CN101022608A - CDMA standard group system key distributuion and dynamic updating method - Google Patents
CDMA standard group system key distributuion and dynamic updating method Download PDFInfo
- Publication number
- CN101022608A CN101022608A CN 200610033705 CN200610033705A CN101022608A CN 101022608 A CN101022608 A CN 101022608A CN 200610033705 CN200610033705 CN 200610033705 CN 200610033705 A CN200610033705 A CN 200610033705A CN 101022608 A CN101022608 A CN 101022608A
- Authority
- CN
- China
- Prior art keywords
- key
- terminal
- parameter
- group
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
A method for distributing cipher key of CDMA system cluster includes issuing call request of ciphering cluster by terminal, applying cipher key to cipher key management center by dispatch unit when PTT call is set up, embedding received cipher key parameter into authorized message being sent to calling terminal and embedding said parameter into notice message being sent to the other terminal in the group, taking said parameter out and calculating operation cipher key of this conversation by terminal after notice message is received then receiving enciphered data of speak user. The cipher key updating method is also disclosed.
Description
Technical field
The present invention relates to CDMA mobile communication system, especially the method that dynamically updates of key in the method for distributing key of speech scrambling and the communication process in the CDMA mode cluster system.
Background technology
The group system of CDMA standard, owing to can only allow a user to speak at synchronization, therefore can adopt the mode of sharing Code Channel, promptly all user's time-divisions of speaking are shared reverse voice channel, and in a specific period, this is shared reverse voice channel and uses only for the user terminal of speaking.By the mode of shared channel, both realized the trunked call between the group user under the sub-district, take the least possible channel resource again, to satisfy the capacity requirement of group system, especially jumbo requirement.
Encryption function is one of standard feature of group system, group system for the CDMA standard, each conversation all can have a plurality of users to participate in, this just requires all users correctly to decipher the data of other user encryptions, could guarantee that so all users can hear normal speech.For the encrypting and decrypting flow process that a plurality of like this users participate in, the correct key of each user synchronization gain in communication process that guarantees group system is the necessary condition that realizes above-mentioned functions.
In the encryption group system of CDMA standard, key distribution scheme need solve two problems:
1) the cluster conversation is set up in the process, and the key that is used for speech scrambling should be by system assignment to each terminal that participates in conversation, and the assurance system can set up speech scrambling smoothly;
2) require very high user for encrypting, need system in communication process, regularly dynamically to change encryption key usually, to guarantee the fail safe of user's communication.
At present, do not retrieve the relevant document that solves above-mentioned encryption key distribution and dynamically update problem as yet.
Summary of the invention
The technical problem to be solved in the present invention is to realize the encryption key distribution of speech scrambling in the CDMA mode cluster system, and dynamically updates key on this basis.
The invention provides a kind of CDMA mode cluster system method for distributing key, specifically may further comprise the steps:
Step 1, encryption terminal are initiated the group call request of encryption to dispatching patcher;
Step 2, dispatching patcher send secret key request message application key to KMC when PTT (Push To Talk, push-to-talk) call setup;
Step 3, KMC return the key parameter message of this conversation;
After step 4, dispatching patcher are received key parameter message, key parameter is embedded authorization messages send to the terminal that makes a call, the terminal that makes a call obtains right of speech after receiving authorization messages;
After the terminal of step 5, acquisition right of speech is received authorization messages, therefrom take out key parameter, calculate the working key that generates this conversation;
Step 6, dispatching patcher with this group other-end connecting system after, encryption parameter is embedded into to send in the notification message listens a terminal;
After step 7, a tin terminal receive notification message, key parameter is taken out the working key that calculates this conversation, begin to receive user's enciphered data in a minute.
Described mandate is meant that Trunked Radio System specifies certain terminal use to have right of speech.
Described notification message is meant that Trunked Radio System is used for refreshing the message of calling user information.
The present invention puies forward the method that dynamically updates key in a kind of CDMA mode cluster system speech scrambling process again,
Specifically may further comprise the steps:
Step 1, reach to carry out the cycle of key updating the time, send the new key of secret key request message application to KMC when the duration;
The management heart returns new key parameter in step 2, the key;
Step 3, dispatching patcher are embedded into new argument in the notification message after receiving new key parameter, send to all call terminals;
Step 4, call terminal receive notification message, therefrom extract key parameter, calculate to generate new working key;
The working key that step 5, all call terminals more renew is finished key updating.
Adopt method of the present invention, can realize in the CDMA mode cluster system participation being encrypted the correct distributed key of user of group calling, set up speech scrambling smoothly; And can be in the speech scrambling process new key more regularly, the fail safe of guaranteeing to encrypt demanding user's communication.
Description of drawings
Fig. 1 is a CDMA standard crypto set group communication system structure chart.
The distribution principle figure of key when Fig. 2 is CDMA standard encryption group system initiation call encryption.
Embodiment
Fig. 1 has provided CDMA standard crypto set group communication system structure chart, comprise PDS (Push-To-TalkDispatch Server, dispatch server), PDC (Push-To-Talk Dispatch Client dispatching client), DAS (Dispatch Agent Server, the dispatching desk server), DAC dispatching desk client (DAC, Dispatch Agent Client), PHR (Push-To-Talk Home Register, dispatching home location register), modules such as KDC (Key Dispatch Center, KMC), base station and crypto set group terminal.Wherein, PDS, PDC, PHR, DAS, DAC constitute the PTT dispatching service system jointly, and KDC is connected to this system cryptographic services is provided.The crypto set group terminal has added encrypting module in common colony terminal, utilize encrypting module to finish the end to end security function of colony dispatching service; The base station receives the signal of terminal in the described wireless zone, and the terminal in described zone sends wireless signal; PDC links to each other with cluster server by special-purpose trunking signal link, and the voice flow to cluster on reverse link converges, and on the forward link the speech business of cluster is distributed, and finishes the wireless access of group service; PDS carries out trunked call and handles, and comprising: differentiate cluster user, set up trunked call, judge cluster request etc., and the cluster voice packet that receiving uplink comes, and be distributed to down link; PHR provides group and group member registration, and the local information of group member is provided, and service authority is differentiated, carries out statistics and billing function; DAS is connected to PDS, is the manual dispatching center in the system, for certain each group user provides the manual dispatching service; DAC is connected to DAS by IP network, for scheduling operation provides perfect man-machine interface; KDC is the colony dispatching service of all encryptions, the working key that distributes end to end security to use.
Below in conjunction with Fig. 2 further detailed description is carried out in enforcement of the present invention:
201, MS1 initiates this encryption group calling as the promoter of group calling.Encrypt group calling and just made sign when exhaling rising,, just can judge the group calling that this group calling is an encryption at the initial stage of call setup;
202, PDS carries out authentication to PHR request group calling, differentiates the MS1 group calling of whether having the right to initiate, and obtains the information of all members in this group calling;
203, to discern this group calling be when encrypting group calling to PHR, sends the working key that this group calling of message application needs to KDC, wherein comprises the group number of this group calling in this message;
204, KDC utilizes group key that this working key is encrypted back transmission message and returns to PHR, and enciphered message comprises the group number of group calling and is used for the parameter that terminal generates working key in this message;
The parameter that wherein is used for terminal generation working key is determined that by concrete encipherment scheme KDC can generate voluntarily, also can obtain to the encryption device of client's special use, and group key obtains by group number.
205, PHR returns authenticating result and key information to PDS;
206, PDS sets up this group calling according to normal group calling flow process, distributes the resource of every use for this group calling;
207, PDS sends authorization messages to group calling promoter MS1, key information is taken to group calling promoter MS1 in this message;
208, group calling promoter MS1 receives key information, find the group key of this group of preserving at encrypting module by group number, the encryption parameter of this conversation that use group key and dispatching patcher send over calculates real working key and returns acknowledge message to PDS;
209, PDS is assigned to group member every other in the group by encryption key distribution message with encryption parameter;
210, other group members obtain passing through identical group key and identical encryption parameter behind the key message, calculate identical working key and return acknowledge message to PDS.
After this process finished, all users had obtained KDC for the identical working key that this group calling issues, and then can converse.
The confidentiality of user's communication requires to dynamically update key when high in the speech scrambling process, just periodically redistributes key in the communication process, specifically may further comprise the steps:
A, reach need carry out the cycle of key updating the time when the duration, PDS sends a request message to PHR, and obtains the information (as Figure 20 2) of all members in this group calling;
B, PHR send the new working key of message application to KDC, wherein comprise the group number (as Figure 20 3) of this group calling in this message;
C, KDC utilize group key that this working key is encrypted back transmission message and return to PHR (as Figure 20 4);
D, PHR are to PDS " return " key" information (as Figure 20 5);
E, PDS send new key information (as Figure 20 9) by notification message to all call terminals;
After f, terminal obtain receiving notification message, therefrom take out encryption parameter, calculate new working key (as Figure 21 0);
The key that g, all call terminals more renew is finished key updating.
Claims (9)
1, a kind of CDMA mode cluster system method for distributing key is characterized in that, specifically may further comprise the steps:
1.1, encrypt terminal and initiate the group call request of encrypting to dispatching patcher;
1.2, dispatching patcher when PTT (Push To Talk, push-to-talk) call setup, send secret key request message application key to KMC;
1.3, KMC returns the key parameter information of this conversation;
1.4, after dispatching patcher receives key parameter message, key parameter is embedded authorization messages sends to the terminal that makes a call, the terminal that makes a call obtains right of speech after receiving authorization messages.
1.5, after the terminal that obtains right of speech receives authorization messages, therefrom take out key parameter, calculate the key that generates this conversation;
1.6, dispatching patcher with this group other-end connecting system after, encryption parameter is embedded into to send in the notification message listens a terminal;
1.7, listen a terminal to receive notification message after, key parameter is taken out the working key that calculates this conversation, begin to receive user's enciphered data in a minute.
2, dynamically update the method for key in a kind of CDMA mode cluster system communication process, it is characterized in that, specifically may further comprise the steps:
2.1, reached need carry out the cycle of key updating the time when the duration, send the new key of secret key request message application to KMC;
2.2, the management heart returns new key parameter message in the key;
2.3, after dispatching patcher receives new key parameter, new argument is embedded in the notification message, send to all call terminals;
2.4, terminal receives notification message, therefrom extracts key parameter, calculate to generate new conversation working key;
2.5, all participate in the working key that the terminal of speech scramblings more renews, and finish key updating.
3. according to claim 1 or described method, it is characterized in that, comprise the group number of group calling in the described secret key request message of step 1.2.
4. method according to claim 1 is characterized in that, the described key parameter of step 1.3 is that cipher key center generates voluntarily or obtains to the encryption device of client's special use.
5. method according to claim 1 is characterized in that, the described key parameter information of step 1.3 comprises the group number of group calling and is used for the parameter that terminal generates working key.
6. according to the method for claim 1, it is characterized in that the described notification message of step 1.5 is meant that Trunked Radio System is used for refreshing the message of calling user information.
7. method according to claim 2 is characterized in that, the described key parameter of step 2.2 is that cipher key center generates voluntarily or obtains to the encryption device of client's special use.
8. method according to claim 2 is characterized in that, the described key parameter information of step 2.2 comprises the group number of group calling and is used for the parameter that terminal generates working key.
9. method according to claim 2 is characterized in that, the described notification message of step 2.3 is meant that Trunked Radio System is used for refreshing the message of calling user information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100337059A CN100518346C (en) | 2006-02-15 | 2006-02-15 | CDMA standard group system key distributuion and dynamic updating method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100337059A CN100518346C (en) | 2006-02-15 | 2006-02-15 | CDMA standard group system key distributuion and dynamic updating method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101022608A true CN101022608A (en) | 2007-08-22 |
| CN100518346C CN100518346C (en) | 2009-07-22 |
Family
ID=38710236
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100337059A Expired - Fee Related CN100518346C (en) | 2006-02-15 | 2006-02-15 | CDMA standard group system key distributuion and dynamic updating method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100518346C (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009049447A1 (en) * | 2007-10-15 | 2009-04-23 | Zte Corporation | Ptt dispatching system and a remote-destroying key method thereof |
| CN101848425A (en) * | 2010-04-23 | 2010-09-29 | 深圳市戴文科技有限公司 | PTT (Push-To-Talk) data processing method, terminal, PTT server and PTT system |
| CN101977379A (en) * | 2010-10-28 | 2011-02-16 | 中兴通讯股份有限公司 | Authentication method and device of mobile terminal |
| CN102256213A (en) * | 2011-06-29 | 2011-11-23 | 中兴通讯股份有限公司 | Communication method and terminal of global open trunking architecture communication system |
| CN101562519B (en) * | 2009-05-27 | 2011-11-30 | 广州杰赛科技股份有限公司 | Digital certificate management method of user packet communication network and user terminal for accessing into user packet communication network |
| CN101651944B (en) * | 2009-06-16 | 2012-01-11 | 中兴通讯股份有限公司 | Cluster system and encrypted communication method |
| CN104427496A (en) * | 2013-08-29 | 2015-03-18 | 成都鼎桥通信技术有限公司 | TD-LTE cluster communication system encryption transmission method, device and system |
| CN104539428A (en) * | 2014-12-30 | 2015-04-22 | 成都三零瑞通移动通信有限公司 | Dynamic restructuring method in cluster encryption communication |
| WO2017012425A1 (en) * | 2015-07-17 | 2017-01-26 | 中兴通讯股份有限公司 | Method for managing shared channel of broadband cluster system, system, terminal and base station |
| CN106454757A (en) * | 2016-11-23 | 2017-02-22 | 北京坦达信息科技有限公司 | Communication encryption and decryption method for wireless broadband network |
| CN106998550A (en) * | 2016-01-25 | 2017-08-01 | 展讯通信(上海)有限公司 | The update method and device of the group root key of cluster multi call |
| CN107277808A (en) * | 2017-07-27 | 2017-10-20 | 中兴软创科技股份有限公司 | A kind of method that wireless terminal accesses wireless network using independent dynamic key |
-
2006
- 2006-02-15 CN CNB2006100337059A patent/CN100518346C/en not_active Expired - Fee Related
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009049447A1 (en) * | 2007-10-15 | 2009-04-23 | Zte Corporation | Ptt dispatching system and a remote-destroying key method thereof |
| CN101141710B (en) * | 2007-10-15 | 2011-05-25 | 中兴通讯股份有限公司 | Cluster scheduling system and cipher key remote destroying method |
| CN101562519B (en) * | 2009-05-27 | 2011-11-30 | 广州杰赛科技股份有限公司 | Digital certificate management method of user packet communication network and user terminal for accessing into user packet communication network |
| CN101651944B (en) * | 2009-06-16 | 2012-01-11 | 中兴通讯股份有限公司 | Cluster system and encrypted communication method |
| CN101848425A (en) * | 2010-04-23 | 2010-09-29 | 深圳市戴文科技有限公司 | PTT (Push-To-Talk) data processing method, terminal, PTT server and PTT system |
| CN101977379A (en) * | 2010-10-28 | 2011-02-16 | 中兴通讯股份有限公司 | Authentication method and device of mobile terminal |
| WO2012055297A1 (en) * | 2010-10-28 | 2012-05-03 | 中兴通讯股份有限公司 | Authentication method and device of mobile terminal |
| CN102256213A (en) * | 2011-06-29 | 2011-11-23 | 中兴通讯股份有限公司 | Communication method and terminal of global open trunking architecture communication system |
| CN104427496A (en) * | 2013-08-29 | 2015-03-18 | 成都鼎桥通信技术有限公司 | TD-LTE cluster communication system encryption transmission method, device and system |
| CN104427496B (en) * | 2013-08-29 | 2018-06-26 | 成都鼎桥通信技术有限公司 | TD-LTE trunked communication systems encrypted transmission method, device and system |
| CN104539428A (en) * | 2014-12-30 | 2015-04-22 | 成都三零瑞通移动通信有限公司 | Dynamic restructuring method in cluster encryption communication |
| CN104539428B (en) * | 2014-12-30 | 2017-11-21 | 成都三零瑞通移动通信有限公司 | Dynamic reconfiguration method in a kind of cluster coded communication |
| WO2017012425A1 (en) * | 2015-07-17 | 2017-01-26 | 中兴通讯股份有限公司 | Method for managing shared channel of broadband cluster system, system, terminal and base station |
| CN106998550A (en) * | 2016-01-25 | 2017-08-01 | 展讯通信(上海)有限公司 | The update method and device of the group root key of cluster multi call |
| CN106998550B (en) * | 2016-01-25 | 2019-12-03 | 展讯通信(上海)有限公司 | The update method and device of the group root key of cluster multi call |
| CN106454757A (en) * | 2016-11-23 | 2017-02-22 | 北京坦达信息科技有限公司 | Communication encryption and decryption method for wireless broadband network |
| CN107277808A (en) * | 2017-07-27 | 2017-10-20 | 中兴软创科技股份有限公司 | A kind of method that wireless terminal accesses wireless network using independent dynamic key |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100518346C (en) | 2009-07-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100518346C (en) | CDMA standard group system key distributuion and dynamic updating method | |
| CN102291680B (en) | Encrypted group calling method based on long term evolution (TD-LTE) trunking communication system | |
| CN101137123B (en) | Encrypted group calling, individual calling, and dynamic restructuring call implementing method of cluster system | |
| CN1937489A (en) | Network key management and session key updating method | |
| CN103179558B (en) | Group system group exhales encryption implementation method and system | |
| CN108540436B (en) | Communication system and communication method for realizing information encryption and decryption transmission based on quantum network | |
| CN106452741A (en) | Communication system for realizing information encryption/decryption transmission based on quantum network and communication method | |
| CN101009553A (en) | Secret key safety method and system for realizing multi-network integration mobile multi-media broadcasting system | |
| CN1249587A (en) | Method for mutual authentication and cryptographic key agreement | |
| CN101136742A (en) | Packet key synchronization, updating, and calibration method | |
| CN101800943A (en) | Multicasting key negotiation method and system suitable for group calling system | |
| KR20100087023A (en) | End-to-end encrypted communication | |
| CN102843675A (en) | Cluster call voice encryption method, terminal and system | |
| CN103369523A (en) | Method for improving cluster downlink safety | |
| CN101651944B (en) | Cluster system and encrypted communication method | |
| CN100466770C (en) | Method for realizing end-to-end encrypting call in cluster system | |
| CN100484266C (en) | Method for mobile terminal using content of service of broadcast/multicast | |
| CN100571133C (en) | The implementation method of media flow security transmission | |
| CN101459875A (en) | A method for security handling in a wireless access system supporting multicast broadcast services | |
| US20150200779A1 (en) | Method, System, And Terminal For Communication Between Cluster System Encryption Terminal And Encryption Module | |
| CN103634744A (en) | Cluster group call end-to-end encryption realization method | |
| CN100581283C (en) | Cipher management method suitable for multimedia broadcasting and multcast service | |
| CN101128033B (en) | Method for changing encryption algorithm in relocation | |
| CN100387091C (en) | Method of carrying out fast calling setup | |
| JP2872197B2 (en) | Mobile communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090722 Termination date: 20180215 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |