CN100589381C - User identity secret-keeping method in communication system - Google Patents
User identity secret-keeping method in communication system Download PDFInfo
- Publication number
- CN100589381C CN100589381C CN200410077487A CN200410077487A CN100589381C CN 100589381 C CN100589381 C CN 100589381C CN 200410077487 A CN200410077487 A CN 200410077487A CN 200410077487 A CN200410077487 A CN 200410077487A CN 100589381 C CN100589381 C CN 100589381C
- Authority
- CN
- China
- Prior art keywords
- network
- identity information
- user
- permanent identity
- user terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 109
- 230000006854 communication Effects 0.000 title claims abstract description 64
- 238000004891 communication Methods 0.000 title claims abstract description 61
- 238000010295 mobile communication Methods 0.000 claims description 32
- 230000008569 process Effects 0.000 claims description 21
- 238000005516 engineering process Methods 0.000 abstract description 3
- CSRZQMIRAZTJOY-UHFFFAOYSA-N trimethylsilyl iodide Substances C[Si](C)(C)I CSRZQMIRAZTJOY-UHFFFAOYSA-N 0.000 description 21
- 230000004044 response Effects 0.000 description 8
- 230000000694 effects Effects 0.000 description 7
- 238000004458 analytical method Methods 0.000 description 6
- 238000009826 distribution Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000002950 deficient Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000003672 processing method Methods 0.000 description 2
- 101000896740 Solanum tuberosum Cysteine protease inhibitor 9 Proteins 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000001186 cumulative effect Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The disclosed secret method for ID in communication system with at least a user terminal and an identification server comprises: the user terminal accesses into network; the provide network identification server asks user to provide ID information; the user terminal enciphers self ID information with public key from server to send to server; the server deciphers the ID information with self private key to identify ID and provide service and charge. This invention uses asymmetric cryptography technology to satisfy security request.
Description
Technical field
The present invention relates to the security fields of communication system, particularly, relate to the implementation method of in a kind of communication system user identity being maintained secrecy.
Background technology
Be accompanied by development of computer, the communication technology has also obtained development fast, and various communication modes greatly facilitate Human's production and life, and deep effect the human existence mode.Common communications network system comprises the fixed network communication system, mobile communication system (cellular system), WLAN (wireless local area network) (IEEE802.11) etc.; The following communication system that may occur comprises wireless MAN (IEEE802.16) etc.
At present, various communication systems usually by special operator build, operation and management.Operator drops into certain fund and builds and maintaining communications network, and provides various communication services to collect the charges by the user (subscriber) to oneself.
Operator usually needs the user that the identity information of oneself is provided when access network in order to realize the charging to the user, is referred to as identification procedure.Communication network is according to user's identity, adds up this user's service time or quantity etc., and the user is carried out cumulative charging, also has charging forms such as bag time period certainly.No matter take which kind of mode to charge, communication network all must obtain user's identity information, just can have the communication cost record on the user of this identity then.Therefore, communication network user's identity all is the information of a key for operator and user.
Yet, in communication system usually facing to various security threats.Wherein multiple security threat is palmed off the validated user identity by the malicious person and is caused.Suppose to have certain malicious person to steal the identity information of certain validated user, and pretend to be the validated user access network with this identity, he is freely enjoy network service just, bears and its communication cost married again by this validated user.Such security breaches threaten the interests of having damaged validated user, finally also will cause damaging the communication network benefits of operators.
Operator can confirm user's identity when user access network usually in order to prevent the misuse of malicious person to the network service---in network security, be referred to as the process of authentication (authentication).The purpose of authentication is to guarantee that the alleged identity of this user is true, so just can guarantee to have only legal users just can enjoy the network service of operator.The core requirement of authentication is exactly that the user must prove " he knows the secret that the user of some this identity knows ".It needs to be noted that network will authenticate user's identity, must know user's identity information earlier, not so network just can't verify whether this user knows some secret of this identity really.
In Modern Communication System, user identity all is some individual privacy information under many situations.In general application, except Virtual network operator and the both sides that communicate by letter, the user does not wish that usually others knows the identity of oneself.In communication activity, if known user identity by uncorrelated person, this just means the exposure of communication action to a certain degree for the user.Particularly for the assailant of malice, the communications identities sign of obtaining object of attack (victim) is to implement the important prerequisite of follow-on attack.Therefore under possible situation, operator and correspondent hide user's identity information as far as possible, avoid being known by irrelevant person.
And specific in the mobile communication system, because communication activity has the advantages that cross-region moves, user position information also is a privacy information, the user does not wish that the action of oneself is tracked mala fide by others, when mobile communication subscriber is in certain concrete position and initiates communication, the exposure of subscriber identity information can directly cause the exposure of customer position information because the malice pursuer found somewhere this user's " identity ", just equal to have grasped this user " whereabouts ".This security threat in mobile communication system, be referred to as " malice tracking ", the threat that malice is followed the trail of also is that the privacy with subscriber identity information is closely connected together, and in other words, the privacy of the privacy of customer location and user identity is closely related in the mobile communication system.
Therefore under most of situation, Communications System User wishes to hide the identity information of oneself as far as possible, is not exposed to its other party except that communication network.And identity information must be told communication network simultaneously, otherwise communication network can't also can't be realized the accounting and billing to user's service according to this identity information to the service that the user provides customization.
In some cases, the identity information of hiding the user is the comparison difficulty, and such as in various wireless communication systems (as cellular system), the content of all communications is very easy to be subjected to malicious person's eavesdropping all by the wireless medium transmission.If the user adopts the identity information that expressly sends oneself when access communication network, the assailant just can steal this user's identity information easily, thereby also tracks this user's action position.
Adopted some mechanism to avoid the exposure of mobile subscriber identifier information in the existing mobile communication network.In the technical specification TS 33.102 of the 3GPP of 3G (Third Generation) Moblie standardization body, a kind of solution of distributing temporary identity to travelling carriage has been proposed.
The information of sign mobile subscriber identifier is called international mobile subscriber identify label (International Mobile Subscriber Identity is hereinafter to be referred as IMSI) in the mobile communication system, and this is identified at mobile subscriber of globally unique sign.IMSI is mobile subscriber's a permanent identity, is stored in usually in the subscriber identity module (SIM, Subscriber Identity Module) of travelling carriage.Sim module can be taked the form of smart card, and special secure storage areas is wherein arranged, and is used for depositing user's IMSI and the security informations such as key that authentication needs.
With respect to IMSI, a kind of mobile subscriber's temporary identity has been proposed in 3GPP standard TS 33.102, be referred to as interim mobile identify label (TMSI, Temporal Mobile Subscriber Identity).TMSI is the not too temporary identity information of privacy, can be kept in the general memory area of travelling carriage.TMSI has the independence with IMSI, therefore eavesdrops the information that TMSI can not obtain any IMSI.
The assigning process of travelling carriage temporary identity TMSI is such in the mobile communication system, and behind the mobile network in travelling carriage access somewhere, this ground (this locality) network is distributed to TMSI of travelling carriage by cryptochannel.The TMSI that this area network must guarantee to distribute to travelling carriage at every turn is unique in home network area, and local network need be preserved the corresponding relation of travelling carriage permanent identification IMSI and TMSI.
In the communication process afterwards, if when network needs travelling carriage that identity is provided, travelling carriage just sends to network to temporary identity sign TMSI and the network area information of distributing this sign as oneself identity.The uniqueness of TMSI can guarantee that two tuples of " network area information and interim mobile identify label TMSI " can travelling carriage of unique identification in the said network area, front.
In order to ensure higher fail safe, network can also be often upgrades user's TMSI.
In above process,, have only validated user just can decipher to know user's identity information because network is to encrypt to transmit to the distribution of travelling carriage TMSI.Therefore even malicious person's assigning process of having eavesdropped certain user TMSI also can't be known this user's IMSI and the corresponding relation between the TMSI.Like this, the listener-in can't be known user's true identity by TMSI information in the communication afterwards, to a certain extent positional information that also can't track user.The method of distribution T MSI can guarantee the confidentiality of user identity and position preferably thus.
But this method of describing among the 3GPP TS 33.102 has a defective, still needs travelling carriage that the permanent identity information of oneself is provided when network can not be discerned user's temporary identity in some cases exactly.These situations comprise that travelling carriage adds behind certain mobile network for the first time to network registry, and situation about roaming takes place between the mobile network travelling carriage.These the time travelling carriage network of visiting may lose user's temporary identity TMSI and the corresponding relation between the permanent identity IMSI, can send permanent identity IMSI to the travelling carriage request according to 3GPP standard network this moment.At this moment travelling carriage have to be with the permanent identification IMSI that expressly sends oneself to network.The malicious person just can take advantage of the occasion to intercept user's identity information, the destruction of having caused fail safe.If malicious attacker has enough resources, can also take a kind of more direct attack pattern, build the network of a personation, send the permanent identification demand signalling to travelling carriage, this moment, travelling carriage will send to the assailant to the identity information of oneself, so just directly caused the leakage of secure identity information.
Therefore, also have defective in the prior art, and await improving and development.
Summary of the invention
The objective of the invention is to propose the method for user identity confidentiality in a kind of communication system, can be succinctly the confidentiality of user identity in the assurance communication system of safety, especially for mobile communication system, the present invention is by maintaining secrecy to user's permanent identity, also reached simultaneously maintaining secrecy of customer position information to a certain extent, to overcome the defective among the 3GPP TS 33.102 effectively, guarantee all that under any circumstance user's true identity information is not obtained by malicious person's eavesdropping.
Technical scheme of the present invention is:
The method of user identity confidentiality in a kind of communication system, described communication system comprise a user terminal and a certificate server at least, wherein, said method comprising the steps of:
A) user terminal is prepared access network, and network authentication server requires the user that identity information is provided;
B) after user terminal is encrypted the identity information of oneself with the network authentication server PKI, send to described certificate server;
C) private key of described network authentication server utilization oneself decrypts subscriber identity information, then the user is provided by the authentication of identity and providing and billing operation of service.
Described method, wherein, described user terminal is by the online public key information of network or the public key information that offline mode is obtained network of obtaining immediately.
Described method, wherein, described offline mode comprises that the PKI with described certificate server writes in the subscriber terminal equipment memory block.
Described method, wherein, described communication system is a mobile communication system, described method also comprises: when user terminal must provide the permanent identity information of oneself for the first time when network registry, send to described network authentication server after described user terminal this permanent identity information of public key encryption with the certificate server of mobile communication system; Described network authentication server is with the permanent identity information of private key decrypted user, finish the registration process of user terminal after, described network distributes a temporary identity information for described user terminal.
Described method, wherein, described mobile communications network comprises visited network and home network, described method also comprises is provided the PKI of the certificate server of visited network by visited network when accessing user terminal to network.
Described method, wherein, described mobile communications network comprises visited network and home network, and described method also comprises when accessing user terminal to network, through relaying, the PKI that obtains the home network certificate server sends to described user terminal by described visited network.
Described method, wherein, described user terminal is when utilizing the public key encryption of certificate server to identity information, the each encryption all earlier with a random number carried out processing on the cryptography to identity information, the ciphertext that feasible encryption obtains changes, and this random number and identity information ciphertext are sent to described network authentication server together; Described network authentication server with private key to described identity information decrypt ciphertext and before encrypting the inverse operation of crypto-operation remove random number, obtain described user's identity information.
Described method, wherein, described user terminal is when utilizing the public key encryption of certificate server to identity information, and each the encryption is connected in series a random number in the identity information front, and this random number and identity information ciphertext are sent to described network authentication server together; Described network authentication server to described identity information decrypt ciphertext and after removing the random number of serial connection, obtains described user's identity information with private key.
Described method, wherein, described user terminal is when utilizing the public key encryption of certificate server to identity information, each encryption is with described identity information and a random number is connected in series or pursue the bit XOR, and described random number and identity information ciphertext are sent to described network authentication server together; Described network authentication server with private key to described identity information decrypt ciphertext and with described random number inverse operation after, obtain described user's identity information.
The method of user identity confidentiality in a kind of communication system provided by the present invention, owing in the identification procedure of communication system, adopt the asymmetric cryptographic technique in the cryptography, guaranteed the good confidentiality of subscriber identity information in the communication system, satisfied Modern Communication System for the more and more higher demand for security of user identity privacy; Further, method of the present invention is applied in the mobile communication system, can guarantee not leak in any case the identity information of mobile subscriber's (travelling carriage), this is that method institute in existing mobile communications system and the related specifications is unwarrantable.
Description of drawings
Fig. 1 be in the general communication network of the present invention to the method schematic diagram of user identity confidentiality, omitted the signal that does not influence most of network equipment of description among the figure;
Fig. 2 is the schematic diagram of the inventive method to the secret implementation method of mobile subscriber's permanent identity information (IMSI) in the mobile radio communication, does not distinguish visited network and home network among the figure;
Fig. 3 is a user identity confidentiality flow chart in the general communication system of the inventive method, has omitted the most of network equipment that does not influence description among the figure;
Fig. 4 is the secret flow chart of mobile subscriber's permanent identity information (IMSI) in the mobile communication system of the inventive method, adopts visited network public key encryption subscriber identity information;
Fig. 5 is the secret entire flow figure of mobile subscriber's permanent identity information (IMSI) in the mobile communication system of the inventive method, adopt home network public key encryption subscriber identity information, this moment, visited network need obtain the home network public key information alternately with home network;
Fig. 6 is the secret simplified flow chart of mobile subscriber's permanent identity information (IMSI) in the mobile communication system of the inventive method, adopt home network public key encryption subscriber identity information, signal has herein been preserved the home network public key information owing in the travelling carriage, so visited network no longer needs to carry out mutual situation with home network;
Fig. 7 is wireless MAN (WMAN) the system user identity confidentiality schematic flow sheet of the inventive method.
Embodiment
Below will be described in detail, so that technique effect of the present invention and scheme are had abundant understanding the specific embodiment of the present invention.
Main thought of the present invention is the asymmetric cryptographic technique that adopts in the identification procedure of communication system in the cryptography.In cryptography, asymmetric cryptographic technique is for symmetric cryptographic technique, the encryption and decryption of symmetric cryptographic technique adopts same key, and the encryption and decryption process of asymmetric cryptographic technique adopts different keys, common asymmetric cryptographic algorithm such as RSA etc.Adopt key---the PKI and the private key of a pair of correspondence in the asymmetric cryptography.PKI is normally disclosed, does not need secret especially; Private key needs the user carefully to take care of, and has only the he or she to know.In common application, PKI is used for data are maintained secrecy, and prevents that the malicious person from eavesdropping; Private key is used for realizing the authentication of data and entity, guarantees its authenticity.The flexibility of asymmetric cryptographic technique makes it be widely used in the various communication security agreements, realizes functions such as authentication and encryption key distribution, for example the secure socket layer (ssl) agreement that extensively adopts on the Internet.
The method of user identity confidentiality is introduced asymmetric cryptographic technique the process of identification in the described communication system of the present invention, be when accessing user terminal to network need provide the identity information of oneself, can utilize the PKI of network terminal, it is the PKI of network authentication server, encrypt the identity information of oneself, send network to.Network terminal then decrypts user's identity information with oneself private key, then according to this identity information to operations such as the user authenticate, and the user is provided services on the Internet and charges according to this identity information.Because user's identity information has passed through public key encryption, have only the private key of network authentication server to decipher, so the malicious person is to know user's identity information by eavesdropping only.
For mobile communication system, the method that can adopt method of the present invention to replace the TMSI distribution fully realizes maintaining complete secrecy to user identity.If consider the demand on the performance, be unwilling when the each access network of travelling carriage, all to carry out complicated public key calculation and influence the speed of access, can consider method of the present invention and existing temporary identity TMSI distribution mechanism are combined use.Concrete method is, when the user must provide the permanent identity IMSI of oneself during for the first time to network registry, can use the mobile network, and promptly the mobile network authentication server sends to network behind the public key encryption IMSI as AC (Authentication Center); The network IMSI of private key decrypted user.Finish (wherein having the authentication process probably) after the registration process of travelling carriage, network distributes a TMSI to travelling carriage.In the communication process afterwards, travelling carriage is all with the identify label of TMSI as oneself under most of situation.When the network requirement travelling carriage provided permanent identity, the user still can send to network with the public key encryption permanent identity of the webserver.
Subscriber identity information is encrypted the privacy that can well guarantee user identity with webserver PKI, but simple so direct application network public key encryption user's identity information also can bring some safety problems, mainly is the leakage of the privacy of customer position information.Because if each user uses the identity information of network public key encryption oneself, each encrypted ciphertext all is identical.For malicious attacker, just still might guess that this user has appeared at this area like this by deduction as long as intercepted this section ciphertext in certain area.
Therefore, a solution at this problem is to mix variable quantity in the subscriber identity information of each public key encryption.For example additional one section random number in the subscriber identity information back is carried out public key encryption to the data integral body behind the additional random number then, and the user sends to network together to ciphertext and the random number that public key encryption obtains.Network to decrypt ciphertext and after removing the random number of serial connection, can obtain subscriber identity information with private key.So, the each ciphertext that sends of travelling carriage is different, and malicious attacker can't be inferred.
The following describes basic method steps of the present invention:
The first step, user's (equipment) prepares access network, and network requirement the user provide identity information.
In second step, user's (equipment) obtains believable network PKI by certain mode, and the representative of network side certificate server normally in the reality, said here network PKI be the PKI of network authentication server just in fact.
Obtaining of network PKI can be by online or offline mode.Online mode promptly when user access network, is obtained the public key information of network immediately.Offline mode is meant that the user had obtained the network PKI by certain reliable fashion before access network, in some communication environment, even can take the network PKI is write the way of subscriber terminal equipment memory block.
But no matter adopt which kind of mode, the key in this step is that the user must guarantee the reliability of network PKI.In case the user has obtained false network PKI, then will expose behind the public key encryption of user's identity with falseness.For fear of the deception of network PKI, can take the mode relation of breaking the wall of mistrust of PKIX (PKI, PublicKey Infrastructure).Network sends to the user to the public key certificate of oneself, and the user verifies the authenticity of network credentials with certificate chain.Common public key certificate has X.509 digital certificate etc., can be with reference to ietf standard RFC3280.
In the 3rd step, the user sends to network after with the network PKI identity information of oneself being encrypted.
As previously mentioned, in order to improve fail safe, the identical customer position information that causes of the ciphertext of avoiding each encrypting user identity to obtain leaks, the inventive method can be handled subscriber identity information and some random data with cipher function, and the processing on this cryptography can be so that each ciphertext that obtains of encrypting be all inequality.Fairly simple processing method comprises identity information and random number is connected in series or pursue bit XOR etc., and the processing method of more complicated comprises with the random number being that key carries out symmetric cryptography etc. to identity information.Need send to network together through the random data after the cipher function processing, so that network side decrypts identity information in company with the identity information of encrypting.
In the 4th step, the private key of network utilisation oneself decrypts subscriber identity information.After obtaining subscriber identity information, network just can carry out the authentication of identity to the user, the providing of service, and charging etc. has been operated.
Below explanation each preferred embodiment of the present invention that will be more detailed.
At first for general communication network, method of the present invention realizes that the process of user identity confidentiality is as follows:
In general communication network, as Fig. 1, do not draw network nodes such as common fire compartment wall, router among this figure, certain user prepares access network.
Following narration process further is reduced to user terminal and certificate server (representative network) simultaneously with reference to Fig. 3 with network model, has omitted all intermediate nodes in the communication.These nodes mainly play message forwarding effect between user's access periods, so omit these nodes here and do not influence description to the identification procedure of the inventive method.
1) certificate server of network requires the user that the identity information of oneself is provided.Network authentication server can provide the PKI PubKey of oneself simultaneously to the user when user's requests identity information.If the user has known the PKI of certificate server in advance, then do not need certificate server that PKI is provided this moment.
2) after the user receives the PKI of certificate server, check the authenticity of this public key information.Think after the customer inspection that the PKI of certificate server is reliably, send to certificate server with the true identity Information ID of this public key encryption oneself.For the ciphertext that makes identity information changes, can be connected in series a random number RA ND when encrypting in the identity information front at every turn, and with this random number RA ND and identity information ciphertext [RAND||ID]
PubKeySend to certificate server together.
3) certificate server is received the subscriber identity information after the encryption, adopt the private key deciphering of oneself after, obtain user's true identity ID.
4) in the communication subsequently, network is served the user according to the user identity that decrypts, such as carrying out operation such as authentication.
Be described in how to realize user identity confidentiality method of the present invention in the mobile communications network below, as shown in Figure 2.Here provide the specific embodiment of two kinds of methods taking according to the characteristics of mobile radio communication.The thinking of two kinds of methods is similarly, all is the privacy of realizing mobile subscriber identifier with public key encryption, but different on the safe trust mode of two kinds of methods and the concrete form.
First kind of implementation method of the present invention is when travelling carriage inserts mobile network, provided by visited network
The PKI of certificate server in fact is the PKI of the AC of visited network authentication center (AuthenticationCenter).This time, travelling carriage need be trusted visited network, and transmitted the permanent identity IMSI of oneself with its public key encryption.
Second kind of implementation method is that travelling carriage is only trusted home network, must obtain by visited network through relaying
The PKI of the AC of authentication center sends to travelling carriage.
As shown in Figure 4, be first kind of identity confidentiality implementation method process schematic diagram in the mobile communication system of the inventive method.Succinct for what describe, omitted network elements such as the base station in the mobile communication system, mobile switching centre among the figure, because in identification procedure, these network elements only play the effect that message is transmitted, and omit the process prescription that does not influence the inventive method.The core network element of " visited network " among the figure is visited network location register VLR (Visitor Location Register), and the core network element of " home network " is AC of home network authentication center and attaching position register HLR (Home Location Register).
1) for a certain reason, visited network request travelling carriage provides mobile subscriber's permanent identification IMSI, and visited network provides the public key information PubKey of oneself to travelling carriage simultaneously.If travelling carriage has been known the PKI of visited network, then visited network does not need to provide at this moment public key information.
2) after the authenticity of travelling carriage checking visited network PKI, IMSI is sent to network after with the visited network public key encryption.For the ciphertext that makes identity information changes, can be connected in series a random number RA ND when encrypting in the IMSI front at every turn, and with this random number RA ND and identity information ciphertext [RAND||IMSI]
PubKeySend to visited network together.
3) visited network decrypts user identity IMSI with own private key, according to this user identity the user is authenticated then.
As shown in Figure 5, be second kind of identity confidentiality implementation method process in the mobile communication system of the present invention.Equally, the mobile communication system among the figure has been omitted most of network element, because in identification procedure, these network elements only play the effect that message is transmitted.
1) permanent identity request.For a certain reason, visited network need be to travelling carriage request user's permanent identification IMSI.
2) permanent identity response.Travelling carriage is reluctant just the home network information of oneself to be sent to visited network so that the permanent identity of oneself expressly to be provided, and visited network can obtain travelling carriage home network PKI PubKey from the home network relaying according to this information.
3) home network PKI request: described visited network is to its home network PKI of home network request PubKey of travelling carriage.
4) home network PKI response: home network passes to described visited network to the PKI PubKey of oneself.
5) permanent identity request.Visited network sends the permanent identity request to travelling carriage once more, simultaneously the home network public key information is sent to travelling carriage.
6) permanent identity response.After the authenticity of travelling carriage checking home network PKI, IMSI is sent to visited network after with public key encryption.For the ciphertext that makes identity information changes, can be connected in series a random number RA ND when encrypting in the IMSI front at every turn, and with this random number RA ND and identity information ciphertext [RAND||IMSI]
PubKeySend to visited network together.
7) identity analysis request.If the permanent identity information that visited network can't decrypted user is then given home network user's permanent identity relaying of encrypting.This message can be configured to " identity analysis request " message separately, also can combine with the message in the follow-up authentication process.
8) identity resolution response.Described home network decrypts mobile subscriber identifier IMSI with own private key, then this user identity is sent to visited network.If visited network noted earlier has sent " identity analysis request ", this moment, home network can send " identity resolution response "; If the front visited network is the user identity that will encrypt to be combined in the message of authentication process and to send to home network, home network also can directly send to visited network to mobile subscriber's IMSI in conjunction with the message of authentication.
9) visited network and home network carry out operations such as authentication to the user according to user's permanent identity IMSI.
Above process has supposed not preserve in the travelling carriage home network PKI, has known in advance or obtained the PKI of home network by said process that when travelling carriage then the mobile subscriber identifier identifying is as follows, please refer to shown in Figure 6:
1) permanent identity request.For a certain reason, visited network need be to travelling carriage request user's permanent identification IMSI.
2) permanent identity response.Because travelling carriage preserved home network PKI PubKey, so directly IMSI is sent to visited network after with the home network public key encryption.For the ciphertext that makes identity information changes, can be connected in series a random number RA ND when encrypting in the IMSI front at every turn, and with this random number RA ND and identity information ciphertext [RAND||IMSI]
PubKeySend to visited network together.
3) identity analysis request.Visited network can't decrypted user permanent identity information, then gives home network user's permanent identity relaying of encrypting.This message can be configured to " identity analysis request " separately, also can combine with the message of authentication process.
4) identity resolution response.Home network decrypts mobile subscriber identifier IMSI with own private key, then this user identity is sent to visited network.If the front visited network has sent independent " identity analysis request " message, this moment, home network can send " identity resolution response " message; If the front visited network is the user identity that will encrypt to be combined in the message of authentication process and to send to home network, then home network also can send to visited network to mobile subscriber's IMSI in conjunction with the message of authentication.
5) visited network and home network carry out operations such as authentication to the user according to user's permanent identity IMSI.
Can see that because this moment, visited network did not need to obtain PKI alternately with home network, the identification procedure of travelling carriage has been simplified greatly.
In above-mentioned two kinds of mobile communications network identification implementation methods of the present invention, first kind of implementation method is that with respect to the advantage of second kind of implementation method visited network does not need with home network mutual, can reduce the time delay of identification procedure; But travelling carriage will with the more mobile network relation of breaking the wall of mistrust, may need good PKI to support.
Second kind of implementation method of the present invention meets the trust mode of general mobile radio communication, and travelling carriage only need be trusted the home network of oneself.Therefore can write the home network PKI in advance in the memory block at travelling carriage in practice, visited network does not need to home network request public key information in this case.Second kind of implementation method is because visited network may need to carry out alternately with home network, and the time delay of identification procedure may be more of a specified duration like this.Second kind of implementation method adopted in suggestion in the mobile communication system of reality.
Provide the embodiment of user identity confidentiality in a WMAN (IEEE 802.16e) communication system at last again.As shown in Figure 7, travelling carriage, base station and three network entities of certificate server have been drawn among the figure.Travelling carriage is a subscriber equipment, and certificate server is generally the aaa server with authentication function, common aaa server such as radius server etc.Its concrete steps are: certain travelling carriage is just preparing to insert the WMAN network,
1) if network base station is not known network authentication server public key information PubKey at this moment, certificate server need pass to the base station to the PKI PubKey of oneself.If the certificate server public key information has been preserved in the base station, then do not need this step operation.
2) base station requests travelling carriage identity information sends to travelling carriage to certificate server PKI PubKey simultaneously.
3) after the identity information ID usefulness random number RA ND serial connection of travelling carriage with oneself, PubKey encrypts with the certificate server PKI, then with travelling carriage identity ciphertext [RAND||ID]
PubKeyAnd random number RA ND sends to the base station together.
4) base station is with travelling carriage identity ciphertext [RAND||ID]
PubKeyAnd random number RA ND is transmitted to network authentication server.
5) certificate server goes out user identity with own private key decryption restoration, travelling carriage is carried out subsequent operations such as authentication.
Thus, the inventive method has realized in communication system, to maintaining secrecy of subscriber identity information, i.e. the offering in the network of identity information during to authentification of user in guaranteeing communication process, prevented obtain the judgement with positional information of malicious person, guaranteed the crypticity of subscriber identity information subscriber identity information.
Should be understood that foregoing description of the present invention is at specific embodiment, is not the whole of claim and to the restriction of claim, and scope of patent protection of the present invention should be as the criterion with claim.
Claims (9)
1, the method for user identity confidentiality in a kind of communication system, described communication system comprises a user terminal and a certificate server at least, it is characterized in that, said method comprising the steps of:
A, user terminal are prepared access network, and the certificate server of network requires the user that permanent identity information is provided;
B, user terminal send to described certificate server with the certificate server PKI after the permanent identity information encryption of oneself;
The private key of C, described certificate server utilization oneself decrypts user's permanent identity information, then the user is provided by the authentication of identity and providing and billing operation of service.
2, method according to claim 1 is characterized in that, described user terminal is by the online public key information of network or the public key information that offline mode is obtained network of obtaining immediately.
3, method according to claim 2 is characterized in that, described offline mode comprises that the PKI with described certificate server writes in the subscriber terminal equipment memory block.
4, method according to claim 2, it is characterized in that, described communication system is a mobile communication system, described method also comprises: when user terminal must provide the permanent identity information of oneself for the first time when network registry, send to described network authentication server after described user terminal this permanent identity information of public key encryption with the certificate server of mobile communication system; Described network authentication server is with the permanent identity information of private key decrypted user, finish the registration process of user terminal after, described network distributes a temporary identity information for described user terminal.
5, method according to claim 4, it is characterized in that described network refers to mobile communications network, described mobile communications network comprises visited network and home network, described method also comprises is provided the PKI of the certificate server of visited network by visited network when accessing user terminal to network.
6, method according to claim 4, it is characterized in that, described network refers to mobile communications network, described mobile communications network comprises visited network and home network, described method also comprises when accessing user terminal to network, through relaying, the PKI that obtains the home network certificate server sends to described user terminal by described visited network.
7, according to the described method of the arbitrary claim of claim 1~6, it is characterized in that, described user terminal is when utilizing the public key encryption of certificate server to described permanent identity information, the each encryption all earlier with a random number carried out processing on the cryptography to described permanent identity information, the ciphertext that feasible encryption obtains changes, and this random number and described permanent identity information ciphertext are sent to described network authentication server together; Described network authentication server with private key to described permanent identity information decrypt ciphertext and before encrypting the inverse operation of crypto-operation remove random number, obtain described user's permanent identity information.
8, method according to claim 7, it is characterized in that, described user terminal is when utilizing the public key encryption of certificate server to described permanent identity information, the each encryption is connected in series a random number in described permanent identity information front, and this random number and described permanent identity information ciphertext are sent to described network authentication server together; Described network authentication server to described permanent identity information decrypt ciphertext and after removing the random number of serial connection, obtains described user's described permanent identity information with private key.
9, according to the described method of the arbitrary claim of claim 1~6, it is characterized in that, described user terminal is when utilizing the public key encryption of certificate server to described permanent identity information, each encryption is with described permanent identity information and a random number is connected in series or pursue the bit XOR, and described random number and described permanent identity information ciphertext are sent to described network authentication server together; Described network authentication server with private key to described permanent identity information decrypt ciphertext and with described random number inverse operation after, obtain described user's described permanent identity information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200410077487A CN100589381C (en) | 2004-12-14 | 2004-12-14 | User identity secret-keeping method in communication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200410077487A CN100589381C (en) | 2004-12-14 | 2004-12-14 | User identity secret-keeping method in communication system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1790984A CN1790984A (en) | 2006-06-21 |
| CN100589381C true CN100589381C (en) | 2010-02-10 |
Family
ID=36788517
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200410077487A Expired - Fee Related CN100589381C (en) | 2004-12-14 | 2004-12-14 | User identity secret-keeping method in communication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100589381C (en) |
Families Citing this family (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101242269B (en) * | 2007-02-09 | 2011-12-07 | 西门子(中国)有限公司 | Mobile communication terminal, service provider terminal, system and method for subscribing telecommunication service |
| CN101282518B (en) * | 2007-04-03 | 2011-10-19 | 展讯通信(上海)有限公司 | Method and smart card apparatus for protecting user privacy when opening handset |
| CN101034979B (en) * | 2007-04-10 | 2011-05-11 | 中兴通讯股份有限公司 | Protection method for user identify |
| CN101309466B (en) * | 2007-05-15 | 2011-03-30 | 展讯通信(上海)有限公司 | Method and apparatus protecting user's privacy when mobile phone started |
| JP2009033320A (en) * | 2007-07-25 | 2009-02-12 | Kyocera Corp | Authentication system for terminal, authentication method for terminal, terminal, and server |
| CN101933287B (en) * | 2007-08-08 | 2015-11-25 | 黄金富 | The encrypting and authenticating apparatus and method of the disposable one time key of antagonism wooden horse formula |
| CN101594233B (en) * | 2009-06-26 | 2012-01-04 | 成都市华为赛门铁克科技有限公司 | Method for uploading information, method for receiving information, equipment and communication system |
| CN101945379A (en) * | 2009-07-10 | 2011-01-12 | 华为技术有限公司 | Method for obtaining user permanent mark and access network equipment |
| CN101667913B (en) * | 2009-09-18 | 2011-12-21 | 重庆邮电大学 | Authenticated encryption method and encryption system based on symmetric encryption |
| CN101808313B (en) * | 2010-03-09 | 2012-11-21 | 华为技术有限公司 | Method for acquiring TMSI (Temporary Mobile Subscriber Identity), mobile station, home location register and communication system |
| CN102271330A (en) * | 2010-06-04 | 2011-12-07 | 希姆通信息技术(上海)有限公司 | Terminal, network server and method for communication between terminal and network server |
| CN101917710A (en) * | 2010-08-27 | 2010-12-15 | 中兴通讯股份有限公司 | Method, system and related device for mobile internet encryption communication |
| CN102026178B (en) * | 2010-12-31 | 2013-06-12 | 成都三零瑞通移动通信有限公司 | User identity protection method based on public-key mechanism |
| KR101451639B1 (en) * | 2014-02-18 | 2014-10-16 | 주식회사 시큐브 | Identification and theft prevention system using one times random key, and method thereof |
| CN104967612A (en) * | 2015-05-27 | 2015-10-07 | 李明 | Data encryption storage method, server and system |
| CN106209384B (en) * | 2016-07-19 | 2019-09-10 | 上海电享信息科技有限公司 | Use the client terminal of security mechanism and the communication authentication method of charging unit |
| CN106230784B (en) * | 2016-07-20 | 2020-09-18 | 新华三技术有限公司 | Equipment verification method and device |
| CN106533677B (en) * | 2016-12-30 | 2019-09-17 | 四川九洲电器集团有限责任公司 | A kind of user login method, user terminal and server |
| CN106973046B (en) * | 2017-03-16 | 2020-03-31 | 中国联合网络通信集团有限公司 | Inter-gateway data transmission method, source gateway and destination gateway |
| CN109391937B (en) * | 2017-08-04 | 2021-10-19 | 华为技术有限公司 | Method, device and system for obtaining public key |
| CN109391942A (en) | 2017-08-07 | 2019-02-26 | 华为技术有限公司 | Trigger the method and relevant device of network authentication |
| CN109409863A (en) * | 2017-08-16 | 2019-03-01 | 深圳如探索科技有限公司 | Apparatus control method and device |
| CN107295024A (en) * | 2017-08-24 | 2017-10-24 | 四川长虹电器股份有限公司 | It is a kind of to realize the method that web front end is landed safely and accessed |
| CN111246464B (en) * | 2018-11-29 | 2023-04-07 | 中国电信股份有限公司 | Identity authentication method, device and system, and computer readable storage medium |
| CN113038459A (en) * | 2019-12-25 | 2021-06-25 | 中兴通讯股份有限公司 | Private information transmission method and device, computer equipment and computer readable medium |
| CN114726521A (en) * | 2022-04-14 | 2022-07-08 | 广东好太太智能家居有限公司 | Intelligent lock temporary password generation method and electronic equipment |
-
2004
- 2004-12-14 CN CN200410077487A patent/CN100589381C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN1790984A (en) | 2006-06-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100589381C (en) | User identity secret-keeping method in communication system | |
| Ibrahim | OCTOPUS: An edge-fog mutual authentication scheme. | |
| CN101969638B (en) | Method for protecting international mobile subscriber identity (IMSI) in mobile communication | |
| EP2666316B1 (en) | Method and apparatus for authenticating a communication device | |
| CN101094065B (en) | Method and system for distributing cipher key in wireless communication network | |
| CN101511082B (en) | Method, equipment and system for updating group cipher key | |
| CN108880813B (en) | Method and device for realizing attachment process | |
| Rahman et al. | Security in wireless communication | |
| CN1929371B (en) | Method for negotiating key share between user and peripheral apparatus | |
| Khan et al. | Defeating the downgrade attack on identity privacy in 5G | |
| CN108683510A (en) | A kind of user identity update method of encrypted transmission | |
| Munilla et al. | An enhanced symmetric-key based 5G-AKA protocol | |
| Mobarhan et al. | Evaluation of security attacks on UMTS authentication mechanism | |
| CN101192927B (en) | Authorization based on identity confidentiality and multiple authentication method | |
| Saeed et al. | Pseudonym Mutable Based Privacy for 5G User Identity. | |
| Muthana et al. | Analysis of user identity privacy in LTE and proposed solution | |
| Mjolsnes et al. | Private identification of subscribers in mobile networks: status and challenges | |
| Ginzboorg et al. | Privacy of the long-term identities in cellular networks | |
| Angermeier et al. | PAL-privacy augmented LTE: A privacy-preserving scheme for vehicular LTE communication | |
| EP3518491A1 (en) | Registering or authenticating user equipment to a visited public land mobile network | |
| CN112054905B (en) | Secure communication method and system of mobile terminal | |
| CN102325321A (en) | Secret key obtaining method in evolution wireless communication network and user equipment | |
| Khan et al. | On de-synchronization of user pseudonyms in mobile networks | |
| KR100968522B1 (en) | Mobile Authentication Method for Strengthening the Mutual Authentication and Handover Security | |
| Sher et al. | Network access security management (NASM) model for next generation mobile telecommunication networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100210 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |