CN100579274C - Safety key setting-up method - Google Patents
Safety key setting-up method Download PDFInfo
- Publication number
- CN100579274C CN100579274C CN200410092775A CN200410092775A CN100579274C CN 100579274 C CN100579274 C CN 100579274C CN 200410092775 A CN200410092775 A CN 200410092775A CN 200410092775 A CN200410092775 A CN 200410092775A CN 100579274 C CN100579274 C CN 100579274C
- Authority
- CN
- China
- Prior art keywords
- portable terminal
- random number
- skey
- network equipment
- safe key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
Abstract
A method for setting safety cipher key includes generating a random number by mobile terminal or network device then sending it to the other party, setting safety cipher key by network device or mobile terminal according to random number as per mode matching to each other; or setting safety cipher key by mobile terminal and sending command to set safety cipher key to network device, generating safety cipher key by network device according to identical mode as mode of generating safety cipher key by mobile terminal when command to set safety cipher key is received by network device.
Description
Technical field
The present invention relates to information security technology, be specifically related to the safe key method to set up in the mobile communications network.
Background technology
Present portable terminal great majority adopt the mode of separation between machine and card, and just portable terminal itself is two independent parts with the subscriber card of having preserved the information that is used for the checking wireless network user, bond them together in use to get final product.Present subscriber card mainly is the Subscriber Identity Module card that is used for wireless communication system, for example the Subscriber Identity Module (SIM) of global mobile communication (GSM) system card, the usim card of universal mobile telecommunications system (UMTS), UIM card of code division multiple access (CDMA) communication system or the like.This mode has a lot of outstanding advantages, for example the user wants to change the words of a portable terminal, only need to buy a new portable terminal and original SIM card is inserted into new portable terminal to get final product, like this, because user's information does not need to change, so the user does not need to handle to the communication operator formality of any replacing portable terminal yet.This mode also has an outstanding more advantage to be, mobile communication carrier carries out mobile service and can separate well with the sale of portable terminal such as work such as distribute telephone numbers, thereby be convenient to carrying out of mobile service, and terminal sale is relatively independent, brings very big flexibility to mobile service operation and terminal sale.
But when adopting the separation between machine and card mode to bring great convenience, also cause portable terminal stolen and robbed phenomenon and happen occasionally, to such an extent as to portable terminal dare not be hung between waist some local people to the user.Because under the separation between machine and card mode, change a new SIM card on the portable terminal of robbing and just can have no obstacle ground use as long as steal in institute.Thereby the robber can sail again the steal portable terminal of robbing and sell profit like this.Like this, user not only economic interests incurs loss, but also need go to the common carrier place to handle a series of formalities, for example change subscription data, brought very big inconvenience to the user, simultaneously, losing of portable terminal, the user is kept at the general information in the portable terminal, also can lose such as numbering directory record or the like, will cause very big influence to user's daily life and work.
In order to solve portable terminal stolen problem of robbing easily, a kind of method relatively more commonly used is that cryptoguard is set on portable terminal.Startup password for example is set on portable terminal, all needs to import correct startup password at every turn when starting shooting, portable terminal could be carried out to subsequent operations such as network registries.If the startup password input is incorrect, this portable terminal just can not normally use.Even the robber has obtained user's portable terminal like this, also can not use and sell because not inputing correct password.Therefore, this method has solved portable terminal stolen problem of robbing easily to a certain extent.But for this a kind of method, validated user also needs to input password when each start, will bring very large trouble to validated user.Therefore, at present a lot of users are not provided with such startup password because feeling so each input startup password hell to pay, make this solution be difficult to be accepted and obtain the application of reality, thereby can not fundamentally solve portable terminal stolen problem of robbing easily by the user.
Also having a kind of solution is to build a large amount of equipment identity register (EIR) equipment, and the International Mobile Station Equipment Identification (IMEI) of those stolen mobile terminals is put into the blacklist of corresponding EIR.Like this, portable terminal when starting shooting logging in network at every turn, its IMEI is reported network, related network device needs all to check whether the pairing IMEI of this portable terminal is added in the blacklist in EIR equipment, if in blacklist, found the IMEI of this portable terminal, network thinks that this portable terminal is stolen terminal, and this mobile terminal user is the disabled user, thereby refuses its Network.The robber can not therefrom make a profit because resulting portable terminal can not reuse equally like this, thereby can fundamentally solve portable terminal stolen problem of robbing easily.But this method need be built a large amount of EIR equipment, needs to increase the construction of the network equipment, has both increased the cost of Virtual network operator, also makes troubles to Virtual network operator simultaneously.In addition,, make portable terminal, report a false IMEI, thereby cheated network, make network can not judge whether this portable terminal is stolen terminal when network reports IMEI by change portable terminal program.
At present some mobile communications network, universal mobile telecommunications system (UMTS) as the 3G (Third Generation) Moblie network, in the employed method for authenticating, subscriber card can carry out authentication to mobile communications network, after the authentication success, subscriber card can normally use, and behind failed authentication, subscriber card can not normally use in mobile communications network.But this method can only solve subscriber card safety issue in the portable terminal, and can not solve the antitheft problem of portable terminal itself.For example, the robber steals and has robbed after the portable terminal of validated user, the subscriber card of validated user can be replaced by the subscriber card of oneself, like this in existing method for authenticating this subscriber card will authentication success, the robber still can use the portable terminal that this robber robs and can not forbid that stolen mobile terminal continues to use like this, thereby can not reach portable terminal is carried out antitheft effect.And second generation mobile communications network does not support the terminal of separation between machine and card to network authentication yet, therefore, can not solve antitheft problem.
In order to solve the antitheft problem of portable terminal, the applicant has proposed to preserve respectively one to safe key that should portable terminal in communication network and portable terminal, and utilize this safe key to carry out the authentication of portable terminal, thereby can thoroughly solve the problem of guarding against theft for mobile terminal to network.But how the technology of safe key also is not set at present in the prior art, so the applicant continues to propose a kind of method to set up of safe key.
Summary of the invention
In view of this, goal of the invention of the present invention provides the safe key method to set up in a kind of mobile communications network, in two equipment of mobile communications network, corresponding to safe key to be set, thereby realize utilizing safe key to carry out the technology of authentication, and the fail safe that therefore improves portable terminal.
Above-mentioned purpose of the present invention is achieved by the following technical solutions:
Safe key method to set up in a kind of mobile communications network comprises at least:
A. generate a random number;
B. any one party in the network equipment and the portable terminal is provided with safe key and notifies the opposing party after being provided with successfully according to the mode of this random number according to mutual coupling earlier, according to this random number and according to identical mode safe key is set by the opposing party again;
C. indicate in the portable terminal security request message that the attaching position register HLR of portable terminal in the network equipment sends to start safety function, and in this message, carry the random number that described step a generates;
After HLR receives described portable terminal security request message, initiate portable terminal secure authentication request message, and in this message, carry another random number that is used to generate authentication secret;
Portable terminal generates authentication secret according to random number in the described portable terminal secure authentication request message and the KI KI among the SIM/USIM, and is carried in the portable terminal secure authentication request message, is sent to HLR;
After HLR verifies that described authentication secret is legal, use the random number in the portable terminal security request message to generate safe key SKEY, and be kept in the user data, the indication of loopback portable terminal security response message starts the safety function success then.
Wherein generating random number described in the step a is to generate random number by the network equipment.This moment, step b comprised:
The network equipment generates safe key according to the random number that oneself generates;
The network equipment sends to portable terminal with this random number;
Portable terminal generates safe key according to the random number that is received from the network equipment.
Generating random number described in the step a is to generate random number by portable terminal, and this moment, step b comprised:
Portable terminal generates safe key according to the random number that oneself generates;
Portable terminal sends to the network equipment with this random number;
The network equipment generates safe key according to the random number that is received from portable terminal.
The present invention also provides the method to set up of the safe key in a kind of mobile communications network, comprises at least:
A. portable terminal sends to the network equipment safe key order is set;
B. the network equipment and portable terminal generate safe key according to the mode of mutual coupling.
Wherein step b comprises:
The network equipment generates safe key after receiving the safe key order being set, and sends safe key to portable terminal then successfully order is set;
Portable terminal is receiving after safe key is provided with successfully order, and the mode that is complementary according to the safe key generating mode with the network equipment generates safe key.
This method may further include and sets in advance multiple safe key generating mode and set up the set-up mode sign respectively in the network equipment and portable terminal, and it is that set-up mode according to this set-up mode sign correspondence generates safe key that the described network equipment and portable terminal are provided with safe key according to the mode of mutual coupling.
This method may further include: portable terminal is selected a kind of set-up mode from multiple set-up mode, and the set-up mode sign of selected set-up mode correspondence is provided with the safe key order and sends to the network equipment by described.
This method may further include: the network equipment is selected a kind of set-up mode from multiple set-up mode, and is provided with successfully by a safe key set-up mode sign of selected set-up mode correspondence that order sends to portable terminal.
The network equipment or portable terminal may further include to check whether this safe key is the step of weak key after generating safe key, and are judging that safe key is to regenerate safe key under the situation of weak key.
Generate safe key and be according to one among CK, IK and the KI or any combination and generate safe key.And can further carry out according to the characteristic information and/or the mobile terminal features information of mobile phone users card.
After step b, may further include the step of the synchronous terminal authentication sequence number of preserving separately of the network equipment and portable terminal.
The network equipment can be HLR/AUC, and this moment, this method comprised that further HLR/AUC generates the step that the authentication collection also sends to this authentication collection MSC/VLR according to the safe key that is provided with, and described MSC/VLR preserves this authentication collection after receiving this authentication collection.
From technical scheme of the present invention as can be seen, at first produce a random number by the side in the network equipment in mobile communications network and the portable terminal, then random number is sent to the opposing party, both sides correspondingly generate consistent safe key according to identical random number.The network equipment and portable terminal have all generated the safe key that is consistent mutually like this, thereby can when carrying out authentication, use the safe key of oneself to carry out correlation computations and judgement separately, improved the effect of guarding against theft for mobile terminal thus, and the fail safe that has therefore improved portable terminal.
In addition, because the network equipment and each self-generating safe key of portable terminal in the safe key method to set up of the present invention, and do not have this transport process between two equipment of safe key, the transmission information in the middle of even the disabled user has obtained like this, the safe key that can not obtain determining according to the information obtained.Therefore safe key method to set up of the present invention has guaranteed the fail safe of the safe key of setting itself.
Description of drawings
Fig. 1 is the flow chart that first specific embodiment of safe key is set according to of the present invention.
Fig. 2 is the flow chart that second specific embodiment of safe key is set according to of the present invention.
Fig. 3 is the flow chart that the 3rd specific embodiment of safe key is set according to of the present invention.
Fig. 4 is the flow chart that the 4th specific embodiment of safe key is set according to of the present invention.
Fig. 5 is the flow chart that the 5th specific embodiment of safe key is set according to of the present invention.
Fig. 6 is the message flow chart of portable terminal cancellation terminal security function.
Fig. 7 is the message flow chart of network equipment cancellation terminal security function.
Fig. 8 is the message flow chart that the portable terminal and the network equipment upgrade authentication vector.
Fig. 9 is the flow chart according to first specific embodiment of authentication process of the present invention.
Figure 10 is the flow chart according to second specific embodiment of authentication process of the present invention.
Figure 11 is the flow chart according to the 3rd specific embodiment of authentication process of the present invention.
Figure 12 is the flow chart according to the 4th specific embodiment of authentication process of the present invention.
Figure 13 is the flow chart according to the 5th specific embodiment of authentication process of the present invention.
Figure 14 is the flow chart according to the 6th specific embodiment of authentication process of the present invention.
Embodiment
The present invention is described in detail below in conjunction with the drawings and specific embodiments.
Fig. 1 shows the flow chart according to first embodiment of safe key method to set up of the present invention.As shown in Figure 1, in step 101, portable terminal sends to the HLR/AUC of network side safe key (SKEY) order is set.The SKEY order is set here can transmit by the MSC/VLR in the mobile communications network, and just portable terminal will be provided with the SKEY order and send to MSC/VLR, and MSC/VLR will send to HLR/AUC from this order of portable terminal then.Because as well known to those skilled in the art, HLR and AUC are integrated in the equipment usually, this equipment plays the effect of attaching position register and authentication center simultaneously, therefore this equipment is called HLR/AUC here.
In step 102, HLR/AUC is receiving this order back generation random number (RAND).Such as, HLR/AUC uses the tandom number generator of oneself to produce a RAND.
In step 103, HLR/AUC utilizes or their any combination and the RAND generation SKEY that oneself produces among CK, IK and the KI.At each portable terminal, HLR/AUC can preserve information such as CK, IK and KI in advance.
In step 104, HLR/AUC sends a SKEY to portable terminal successfully order is set after generating SKEY, comprises the RAND that is produced in this order.Certainly, the SKEY here is provided with successfully to order and also can transmits by MSC/VLR.
In step 105, portable terminal is receiving after the SKEY that comprises RAND is provided with successfully order, adopt and network equipment generation method accordingly generation SKEY, just utilize one or their any combination and the RAND generation SKEY that is received from the network equipment among CK, IK and the KI.
Portable terminal can be preserved information such as CK, IK and KI in advance, and portable terminal can be blocked jointly by portable terminal and active user for the preservation of these information to be preserved.Usually, portable terminal success logging in network can obtain information such as CK, IK from subscriber card, and KI is kept in the subscriber card generally also by behind the user card authentication.Therefore, portable terminal generates the process of SKEY, can be finished jointly by portable terminal program and subscriber card.The portable terminal of mentioning is later preserved information such as CK, IK and KI, and the operation that generates SKEY, can comprise this situation.
In this embodiment, HLR/AUC can carry out algorithm computation to any combination of among CK, IK and the KI or they and RAND and generates SKEY in the step 103, in this case, portable terminal also carries out corresponding algorithm computation to any combination of among CK, IK and the KI or they and RAND and generates SKEY in the step 105.
Be appreciated that step 101 is not necessary, HLR/AUC can initiatively produce RAND and initiate the subsequent flows journey.In addition, HLR/AUC also can directly send to portable terminal with RAND in the step 104, be appreciated that, the network equipment sends an independent RAND to terminal and just represents that the network equipment is provided with the SKEY success, correspondingly, be provided with when unsuccessful, can not carry any information in the order that failure is set returning.
In addition, can preserve multiple SKEY set-up mode in advance in the portable terminal and the network equipment, and each set-up mode is set up a SKEY set-up mode sign, for example the sign of first kind of SKEY set-up mode is set to 1, the sign of second kind of SKEY set-up mode is set to 2, or the like.In step 101, portable terminal can be selected a kind of in advance from multiple set-up mode, and the set-up mode sign of the selected set-up mode of correspondence sent to HLR/AUC by the SKEY order is set, HLR/AUC promptly uses the SKEY set-up mode of this set-up mode sign correspondence to generate SKEY.Equally, portable terminal also uses the same set-up mode of oneself selecting to generate SKEY behind the RAND that receives from HLR/AUC, thereby has guaranteed the consistency of the SKEY that both sides generate.
Certainly, also can in multiple set-up mode, select a kind of by HLR/AUC, and according to this set-up mode generation SKEY, be provided with successfully by SKEY the set-up mode sign of the selected set-up mode of correspondence that order sends to portable terminal then, portable terminal promptly uses the SKEY set-up mode of this set-up mode sign correspondence to generate SKEY.So also can guarantee the consistency of the SKEY that both sides generate.
In addition, HLR/AUC can check further whether this SKEY is a weak key after producing SKEY.If then regenerate RAND, and regenerate SKEY, till this SKEY is not weak key through inspection according to this RAND.If SKEY is not weak key on inspection, then carry out subsequent treatment, just being provided with successfully by SKEY RAND, order sends to portable terminal.In the cryptography, at with a kind of algorithm, there are some keys, compare with general key in the key space, be more prone to be broken, such key is called as weak key, such as, for 28 keys of binary one, a string " 0 " key, a string " 1 " key is generally considered to be the weak key that is broken easily.Judge whether a key is the several different methods that weak key can adopt prior art, no longer describe in detail here.
In first embodiment, produce RAND by HLR/AUC, and RAND is sent to portable terminal.Under the actual conditions, also can produce RAND, and RAND is sent to HLR/AUC by portable terminal.The present invention proposes second embodiment, its flow process as shown in Figure 2 for this reason.
In step 201, portable terminal at first produces a RAND.Such as, portable terminal utilizes the tandom number generator of oneself to generate a RAND.
In step 202, portable terminal sends to HLR/AUC the SKEY order is set, and comprises this RAND in this order.The SKEY order is set here can transmit by the MSC/VLR in the mobile communications network, and just portable terminal will be provided with the SKEY order and send to MSC/VLR, and MSC/VLR will send to HLR/AUC from this order of portable terminal then.
In step 203, HLR/AUC utilizes one or their any combination and the RAND generation SKEY that receives among CK, IK and the KI from the SKEY order is set after receiving this order.
In step 204, HLR/AUC is after generating SKEY, and the SKEY that SKEY successfully has been set to an expression of portable terminal transmission HLR/AUC is provided with successfully order.Certainly, the SKEY here is provided with successfully to order and also can transmits by MSC/VLR.
In step 205, portable terminal is receiving after SKEY is provided with successfully order, adopts and network equipment generation method accordingly generates SKEY, just utilizes one or their any combination and the RAND generation SKEY of own generation among CK, IK and the KI.
Wherein, HLR/AUC can carry out algorithm computation to any combination of among CK, IK and the KI or they and RAND and generates SKEY in the step 203, in this case, portable terminal also carries out corresponding algorithm computation to any combination of among CK, IK and the KI or they and RAND and generates SKEY in the step 205.
Be appreciated that in the step 202 that portable terminal can directly send RAND to HLR/AUC, be not provided with in the SKEY order and do not need RAND is included in.
Here, portable terminal also can promptly generate SKEY voluntarily after transmission is provided with SKEY order, and does not need to wait for and that is to say the response of HLR/AUC, HLR/AUC does not need to send SKEY to portable terminal successfully order is set, but by portable terminal and HLR/AUC SKEY is set respectively separately.In addition, be appreciated that portable terminal can generate SKEY according to RAND earlier, and then RAND sent to HLR/AUC that HLR/AUC generates SKEY after receiving this RAND.
Similar with first embodiment, also can in the portable terminal and the network equipment, preserve multiple SKEY set-up mode in advance here, and each set-up mode is set up a SKEY set-up mode sign.In step 202, portable terminal can be selected a kind of in advance from multiple set-up mode, and the set-up mode sign of the selected set-up mode of correspondence sent to HLR/AUC by the SKEY order is set, HLR/AUC promptly uses the SKEY set-up mode of this set-up mode sign correspondence to generate SKEY.Equally, portable terminal also uses the own same set-up mode of selecting to generate SKEY, thereby has guaranteed the consistency of the SKEY of both sides generations receiving from after SKEY is set successfully orders of HLR/AUC.
In addition, HLR/AUC can check further whether this SKEY is a weak key after producing SKEY.If, then notify portable terminal, such as, send a key to portable terminal the failure order is set, and the failure cause that carries is a weak key, and portable terminal receives after key is provided with failure order, regenerates RAND and resends RAND, HLR/AUC regenerates SKEY according to new RAND again, till this SKEY is not weak key through inspection.If SKEY is not weak key on inspection, then sends key successfully order is set to portable terminal.
Be appreciated that portable terminal can oneself judge also whether SKEY is a weak key if mobile terminal self produces SKEY.If then regenerate RAND, and generate new SKEY according to RAND again, till this SKEY is not weak key through inspection.Just new RAND is sent to HLR/AUC then, HLR/AUC generates SKEY according to RAND.
Certainly, be appreciated that also portable terminal and HLR/AUC carry out the weak key inspection, wherein any one party is checked out when the key of generation is weak key, all requires to produce again RAND.
In addition, portable terminal also can produce SKEY earlier, then RAND is sent to the network equipment, and the network equipment produces SKEY voluntarily after receiving this RAND, and no longer need to return SKEY to portable terminal successfully order is set.
Fig. 3 shows the third embodiment of the present invention, does not wherein need to generate RAND, but directly the current separately known relevant information of basis generates SKEY.Its idiographic flow comprises as shown in Figure 3.
In step 301, at first send one to HLR/AUC the SKEY order is set by portable terminal.The SKEY order is set here can transmit by the MSC/VLR in the mobile communications network, and just portable terminal will be provided with the SKEY order and send to MSC/VLR, and MSC/VLR will send to HLR/AUC from this order of portable terminal then.
In step 302, HLR/AUC utilizes one or their any combination generation SKEY among CK, IK and the KI after receiving this order.
In step 303, HLR/AUC is after generating SKEY, and the SKEY that SKEY successfully has been set to an expression of portable terminal transmission HLR/AUC is provided with successfully order.Certainly, the SKEY here is provided with successfully to order and also can transmits by MSC/VLR.
In step 304, portable terminal is receiving after SKEY is provided with successfully order, adopts and network equipment generation method accordingly generates SKEY, just utilizes one or their any combination generation SKEY among CK, IK and the KI.
Wherein, in the step 302 HLR/AUC can be directly with one among CK, IK or the KI as SKEY, in this moment step 304 portable terminal also directly with one among CK, IK or the KI as SKEY.Perhaps, HLR/AUC can be to one among CK, IK and the KI or their any line algorithm calculating generation SKEY that is combined in the step 302, in this case, portable terminal also carries out corresponding algorithm computation to any combination of among CK, IK and the KI or they and generates SKEY in the step 304.
Here, portable terminal also can promptly generate SKEY voluntarily after transmission is provided with SKEY order, and does not need to wait for and that is to say the response of HLR/AUC, HLR/AUC does not need to send SKEY to portable terminal successfully order is set, but by portable terminal and HLR/AUC SKEY is set respectively separately.In addition, be appreciated that portable terminal can generate SKEY earlier, send to HLR/AUC then the SKEY order is set that HLR/AUC generates SKEY after receiving this order.
Here also can in the portable terminal and the network equipment, preserve multiple SKEY set-up mode in advance, and each set-up mode is set up a SKEY set-up mode sign.In step 301, portable terminal can be selected a kind of in advance from multiple set-up mode, and the set-up mode sign of the selected set-up mode of correspondence sent to HLR/AUC by the SKEY order is set, HLR/AUC promptly uses the SKEY set-up mode of this set-up mode sign correspondence to generate SKEY.Equally, portable terminal also uses the own same set-up mode of selecting to generate SKEY, thereby has guaranteed the consistency of the SKEY of both sides generations receiving from after SKEY is set successfully orders of HLR/AUC.
In addition, HLR/AUC can check further whether this SKEY is a weak key after producing SKEY.If, then notifying portable terminal, both sides produce SKEY again, till this SKEY is not weak key through inspection.If SKEY is not weak key on inspection, then carry out subsequent treatment.In addition, be appreciated that portable terminal can oneself judge also whether SKEY is a weak key.If both sides produce SKEY again, till this SKEY is not weak key through inspection.
Fig. 4 shows the fourth embodiment of the present invention.In step 401, portable terminal sends to HLR/AUC the SKEY order is set.The SKEY order is set here can transmit by the MSC/VLR in the mobile communications network, and just portable terminal will be provided with the SKEY order and send to MSC/VLR, and MSC/VLR will send to HLR/AUC from this order of portable terminal then.
In step 402, HLR/AUC is after receiving this order, and HLR/AUC utilizes or their any combination generation SKEY among CK, IK and the KI.
In step 403, HLR/AUC encrypts this SKEY by CK after generating SKEY, forms the ciphertext of SKEY.
In step 404, HLR/AUC sends the ciphertext of SKEY to portable terminal.
In step 405, portable terminal utilizes the CK of oneself that the SKEY ciphertext is decrypted after receiving the SKEY ciphertext, obtains the plaintext of SKEY.
Certainly can understand, HLR/AUC also can generate SKEY by additive method in the step 402, and the present invention does not limit this.No matter adopt any method to produce SKEY, obtain ciphertext and send this ciphertext to portable terminal as long as this SKEY encrypted, portable terminal is decrypted ciphertext and obtains SKEY expressly, all belongs to a kind of embodiment of present embodiment spirit.
Fig. 5 shows the fifth embodiment of the present invention.In step 501, portable terminal utilizes or their any combination generation SKEY among CK, IK and the KI.
In step 502, the CK of portable terminal utilization oneself encrypts this SKEY, forms the ciphertext of SKEY.
In step 503, portable terminal sends the ciphertext of SKEY to HLR/AUC.
In step 504, HLR/AUC utilizes the CK of oneself that the SKEY ciphertext is decrypted after receiving the SKEY ciphertext, obtains the plaintext of SKEY.
Certainly can understand, portable terminal also can generate SKEY by additive method in the step 501, and the present invention does not limit this.No matter adopt any method to produce SKEY, obtain ciphertext and send this ciphertext to the network equipment as long as this SKEY encrypted, the network equipment is decrypted ciphertext and obtains SKEY expressly, all belongs to a kind of embodiment of present embodiment spirit.
For the 4th and the 5th embodiment, can in the portable terminal and the network equipment, preserve multiple SKEY set-up mode in advance, and each set-up mode is set up a SKEY set-up mode sign.Portable terminal can be selected a kind of in advance from multiple set-up mode, and the set-up mode sign of the selected set-up mode of correspondence sent to HLR/AUC by the SKEY order is set, HLR/AUC promptly uses the SKEY set-up mode of this set-up mode sign correspondence to generate SKEY.Portable terminal be selected and be sent to set-up mode also can by HLR/AUC.
In addition, for portable terminal that at first produces SKEY or HLR/AUC, can check further whether this SKEY is a weak key.If regenerate SKEY, till this SKEY is not weak key through inspection.Such as, when the SKEY that is checked through generation is weak key, can changes a kind of set-up mode and regenerate SKEY.
In the above-mentioned the whole bag of tricks, may further include a SKEY startup sign SFLAG is set, such as, when SFLAG was 1, expression had started terminal security function, and when SFLAG was 0, terminal security function had been closed in expression.HLR/AUC and portable terminal can be set to 1 by SFLAG after key SK EY is set.Certainly, also can be set to 0 and represent to close a terminal safety function, and when SKEY was not 0, expression had started terminal security function by SKEY.In the middle of the reality, the value that an opening/closing order is used to be provided with SFLAG can be set, also can remove SKEY and be provided with SKEY is changed to 0, thereby reach the purpose of the safety function of closing a terminal by being provided with.
In the above-mentioned the whole bag of tricks, corresponding set-up mode can be varied.Employed parameter information in the time of can determining to generate SKEY by set-up mode, such as: CK is only arranged and IK is only arranged, RAND and CK are only arranged, CK and IMSI are only arranged, KI and SKEY are only arranged, KI and RAND and IMSI or the like are arranged simultaneously.Employed algorithm information in the time of can also determining to generate SKEY by set-up mode, that is, and the different algorithm that uses when determining to generate SKEY by different set-up modes.Such as, encrypt IMSI by CK and obtain ciphertext, or the computing of making a summary obtains summary as SKEY to IMSI by IK as SKEY, or the like.
In the above-mentioned the whole bag of tricks, calculate under the situation that generates SKEY at the network equipment and portable terminal, can also further consider mobile phone users card characteristic information during calculating, for example IMSI information, subscriber card Electronic Serial Number ESN, also can further consider mobile terminal features information, for example IMEI information, portable terminal Electronic Serial Number ESN perhaps can consider subscriber card characteristic information and mobile terminal features information simultaneously.
In the above-mentioned the whole bag of tricks, when portable terminal calculates SKEY, can be calculated by the portable terminal program fully, at this moment, the portable terminal program should possess corresponding algorithm computation ability; Also can calculate in subscriber card fully, that is, portable terminal sends information such as described RAND to subscriber card, is calculated according to the information such as CK, IK, KI of oneself by subscriber card, and sends the SKEY that obtains to the portable terminal program; Certainly, also can the time subscriber card and portable terminal program are common carries out corresponding calculating and obtain SKEY.Can be understood as, the step that the network equipment is generated SKEY realizes by subscriber card and portable terminal program respectively, thereby obtains the SKEY of the SKEY that produces corresponding to the network equipment.
For above-mentioned all embodiment, after being provided with SKEY, portable terminal and the network equipment can further increase the step of synchronous terminal sequence number of authentification msSQN.For example, can determine msSQN by the network equipment, and msSQN is sent to portable terminal that portable terminal is preserved the msSQN that receives from the network equipment then, thereby realization msSQN's is synchronous.Perhaps, the network equipment and portable terminal after SKEY is finished in setting, the msSQN of each self refresh oneself, for example all currency is set to the value of agreement agreement, such as 1, or the like, thereby realize msSQN synchronously.Or portable terminal is determined msSQN value in advance, and is provided with at the SKEY that sends to the network equipment and adds msSQN information in the order, and the network equipment is preserved the msSQN that receives from portable terminal, thereby realizes that msSQN's is synchronous.
For all embodiment, HLR/AUC can generate the authentication collection that authentication is used according to newly-installed safe key, and this authentication collection is sent to MSC/VLR.MSC/VLR preserves this authentication collection after receiving this authentication collection, thereby can utilize this authentication collection to realize follow-up authentication.Because follow-up authentication process is not a discussion scope of the present invention, therefore omit its detailed description here.
HLR/AUC also can be with this terminal use's relevant information deletion from the MSC/VLR of described terminal roaming after upgrading the SKEY setting.Like this, when the portable terminal authentication, MSC/VLR can send the authentication collection by active request HLR/AUC, at this moment, HLR/AUC can send to MSC/VLR with the authentication collection with the authentication of utilizing newly-installed safe key to generate, thereby, reach the purpose of upgrading the authentication collection of this portable terminal among the MSC/VLR indirectly.
Generation about SKEY, can use for reference the KI information of preserving in SIM card or the usim card, when user's initial start-up terminal security function, security terminal generates a RAND, submit to SIM or usim card, SIM or usim card utilize KI and RAND, use the algorithm of self preserving, calculate SRES, this SRES can be used as SKEY.HLR/AUC correspondingly utilizes KI and RAND, uses the algorithm of self preserving, and calculates SRES, and this SRES can be used as the SKEY corresponding to this terminal of network side preservation.
Portable terminal can provide the interface to start, cancel terminal security function or upgrade SKEY to the client.After the user inputed corresponding startup password, portable terminal can be sent out message initiated to network, cancels safety function or upgrade SKEY, upgraded the SKEY actual packet and was contained in the startup terminal security flow process no special feature.
Portable terminal starts, the message flow of cancellation terminal security function as shown in Figure 6, message wherein can be carried by USSD, like this MSC that supports the USSD function will not had new demand.
It is to start or cancellation safety function (function of upgrading SKEY can be included in and start in the function) that UE indicates in UE_Security_Request message, if start safety function, in message, need with on generate the random number (RAND1) of SKEY.
MSC is left intact to all relevant here message, passes through HLR.
After HLR receives this message, initiate UE_Security_Auth_Req message, carry random number RA ND2 in the message.
When UE received UE_Security_Auth_Req message, the KI according among RAND2 and the SIM/USIM calculated SRES2, in UE_Security_Auth_Rsp message SRES2 was sent to HLR.
When HLR receives UE_Security_Auth_Rsp message, whether SRES2 is legal in checking, if it is legal, then do corresponding processing according to indication in the UE_Security_Request message, if in the UE_Security_Request message be the request of " startup safety function ", then use the RAND1 in the message to generate SKEY, and be kept in the user data, loopback UE_Security_Response message indication then " starts the safety function success "; If be " cancellation safety function " in the UE_Security_Request message, then delete the SKEY of respective user data, loopback UE_Security_Response message indication " success of cancellation safety function ".If SRES2 is illegal in the HLR checking, the then indication corresponding function that UE asked failure in UE_Security_Response message.
In addition, after preventing that the user from starting safety function, forgotten password and can't cancel the problem of safety function, should initiate message cancellation safety function from network side, still can adopt top message, just sending direction is opposite.The user is by the customer service hotline of operator, confirmed the legitimacy of user identity the client of operator attendant after, can initiate the operation of cancellation user terminal safety function at operating desk.
The flow process of initiating " cancellation terminal security function " from network side as shown in Figure 7.
Security terminal all needs to upgrade the authentication vector among the MSC/SGSN after starting safety function, cancellation safety function or upgrading SKey, the process of upgrading authentication vector can be cooperated by HLR and security terminal to be finished.Upgrade authentication vector and can use Cancel Location and the Attach flow process that has defined among the 3GPP, as shown in Figure 8.
HLR finds after successfully starting, cancel terminal security function or having upgraded SKey, HLR sends Cancel Location message to MSC/SGSN, and the Cancellation Type in the message is set to " Subscription Withdraw ", and this moment, MSC/SGSN can delete associated user's contextual information immediately.
Security terminal after receiving the Detach Request message that MSC/VLR sends, loopback DetachAccept message.If security terminal is found this moment and has been carried out the variation (such as become non-safe condition from safe condition, perhaps become safe condition from non-safe condition, perhaps carried out the renewal of SKey) of safety function state, then initiates attachment flow automatically; Otherwise handle by the regulation in the agreement.
MSC/SGSN receive once more security terminal adhere to request after, can arrive HLR and get signatory and authorization data, thereby finish the renewal of authorization data.
If will start the SIM/USIM card of terminal security function changes on the non-security terminal and uses, because the state of user of preserving among the HLR is " having started safety function ", but not security terminal will continue to use subscriber card that network is carried out authentication, at this moment, authentication between subscriber card and the network can't be passed through, at this moment, MSC can send the failed authentication report to HLR, HLR will close the safety function that is provided with at original security terminal, restart flow process by user card authentication, and the authentication collection in the renewal MSC/VLR, at this moment, non-security terminal just can be by normal authentication.
If will start the SIM/USIM card of terminal security function changes on another security terminal and uses, because authentication can't be passed through for the first time, like this, HLR can close the safety function that is provided with at original security terminal, restart flow process by user card authentication, and the authentication collection in the renewal MSC/VLR, like this, as long as cancelling the safety function setting in new portable terminal, the user gets final product normal logging in network, then, the user can restart safety function, and be the equal of to refresh SKEY this moment for HLR.
Above-mentioned authentication collection also can be called the authentication tuple, and also can be called authentication vector.
Need to prove, SRES and XRES for the portable terminal generation, all represent the portable terminal response that to be response to network produce the authentication of portable terminal or subscriber card, in 3G and 2G, the algorithm that produces this response can be different, but its practical significance that is worth in response is that to be used for network be constant to the purpose of terminal or user card authentication.Therefore, in some cases, can be write SRES as XRES, also can be write XRES as SRES.
Above-mentioned MSC/VLR is a circuit domain equipment, and for the network of packet domain, corresponding MSC/VLR equipment can be SGSN.
After being provided with SKEY, portable terminal can realize ensureing the fail safe of oneself to the authentication of network by carrying out, thereby reaches antitheft purpose indirectly.Specifically comprise following embodiment.
In first embodiment as shown in Figure 9, in step 901, portable terminal is at first preserved a SKEY, and the SKEY here is identical with the SKEY corresponding to oneself that network equipment side is preserved.
In step 902, portable terminal is after the authentication information that receives from network equipment side, SKEY according to this authentication information and oneself preservation judges whether the authentication of network is passed through, if pass through, at the normal access network of step 903, if do not pass through, assert that then oneself is illegal, stop the normal use of oneself in step 904.
Here the normal use that stops oneself can be not allow own access network, perhaps directly outage or shutdown etc., and can cooperate the operations such as notifying kith and kin or safe office that for example sends SMS message.
Figure 10 shows second embodiment of authentication process.In step 1001, portable terminal is at first preserved a SKEY, and the SKEY here is consistent with the SKEY corresponding to oneself that network equipment side is preserved.In general, what terminal and network side were preserved respectively is a pair of symmetric key, and generally this is identical to symmetric key.
In step 1002, portable terminal is after the RAND and AUTN that receive from MSC/VLR, calculate a MAC value according to the SKEY of oneself and RAND, the SQN of reception, and whether the MAC value that relatively oneself calculates is consistent with MAC value among the AUTN, if inconsistent, then at the failed authentication of step 1003 judgement to network; Otherwise judge in step 1004 whether AUTN can accept,,, otherwise initiate the SQN synch command to network in step 1006 then in the authentication success of step 1005 judgement to network if can accept.
In step 1004, judge that whether AUTN can accept is by judging that SQN wherein finishes.Portable terminal and network side can be preserved a synchronous SQN in advance, like this, terminal is when receiving the authentication information of network side, can whether satisfy predetermined condition by relatively more own SQN that preserves and the SQN among the AUTN and judge whether AUTN can accept, this predetermined condition can be that the difference of SQN of SQN among the AUTN and portable terminal oneself preservation is in a preset range.If portable terminal is judged the difference of SQN among the AUTN and the SQN that oneself preserves and in described preset range, is judged that then AUTN is acceptable, otherwise judge that AUTN is unacceptable.
After the portable terminal judgement is passed through the authentication of network, use the SQN among the AUTN that receives to upgrade the SQN that oneself preserves.
Comprise at AUTN and in step 1002, further consider AMF under the situation of AMF that such as RAND, SQN and the AMF generation MAC value of the SKEY that utilizes oneself, reception, wherein SQN and AMF carry among the AUTN.
Here, before step 1002, may further include one and judge whether to carry out according to SKEY network is carried out the step of authentication, if, execution in step 1002; Otherwise according to not carrying out network is carried out the step of authentication, that is, RAND and AUTN are sent to subscriber card, network is carried out authentication by subscriber card according to existing procedure according to SKEY.
Equally, the SQN here can use the SQN identical with prior art, promptly is used for the SQN of user card authentication, also is the corresponding SQN that preserves of network and subscriber card, specifically can be with reference to the related protocol regulation of 3GPP33.102/29.002.But preferably, the present invention is provided with a SQN who is specifically designed to the portable terminal authentication in addition separately, and portable terminal and HLR/AUC also can carry out Synchronous Processing to this SQN.Certainly can understand, separately the SQN that preserves in the SQN that is provided with and the subscriber card can get identical value.
Figure 11 shows the 3rd embodiment of authentication process.In step 1101, at first in the network equipment and portable terminal, preserve the SKEY of a corresponding portable terminal authentication simultaneously.Certainly, the SKEY that preserves of network equipment can be the SKEY that corresponding mobile terminal features information is preserved here, also can be the SKEY that the IMSI corresponding to subscriber card preserves.Network equipment also can be preserved SKEY according to user's mobile terminal number MSISDN.
In step 1102, the network equipment at first produces Jie RAND when generating authentication information at some portable terminals.
In step 1103, network equipment utilization generates authentication information to the SKEY that should portable terminal and the RAND of generation.
In step 1104, the network equipment sends to corresponding mobile terminal with authentication information.
In step 1105, portable terminal is after the authentication information that receives from network equipment side, SKEY according to this authentication information and oneself preservation judges whether the authentication of network is passed through, if pass through, at the normal access network of step 1106, if do not pass through, do not allow normal access network in step 1107.
After the portable terminal judgement is passed through the authentication of network, use the SQN among the AUTN that receives to upgrade the SQN that oneself preserves.
Figure 12 shows the 4th embodiment of authentication process.In step 1201, at first in HLR/AUC and portable terminal, preserve the SKEY of corresponding portable terminal authentication simultaneously.
In step 1202, HLR/AUC utilizes the randomizer of oneself to produce a RAND.
In step 1203, HLR/AUC utilizes KI of oneself preserving (KI) and the RAND that oneself produces to calculate XRES, CK and IK.
In step 1204, HLR/AUC utilizes SKEY and the RAND and the SQN generation MAC of the corresponding portable terminal of preserving in advance.The SQN here is current known, such as, pre-set.
In step 1205, HLR/AUC is combined into AUTN with MAC and known SQN.
Comprise at AUTN and in step 1204, further consider AMF under the situation of AMF that such as utilizing SKEY, RAND, SQN and AMF to generate MAC, wherein AMF also sets in advance.In step 1205, further consider AMF equally, just MAC, SQN and AMF are together to form AUTN.
In step 1206, HLR/AUC forms an authentication collection with RAND, AUTN, XRES, CK and IK.
In step 1207, HLR/AUC sends to MSC/VLR with this authentication collection.
In step 1208, during authentication, MSC/VLR concentrates in the corresponding authentication of this portable terminal and extracts RAND and AUTN, sends to portable terminal as authentication information of the present invention.
This step can be that portable terminal begins to trigger message of network side transmission.In the middle of the reality, initiate position updating request, or during service request, MSC/VLR can initiate authentication request to terminal, can initiate authentication request to terminal such as MSC/VLR when mobile terminal-opening lands network at portable terminal.
This step can be that network side is initiatively initiated, such as, when network side is not for a long time initiated association requests at portable terminal, set out to initiate an authorizing procedure.
In step 1209, portable terminal is after the RAND and AUTN that receive from MSC/VLR, calculate a MAC value according to the SKEY of oneself and RAND, the SQN of reception, and whether the MAC value that relatively oneself calculates is consistent with MAC value among the AUTN, if inconsistent, then at the failed authentication of step 1210 judgement to network; Otherwise judge in step 1211 whether AUTN can accept, if can accept, then in the authentication success of step 1212 judgement to network, otherwise, if unacceptable, then initiate a SQN synch command to network at step 1213 portable terminal.
In step 1211, judge that whether AUTN can accept can be by judging whether SQN among the AUTN and the SQN that oneself preserves satisfy predetermined condition and realize, if judge that AUTN is acceptable, otherwise judge that AUTN is unacceptable.The difference of SQN that such as, predetermined condition can be SQN among the AUTN and own preservation is in a preset range.
In step 1213, portable terminal by synchronous flow process, makes the corresponding SQN that preserves of terminal and network synchronous to the synch command of a synchronous SQN of network side transmission.About the synchronous flow process of SQN, can with reference in the prior art about the synchronous description of SQN, referring to 3GPP 33.102/29.002 related protocol, do not repeat them here.
Portable terminal judge the authentication of network passed through after, use receive AUTN in SQN upgrade the SQN of own preservation.
Comprise at AUTN and in step 1209, further consider AMF under the situation of AMF that such as RAND, SQN and the AMF generation MAC value of the SKEY that utilizes oneself, reception, wherein SQN and AMF carry among the AUTN.
Above-mentionedly illustrated that portable terminal of the present invention carries out the processing of authentication to network, the present invention can further include by network portable terminal is carried out the processing of authentication, just after step 1212, continues to carry out network carries out authentication to terminal subsequent step.
In the 5th embodiment, as shown in figure 13, step 1301-1313 and step 1201-1213 are identical, no longer repeat specification.
In step 1314, portable terminal sends to subscriber card with RAND.
In step 1315, subscriber card uses the KI of oneself and the RAND of reception to generate XRES, CK and IK.
In step 1316, subscriber card sends to portable terminal with the XRES that generates.
In step 1317, the XRES that portable terminal will be received from subscriber card sends to MSC/VLR.
In step 1318, whether MSC/VLR relatively is received from the corresponding authentication of the XRES of portable terminal and this portable terminal that is received from HLR/AUC and concentrates XRES consistent.If consistent, the portable terminal authentication is passed through in step 1319 decision network; Otherwise in step 1320 decision network to the portable terminal failed authentication.
Here in step 1314, for compatible with existing processing, portable terminal can send AUTN when sending RAND, and subscriber card can further carry out authentication according to AUTN and the KI of oneself to network like this.In this case, portable terminal can be arranged to the AUTN that sends to subscriber card authentication is carried out in an expression to network by portable terminal particular value, subscriber card is being judged after AUTN is this particular value, only use KI and RAND to produce XRES, CK and IK, and no longer network is carried out authentication according to AUTN and KI.
When subscriber card generates XRES, CK and IK according to KI and RAND, also can only produce XRES and CK, then XRES and the CK that produces sent to portable terminal, derive IK by portable terminal according to CK.
Above-mentioned steps 1317, the XRES that portable terminal will be received from subscriber card sends to before the MSC/VLR, can judge whether network is second generation mobile communications network, if, portable terminal can be used for the SRES2g (Signed Response symbol response) and the KC2g (Cipher Key cryptographic key) of second generation network authentication according to derivation such as XRES, CK, IK, use the SRES2g that generates to substitute XRES and send MSC/VLR to, use KC2g and network side to carry out the encryption and decryption of related communication.Relevant derivation method related protocol in existing 3GPP has suggestion, does not repeat them here.
In addition, XRES, CK, IK also can be produced by SKEY and RAND, in the case, have proposed the 6th embodiment as shown in figure 14.
In step 1401, at first in HLR/AUC and portable terminal, preserve the SKEY of corresponding portable terminal authentication simultaneously.
In step 1402, HLR/AUC utilizes the randomizer of oneself to produce a RAND.
In step 1403, HLR/AUC utilizes the SKEY of the corresponding portable terminal of preserving in advance and the RAND of oneself generation to calculate XRES, CK and IK.
In step 1404, HLR/AUC utilizes SKEY and the RAND and the SQN generation MAC of the corresponding portable terminal of preserving in advance.The SQN here is current known, such as what pre-set.
In step 1405, HLR/AUC is combined into AUTN with MAC and known SQN.
Comprise at AUTN and in step 1404, further consider AMF under the situation of AMF that such as utilizing SKEY, RAND, SQN and AMF to generate MAC, wherein AMF also sets in advance.In step 1405, further consider AMF equally, just MAC, SQN and AMF are together to form AUTN.
In step 1406, HLR/AUC forms an authentication collection with RAND, AUTN, XRES, CK and IK.
In step 1407, HLR/AUC sends to MSC/VLR with this authentication collection.
In step 1408, during authentication, MSC/VLR concentrates in the corresponding authentication of this portable terminal and extracts RAND and AUTN, sends to portable terminal as authentication information of the present invention.
In step 1409, portable terminal is after the RAND and AUTN that receive from MSC/VLR, calculate a MAC value according to the SKEY of oneself and RAND, the SQN of reception, and whether the MAC value that relatively oneself calculates is consistent with MAC value among the AUTN, if inconsistent, then at the failed authentication of step 1410 judgement to network; Otherwise judge in step 1411 whether AUTN can accept,, then judge the authentication of network successful in step 1412 if can accept; Otherwise initiate a SQN synch command to network at step 1413 portable terminal.
In step 1411, judge that whether AUTN can accept can be by judging whether SQN among the AUTN and the SQN that oneself preserves satisfy predetermined condition and realize, if satisfy predetermined condition, judge that then AUTN is acceptable, otherwise judge that AUTN is unacceptable.The difference of SQN that such as, predetermined condition can be SQN among the AUTN and own preservation is in a preset range.
Portable terminal judging under the unacceptable situation of SQN, by sending the unacceptable order of SQN to network side, such as, initiate the synch command of a synchronous SQN, by synchronous flow process, the corresponding SQN that terminal and network are preserved is synchronous.
Portable terminal judge the authentication of network passed through after, use receive AUTN in SQN upgrade the SQN of own preservation.
Comprise at AUTN and in step 1409, further consider AMF under the situation of AMF that such as RAND, SQN and the AMF generation MAC value of the SKEY that utilizes oneself, reception, wherein SQN and AMF carry among the AUTN.
In step 1414, portable terminal uses the SKEY of oneself and the RAND of reception to generate XRES, CK and IK.And the XRES that oneself generates sent to MSC/VLR.
In step 1415, whether MSC/VLR relatively is received from the corresponding authentication of the XRES of portable terminal and this portable terminal that is received from HLR/AUC and concentrates XRES consistent.If consistent, the portable terminal authentication is passed through in step 1416 decision network; Otherwise in step 1417 decision network to the portable terminal failed authentication.
In the above-mentioned the whole bag of tricks, the network equipment, can once send when terminal sends authentication information such as MSC/VLR, also can send several times.Such as, transmit a RANDRAND for the first time, transmit authentication signature AUTN for the second time.In the middle of the reality, will decide branch to send several times according to the protocol capability of network.Such as, in the UMTS network, MSC/VLR can once send to portable terminal with authentication informations such as RAND, AUTN by the authentication order, and in second generation mobile communications network, MSC/VLR may need by twice or repeatedly the authentication order of authentication informations such as RAND, AUTN by second generation network be sent to portable terminal.
Above-mentioned, after the terminal authentication failure, can be further with failed authentication report notice MSC/VLR, MSC/VLR is with failed authentication report notice HLR/AUC.
HLR/AUC is after receiving the terminal authentication failure reporting that MSC/VLR reports, this terminal is set to non-safe condition, promptly close the safety function of this terminal, also be, mode according to normal non-security set produces the authentication collection, also promptly, reuse KI and replace SKEY to generate the authentication collection fully, and upgrade the authentication collection among the MSC/VLR.
Generally speaking, when the subscriber card that uses in the security terminal is inserted in the non-security terminal, non-security terminal is after the use subscriber card is obstructed to the authentication first time of network, and at this moment, non-security terminal is notified HLR/AUC with the failed authentication report via MSC/VLR, after HLR/AUC closes the safety function of corresponding terminal, again produce the authentication collection, and upgrade the authentication collection among the MSC/VLR, like this, non-security terminal can be by the authentication of network when authentication next time.
Above-mentioned authentication collection also can be called authentication tuple or authentication vector.
Need to prove, SRES and XRES for the portable terminal generation, all represent the portable terminal response that to be response to network produce the authentication of portable terminal or subscriber card, in 3G and 2G, the algorithm that produces this response can be different, but its practical significance that is worth in response is that to be used for network be constant to the purpose of terminal or user card authentication.Therefore, in some cases, can be write SRES as XRES, also can be write XRES as SRES.
Above-mentioned MSC/VLR is a circuit domain equipment, and for the network of packet domain, corresponding MSC/VLR equipment can be SGSN.
Be appreciated that the above only for preferred embodiment of the present invention, or not within the spirit and principles in the present invention not all in order to restriction the present invention, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (16)
1. the safe key method to set up in the mobile communications network comprises at least:
A. generate a random number;
B. any one party in the network equipment and the portable terminal is provided with safe key and notifies the opposing party after being provided with successfully according to the mode of this random number according to mutual coupling earlier, according to this random number and according to identical mode safe key is set by the opposing party again;
C. indicate in the portable terminal security request message that the attaching position register HLR of portable terminal in the network equipment sends to start safety function, and in this message, carry the random number that described step a generates;
After HLR receives described portable terminal security request message, initiate portable terminal secure authentication request message, and in this message, carry another random number that is used to generate authentication secret;
Portable terminal generates authentication secret according to random number in the described portable terminal secure authentication request message and the KI KI among the SIM/USIM, and is carried in the portable terminal secure authentication request message, is sent to HLR;
After HLR verifies that described authentication secret is legal, use the random number in the portable terminal security request message to generate safe key SKEY, and be kept in the user data, the indication of loopback portable terminal security response message starts the safety function success then.
2. method according to claim 1 is characterized in that, generating random number described in the step a is to generate random number by the network equipment, and step b comprises:
The network equipment generates safe key according to the random number that oneself generates;
The network equipment sends to portable terminal with this random number;
Portable terminal generates safe key according to the random number that is received from the network equipment.
3. method according to claim 2 is characterized in that, it is random number to be included in a safe key be provided with successfully in the order and send that the described network equipment sends to portable terminal with random number.
4. method according to claim 2 is characterized in that, further comprises checking whether this safe key is the step of weak key after the network equipment generates safe key, if re-execute step a; Otherwise carry out the described step that random number is sent to portable terminal.
5. method according to claim 2 is characterized in that, further comprises before the step a: portable terminal sends to the network equipment safe key order is set.
6. method according to claim 1 is characterized in that, generating random number described in the step a is to generate random number by portable terminal, and step b comprises:
Portable terminal generates safe key according to the random number that oneself generates;
Portable terminal sends to the network equipment with this random number;
The network equipment generates safe key according to the random number that is received from portable terminal.
7. method according to claim 1 is characterized in that, generating random number described in the step a is to generate random number by portable terminal, and step b comprises:
Portable terminal sends to the network equipment with this random number;
The network equipment generates safe key according to the random number that is received from portable terminal, and to portable terminal transmission safe key successfully order is set;
Portable terminal receives after safe key that the network equipment returns is provided with successfully order, according to the own random number generation safe key that generates.
8. method according to claim 6 is characterized in that, further comprises checking whether this safe key is the step of weak key after portable terminal generates safe key, if re-execute step a; Otherwise carry out the described step that random number is sent to the network equipment.
9. according to any described method in the claim 2,6,7, it is characterized in that described to generate safe key according to random number be to calculate safe key according to one among CK, IK and the KI or any combination and described random number.
10. method according to claim 9 is characterized in that, described calculating further comprises according to mobile phone users card characteristic information and/or mobile terminal features information to be carried out.
11. method according to claim 1, it is characterized in that, this method further is included in and sets in advance multiple safe key generating mode in the network equipment and the portable terminal and set up the set-up mode sign respectively, and it is that set-up mode according to this set-up mode sign correspondence generates safe key that the described network equipment and portable terminal are provided with safe key according to this random number according to the mode of mutual coupling.
12. method according to claim 11, it is characterized in that, this method further comprises: portable terminal is selected a kind of set-up mode from multiple set-up mode, and the set-up mode sign of selected set-up mode correspondence is sent to the network equipment by the safe key order is set.
13. method according to claim 11, it is characterized in that, this method further comprises: the network equipment is selected a kind of set-up mode from multiple set-up mode, and is provided with successfully by safe key the set-up mode sign of selected set-up mode correspondence that order sends to portable terminal.
14. method according to claim 1 is characterized in that, further comprises the step of the terminal authentication sequence number that the network equipment and portable terminal are preserved synchronously separately after step b.
15. method according to claim 1, it is characterized in that, the described network equipment is attaching position register/authentication center HLR/AUC, this method comprises that further HLR/AUC generates the step that the authentication collection also sends to this authentication collection mobile switching center MSC/VLR according to the safe key that is provided with, and described MSC/VLR preserves this authentication collection after receiving this authentication collection.
16. method according to claim 1, it is characterized in that, the described network equipment is HLR/AUC, and this method comprises that further HLR/AUC upgrades the step of the authentication collection of this terminal among the MSC/VLR, perhaps the step of from the MSC of described terminal roaming this terminal use's relevant information being deleted.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200410092775A CN100579274C (en) | 2004-11-09 | 2004-11-09 | Safety key setting-up method |
| PCT/CN2005/001872 WO2006050663A1 (en) | 2004-11-09 | 2005-11-08 | Method of setting security key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200410092775A CN100579274C (en) | 2004-11-09 | 2004-11-09 | Safety key setting-up method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1774125A CN1774125A (en) | 2006-05-17 |
| CN100579274C true CN100579274C (en) | 2010-01-06 |
Family
ID=36336209
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200410092775A Expired - Fee Related CN100579274C (en) | 2004-11-09 | 2004-11-09 | Safety key setting-up method |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN100579274C (en) |
| WO (1) | WO2006050663A1 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571702B (en) * | 2010-12-22 | 2014-11-05 | 中兴通讯股份有限公司 | Key generation method, system and equipment in Internet of things |
| CN102833722B (en) * | 2012-08-31 | 2019-05-07 | 中兴通讯股份有限公司 | The treating method and apparatus of delete position message |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5991405A (en) * | 1998-01-27 | 1999-11-23 | Dsc Telecom, L.P. | Method for dynamically updating cellular phone unique encryption keys |
| CN1172469C (en) * | 2001-12-13 | 2004-10-20 | 华为技术有限公司 | Method for realizing secrete communication by autonomously selecting enciphered algorithm |
-
2004
- 2004-11-09 CN CN200410092775A patent/CN100579274C/en not_active Expired - Fee Related
-
2005
- 2005-11-08 WO PCT/CN2005/001872 patent/WO2006050663A1/en active Application Filing
Non-Patent Citations (2)
| Title |
|---|
| GPRS网络的安全性能. 郑友泉,冯振明.现代电信科技,第12卷. 2000 |
| GPRS网络的安全性能. 郑友泉,冯振明.现代电信科技,第12卷. 2000 * |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2006050663A1 (en) | 2006-05-18 |
| CN1774125A (en) | 2006-05-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1767430B (en) | Authentication method | |
| JP4263384B2 (en) | Improved method for authentication of user subscription identification module | |
| US9332575B2 (en) | Method and apparatus for enabling connectivity in a communication network | |
| CN100583767C (en) | Key updating method and device | |
| WO2008117006A1 (en) | An authentication method | |
| CN107454035B (en) | Identity authentication method and device | |
| CN101163003A (en) | System and method for authenticating network for terminal when SIM card use UMTS terminal and UMTS system | |
| CA3033619C (en) | Authentication server of a cellular telecommunication network and corresponding uicc | |
| CN104521213A (en) | Manipulation and restoration of authentication challenge parameters in network authentication procedures | |
| KR101281099B1 (en) | An Authentication method for preventing damages from lost and stolen smart phones | |
| CN100466806C (en) | Right discriminating method between mobile terminal and network equipment | |
| WO2011124051A1 (en) | Method and system for terminal authentication | |
| US10959094B2 (en) | Method of replacing at least one authentication parameter for authenticating a security element and corresponding security element | |
| CN104955029A (en) | Address book protection method, address book protection device and communication system | |
| CN101160784B (en) | Cipher key updating negotiation method and apparatus | |
| CN100518056C (en) | Method for producing user card authentication random number of network apparatus and authentication method | |
| CN100579274C (en) | Safety key setting-up method | |
| Patiyoot et al. | Cryptographic security techniques for wireless networks | |
| CN100396156C (en) | Synchronous SQN processing method | |
| CN100459787C (en) | Method for protecting user card | |
| CN100441036C (en) | Method for validating security of mobile terminal in CDMA network | |
| CN101175324B (en) | Safety guaranteeing method of user card | |
| EP4057659A1 (en) | A method of replacing a current key in a security element and corresponding security element | |
| KR101603476B1 (en) | Method for Dual Certification by using Dual Channel | |
| Brookson | Mobile secure telephones |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100106 Termination date: 20121109 |