KR20110046260A - Method and apparatus for renewing authentication key in communication system - Google Patents

Abstract

PURPOSE: A method and apparatus for updating an authorization key in a communication system are provided to update an authorization key using a ranging message. CONSTITUTION: A method for operating a mobile station in an idle mode to update an AK in a wireless communication system includes transmitting a first location update request to a base station, the first location update request including a request for updating an AK, receiving a response to the first location update request from the base station, the response to the first location update request including a NONCE_BS, wherein the NONCE_BS is a random number associated with the base station and used for updating the AK, generating a NONCE_MS, wherein the NONCE_MS is a random number used for updating the AK, generating the AK using the NONCE_BS and the NONCE_MS, transmitting a second location update request to the base station, the second location update request including the NONCE_BS and the NONCE_MS, receiving a response to the second location update request from the base station, the response to the second location update request including the NONCE_BS and the NONCE_MS, and confirming the AK based on the NONCE_BS and the NONCE_MS.

Description

METHOD AND APPARATUS FOR UPDATING AN AUTHORIZATION KEY IN A COMMUNICATION SYSTEM}

The present invention relates to a wireless communication system, and in particular, the present invention relates to a method and apparatus for updating a PMK / AK (Pairwise Master Key / Authorization Key) of a mobile terminal in an idle mode in a wireless communication system.

A mobile terminal operating in a wireless communication system utilizes an idle mode to reduce power consumption of the mobile terminal. In addition, the use of idle mode by the mobile terminal allows the resources of the wireless communication system to be utilized more efficiently.

When the mobile terminal is in idle mode, the context for the mobile terminal is passed from the base station to the paging controller. This conserves resources of the base station.

On the other hand, the mobile terminal has an AK (Authorization Key) and encryption key (encryption key), they are shared with the network through the authentication procedure. AK and encryption key are used to facilitate secure communication. For example, the base station uses the AK and encryption key for authentication and data encryption.

To ensure the security of the AK and encryption key, the PMK / AK is updated before at least one of the timer and counter expires. The timer corresponds to the life cycle of the PMK / AK and the encryption key. The counter corresponds to the number associated with the AK and the encryption key.

In general, when the mobile terminal is in the idle mode, the mobile terminal performs a security key update procedure after completing the network entry procedure to update the PMK / AK.

Then, if there is no data to communicate between the mobile terminal and the base station, the mobile terminal may perform a procedure to return to the idle mode. A general PMK / AK key update procedure is described in FIG. 1 below.

1 illustrates a PMK / AK update procedure for a mobile terminal in idle mode in a wireless communication system.

Referring to FIG. 1, when the mobile terminal 100 is in the idle mode 160 and an update condition for the AK and the encryption key is satisfied, the mobile terminal 100 determines a ranging request message in step 102. message, for example, an AAI_RNG-REQ message) is transmitted to the base station 120 to request a network reentry procedure.

In step 122, the base station 120 transmits a context request message (eg, a Context-REQ message) to a paging controller (PC) / authorization station (Authorization Station) 140 to request the mobile terminal 110 to reenter the network. To be sent). In step 142, the paging controller / authentication station 140 transmits a context response message (eg, a Context-RSP message) including information used for network reentry of the mobile terminal 100 to the base station 120. In step 124, the base station 120 transmits a ranging response message (eg, an AAI_RNG-RSP message) to the mobile terminal 100. As a result, network reentry to the mobile terminal 100 is completed.

After the network reentry procedure, in step 162, key agreement triggering that drives the AK update function for the mobile terminal 100, the base station 120, and the paging controller / authentication station 140 occurs. The base station 120 transmits a key agreement message # 1 (Key Agreement MSG # 1) to the mobile terminal 100 in step 126. The mobile terminal 100 transmits a key agreement message # 2 (Key Agreement MSG # 2) in step 104. ) Is transmitted to the base station 120.

In step 128, the base station 120 transmits an AK request message (eg, AK-REQ message) to the paging controller / authentication station 140 to request an AK. The paging controller / authentication station 140 transmits an AK response message (eg, AK-RSP message) to the base station 120 in step 144.

The base station 120 determines a new AK through a 3-way handshake process by transmitting a key agreement MSG # 3 message to the terminal 100 in step 130.

Thereafter, if there is no data to be transmitted or received, the mobile terminal 100 may return to the idle mode.

However, to update only the AK, there is a problem for the mobile terminal performing network reentry and returning to the idle mode. For example, the power consumption of the mobile terminal is increased, and the resources of the base station are wasted.

Accordingly, there is a need for an apparatus and method that do not waste power of a base station without increasing power consumption of a mobile terminal even when the terminal updates AK in an idle mode.

An object of the present invention is to provide a method and apparatus for updating an authentication key in a communication system.

Another object of the present invention is to provide an apparatus and method for renewing a Pairwise Master Key / Authorization Key (PMK / AK) in a mobile terminal in an idle mode in a wireless system.

It is still another object of the present invention to provide an apparatus and method for updating a PMK / AK using location update in a wireless communication system.

Another object of the present invention is to update an AK using a ranging message (eg, an AAI_RNG-REQ message and an AAI_RNG_RSP message) without another key agreement process during zone switching used in a wireless communication system. An apparatus and method are provided.

According to a first aspect for achieving the object of the present invention, a method for operating a mobile terminal in an idle mode for updating a PML / AK in a wireless communication system, the method comprising: transmitting a first location update request to a base station; And wherein the first location update request includes a request to update the PMK / AK. Receiving a response to the first location update request from the base station, wherein the response to the first location update request includes a NONCE_BS, wherein the NONCE_BS is a random number associated with the base station and to update the PMK; Used. Generating a NONCE_MS, wherein the NONCE_MS is a random number for updating the PMK. Generating a PMK / AK using the NONCE_BS and the NONCE_MS, transmitting a second location update request to a base station, and wherein the second location update request includes the NONCE_BS and the NONCE_MS. Receiving a response to the second location update request from the base station, and the response to the second location update request includes the NONCE_BS and the NONCE_MS. And checking the PMK / AK based on the NONCE_BS and the NONCE_MS.

According to a second aspect for achieving the object of the present invention, a method for operating a base station for updating a PMK / AK of a mobile terminal in an idle mode in a wireless communication system, the method comprising: requesting a first location update from a mobile terminal; Receiving a message, wherein the first location update request includes a request to update a PMK / AK. A process of generating a NONCE_BS, wherein the NONCE_BS is a random number used to update the PMK. Transmitting a response to the first location update request, wherein the response to the first location update request includes NONCE_BS. Receiving a second location update request from the mobile terminal, the second location update request including the NONCE_BS and the NONCE_MS, the NONCE_MS being a random number associated with the mobile terminal and used to update the PMK. Transmitting the NONCE_BS and the NONCE_MS to a paging controller / authentication station, receiving an AK from the paging controller / authentication station, and transmitting a response to a second location update request, wherein the first The response to the 2 location update request includes the NONCE_BS and the NONCE_MS.

According to a third aspect of the present invention, there is provided a method of operating a mobile terminal in an idle mode for updating a PML / AK in a wireless communication system, the method comprising: obtaining NONCE_BS, wherein the NONCE_BS Is a random number associated with the base station and is used to update the PMK. The process of generating NONCE_MS, where NONCE_MS is a random number used to generate PMK. Generating a PMK / AK using the NONCE_BS and the NONCE_MS, transmitting a location update request to the base station, wherein the location update request includes the NONCE_BS and the NONCE_MS. Receiving a response to the location update request from the base station, wherein the response to the location update request includes the NONCE_BS and the NONCE_MS. And checking the PMK / AK based on the NONCE_BS and the NONCE_MS.

 According to a fourth aspect for achieving the object of the present invention, a method of operating a base station for updating a PMK / AK of a mobile terminal in an idle mode in a wireless communication system, the method receiving a location update request from the mobile terminal And wherein the location update request includes NONCE_BS and NONCE_MS, wherein the NONCE_BS is a random number associated with the base station and is used to update the PMK and the NONCE_MS is generated by the mobile terminal to update the PMK. Random number used. Transmitting the NONCE_BS and the NONCE_MS to a paging controller / authentication station, receiving an AK from the paging controller / authentication station, and transmitting a response to the location update request, wherein the location update The response to the request includes the NONCE_BS and the NONCE_MS.

 According to a fifth aspect for achieving the object of the present invention, in a method of operating a mobile terminal for updating PML / AK during zone switching in a wireless communication system, the method indicates whether zone switching is performed from a first base station. Receiving a message, wherein the message indicates whether zone switching is performed and includes NONCE_BS, where NONCE_BS is a random number associated with a second base station and is used for PMK update. The process of generating NONCE_MS, where NONCE_MS is a random number and is used to generate PMK. Generating a PMK / AK using the NONCE_BS and the NONCE_MS, transmitting a message for zone switching to a second base station, and wherein the message for zone switching includes the NONCE_BS and the NONCE_MS. Receiving a response to the message for zone switching from the second base station, and the response to the message for zone switching from the second base station includes the ONCE_BS and the NONCE_MS. AK is identified based on the NONCE_BS and the NONCE_MS.

 According to a sixth aspect for achieving the object of the present invention, an apparatus of a mobile terminal in an idle mode for updating a PML / AK in a wireless communication system, the apparatus includes a physical layer transmitter for transmitting data to a base station and the And a physical layer receiving unit for receiving data from the base station, and a control unit. The control unit sends a first location update request to a base station, where the first location update request includes a request to update the PMK / AK. The controller controls the physical layer transmitter to transmit the first location update request to the base station, and controls the physical layer receiver to receive a response to the first location update request from the base station. Wherein the response to the first location update request includes NONCE_BS, where NONCE_BS is a random number associated with the base station and is used to update the PMK. The control unit generates a NONCE_MS, where the NONCE_MS is a random number for updating the PMK. . The controller generates PMK / AK using the NONCE_BS and the NONCE_MS. The controller transmits a second location update request to the base station. Wherein the second location update request includes the NONCE_BS and the NONCE_MS. The controller controls the physical layer transmitter to transmit the second location update request to the base station. The controller controls the physical layer receiver to receive a response to the second location update request from the base station. The response to the second location update request includes the NONCE_BS and the NONCE_MS. The controller checks the PMK / AK based on the NONCE_BS and the NONCE_MS.

According to a seventh aspect for achieving the object of the present invention, in a wireless communication system, an apparatus of a base station for updating a PMK / AK of a mobile terminal in an idle mode, the apparatus may transmit data to a mobile terminal and a paging controller / authentication. And a physical layer transmitter and a controller for receiving data from a mobile station and a paging controller / authentication station. The controller controls the physical layer receiver to receive a first location update request from a mobile terminal, where the first location update request includes a request to update the PMK / AK. The controller generates NONCE_BS. Here, NONCE_BS is a random number used to update the PMK. The controller controls the physical layer transmitter to transmit a response to the first location update request. Here, the response to the first location update request includes NONCE_BS. The controller controls the physical layer receiver to receive a second location update request from the mobile terminal. Wherein the second location update request includes the NONCE_BS and the NONCE_MS, where the NONCE_MS is a random number associated with the mobile terminal and is used to update the PMK. The controller controls the physical layer transmitter to transmit the NONCE_BS and the NONCE_MS to a paging controller / authentication station. The controller controls the physical layer receiver to receive an AK from the paging controller / authentication station. The controller controls the physical layer transmitter to transmit a response to the second location update request. Here, the response to the second location update request includes the NONCE_BS and the NONCE_MS.

According to an eighth aspect for achieving the object of the present invention, an apparatus of a mobile terminal in an idle mode for updating a PML / AK in a wireless communication system, the apparatus includes a physical layer transmitter for transmitting data to a base station and the And a physical layer receiving unit and a control unit for receiving data from the base station. The control unit obtains NONCE_BS. Here, NONCE_BS is a random number associated with the base station and is used to update the PMK. The controller generates NONCE_MS. Where NONCE_MS is a random number used to generate the PMK. The controller generates PMK / AK using the NONCE_BS and the NONCE_MS. The controller controls the physical layer transmitter to transmit a location update request to the base station. The location update request includes the NONCE_BS and the NONCE_MS. The controller controls the physical layer receiver to receive a response to the location update request from the base station. Here, the response to the location update request includes the NONCE_BS and the NONCE_MS. The controller checks PMK / AK based on the NONCE_BS and the NONCE_MS.

According to a ninth aspect for achieving the object of the present invention, in a wireless communication system, an apparatus of a base station for updating a PMK / AK of a mobile terminal in an idle mode, the apparatus may be a mobile terminal and a paging controller / authentication station. A physical layer transmitter for transmitting data, and a physical layer receiver and a controller for receiving data from the mobile terminal and the paging controller / authentication station. The controller controls the physical layer receiver to receive a location update request from the mobile terminal. Wherein the location update request includes NONCE_BS and NONCE_MS, the NONCE_BS is a random number associated with the base station and is used to update the PMK and the NONCE_MS is generated by the mobile terminal and used to update the PMK. to be. The controller controls the physical layer transmitter to transmit the NONCE_BS and the NONCE_MS to a paging controller / authentication station. The controller controls the physical layer receiver to receive an AK from the paging controller / authentication station. The controller controls the physical layer transmitter to transmit a response to the location update request. Here, the response to the location update request includes the NONCE_BS and the NONCE_MS.

According to a tenth aspect for achieving the object of the present invention, an apparatus of a mobile terminal for updating PML / AK during zone switching in a wireless communication system, the apparatus for transmitting data to the first base station and the second base station A physical layer transmitter, a physical layer receiver for receiving data from the first base station and the second base station, and a control unit. The physical layer receiving unit receives a message indicating whether zone switching is performed from the first base station. Wherein the message indicates whether zone switching is performed and includes NONCE_BS, where NONCE_BS is a random number associated with the second base station and is used for PMK update. The controller generates NONCE_MS. Here, NONCE_MS is a random number and is used to generate PMK. The controller generates PMK / AK using NONCE_BS and NONCE_MS. The controller controls the physical layer transmitter to transmit a message for zone switching to a second base station. The message for zone switching includes the NONCE_BS and the NONCE_MS. The controller controls the physical layer receiver to receive a response to the message for zone switching from the second base station. Here, the response to the message for zone switching from the second base station includes the NONCE_BS and the NONCE_MS. The controller checks AK based on the NONCE_BS and the NONCE_MS.

The present invention can update the AK using a ranging message (eg, AAI_RNG-REQ message and an AAI_RNG_RSP message) without another key agreement process at the time of zone switching used in the wireless communication system. There is an advantage to reduce the power consumption and resource consumption of the base station.

1 illustrates a PMK / AK update procedure for a mobile terminal in idle mode in a wireless communication system.
2 illustrates a PMK / AK update procedure for a mobile terminal in idle mode in a wireless communication system according to an exemplary embodiment of the present invention.
3 is a flowchart illustrating a procedure in which a mobile terminal transitions to an idle mode and performs PMK / AK update through a location update in a wireless communication system according to an exemplary embodiment of the present invention.
FIG. 4 illustrates a PMK / AK update procedure when performing zone switching from an Institute of Electrical and Electronics Engineers (IEEE) 802.16e legacy zone to an IEEE 802,16m zone in a wireless communication system according to an embodiment of the present invention.
5 is a block diagram of a base station and a mobile terminal in a wireless communication system according to an embodiment of the present invention.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. In describing the present invention, when it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted.

The present invention will now be described with respect to a method and apparatus for authentication key renewal in a communication system.

An embodiment of the present invention includes a technique for an idle mode mobile terminal that performs a PMK / AK (Pairwise Master Key / Authorization Key) update through a location update in a wireless communication system. When the mobile terminal updates the PMK / AK through the location update process, the power consumption of the mobile terminal and the resource consumption of the base station can be reduced.

An embodiment of the present invention is described in the context of a wireless communication system based on Orthogonal Frequency Division Multiplexing / Orthogonal Frequency Division Multiple Access (OFDM). However, the present invention is equally applicable to other communication systems employing similar location updates.

An example of a wireless communication system based on OFDM / OFDMA is a wireless communication system based on the Institute of Electrical and Electronics Engineers (IEEE) 802.16 standard.

An embodiment of the present invention utilizes a ranging request message (eg, AAI_RNG-REQ message and AAI_RNG-RSP message) instead of the key agreement message # 1, the key agreement message # 2, and the key agreement message # 3 used in the prior art. do.

2 illustrates a PMK / AK update procedure for a mobile terminal in idle mode in a wireless communication system according to an exemplary embodiment of the present invention.

Referring to FIG. 2, when the mobile terminal 200 is in the idle mode in step 260. In step 202, the mobile terminal 200 transmits a ranging request message (eg, an AAI_RNG-REQ message) to the base station 220 to perform location update.

The AAI_RNG-REQ message includes information indicating that the mobile terminal 200 requests AK update according to an embodiment of the present invention.

The base station 220 obtains an AK context to determine whether the AAI_RNG-REQ message is valid by sending a context request message (eg, a Context-REQ message) to the paging controller / authentication station 240 in step 222. In step, a context response message (eg, a Context-RSP message) is received from the controller / authentication station 240.

If it is determined that the AAI_RNG-REQ message is valid, the base station 220 generates NONCE_BS in step 224 and includes the NONCE_BS in a ranging response message (eg, AAI_RNG-RSP message) transmitted to the mobile terminal 200. . The NONCE_BS is a random number associated with the base station.

The mobile terminal 220 generates a Pairwise Master Key (PMK) using the NONCE_MS and the NONCE_BS generated by the mobile terminal 200 and generates an AK using the PMK.

The mobile terminal 200 transmits an AAI_RNG-REQ message to the base station 220 for further location update in step 204. The NONCE_MS is a random number associated with the terminal.

The base station 220 determines whether the NONCE_BS value is the same as the value included in the AAI_RNG-REQ message. If the base station 220 determines that the NONCE_BS value is the same as the value included in the AAI_RNG-REQ message, the base station 220 sends an AK request message (eg, AK-REQ message) including NONCE_MS and NONCE_BS in step 226. Send to paging controller / authentication station 240.

The base station 220 receives an AK response message (eg, AK-RSP message) including the AK generated by the paging controller / authentication station 240 from the paging controller / authentication station 240 in step 244.

The base station 220 transmits an AAI_RNG-RSP message including NONCE_MS and NONCE_BS in step 228.

The mobile terminal 200 terminates the AK update by checking the AK using NONCE_MS and NONCE_BS and re-enters the idle mode in step 262.

3 is a flowchart illustrating a procedure in which a mobile terminal transitions to an idle mode and performs PMK / AK update through a location update in a wireless communication system according to an exemplary embodiment of the present invention.

Referring to FIG. 3, the mobile terminal 300 transmits a deregistration request message (eg, an AAI_DREG-REQ message) to request a transition to the idle mode in step 302.

The base station 320 transmits an idle mode entry request message (eg, IM_Entry-REQ message) to the paging controller / authentication station 340 in step 322 to prepare for the transition to the idle mode of the mobile terminal 300. The base station 320 receives from the paging controller / authentication station 340 an idle mode entry response message (eg, IM_Entry-RSP message) including NONCE_BS for use by the mobile terminal 300 for AK update in idle mode in step 342. .

The base station 320 transmits a deregistration command message (eg, AAI_DREG-CMD message) including NONCE_BS to the mobile terminal 300 in step 324. Thereafter, the mobile terminal 300 transitions to the idle mode in step 360.

Optionally, according to an embodiment of the present invention, NONCE_BS is used by using a shared NONCE_BS through recent key agreement and using a deregistration ID assigned to the mobile terminal 300 during the transition process to idle mode. Is generated. For example, when "NONCE_BS = current NONCE_BS XOR (Deregistration IDentifier (ID) | zero padding)" is satisfied, the NONCE_BS may be delivered to the mobile terminal 300 through an AAI_DREG-CMD message in step 324.

When the mobile terminal 300 determines to perform AK update during the idle mode in step 360, the mobile terminal 300 generates a PMK using NONCE_MS and NONCE_BS generated by the mobile terminal 300 and generates the PMK. To generate an AK.

In step 304, the mobile terminal 300 transmits an AAI_RNG-REQ message to the base station 320 for location update. The AAI_RNG-REQ message is transmitted by the mobile terminal 300 in step 304 and includes NONCE_MS and NONCE_BS.

The base station 320 determines whether the NONCE_BS value included in the AAI_RNG-REQ message is the same as the NONCE_BS value included in the AAI_DREG-CMD message.

If the base station 320 determines that the NONCE_BS value included in the AAI_RNG-REQ message is the same as the NONCE_BS value included in the AAI_DREG-CMD message, the base station 320 determines NONCE_MS and NONCE_BS in the Context-REQ message in step 326. The value is sent to the paging controller / authentication station 340. The base station 320 receives a Context-RSP message including the AK generated by the paging controller / authentication station 340 from the paging controller / authentication station 340 in step 344.

The base station 320 transmits an AAI_RNG-RSP message to the mobile terminal 300 in step 328. The AAI_RNG-RSP message includes NONCE_MS and NONCE_BS.

The mobile terminal 300 terminates the AK update by checking the AK using NONCE_MS and NONCE_BS, and reenters the idle mode in step 362.

FIG. 4 illustrates a PMK / AK update procedure when performing zone switching from an Institute of Electrical and Electronics Engineers (IEEE) 802.16e legacy zone to an IEEE 802,16m zone in a wireless communication system according to an embodiment of the present invention. .

Referring to FIG. 4, as an embodiment, the IEEE 802.16e legacy zone and the IEEE 802.16m zone are serviced by the base station (L zone) 420 and the base station (M zone) 425, respectively. However, the IEEE 802.16e zone and the IEEE 802.16m zone may be serviced by the same base station.

In step 460, the base station 420 of the IEEE 802.16e zone to which the mobile terminal 400 connects performs a zone switching preparation procedure with the base station 425 of the IEEE 802.16m zone.

The base station 420 of the IEEE 802.16e zone transmits an AAI_RNG-RSP message to the mobile terminal 400 to start zone switching in step 422. Included in the AAI_RNG-RSP message is NONCE_BS used to update the AK.

The mobile terminal 400 generates NONCE_MS and uses NONCE_MS and NONCE_BS received in the AAI_RNG-RSP message to generate a new PMK and generates an AK from the PMK.

The mobile terminal 400 performs zone switching by transmitting an AAI_RNG-REQ message to the base station 425 of the IEEE 802.16m zone in step 402. In step 402, NONCE_MS and NONCE_BS are included in the AAI_RNG-REQ message. NONCE_MS and NONCE_BS are sent together to generate the same AK and Cipher-based Message Authentication Code (CMAC) generated by using a new CMAC key generated from a new AK.

The base station 425 in the IEEE 802.16m zone sends a Context-REQ message to the authentication station 440 to request a new AK in step 422. The authentication station 440 generates a new PMK and generates a new AK from the PMK.

The base station 425 in the IEEE 802.16m zone receives a Context-RSP message including the AK from the authentication station 440 in step 442. The base station 425 in the IEEE 802.16m zone generates a CMAC key and authenticates the AAI_RNG-REQ message received from the mobile terminal 400 in step 402.

If the authentication is successful, the base station 425 in the IEEE 802.16m zone transmits the AAI_RNG-RSP message to the mobile terminal 400 in response to the AAI_RNG-REQ message received in step 402 and completes zone switching in step 424. .

The AAI_RNG-RSP message transmitted in step 424 is encrypted using a Traffic Encryption Key (TEK) generated from a new AK including NONCE_MS and NONCE_BS. The AAI_RNG-RSP message indicates successful completion of an AK update for the mobile terminal 400.

5 is a block diagram of a base station and a mobile terminal in a wireless communication system according to an embodiment of the present invention.

Referring to FIG. 5, each of the base station and the terminal includes a physical layer receiver 501, a data processor 502, a message authenticator 504, a controller 505, a data generator 506, and a physical layer transmitter 508. It is configured to include.

The data processing unit 502 includes a decryption unit 503 and the data generation unit 506 includes an encryption unit 507.

The physical layer receiver 501 provides the received control information to the controller 505. In addition, the physical layer receiver 501 provides the data to the data processor 502 to detect a packet (eg, a Medium Access Control Packet Data Unit (MAC PDU)) from the received data.

The data processor 502 detects a packet (eg, MAC PDU) from the received data, determines whether the packet is a control message, and determines whether the packet is an encrypted burst based on header information.

If the packet is an encrypted control message, the data processing unit 502 performs authentication of the packet by checking an integrity check value (ICV) using the decryption unit 503.

If the authentication fails, packets related to the failed authentication are discarded. If the authentication is successful, packets related to the successful authentication are decoded and the control message is extracted and then provided to the message authenticator 504.

However, if the packet is not an encrypted control message, the data processor 502 extracts the control message from the packet and provides the extracted control message to the message authenticator 504.

When the control message is provided from the decryption unit 503, the message authentication unit 504 determines whether the control message is valid, and provides the control message determined to be valid to the control unit 505.

If the control message is not provided from the decryption unit 503, the message authentication unit 504 performs authentication by determining the CMAC included in the control message. Here, the control message for which authentication fails is discarded.

On the other hand, the controller 505 provides the control information to the base station through the physical layer transmitter 508, and the controller 505 provides other control information to the message authenticator 504.

If message authentication (eg CMAC) is required according to the desired level of protection, a CMAC tuple is inserted into the control message and the control message is provided to the data generator 506. The data generator 506 transmits the unencrypted packet to the base station through the physical layer transmitter 508.

If encryption is required according to the desired level of protection for the control message, the control message is provided to the data generation unit 506 and the encryption unit 507 is an encryption scheme (e.g. AES: Advanced) having an encryption and authentication function. The control message is encrypted into a packet using Encryption Standard, CBC-MAC: Counter with Cipher Block Chaining-Message Authentication Code (AES-CCM). The encrypted packet is provided to the base station through the physical layer transmitter 508.

The operation of the mobile terminal and the base station shown in FIG. 5 will be described with reference to FIG. 4 below. First, the operation of the mobile terminal shown in FIG. 5 will be described with reference to FIG. 4 below.

When the mobile terminal in the idle mode performs AK update, the mobile terminal acquires physical layer information necessary for communicating with the base station during the paging listening interval. Thereafter, the mobile terminal transmits the ranging code to the ranging region through the physical layer transmitter 508.

The controller 505 waits for uplink resource allocation information received through the physical layer receiver 501.

When the uplink resource allocation information is received, the controller 505 generates a ranging request message (eg, an AAI_RNG-REQ message) and transmits the AAI_RNG-REQ message to the message authenticator 504.

The message authenticator 504 generates a CMAC, inserts a CMAC tuple into the AAI_RNG-REQ message, and delivers the AAI_RNG-REQ message to the data generator 506. The data generator 506 transmits the ranging request message as an unencrypted packet to the base station through the physical layer transmitter 508.

The AAI_RNG-REQ message includes an AK update request. After transmitting the AAI_RNG-REQ message, the physical layer receiver 501 contacts the received data to the data processor 502 and the data processor 502 detects a packet (i.e., MAC PDU) from the received data. It is then checked whether the packet is a control message and encrypted based on the header information.

If the packet is an encrypted control message, the data processing unit 502 uses the decryption unit 503 to authenticate the packet (eg, by checking the ICV). If the authentication fails, packets regarding failed authentication are discarded. If the authentication is successful, packets related to the successful authentication are decoded and provided to the message authenticator 504.

However, if the packet is an unencrypted control message, the data processor 502 extracts the control message from the packet and provides the extracted control message to the message authenticator 504.

When the control message is provided from the decryption unit 503, the message authentication unit 504 determines whether the control message is valid and provides the control message to the control unit 505.

If the control message is a network re-entry direction message, the controller 505 causes the mobile terminal to perform a network re-entry procedure including authentication.

When the control message transmitted from the decoding unit 503 is an AAI_RNG-RSP message and when the AAI_RNG-RSP message includes NONCE_BS, the mobile terminal generates a PMK using NONCE_BS and the NONCE_MS generated by the mobile terminal. AK is generated from the PMK.

The controller 505 generates an AAI_RNG-REQ message and transfers the AAI_RNG-REQ message to the message authenticator 504. The message authenticator 504 generates a CMAC, inserts a CMAC tuple into the AAI_RNG-REQ message, and delivers the AAI_RNG-REQ message to the data generator 506.

The data generator 506 generates an AAI_RNG-REQ message as an unencrypted packet and transmits the AAI_RNG-REQ message to the base station through the physical layer transmitter 508. The AAI_RNG-REQ message includes NONCE_MS and NONCE_BS.

When the control message is an AAI_RNG-RSP message through the decoder 503 and the AAI_RNG-RSP message includes the NONCE_MS and NONCE_BS, the AK update procedure is completed and the mobile terminal enters a paging unavailable interval.

Next, the operation of the base station will be described.

The controller 505 receives the ranging code transmitted from the mobile terminal through the physical layer receiver 501 and the controller 505 allocates an uplink resource for transmitting the AAI_RNG-REQ message by the mobile terminal.

Subsequently, when the AAI_RNG-REQ message transmitted from the mobile terminal is delivered to the message authenticator 504 through the physical layer receiver 501 and the data processor 502, the message authenticator 504 requests AK information and the like. And receives this information from the paging controller / authentication station to authenticate the mobile terminal.

The message authenticator 504 generates a CMAC using the AK information transmitted from the paging controller / authentication station and authenticates the AAI_RNG-REQ message.

The authenticated AAI_RNG-REQ message is transmitted to the controller 505. The controller 505 generates an AAI_RNG-RSP message in response to the AAI_RNG-REQ message and transmits the AAI_RNG-RSP message to the message authenticator 504.

The mobile terminal and the base station share a traffic encryption key (TEK) generation parameter. Thus, it is possible to perform encryption.

Accordingly, the AAI_RNG-RSP message is encrypted by an encryption method (eg, AES-CCM) that provides an encryption function and an authentication function through the encryption unit 507 in the data processing unit 506. The encrypted AAI_RNG-RSP message is transmitted to the mobile terminal through the physical layer transmitter 508.

If location update and AK update are required for the AAI_RNG-REQ message and if AK update is required, the base station performs AK update by including NONCE_BS when transmitting the AAI_RNG-RSP message.

When the AAI_RNG-REQ message including NONCE_BS and NONCE_MS is received from the mobile terminal, the base station delivers the NONCE_BS and NONCE_MS to a paging controller / authentication station and receives AK in response to the NONCE_BS and NONCE_MS.

The message authenticator 504 generates a CMAC using an AK or the like from the paging controller / authentication station and performs authentication on the AAI_RNG-REQ message.

The message authenticator 504 transmits the authenticated AAI_RNG-REQ message to the controller 505. The control unit 505 generates an AAI_RNG-RSP message including NONCE_BS and NONCE_MS in response to the authenticated AAI_RNG-REQ message, and transmits the AAI_RNG-RSP message to the message authenticator 504.

The message authenticator 504 transmits the AAI_RNG-RSP message to the physical layer transmitter 508 through the encryption unit 507. The physical layer transmitter 508 generates an AAI_RNG-RSP message as a packet and transmits the packet to the mobile terminal. do.

Therefore, in the embodiment of the present invention, when AK is updated for the mobile terminal in the idle mode, the mobile terminal can perform AK update without leaving the idle mode, so that power consumption of the mobile terminal and resource consumption of the base station are reduced. Can be reduced.

Meanwhile, in the detailed description of the present invention, specific embodiments have been described, but various modifications are possible without departing from the scope of the present invention. Therefore, the scope of the present invention should not be limited to the described embodiments, but should be determined not only by the scope of the following claims, but also by the equivalents of the claims.

Physical layer receiving unit 501, data processing unit 502, decryption unit 503, message authentication unit 504, control unit 505, data generation unit 506, encryption unit 507, physical layer transmission unit 508

Claims (25)

A method of operating a mobile terminal in an idle mode for updating a PML / AK (Pairwise Master Key / Authorization Key) in a wireless communication system,
Sending a first location update request to a base station, wherein the first location update request includes a request to update a PMK / AK.
Receiving a response to the first location update request from the base station, wherein the response to the first location update request includes a NONCE_BS, wherein the NONCE_BS is a random number associated with the base station and to update the PMK; Used.
Generating a NONCE_MS, wherein the NONCE_MS is a random number for updating the PMK.
Generating PMK / AK using the NONCE_BS and the NONCE_MS;
Transmitting a second location update request to a base station, wherein the second location update request includes the NONCE_BS and the NONCE_MS.
Receiving a response from the base station in response to a second location update request, wherein the response to the second location update request includes the NONCE_BS and the NONCE_MS.
And identifying the PMK / AK based on the NONCE_BS and the NONCE_MS.
The method of claim 1,
The first and second location update requests are included in an AAI_RNG-REQ message,
Response to the first and second location update requests is included in an AAI_RNG-RSP message.
The method of claim 1,
The process of generating PMK / AK is
Generating a PMK using the NONCE_BS and the NONCE_MS;
Generating an AK using the PMK.
A method of operating a base station for updating a PMK / AK of a mobile terminal in an idle mode in a wireless communication system,
Receiving a first location update request from the mobile terminal, wherein the first location update request includes a request to update the PMK / AK.
A process of generating a NONCE_BS, wherein the NONCE_BS is a random number used to update the PMK.
Transmitting a response to the first location update request, wherein the response to the first location update request includes NONCE_BS.
Receiving a second location update request from the mobile terminal, the second location update request including the NONCE_BS and the NONCE_MS, the NONCE_MS being a random number associated with the mobile terminal and used to update the PMK.
Transmitting the NONCE_BS and the NONCE_MS to a paging controller / authentication station;
Receiving an AK from the paging controller / authentication station;
Sending a response to a second location update request, wherein the response to the second location update request comprises the NONCE_BS and the NONCE_MS.
The method of claim 4, wherein
The process of generating the NONCE_BS,
Checking whether the first location update request is valid;
And generating the NONCE_BS when the first location update request is valid.
6. The method of claim 5,
The process of checking whether the first location update request is valid,
Sending a request for an AK context to the paging controller / authentication station,
Receiving an AK context from the paging controller / authentication station;
Determining whether a first location update request is valid based on the AK context.
The method of claim 4, wherein
Transmitting the NONCE_BS and the NONCE_MS to a paging controller / authentication station,
Determining whether the NONCE_BS received in the second location update request is the same as the NONCE_BS sent in response to the first location update request;
If it is determined that the NONCE_BS received in the second location update request is the same as the NONCE_BS transmitted in response to the first location update request, transmitting the NONCE_BS and the NONCE_MS to the paging controller / authentication station. Characterized in that the method.
A method of operating a mobile terminal in an idle mode for updating a PML / AK in a wireless communication system,
Acquiring NONCE_BS, where the NONCE_BS is a random number associated with the base station and is used to update the PMK.
The process of generating NONCE_MS, where NONCE_MS is a random number used to generate PMK.
Generating PMK / AK using the NONCE_BS and the NONCE_MS;
Transmitting a location update request to the base station, wherein the location update request includes the NONCE_BS and the NONCE_MS.
Receiving a response to the location update request from the base station, wherein the response to the location update request includes the NONCE_BS and the NONCE_MS.
And identifying the PMK / AK based on the NONCE_BS and the NONCE_MS.
The method of claim 8,
The location update request is included in an AAI_RNG-REQ message,
The response to the location update request is included in an AAI_RNG-RSP message.
The method of claim 8,
The process of generating PMK / AK is
Generating a PMK using the NONCE_BS and the NONCE_MS;
Generating an AK using the PMK.
The method of claim 8,
The process of obtaining the NONCE_BS,
Transmitting a request for transition to an idle mode to the base station;
Receiving a response to the request for the transition to the idle mode from the base station, wherein the response to the request for the transition to the idle mode includes NONCE_BS.
Transitioning to the idle mode.
The method of claim 8,
The process of acquiring NONCE_BS is
And determining the NONCE_BS using a Degeneration IDentifier (DID) assigned to the mobile terminal during transition to the idle mode with the current NONCE_BS used in the previous AK update.
The method of claim 12,
The NONCE_BS is characterized by using the following formula.
<Equation 1>
NONCE_BS = current NONCE_BS XOR (Deregistration ID | zero padding).
A method of operating a base station for updating a PMK / AK of a mobile terminal in an idle mode in a wireless communication system,
Receiving a location update request from a mobile terminal, wherein the location update request includes NONCE_BS and NONCE_MS, the NONCE_BS being a random number associated with the base station and used to update the PMK; It is a random number generated by and used to update the PMK.
Transmitting the NONCE_BS and the NONCE_MS to a paging controller / authentication station;
Receiving an AK from the paging controller / authentication station;
And transmitting a response to the location update request, wherein the response to the location update request includes the NONCE_BS and the NONCE_MS.
The method of claim 14,
Receiving a request for a transition to the idle mode from the mobile terminal,
Sending an idle mode entry request to the paging controller / authentication station;
Receiving a response to the idle mode entry request from the paging controller / authentication station, wherein the response to the idle mode entry request includes NONCE_BS and the NONCE_BS is a random number used to update the PMK.
And transmitting a response to the request for the transition to the idle mode to the mobile terminal, wherein the response to the request for the transition to the idle mode comprises NONCE_BS.
The method of claim 14,
The process of transmitting the NONCE_BS and the NONCE_MS to a paging controller / authentication station,
Determining whether the NONCE_BS received in the location update request is the same as the NONCE_BS transmitted in response to the request for transition to idle mode;
If it is determined that the NONCE_BS received in the location update request is the same as the NONCE_BS transmitted in response to the request for transition to idle mode, transmitting the NONCE_BS and the NONCE_MS to a paging controller / authentication station. How to feature.
A method of operating a mobile terminal for updating PML / AK during zone switching in a wireless communication system,
Receiving a message indicating whether zone switching is performed from a first base station, wherein the message indicates whether zone switching is performed and includes NONCE_BS, wherein the NONCE_BS is a random number associated with a second base station and for PMK update. Used.
The process of generating NONCE_MS, where NONCE_MS is a random number and is used to generate PMK.
Generating PMK / AK using the NONCE_BS and the NONCE_MS;
Transmitting a message for zone switching to a second base station, wherein the message for zone switching includes the NONCE_BS and the NONCE_MS.
Receiving a response to the message for zone switching from the second base station, and the response to the message for zone switching from the second base station includes the ONCE_BS and the NONCE_MS.
Identifying the AK based on the NONCE_BS and the NONCE_MS.
The method of claim 17,
The message for zone switching is included in an AAI_RNG-REQ message.
A message indicating that zone switching is to be performed and a response to the message for zone switching is included in an AAI_RNG-RSP message.
The method of claim 17,
The process of generating PMK / AK is
Generating a PMK using the NONCE_BS and the NONCE_MS;
Generating an AK using the PMK.
The method of claim 17,
The message for zone switching transmitted to the second base station is
Method comprising a Cipher-based Message Authentication Code (CMAC) based on the newly generated AK.
The method of claim 17,
The response to the message for zone switching received from the second base station is:
Method for encrypting using a Traffic Encryption Key (TEK) based on the newly created AK.
A method of operating a base station for updating PML / AK during zone switching in a wireless communication system,
Generating NONCE_BS, wherein the MONCE_BS is a random number associated with the second base station and is used for PMK update.
The process of transmitting a message indicating that zone switching is performed at the first base station, and wherein the message indicating that zone switching is performed, include NONCE_BS.
Receiving a message for a zone switch request including a NONCE_MS and a NONCE_BS from a mobile terminal,
Transmitting the NONCE_MS and the NONCE_BS to an authentication station;
Receiving an AK from the authentication station;
Transmitting a response to the zone switching request at the second base station, wherein the response to the zone switching request comprises NONCE_MS and NONCE_BS.
The method of claim 22,
The message indicating that zone switching is performed includes NONCE_BS, wherein the NONCE_BS is a random number associated with a second base station and is used to update the PMK.
The method of claim 22,
Transmitting, by the second base station, the NONCE_MS and the NONCE_BS to the authentication station;
Receiving an AK from the authentication station;
Transmitting a response to the zone switching request, wherein the response to the zone switching request includes the NONCE_MS and the NONCE_BS.
Generating an AK by generating a PMK using the ONCE_MS and the NONCE_BS.
The method of claim 22,
The message for zone switching
And receiving a cipher-based message authentication code (CMAC) based on the newly generated AK.

Images