CN101047978A - Method for updating key in user's set - Google Patents
Method for updating key in user's set Download PDFInfo
- Publication number
- CN101047978A CN101047978A CNA2006100734570A CN200610073457A CN101047978A CN 101047978 A CN101047978 A CN 101047978A CN A2006100734570 A CNA2006100734570 A CN A2006100734570A CN 200610073457 A CN200610073457 A CN 200610073457A CN 101047978 A CN101047978 A CN 101047978A
- Authority
- CN
- China
- Prior art keywords
- key
- key updating
- base station
- message
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a method of updating the key of user device, including: A. base station judges whether it' s time for key to update, and if is, sends the information of update request to UE, B. when receiving the information, UE updates the key and returns the information of success or failure. The invention uses the means that UE and SK in base station protect the process of sending updated key to achieve the update of key in user' s equipment, resolving the problems of large information capacity and cumbersome process.
Description
Technical field
The present invention relates to the key updating technology, refer in particular to and a kind of key of user device is carried out method for updating.
Background technology
Along with the sharp increase of IP-based business and flow, this access technology of 3GPP can not adapt to this variation gradually.Correspondingly, WLAN, WiMax (Worldwide Interoperability forMicrowave Access; Micro-wave access global inter communication) etc. access technology begins to rise, and the 3GPP network has been caused direct threat.In order to guarantee the competitiveness of 3GPP system in following 10 years, 3GPP begins to consider the Long Term Evolution problem to the 3GPP network access technique, especially the packet-switch technology that realizes in the 3GPP system is strengthened, so that the 3GPP connecting system is all maintaining the leading position aspect performance and the cost.The network evolution of 3GPP comprises the minimizing time delay, improves user data rate, improves power system capacity and aspects such as coverage rate, minimizing operator cost.In addition, because IP-based 3GPP business may be provided by different access technologies, therefore, in network evolution, also be an important aspect to seamless mobility Study on Mechanism between the support different access networks.
For the target of the network evolution that reaches 3GPP effectively, the inner thought that has proposed to simplify the RAN structure of 3GPP RAN group.In simple terms, be exactly with the RNC knot removal, RAN has only node of ENodeB, and encryption that the RNC node is finished and integrity protection function are put on the ENodeB to be finished.Therefore carry out on the entity that the encryption finished of RNC node and integrity protection function just need be put into other.As shown in Figure 1, be the security architecture of a kind of key structure of the prior art, for the consideration of secure context, the CK in this structure, IK, SK and these keys of Master Key all need the notion of lifetime, when the lifetime exhausts, need upgrade these keys.
In the prior art, the generation of these keys is to adopt following steps:
After the ownership aaa server initial authentication of a, UE and network finished, UE and aaa server obtained key MSK.
B, UE and aaa server be based on the identity of SN-C, and the algorithm computation by safety obtains Masterkey.In actual applications, Master key usually and MSK be same key.
C, aaa server send to SN-C with Master key, and wherein the transmission of Master Key is to be protected by security association pre-configured between SN-C and the base station BS.
D, UE and SN-C be according to the identity of BS, and the algorithm computation by safety obtains SK.
The safe lane that e, SN-C set up SK in advance by SN-C and BS, the BS that sends to correspondence of safety, UE and BS have obtained SK like this, can derive encryption key CK and integrity protection key IK according to SK, carry out corresponding safety operation.
And when life cycle finishes, generally be UE by with network in aaa server authenticate the renewal of carrying out key (CK and IK) again.This update mode makes the information processing capacity of the aaa server in the network very big, and key updating process is very loaded down with trivial details.
Summary of the invention
The invention provides and a kind of key of user device is carried out method for updating, exist the key updating information processing capacity big in order to solve in the prior art, the problem that renewal process is loaded down with trivial details.
The inventive method comprises:
A, base station judge whether cipher code renewal time arrives; When cipher code renewal time arrives, send the key updating request message to user equipment (UE);
B, UE upgrade local key after receiving the key updating request message that the base station sends, and return and upgrade success or failure response message.
Described cipher code renewal time is meant that the life cycle of key exhausts constantly, or exhausts a setting-up time before for the life cycle of key.
Carry fresh parameter in the key updating request message described in the steps A, described fresh parameter is set point or the random value relevant with the current time at random.
Described key updating request message also comprises: the preventing playback attack parameter.
Described key updating request message also comprises: corresponding with the request updating type carries out the parameter of key derivation according to SK.
Described preventing playback attack parameter adopts sequence number mechanism or timestamp mechanism.
Described step B comprises:
The key updating solicited message that B1, UE send the base station is carried out the accuracy checking;
After B2, checking were passed through, UE called key SK and utilizes described fresh parameter to derive more new key, and returned and upgrade successful response message.
Described steps A comprises:
More new key is derived in A1, base station, calls SK new key is more encrypted, and sends renewal key updating request message after carrying encryption to UE;
Described step B comprises:
The key updating solicited message that b1, UE send the base station is carried out the accuracy checking;
After b2, checking were passed through, UE called key SK and decrypts described more new key, and returns success response message.
In the described steps A 1, carry fresh parameter in the renewal cipher key derivation procedure of base station.
Described step B1 or step b1 comprise:
The integrality of B11, UE checking update inquiry information;
B12, integrity checking pass through, and UE carries out anti-replay detection according to the preventing playback attack parameter to update inquiry information;
B13, anti-replay detection pass through, and carry out described key updating.
In step B13, as anti-replay detection failure, UE sends key updating request failure response message to the base station.
Described key updating request failure response message comprises the reason of upgrading failure, also comprises to make the parameter that can normally move anti-playback protection mechanism between base station and the UE again.
Also comprise in the described key updating request message: the request updating type.
Comprise among described step B1 or the step b1:
B10, judge the key updating content according to the described request updating type;
The integrality of b11, UE checking update inquiry information;
B12, integrity checking pass through, and UE carries out anti-replay detection according to the preventing playback attack parameter to update inquiry information;
B13, anti-replay detection pass through, and carry out described key updating.
In step b13, as anti-replay detection failure, UE sends key updating request failure response message to the base station.
Described key updating request failure response message comprises the reason of upgrading failure, also comprises to make the parameter that can normally move anti-playback protection mechanism between base station and the UE again.
Described key updating request comprises that also the base station utilizes the check code of SK or renewal cipher key calculation key updating request message;
In step B2 or b2, comprise described identifying code in the key updating success response message that UE sends, described check code draws according to SK or renewal cipher key calculation.
Beneficial effect of the present invention is as follows:
SK among method call UE of the present invention and the BS protects more that the mode of new key process of transmitting realizes key updating in the subscriber equipment, and it is big to have solved prior art intermediate key lastest imformation treating capacity, the problem that renewal process is loaded down with trivial details.
Description of drawings
Fig. 1 is the key structure figure of prior art;
Fig. 2 A and Fig. 2 B are the key updating process schematic diagram of embodiments of the invention one;
Fig. 3 A and Fig. 3 B are the key updating process schematic diagram of embodiments of the invention two.
Embodiment
Embodiment one
The present invention proposes a kind of key of user device to be carried out method for updating, comprising:
A, base station judge whether cipher code renewal time arrives; When cipher code renewal time arrives, send the key updating request message to user equipment (UE);
B, UE upgrade local key after receiving the key updating request message that the base station sends, and return and upgrade success or failure response message.
In the present invention, described cipher code renewal time is meant that the life cycle of key exhausts constantly, or exhausts a setting-up time before for the life cycle of key.
Carry fresh parameter in the key updating request message described in the steps A, described freshness parameter is set point or the random value relevant with the current time at random.
Be depicted as a specific embodiment of the present invention as Fig. 2 A, the present invention be explained as follows with reference to this embodiment:
1, BS sends the key updating request message to UE, comprise in the key updating request message that wherein BS sent and corresponding with the request updating type guarantee that according to the derive parameters R RP of the parameter (pare1 ‖ ... ‖ paran) obtain CK or IK and preventing playback attack and one of SK the parameter F resh of the freshness of the CKn that generates and IKn, described freshness parameter are set point or the random value relevant with the current time at random.In the present embodiment, update inquiry information can also comprise that request updating type TOR and according to SK derive corresponding with the request updating type obtain the parameter (pare1 ‖ ... ‖ paran) of CK or IK, wherein updating type TOR is the sign to key updating method, if only support a kind of key updating method in the whole network, this parameter can be omitted so, do not need to send, when whole network has multiple key updating method, need to send this updating type parameter and upgrade.In the present embodiment, this update request also comprises Message Authentication Code MAC simultaneously, UE can be in derivation, think whether this key updating request message that this identifying code MAC checks that BS sends is complete, in the present embodiment, the key that calculates identifying code MAC can use the SK of BS end, also can use the IK of renewal, if using new IK to calculate the key of MAC, BS is sending the IK that will derive and make new advances before the key updating request, the relevant this mode that obtains the key of MAC is described in detail in embodiment two, does not repeat them here.
In addition in the present embodiment, the update request of CK and IK can initiatively be initiated by BS, and the information that also can be BS be sent by the UE that receives and triggering is sent the key updating request to UE.
2, UE receives the key updating instruction of BS, the instruction that receives is carried out the authentication of accuracy, UE judges renewal or the renewal of IK or the renewal of CK and IK that this key updating message is CK according to update request type TOR, call the SK that stores among the UE then, by SK the property finished of key updating message is checked, the inspection of this integrality can adopt mode commonly used in the prior art to carry out, and at this it is repeated no more; After UE finishes to the integrity checking of this message, what UE utilized RRP parameter in the message that receives again carries out anti-replay detection to message, can adopt sequence number mechanism or timestamp mechanism to realize anti-replay detection by this RRP parameter, determine the accurate of message;
In the method for the invention, when UE failed to the integrity checking of key updating message, UE can comprise in this key updating request failure response and upgrade the reason of failing sending key updating request failure response to BS notice key updating failure; When UE fails to the anti-replay detection of key updating message; UE can send key updating request failure response to BS notice key updating failure; can comprise the reason of upgrading failure in this key updating request failure response, can also comprise some and make the parameter that normally to move anti-playback protection mechanism between BS and the UE again.In this embodiment, if anti-replay mechanism is to use sequence number, UE also comprises the parameter that can make sequence number synchronization in the key updating failure that BS transmits.In the present embodiment, this key updating request failure response need utilize SK to carry out integrity protection.
If after the anti-replay detection success of 3 UE to key updating message, the parameter F resh during UE instructs according to the key updating that receives etc. obtain new CKn and IKn by the SK derivation, the derivation of this key can adopt existing techniques in realizing.Finish key updating in the subscriber equipment.
4, after UE carried out the key updating success, UE sent to BS with key updating request success response, indication BS key updating success.UE need carry out integrity protection to this response when sending this key updating request success response.This integrity protection can use the IK of SK or renewal to protect.
5, after BS receives the response message of the key updating success that UE sends, the message that receives is carried out integrity checking, if the integrity checking success, then CK and IK success are upgraded in explanation.Integrity checking wherein is identical with the foregoing description mode, no longer gives unnecessary details at this.
In the present embodiment, so that being updated to example, the CK in the subscriber equipment and IK made explanation, in fact, in use also can upgrade respectively for the CK in the subscriber equipment or IK, when only having IK between UE and the BS, the update method of IK is identical with above-mentioned method, and just in the method for Fig. 2 A, UE only needs to obtain IK according to the information inference in the key updating request; When only having CK between UE and the BS, the update method of CK is identical with above-mentioned method, just in the method for Fig. 2 A, UE only needs to obtain CK according to the information inference in the key updating request, and the MAC value in the key updating request can utilize SK or CK to calculate.
UE described in the embodiments of the invention is made up of ME and UICC two parts, and storage master key, SK, CK and IK only store CK and IK among the UICC among the ME.Storage SK and CK, IK among the BS.When carrying out key updating, Master key does not send to BS.BS and ME upgrade CK and IK according to SK.
Wherein when carrying out the message accuracy inspection, because ME can't verify the correctness of message, ME handles forwards to UICC, shown in Fig. 2 B, carries out following inspection step by UE and UICC:
3a, UICC are according to the TOR renewal that to judge this key updating message be CK and IK.UICC utilizes the integrality of SK checking message.After integrity verification passed through, UICC utilized the SQN that receives in the message that message is carried out anti-replay detection.After the anti-replay detection success, the parameter F resh in the UICC basis message that receives etc. obtain new CKn and IKn by the SK derivation.UICC carried out for the 5th step.
If the integrity checking failure of 3b 3a in the step, then UICC sends failure response to ME, and indication is upgraded the former of failure because the integrity verification mistake in the failure response.If the anti-replay detection failure of 3a in the step, UICC sends failure response to ME, and indication is upgraded the former of failure because anti-replay detection failure in the failure response.Comprise in this failure response that UICC generates, can be so that the synchronous again message of RRP.
After ME received failure response, if failure cause is the integrity verification failure, then ME did not do any response to BS.If failure cause is the anti-protection failure of resetting, ME generates UICC so, can be so that the synchronous again message of RRP sends to BS.
UICC sends to ME with CKn and the IKn that upgrades.
The described method of present embodiment, can send the key updating instruction by BS, the key SK that adopts UE to have, by upgrading key of user device or/and add the freshness parameter in the process that IK derives carrying out CK, this method flow process easy to use is simple, can overcome the defective that exists in the prior art.
Embodiment two
Shown in figure 3A and Fig. 3 B, same as the previously described embodiments in the present embodiment, described UE is made up of ME and UICC two parts, and storage master key, SK, CK and IK only store CK and IK among the UICC among the ME; Storage SK and CK, IK among the BS.When carrying out the key updating of subscriber equipment, BS and ME upgrade CK and IK according to SK.
In this embodiment, the key updating request can initiatively be initiated by BS, and the information that also can be BS send according to UE triggers and makes BS send the key updating request to UE, carries out CK in the subscriber equipment and the key updating of IK.
1, in the present embodiment, BS is before UE sends the key updating request, BS at first will derive according to SK and obtain new CKn and IKn, can have a fresh parameter to participate in carrying out new CKn and IKn derivation, and is different with the local key of a last life in the cycle to guarantee the key that upgrades.In the present embodiment, BS comprises a parameters R RP that can resist Replay Attack in the key updating request that UE sends, the type TOR parameter that can also comprise a update request, this updating type TOR is the sign of key updating method, if only support a kind of key updating method in the whole network, this parameter can be omitted so, does not need to send; If there is multiple key updating method of the present invention in the whole network, can adopts when sending update inquiry information and carry type TOR parameter, so that in key updating, determine key updating method.BS places it in the key updating message and sends UE to after utilizing new CKn that SK will derive according to the freshness parameter and IKn to encrypt.In the present embodiment, BS utilizes the MAC value of SK computation key update request, and the MAC value also is attached to together sends to UE in the message.
2, ME can't verify the correctness of message, and ME handles forwards to UICC.
3a.UICC according to the TOR renewal that to judge this key updating message be CK and IK, UICC utilizes the integrality of SK checking message; After integrity verification passed through, UICC utilized the RRP parameter that receives in the message that message is carried out anti-replay detection.After the anti-replay detection success, UICC utilizes the SK deciphering to obtain new CKn and IKn.Next UICC carried out for the 5th step.
If 3b. the integrity checking failure of 3a in the step, then UICC sends failure response to ME, indication is upgraded the former of failure because the integrity verification mistake in the failure response; If the anti-replay detection failure of 3a in the step, UICC sends failure response to ME, and indication is upgraded the former of failure because anti-replay detection failure in the failure response.Comprise in this failure response that UICC generates, can be so that the synchronous again information of RRP.
4b.ME after receiving failure response, if failure cause is the integrity verification failure, then ME does not do any response to BS; If failure cause is the anti-protection failure of resetting, ME makes the synchronous again message of RRP send to BS the key updating failure response that UICC generates so.
5.UICC new CKn and IKn after will deciphering send to ME.
6.ME send the key updating success response to BS, should comprise MAC in this key updating success response, the MAC that ME sends utilizes the IKn after upgrading to calculate.
In the present embodiment, when UE failed to the integrity checking of key updating message, UE can send key updating request failure response to BS notice key updating failure, can comprise the reason of upgrading failure in this key updating request failure response.When UE fails to the anti-replay detection of key updating message; UE can send key updating request failure response to BS notice key updating failure; can comprise the reason of upgrading failure in this key updating request failure response, can also comprise some and make the parameter that normally to move anti-playback protection mechanism between BS and the UE again.If use the anti-replay mechanism of sequence number, should in this message, comprise the parameter that can make sequence number synchronization so.Key updating request failure response need utilize SK to carry out sending to BS again behind the integrity protection.
After UE carried out the key updating success, UE sent key updating request success response to BS, indication BS key updating success; Need carry out integrity protection to this key updating request success response, integrity protection can use SK or new IK to protect.After BS receives this message, carry out integrity checking, if the integrity checking success, then CK and IK success are upgraded in explanation.
In the present embodiment, when only having IK between UE and the BS, the update method of IK is identical with above-mentioned method, only needs to use SK to encrypt IK in the key updating request, and UE also only needs to utilize the SK deciphering just can obtain IK.When only having CK between UE and the BS, the update method of CK is identical with above-mentioned method, only needs to use SK to encrypt CK in the key updating request, and UE also only needs to utilize the SK deciphering to obtain IK.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (17)
1, a kind of key of user device is carried out method for updating, it is characterized in that, comprising:
A, base station judge whether cipher code renewal time arrives; When cipher code renewal time arrives, send the key updating request message to user equipment (UE);
B, UE upgrade local key after receiving the key updating request message that the base station sends, and return and upgrade success or failure response message.
2, method according to claim 1 is characterized in that, described cipher code renewal time is meant that the life cycle of key exhausts constantly, or exhausts a setting-up time before for the life cycle of key.
3, method according to claim 1 is characterized in that, carries fresh parameter in the key updating request message described in the steps A, and described fresh parameter is set point or the random value relevant with the current time at random.
4, method according to claim 3 is characterized in that, described key updating request message also comprises: the preventing playback attack parameter.
5, method according to claim 4 is characterized in that, described key updating request message also comprises: corresponding with the request updating type carries out the parameter of key derivation according to SK.
6, method according to claim 5 is characterized in that, described preventing playback attack parameter adopts sequence number mechanism or timestamp mechanism.
7, method according to claim 5 is characterized in that, described step B comprises:
The key updating solicited message that B1, UE send the base station is carried out the accuracy checking;
After B2, checking were passed through, UE called key SK and utilizes described fresh parameter to derive more new key, and returned and upgrade successful response message.
8, method according to claim 4 is characterized in that, described steps A comprises:
More new key is derived in A1, base station, calls SK new key is more encrypted, and sends renewal key updating request message after carrying encryption to UE;
Described step B comprises:
The key updating solicited message that b1, UE send the base station is carried out the accuracy checking;
After b2, checking were passed through, UE called key SK and decrypts described more new key, and returns success response message.
9, method according to claim 8 is characterized in that, in the described steps A 1, carries fresh parameter in the renewal cipher key derivation procedure of base station.
According to claim 7 or 8 described methods, it is characterized in that 10, described step B1 or step b1 comprise:
The integrality of B11, UE checking update inquiry information;
B12, integrity checking pass through, and UE carries out anti-replay detection according to the preventing playback attack parameter to update inquiry information;
B13, anti-replay detection pass through, and carry out described key updating.
11, method according to claim 10 is characterized in that, in step B13, as anti-replay detection failure, UE sends key updating request failure response message to the base station.
12, method according to claim 11 is characterized in that, described key updating request failure response message comprises the reason of upgrading failure, also comprises to make the parameter that can normally move anti-playback protection mechanism between base station and the UE again.
13, method according to claim 5 is characterized in that, also comprises in the described key updating request message: the request updating type.
14, method according to claim 13 is characterized in that, comprises among described step B1 or the step b1:
B10, judge the key updating content according to the described request updating type;
The integrality of b11, UE checking update inquiry information;
B12, integrity checking pass through, and UE carries out anti-replay detection according to the preventing playback attack parameter to update inquiry information;
B13, anti-replay detection pass through, and carry out described key updating.
15, method according to claim 14 is characterized in that, in step b13, as anti-replay detection failure, UE sends key updating request failure response message to the base station.
16, method according to claim 15 is characterized in that, described key updating request failure response message comprises the reason of upgrading failure, also comprises to make the parameter that can normally move anti-playback protection mechanism between base station and the UE again.
17, according to claim 7 or 8 described methods, it is characterized in that,
Described key updating request comprises that also the base station utilizes the check code of SK or renewal cipher key calculation key updating request message;
In step B2 or b2, comprise described identifying code in the key updating success response message that UE sends, described check code draws according to SK or renewal cipher key calculation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100734570A CN101047978A (en) | 2006-03-27 | 2006-03-27 | Method for updating key in user's set |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100734570A CN101047978A (en) | 2006-03-27 | 2006-03-27 | Method for updating key in user's set |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101047978A true CN101047978A (en) | 2007-10-03 |
Family
ID=38772099
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2006100734570A Pending CN101047978A (en) | 2006-03-27 | 2006-03-27 | Method for updating key in user's set |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101047978A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101631307A (en) * | 2009-08-25 | 2010-01-20 | 中兴通讯股份有限公司 | Empty password refreshing method and system for wireless communication system |
| CN101938497A (en) * | 2010-09-26 | 2011-01-05 | 深圳大学 | Multistage security file structure as well as file access control and secret key management user terminal, service terminal, system and method thereof |
| CN102047631A (en) * | 2008-05-27 | 2011-05-04 | 高通股份有限公司 | Methods and systems for maintaining security keys for wireless communication |
| CN102379137A (en) * | 2009-04-20 | 2012-03-14 | 华为技术有限公司 | Processing method, device and system for message integrity protection checking failure |
| CN101516090B (en) * | 2008-02-20 | 2013-09-11 | 华为技术有限公司 | Network authentication communication method and mesh network system |
| CN104579694A (en) * | 2015-02-09 | 2015-04-29 | 浙江大学 | Identity authentication method and system |
| WO2015113207A1 (en) * | 2014-01-28 | 2015-08-06 | 华为技术有限公司 | Security password changing method, base station, and user equipment |
| CN105933112A (en) * | 2016-06-01 | 2016-09-07 | 深圳市证通电子股份有限公司 | Secret key update method and device of unattended terminal |
| CN107292618A (en) * | 2016-04-11 | 2017-10-24 | 阿里巴巴集团控股有限公司 | Ciphertext data change the treating method and apparatus of close failure in database |
| CN107483883A (en) * | 2017-07-19 | 2017-12-15 | 中标慧安信息技术股份有限公司 | A kind of method and device of intelligent data interaction |
| CN109039615A (en) * | 2018-10-15 | 2018-12-18 | 北京天融信网络安全技术有限公司 | Utilize the method and relevant device and storage medium of SSL VPN agreement acquisition quantum key |
| CN109803456A (en) * | 2017-11-16 | 2019-05-24 | 华为技术有限公司 | A kind of request restores the method and device of connection |
| CN110999270A (en) * | 2017-08-03 | 2020-04-10 | IPCom两合公司 | User equipment adapted to send service authentication messages |
| CN111064571A (en) * | 2020-01-09 | 2020-04-24 | 青岛海信移动通信技术股份有限公司 | Communication terminal, server and method for dynamically updating pre-shared key |
| WO2021168860A1 (en) * | 2020-02-29 | 2021-09-02 | 华为技术有限公司 | Method for updating key and related device |
-
2006
- 2006-03-27 CN CNA2006100734570A patent/CN101047978A/en active Pending
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101516090B (en) * | 2008-02-20 | 2013-09-11 | 华为技术有限公司 | Network authentication communication method and mesh network system |
| CN102047631A (en) * | 2008-05-27 | 2011-05-04 | 高通股份有限公司 | Methods and systems for maintaining security keys for wireless communication |
| CN102047631B (en) * | 2008-05-27 | 2013-11-06 | 高通股份有限公司 | Methods and systems for maintaining security keys for wireless communication |
| CN102379137A (en) * | 2009-04-20 | 2012-03-14 | 华为技术有限公司 | Processing method, device and system for message integrity protection checking failure |
| CN101631307A (en) * | 2009-08-25 | 2010-01-20 | 中兴通讯股份有限公司 | Empty password refreshing method and system for wireless communication system |
| CN101938497B (en) * | 2010-09-26 | 2013-01-30 | 深圳大学 | Multistage security file structure as well as file access control and secret key management user terminal, service terminal, system and method thereof |
| CN101938497A (en) * | 2010-09-26 | 2011-01-05 | 深圳大学 | Multistage security file structure as well as file access control and secret key management user terminal, service terminal, system and method thereof |
| WO2015113207A1 (en) * | 2014-01-28 | 2015-08-06 | 华为技术有限公司 | Security password changing method, base station, and user equipment |
| CN105103517A (en) * | 2014-01-28 | 2015-11-25 | 华为技术有限公司 | Security password changing method, base station, and user equipment |
| CN105103517B (en) * | 2014-01-28 | 2019-04-05 | 华为技术有限公司 | A kind of security key change method and base station and user equipment |
| US10855461B2 (en) | 2014-01-28 | 2020-12-01 | Huawei Technologies Co., Ltd. | Security key change method, base station, and user equipment |
| CN104579694A (en) * | 2015-02-09 | 2015-04-29 | 浙江大学 | Identity authentication method and system |
| CN104579694B (en) * | 2015-02-09 | 2018-09-14 | 浙江大学 | A kind of identity identifying method and system |
| CN107292618A (en) * | 2016-04-11 | 2017-10-24 | 阿里巴巴集团控股有限公司 | Ciphertext data change the treating method and apparatus of close failure in database |
| US10884862B2 (en) | 2016-04-11 | 2021-01-05 | Advanced New Technologies Co., Ltd. | Method and apparatus for processing failure of cipher change of ciphertext in database |
| CN105933112B (en) * | 2016-06-01 | 2020-04-21 | 深圳市证通电子股份有限公司 | Key updating method and device for unattended terminal |
| CN105933112A (en) * | 2016-06-01 | 2016-09-07 | 深圳市证通电子股份有限公司 | Secret key update method and device of unattended terminal |
| CN107483883A (en) * | 2017-07-19 | 2017-12-15 | 中标慧安信息技术股份有限公司 | A kind of method and device of intelligent data interaction |
| CN107483883B (en) * | 2017-07-19 | 2019-12-20 | 中标慧安信息技术股份有限公司 | Intelligent data interaction method and device |
| CN110999270A (en) * | 2017-08-03 | 2020-04-10 | IPCom两合公司 | User equipment adapted to send service authentication messages |
| CN110999270B (en) * | 2017-08-03 | 2022-07-08 | IPCom两合公司 | User equipment adapted to send service authentication messages |
| CN109803456A (en) * | 2017-11-16 | 2019-05-24 | 华为技术有限公司 | A kind of request restores the method and device of connection |
| CN109803456B (en) * | 2017-11-16 | 2021-05-11 | 华为技术有限公司 | Method and device for requesting to recover connection |
| CN109039615A (en) * | 2018-10-15 | 2018-12-18 | 北京天融信网络安全技术有限公司 | Utilize the method and relevant device and storage medium of SSL VPN agreement acquisition quantum key |
| CN111064571A (en) * | 2020-01-09 | 2020-04-24 | 青岛海信移动通信技术股份有限公司 | Communication terminal, server and method for dynamically updating pre-shared key |
| WO2021168860A1 (en) * | 2020-02-29 | 2021-09-02 | 华为技术有限公司 | Method for updating key and related device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101047978A (en) | Method for updating key in user's set | |
| US8855603B2 (en) | Local security key update at a wireless communication device | |
| KR101159441B1 (en) | Methods and apparatuses for enabling non-access stratumnas security in lte mobile units | |
| US9713001B2 (en) | Method and system for generating an identifier of a key | |
| US20110222690A1 (en) | Method and system for deriving keys | |
| US11381964B2 (en) | Cellular network authentication control | |
| CN1857024A (en) | Enhanced security design for cryptography in mobile communication systems | |
| CN1819698A (en) | Method for acquring authentication cryptographic key context from object base station | |
| CN1969580A (en) | Security in a mobile communications system | |
| CN102685730B (en) | Method for transmitting context information of user equipment (UE) and mobility management entity (MME) | |
| CN108012266B (en) | Data transmission method and related equipment | |
| EP3700245B1 (en) | Communication method and device | |
| CN1941695A (en) | Method and system for generating and distributing key during initial access network process | |
| CN103402201B (en) | A kind of WiFi-WiMAX heterogeneous wireless network authentication method based on pre-authentication | |
| CN101047505A (en) | Method and system for setting safety connection in network application PUSH service | |
| CN101039181A (en) | Method for preventing service function entity of general authentication framework from attack | |
| CN100346668C (en) | Updating protocal method of secret keys | |
| WO2018137617A1 (en) | Secure small data transmission method and device utilized in mobile network | |
| CN101383702A (en) | Method and system protecting cipher generating parameter in tracing region updating | |
| US20140024344A1 (en) | Mobile communication method, radio base station, mobile management node, and mobile station | |
| CN1885995A (en) | Method for enhancing network security by setting dynamic user identification code | |
| CN1968096A (en) | Synchronous flow optimization method and system | |
| CN101079691A (en) | Method for identifying mobile IP secret key in wireless communication network | |
| CN101034982A (en) | Method and system for processing the user's request in the general authentication framework | |
| CN1968494A (en) | Playback attack prevention method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |