups of users is finished the length of the time point of the shared key work of Centralized requests from the new effective time point of key of sharing; The user is TB from initiating request to the time span that finally obtains newly shared key needs; So, the range of choice of time T will guarantee that T deducts TB less than TA, guarantees that user in the group wishes at network that Centralized requests is shared and obtains to share key in the time period of key that is:.In this range of choice, the selection of T will guarantee that the user initiates the new key request of sharing to network uniformly between two time point TA and TB.
For guaranteeing that the user initiates new secret key request message, the generation time T by the following method of sharing to network uniformly in the group:
Broadcast/multicast server use obedience is equally distributed, scope is that [0, random function generation time T TA-TB) that is to say, the sample point of random function is obeyed on probability evenly and distributed.The value of T can be continuous, also can disperse, if discrete, discrete point be the T that fixes at interval XPerhaps, the method for broadcast/multicast server by fixed function produces concrete time T, and this time T satisfies on probability and is evenly distributed, such as well known function such as delivery method, HASH function methods.Give an example, the delivery method can be expressed as: (N mod is * (TA-TB)/a a), and wherein, N is the serial number of active user's terminal adding multimedia broadcast/group broadcast service, the time period sum that a evenly divides for the difference that TA is subtracted TB for T=.
Step 402~403: after broadcast/multicast server was upgraded shared key, network issued the new key efficient message to all user terminals; Each user terminal starts the timer that distributes the time T correspondence for self after receiving the new key efficient message of network transmission; When timer then after, user terminal sends the request key message to broadcast/multicast server; After broadcast/multicast server is received the request key message, send the new key of sharing to initiating the requesting users terminal.All user terminals described here are meant: all users in the current group, all validated users that promptly write down in the broadcast/multicast server do not comprise the disabled users such as user of firm deviated from network among these users.
In order to guarantee the discreteness of each group user request initiation time better, can also produce a random number at random by current initiation requesting users terminal, as the additional delay time T Add, so, user terminal need continue to postpone T AddAfter, send the request key message to broadcast/multicast server again.In fact, be exactly with T+T AddInitiate constantly as the request of this user terminal, certainly, the starting point of timing still is the moment that this user terminal is received the new key efficient message.This T AddThis discrete point under this user terminal is to the time interval T of next discrete point XThe interior generation as shown in Figure 7, that is to say the additional delay time T AddOn probability, obey [0, T X) even distribution, and produce in the time period under this user terminal.This T AddGeneration time two kinds of situations can be arranged:
1) when network is given each group user unified distribution time T, that is: user terminal is received to after the time T of self distributing, and just produces a fixing additional delay time T Add, later at every turn all directly with T+T AddRequest as this user terminal is initiated constantly.
2) after user terminal is received the new key efficient message, this situation is further divided into three kinds of subcases again: a) when starting timer, this user terminal produces a random number as the additional delay time T AddB) timer then after, this user terminal produces a random number as the additional delay time T AddC) any time in the timer timing course, this user terminal produces a random number as the additional delay time T AddFor a, b, three kinds of subcases of c, this user terminal all is with T+T at this AddRequest as this user terminal is initiated constantly, but because additional delay time T AddAfter receiving the new key efficient message, produce at random, so each T at every turn AddValue be different, that is to say, in this case, the additional delay time T AddBe variable.
Again referring to Fig. 5~Fig. 7, the present invention is further detailed explanation to cooperate specific embodiment below.Wherein, Fig. 5 is the schematic diagram that concerns between the various time points related among the present invention, and time point 51 adds the time point of broadcasting/packet service among Fig. 5 for user i; Time point 52 adds the time point of broadcasting/packet service for user j; Time point 53 notifies user's new key effective time point for broadcast/multicast server; Time point 54 uses the time point of new key for the user; Time point 55 is finished the time point that Centralized requests is shared key work for broadcast/multicast server desired user group.Fig. 6 is the schematic diagram that concerns between the discrete time point that is produced in the inventive method.Fig. 7 is the schematic diagram that concerns between additional delay time and the discrete time point.In following examples, described usefulness is meant user in the group per family, and described user terminal refers to the terminal equipment of relevant groups user correspondence.
Embodiment one:
In the present embodiment, directly the time T that will distribute for user terminal is initiated constantly as the request of this user terminal, that is: the timer T time of advent, and this user terminal just sends to broadcast/multicast server and asks key message.So, present embodiment realizes that the detailed process of key distribution comprises:
Step 11: when user joining multimedia broadcast/multicast service, broadcast/multicast server distributes a time T for this user, and notifies the user who adds multimedia broadcast/group broadcast service with the time T of being distributed, and the user self is being provided with the timer that duration is T.
This time T has following feature: it is effective that supposition is newly shared key from broadcast/multicast server notice groups of users, notify promptly that the user can send the request key message in the group, wishing groups of users to finish Centralized requests to broadcast/multicast server, to share the time interval of key work be TA; User M handles from initiation request, broadcast/multicast server, and the time interval that finally obtains newly shared key needs to user M is TB; So, the range of choice of T will guarantee T≤(TA-TB).Because, broadcast/multicast server wishes that groups of users finishes Centralized requests and share the time point of key work and use the new key time point to overlap with the user, so above-mentioned span can guarantee that the user is after obtaining newly sharing key in all groups, network just uses the new key of sharing.
Give an example, user i and user j add broadcasting/packet service respectively, and broadcast/multicast server is used to obey evenly and distributed, and scope is that [0, the time that random function TA-TB) distributes for user i is T i, T i=t i, the time of distributing for user j is T j, T j=t jT iAnd T jValue can be continuous, also can disperse, if time point disperses, then the fixed interval between two adjacent discrete points is T X
Broadcast/multicast server also can use fixed function to be that user i and user j distribute the time, for example adopt the method for delivery: broadcast/multicast server the time period [0, TA-TB) be divided into 100 time periods, i.e. each time period T XLength be (TA-TB)/100.So, be the user of the 2392nd adding, then T if user i is user, the user j of the 89th adding i=(89 mod 100) * (TA-TB)/100=(TA-TB) * 89/100; T j=(2392 mod 100) * (TA-TB)/100=(TA-TB) * 92/100.
Step 12: continuing with user i and user j is example, and broadcast/multicast server issues the effective message of new key to all users, after user i and user j receive this message, does not send the request key message to broadcast/multicast server at once, but triggers T immediately iAnd T jCorresponding timer.Here, the time span of the timer of user i startup is t i, the time span of the timer that user j starts is t j
Step 13: user i and user j respectively separately timer then after, send request key message, the shared key that please look for novelty to broadcast/multicast server; After broadcast/multicast server is received request, return new shared key to different request users respectively.
For user i, pairing timer T iThen, user i can send the request key message to broadcast/multicast server; After broadcast/multicast server is received this request key message, carry out alternately key being sent to user i with user i.Equally, for user j, pairing timer T jThen, user j also can send the request key message to broadcast/multicast server; After broadcast/multicast server is received this request key message, carry out alternately key being sent to user j with user j.
Upgrade T if desired iOr T j, can be in above-mentioned reciprocal process, by broadcast/multicast server with new T iOr T jSend to corresponding user i or user j, this is that it can be adjusted user's request time according to the uniform requirement of user distribution because network side is exactly the key request time that broadcast/multicast server is controlled all users specifically.For any user, because they send the asynchronism(-nization) of request key message to broadcast/multicast server, so it is congested to avoid sending simultaneously the request network service that key message caused.
Embodiment two:
In the present embodiment, current initiation requesting users terminal produces an additional delay time T at random Add, and this additional delay time T AddBehind the timer T time of advent, produce.Present embodiment is with T+T AddInitiate that is: to postpone T again behind the timer T time of advent constantly as the request of this user terminal Add, afterwards, this user terminal sends the request key message to broadcast/multicast server again.So, present embodiment realizes that the detailed process of key distribution comprises:
Step 21~22: all identical with all descriptions of step 11~12 among the embodiment one.
Step 23: user i and user j separately timer then after, produce a random number respectively at random, as the additional delay time T Add, such as T Add, iOr T Add, j, and continue to postpone T Add, iOr T Add, jDuration, just send request key message, the shared key that please look for novelty then to broadcast/multicast server; After broadcast/multicast server is received request, return new shared key to different request users respectively.Here, T Add, iThe additional delay time of expression user i, T Add, jThe additional delay time of expression user j.
So, for user i, T exactly delays time i+ T Add, iAfter, user i sends the request key message to broadcast/multicast server; For user j, Tj+T exactly delays time Add, jAfter, user j sends the request key message to broadcast/multicast server.
In this step, each user's additional delay time T AddBetween this discrete point and next discrete point, produce.Just, for user i, T Add, iAt [T i, T i+ T X) time range in produce T at random Add, iValue on probability, obey 0≤T i≤ T XEven distribution.Equally, for user j, T Add, jAt [T j, T j+ T X) time range in produce T at random Add, jValue on probability, obey 0≤T j≤ T XEven distribution.
Embodiment three:
In the present embodiment, current initiation requesting users terminal produces an additional delay time T at random Add, and this additional delay time T AddWhen receiving the new key efficient message, user terminal produces.Present embodiment is with T+T AddInitiate constantly as the request of this user terminal, can be directly the value of timer be made as T+T Add, timer then after, this user terminal just sends the request key message to broadcast/multicast server.So, present embodiment realizes that the detailed process of key distribution comprises:
Step 31: when user joining multimedia broadcast/multicast service, broadcast/multicast server distributes a time T for this user, and the time T notice of being distributed is added the user of multimedia broadcast/group broadcast service; Behind this user time of receipt (T of R) T, produce a random number at random, at once as the additional delay time T AddThen, this user is T+T in that duration is set self AddTimer.
Here, feature that time T had and production method, identical with the feature and the production method of the time T described in embodiment one step 11.The additional delay time T AddCharacteristics and embodiment two steps 23 described in identical.
Step 32: broadcast/multicast server issues the effective message of new key to all users, and the user who receives this message does not send the request key message to broadcast/multicast server at once, but triggers the timer that self is provided with immediately.Here, the time span of the timer of user's startup is T+T Add
Step 33: timer then after, send request key message, the shared key that please look for novelty to broadcast/multicast server; After broadcast/multicast server is received request, return new shared key to different request users respectively.
For user i, the additional delay time is T Add, i, T then delays time i+ T Add, iAfter, user i sends the request key message to broadcast/multicast server; For user j, the additional delay time is T Add, j, Tj+T then delays time Add, jAfter, user j sends the request key message to broadcast/multicast server.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.

Claims (11)

1, a kind of method that realizes the multimedia broadcast/group broadcast service key distribution is characterized in that, this method may further comprise the steps:
A. network distributes a time T for each group user, and with the time T notice relevant user terminals of being distributed;
B. after broadcast/multicast server was upgraded and shared key, network all users in current group issued the new key efficient message, and the user terminal that each receives the new key efficient message starts the timer that distributes the time T correspondence for self;
C. when the described timer of step b then after, this timer corresponding user terminal sends the request key message to broadcast/multicast server; After broadcast/multicast server is received the request key message, send the new key of sharing to initiating the requesting users terminal.
2, method according to claim 1 is characterized in that, further comprises between step a and the step b: after each user terminal is received the time T of distributing to self, produce a random number as the additional delay time;
Then among the step b, receive the user terminal of new key efficient message, start-up time, length was the timer that time T adds the additional delay time.
3, method according to claim 1, it is characterized in that, among the step c timer then after, further comprise: this timer corresponding user terminal produces a random number as the additional delay time, and after continuing to postpone the duration of additional delay time, send the request key message to broadcast/multicast server again.
4, method according to claim 1 is characterized in that, when step b user terminal starts timer, further comprises: produce a random number as the additional delay time;
Then among the step c timer then after, continue to postpone the duration of additional delay time after, user terminal sends the request key message to broadcast/multicast server again.
5, method according to claim 1 is characterized in that, step b user terminal further comprises: produce a random number as the additional delay time after starting timer;
Then among the step c timer then after, continue to postpone the duration of additional delay time after, user terminal sends the request key message to broadcast/multicast server again.
According to each described method of claim 1 to 5, it is characterized in that 6, network described in the step a distributes time T for each group user and is specially: broadcast/multicast server is distributed time T for each group user.
7, method according to claim 6 is characterized in that, broadcast/multicast server is distributed time T for this group user when group user adds multimedia broadcast/group broadcast service; Or broadcast/multicast server is distributed time T for this group user after group user adds multimedia broadcast/group broadcast service; Or broadcast/multicast server is being that this group user is distributed time T when key is shared in the group user transmission.
8, according to each described method of claim 1 to 5, it is characterized in that, the value of described time T is positioned at: put broadcast/multicast server desired user group effective time and finish the time span that Centralized requests is shared key operating time point from the new key of sharing, and the user finally obtains newly sharing between the time span difference that key needs from initiating request to, and satisfies evenly on probability and distribute.
9, method according to claim 8 is characterized in that, described time T produces by random function, and the sample point of this random function is obeyed on probability evenly and distributed.
10, method according to claim 8 is characterized in that, described time T produces by delivery method or HASH function method.
11, according to each described method of claim 2 to 5, it is characterized in that, the described additional delay time under current initiation request user terminal current discrete point and the time interval T of next discrete point XThe interior generation, and on probability, obey [0, T X) even distribution.
CNB2004100392555A 2004-02-09 2004-02-09 Method for realizing multimedia broadcasting / multicasting service key dispensing Expired - Fee Related CN1300974C (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CNB2004100392555A CN1300974C (en) 2004-02-09 2004-02-09 Method for realizing multimedia broadcasting / multicasting service key dispensing
PCT/CN2005/000096 WO2005078992A1 (en) 2004-02-09 2005-01-21 A Method for Implementing Multimedia Broadcast Multicast Service Key Distribution

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2004100392555A CN1300974C (en) 2004-02-09 2004-02-09 Method for realizing multimedia broadcasting / multicasting service key dispensing

Publications (2)

Publication Number Publication Date
CN1655497A true CN1655497A (en) 2005-08-17
CN1300974C CN1300974C (en) 2007-02-14

Family

ID=34845819

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004100392555A Expired - Fee Related CN1300974C (en) 2004-02-09 2004-02-09 Method for realizing multimedia broadcasting / multicasting service key dispensing

Country Status (2)

Country Link
CN (1) CN1300974C (en)
WO (1) WO2005078992A1 (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007098690A1 (en) * 2006-03-01 2007-09-07 Huawei Technologies Co., Ltd. A method and system for implementing packet broadcasting service key synchronization between multiple base stations
CN100450005C (en) * 2005-10-14 2009-01-07 中兴通讯股份有限公司 Method and apparatus for implementing cluster communication
CN100454320C (en) * 2005-11-28 2009-01-21 华为技术有限公司 Key management method and apparatus for digital copyright management
CN100461974C (en) * 2007-05-09 2009-02-11 中兴通讯股份有限公司 Method and apparatus for triggering key updating
CN101548513A (en) * 2007-07-03 2009-09-30 松下电器产业株式会社 Receiving terminal and receiving method
CN1878058B (en) * 2006-07-12 2010-05-26 中国移动通信集团公司 Subscriber terminal cipher key update method used in broadcast service
CN1845599B (en) * 2006-05-17 2010-09-01 中国移动通信集团公司 Method for obtaining and updating service key in mobile television service
WO2010148791A1 (en) * 2009-06-25 2010-12-29 中兴通讯股份有限公司 Method, device and user equipment for controlling reporting network discovery by user equipment
CN101488850B (en) * 2008-01-18 2011-03-16 中兴通讯股份有限公司 Method for ciphering content of multimedia broadcast
CN101102152B (en) * 2006-07-03 2011-05-11 华为技术有限公司 Method for guaranteeing data security in passive optical network
CN101478725B (en) * 2009-01-24 2011-09-21 中兴通讯股份有限公司 Service cipher key synchronization method and system
CN101262335B (en) * 2008-04-23 2011-10-26 中兴通讯股份有限公司 Method and system for secret key distribution in mobile phone TV service
CN101267294B (en) * 2007-03-14 2012-05-09 中国移动通信集团公司 Secret key distribution method
CN103874024A (en) * 2012-12-13 2014-06-18 中国移动通信集团公司 Task scheduling method, apparatus and system of broadcasting download business
CN107528678A (en) * 2016-06-22 2017-12-29 电信科学技术研究院 A kind of method and apparatus of system message update
CN111836206A (en) * 2019-04-17 2020-10-27 中国移动通信有限公司研究院 Multicast processing method, terminal and network node
CN114466318A (en) * 2022-01-30 2022-05-10 西安电子科技大学 Method, system and equipment for realizing multicast service effective authentication and key distribution protocol

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107592199B (en) * 2017-08-30 2020-04-21 北京奇艺世纪科技有限公司 Data synchronization method and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5412722A (en) * 1993-08-31 1995-05-02 Motorola, Inc. Encryption key management
DE69837748T2 (en) * 1998-02-27 2008-01-17 Telefonaktiebolaget Lm Ericsson (Publ) A method and apparatus for authentication for fixed transmissions between a mobile ATM terminal and an ATM access node in a wireless ATM radio communication network
US6584566B1 (en) * 1998-08-27 2003-06-24 Nortel Networks Limited Distributed group key management for multicast security
JP4420571B2 (en) * 2001-02-22 2010-02-24 ソニー株式会社 Transmission device and method, reception device and method, information transmission / reception system and method, recording medium, and program

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100450005C (en) * 2005-10-14 2009-01-07 中兴通讯股份有限公司 Method and apparatus for implementing cluster communication
CN100454320C (en) * 2005-11-28 2009-01-21 华为技术有限公司 Key management method and apparatus for digital copyright management
WO2007098690A1 (en) * 2006-03-01 2007-09-07 Huawei Technologies Co., Ltd. A method and system for implementing packet broadcasting service key synchronization between multiple base stations
CN1845599B (en) * 2006-05-17 2010-09-01 中国移动通信集团公司 Method for obtaining and updating service key in mobile television service
CN101102152B (en) * 2006-07-03 2011-05-11 华为技术有限公司 Method for guaranteeing data security in passive optical network
CN1878058B (en) * 2006-07-12 2010-05-26 中国移动通信集团公司 Subscriber terminal cipher key update method used in broadcast service
CN101267294B (en) * 2007-03-14 2012-05-09 中国移动通信集团公司 Secret key distribution method
CN100461974C (en) * 2007-05-09 2009-02-11 中兴通讯股份有限公司 Method and apparatus for triggering key updating
CN101548513A (en) * 2007-07-03 2009-09-30 松下电器产业株式会社 Receiving terminal and receiving method
CN101548513B (en) * 2007-07-03 2013-02-27 松下电器产业株式会社 Receiving terminal and receiving method
CN101488850B (en) * 2008-01-18 2011-03-16 中兴通讯股份有限公司 Method for ciphering content of multimedia broadcast
CN101262335B (en) * 2008-04-23 2011-10-26 中兴通讯股份有限公司 Method and system for secret key distribution in mobile phone TV service
CN101478725B (en) * 2009-01-24 2011-09-21 中兴通讯股份有限公司 Service cipher key synchronization method and system
CN101730067B (en) * 2009-06-25 2012-06-06 中兴通讯股份有限公司 Method and device for controlling user equipment to report network discovery
WO2010148791A1 (en) * 2009-06-25 2010-12-29 中兴通讯股份有限公司 Method, device and user equipment for controlling reporting network discovery by user equipment
CN103874024A (en) * 2012-12-13 2014-06-18 中国移动通信集团公司 Task scheduling method, apparatus and system of broadcasting download business
CN103874024B (en) * 2012-12-13 2017-06-20 中国移动通信集团公司 A kind of method for scheduling task, apparatus and system for broadcasting downloading service
CN107528678A (en) * 2016-06-22 2017-12-29 电信科学技术研究院 A kind of method and apparatus of system message update
CN111836206A (en) * 2019-04-17 2020-10-27 中国移动通信有限公司研究院 Multicast processing method, terminal and network node
CN111836206B (en) * 2019-04-17 2022-08-30 中国移动通信有限公司研究院 Multicast processing method, terminal and network node
CN114466318A (en) * 2022-01-30 2022-05-10 西安电子科技大学 Method, system and equipment for realizing multicast service effective authentication and key distribution protocol

Also Published As

Publication number Publication date
CN1300974C (en) 2007-02-14
WO2005078992A1 (en) 2005-08-25

Similar Documents

Publication Publication Date Title
CN1300974C (en) Method for realizing multimedia broadcasting / multicasting service key dispensing
US20210051474A1 (en) Network architecture having multicast and broadcast multimedia subsystem capabilities
TWI308008B (en) Method and apparatus for selecting a packet data serving node for multi-cast/broadcast services
RU2676534C1 (en) Data transmission method for mbms edge service and related device
DE60211136T2 (en) METHOD AND DEVICE FOR OUT-OF-BAND TRANSMISSION OF BROADCASTING OPTIONS IN A WIRELESS COMMUNICATION SYSTEM
US20040029591A1 (en) Method and apparatus for accommodating high bandwidth traffic on a wireless network
JP2010183586A (en) Method and apparatus for broadcast application in wireless communication system
CN1593048A (en) Method and apparatus for header compression in a wireless communication system
CN1794867A (en) Method of stopping user conversation in multibroadcast service
JP2006522569A (en) Mobile wireless communication network with adjustable communication service level
CN1507757A (en) Method and apparatus for performing coverage control for multicast services in a wireless network
KR20050061500A (en) Ciphering key management and distribution in mbms
CN1524368A (en) Method and apparatus for transmission framing in a wireless communication system
CN101047956A (en) Multimedia broadcast service system and method
US7296071B2 (en) Service transmission in a packet data network
CN1758593A (en) Service key updating method of multimedium playing service
CN1567812A (en) A method for implementing sharing key update
CN101052166A (en) Region control method for multimedia broadcast and multicast business
CN1859623A (en) Method for realizing stream media service
CN1697394A (en) Method for updating routing area in operation of multimedia broadcast/multicast service
KR20120070907A (en) Method to set up a dynamic mbs(multicast and broadcast service) zone for providing mobile iptv(internet protocol television)
CN1902974A (en) Method of synchronizing broadcast parameters during autonomous soft handoff
CN1604534A (en) Method for acquiring key by user through service data carried key information
CN1801967A (en) Communication resource distributing method for PTT service in cellular system
KR100987231B1 (en) Method for Accounting Broadcast Service in a Mobile Communication System

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20070214

Termination date: 20130209