CN101094066A - Method for generating and distributing mobile IP cipher key - Google Patents
Method for generating and distributing mobile IP cipher key Download PDFInfo
- Publication number
- CN101094066A CN101094066A CN 200610093037 CN200610093037A CN101094066A CN 101094066 A CN101094066 A CN 101094066A CN 200610093037 CN200610093037 CN 200610093037 CN 200610093037 A CN200610093037 A CN 200610093037A CN 101094066 A CN101094066 A CN 101094066A
- Authority
- CN
- China
- Prior art keywords
- mobile
- key
- aaa
- home agent
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The method comprises: during authentication process, the authentication, authorization and accounting (AAA) server sends down the key information containing the random number 'fa-ha-nonce' used between the root key and the foreign agent (FA) to the network authentication server; the home agent (HA) gets the mobile IP key correlated to the HA through AAA server; if AAA server doesn't send down the random number 'mn-fa-nonce' used between mobile node (MN) and FA to the network authentication server, then the AAA server sends down said random number to the HA, and informs the network authentication server through FA; according the FA-related random number and/or FA IP address, the FA gets the mobile IP key correlated to the FA from said network authentication server; the MN gets the mobile IP key correlated to the MN from the authentication server.
Description
Technical field
The present invention relates to network safety filed, relate to a kind of generation and distribution method of mobile IP cipher key concretely.
Background technology
Extensive use along with the flourish and wireless network of internet service, mobile subscriber's fail safe has proposed increasing requirement for wireless system: except device authentication, subscription authentication and authorization of service or the like, the foundation of the escape way between wireless user and access point (AP) or base station (BS), the exchange of security information, and BS and authentication person (Authenticator), secret passage between authentication person and the authentication server, exchange of security information or the like all be in the past in dedicated network do not need to consider and the problem that need be paid close attention in a large number at present.
Do not consider other internal units in the Access Network, we will adopt Fig. 1, WiMAX security network infrastructure system shown in Figure 2 (but technology provided by the present invention includes but not limited to the application in the WiMAX system) when technical description subsequently.
What Fig. 1 represented is centralized network architecture system, and under this framework, authentication person (Authenticator) is arranged in different physical entities with BS, has realized the function of authentication person and key publisher (Key Distributor) in authentication person.In BS, realized authentication relay (Authentication Relay) and key recipient's (Key Receiver) function.
What Fig. 2 represented is distributed network architecture system, under this structure, authentication person and BS are arranged in same physical entity, and this entity has been realized authentication person, authentication relay, key publisher (Key Distributor) and key recipient's (Key Receiver) function simultaneously.
The functional interpretation of each network element (comprising logical ne) is as follows among the figure:
BS:
-escape way of BS and terminal (MS) is provided, comprise the compression and the encryption of the data of eating dishes without rice or wine;
-exchange of the security information between BS and the MS is provided.
Authentication person:
-provide agent functionality for MS authentication function
-realize in same-individual physical entity with key publisher (Key Distributor)
Authentication person's relaying:
The relaying of authentication request and response message in-the realization verification process
Key publisher:
-realize in same physical entity with authentication person, provide according to certificate server and MSS between the root key information of equity, produce the air interface key AK that shares between BS and the MSS, and be distributed on the key recipient (Key Receiver).
The key recipient:
-in BS, realize, be used to receive the air interface key AK that produces from key publisher, and derive from other key between BS and the MSS.
In addition, as a complete safe network architecture system, also should comprise the certificate server and the mobile terminal MS of back-end network.
Authentication and authorization charging (AAA) server:
-certificate server mainly is to finish to be MSS authentication function.And by and MSS between the key generting machanism of reaching exchange mutually and produce the key information necessary.Because these information exchanged before setting up escape way, the leakage that the key algorithm that adopts between certificate server and the MSS etc. all must guarantee information does not exert an influence to security mechanism.Major function comprises:
-finish and be MSS authentication function.
-generation and distribution root key information are to authentication person.
-change in user profile, in time notify authentication person and other net element informations to change the consequence that is produced.
MS:
-MS is a mobile subscriber equipment, in security architecture mainly is to initiate authentication, mandate; Produce the needed information of root key with the certificate server exchange; Oneself produces root key; The own generation according to root key eats dishes without rice or wine to go up other key informations of maintaining secrecy needed AK and deriving from.
MIP has following functional entity: mobile node (MN), external agent (FA) and home agent (HA).MN initiates mobile IP (MIP) register requirement via FA to HA.HA receives after the MIP register requirement, and the Care-of Address of MN (CoA) address and home address (HoA) address are mapped, and all destination addresses that later HA receives are that the packet of HoA all is forwarded to the CoA address, are the address of FA among the MIPv4.In order to guarantee fail safe, generally can have authentication extension (AE) in the MIP message.The authentication extension MN-HA-AE between MN and the HA for example, when HA receives a MIP register requirement of carrying MN-HA-AE, HA just needs calculate a local authentication value according to the key information of knowing in advance, compares with the MN-HA-AE that packet carries then.If identical then authentication is passed through, and handle the MIP register requirement; Otherwise refusal is handled this MIP register requirement.
When not having key information in advance between MN and HA, MN can utilize the key information between MN and the AAA, authenticates MIP register requirement this time.
The formula that calculates the MIP login key in the existing WiMAX technology is as follows:
MN-HA-K:H(MIP-RK,”MIP4?MN?HA”,HA-IP);
MN-FA-K:H(MIP-RK,”MN?FA”,FA-IP);
FA-HA-K:H(MIP-RK,”FA?HA”,FA-IP,HA-IP,nonce);
In RFC3957, stipulated following algorithm, can be by random number, the shared cipher key calculation between mobile node sign and mobile node and the AAA:
key=HMAC-SHA1(AAA-key,{Nonce‖MN-ID})
MIP has two kinds of forms in WiMAX: client mobile IP (CMIP) and proxy-mobile IP (PMIP).Terminal for supporting the MIP agreement works under the CMIP pattern, and this moment, mobile node was exactly a portable terminal; On the contrary, for the terminal of not supporting the MIP agreement, create a PMIP-terminal (PMIP-client) entity by network side and be used as the function that mobile node MN realizes MIP.
(1) key of PMIPv4 produces and distribution
In access authentication procedure, AAA produces EMSK (extendible master session key: Extended Master Session Key), calculate mobile IP root key (MIP-RK) then, and derive MN-HA thus, key between MN-FA and the FA-HA (being respectively MN-HA-K, MN-FA-K and FA-HA-K).Then, MN-HA, the secret key encryption between MN-FA and the FA-HA sends to network access server (NAS) according to the method for RFC2868 the 3.5th joint.
Prior art has defined above MN-HA-K (but designate is MN-HA-MIP4-K in MIPv4) simultaneously, MN-FA-K, and the generation formula of FA-HA-K is relevant with following factor:
In the access proof procedure of MS, can produce a key EMSK between MS and the AAA.MS and AAA can go out MIP-RK by the function calculation that defines by EMSK.Key between MN and the HA (MN-HA-K) also can be come out by the function calculation that defines by the IP address (HA-IP) of MIP-RK and home agent; Key between MN and the FA (MN-FA-K) also can be come out by the function calculation that defines by MIP-RK and external agent's IP (FA-IP); Key between FA and the HA (FA-HA-K) also can be by MIP-RK, FA-IP, and HA-IP and a random number are come out by the function calculation that defines.Formula is as follows:
MN-HA-MIP4=H(MIP-RK,”MIP4?MN?HA”|HA-IP)
MN-FA=H(MIP-RK,”MN?FA”|FA-IP)
FA-HA=H(MIP-RK,”FA?HA”|FA-IP|HA-IP|NONCE)
(2) key of CMIPv4 produces and distribution
In access authentication procedure, AAA produces EMSK, calculates MIP-RK then, and derives MN-HA thus, the key between MN-FA and the FA-HA.MN can calculate key between MN-FA and the MN-HA according to FA-IP and HA-IP; NAS then obtains MN-FA, the key between MN-HA and the FA-HA.The key that HA is relevant obtained to the AAA request in the MIP register requirement process in the first time.
But the shortcoming of prior art is:
1) current prior art has just been described the generation formula of MIP key, but the not description of concrete key production process, in AAA process or MIP process; When key produces simultaneously, obtain mechanism and not definition of flow process that key produces needed input parameter in the various process;
2) process prescription is not accurate enough, and can not guarantee that the precondition of each step can both satisfy, and for example calculates MN-HA, during key between MN-FA and the FA-HA, needs the definition related entities how to obtain the process of relevant parameter.
3) under the FA migration situation, target FA can't obtain MN-FA and FA-HA key information, and HA can't upgrade the FA-HA key.
4) and, current prior art has just been described the generation formula of MIP key, be not defined under the situation of re-examination card, therefore FA and HA might cause the mobile IP login request of mobile node to be rejected to the processing of original key and Security Association always.
Summary of the invention
In view of this, the object of the present invention is to provide a kind of generation and distribution method of mobile IP cipher key, produce and distribution procedure to provide concrete key.
To achieve these goals, technical scheme of the present invention is:
A kind of generation of mobile IP cipher key and distribution method is characterized in that:
In the authentication process, the authentication and authorization charging aaa server issue comprise the random number fa-ha-nonce between root key and external agent FA and the home agent HA key information to the network authentication server;
Home agent HA obtains the relevant mobile IP cipher key of home agent by aaa server; If aaa server does not issue random number mn-fa-nonce between mobile node MN and the external agent FA to the network authentication server, then aaa server issues this random number to home agent, and through external agent's informing network authentication server;
The external agent obtains the relevant mobile IP cipher key of FA according to the IP address of FA correlation random number and/or FA from described network authentication server;
Mobile node obtains the relevant mobile IP cipher key of MN from described network authentication server.
Described method specifically comprises the steps:
A. in the authentication process, the authentication and authorization charging aaa server issues key information to the network authentication server, and the network authentication server obtains mobile IP cipher key MN-HA-K between mobile node and the home agent and/or the key MN-AAA-K between mobile node and the aaa server at least according to described key information; Described key information comprises the random number fa-ha-nonce between root key and external agent FA and the home agent HA at least;
B. mobile node is initiated mobile IP login request, is forwarded to home agent HA through external agent FA, carries the authentication extension MN-AAA-AE between MN-HA-AE and/or mobile node and the aaa server in this mobile IP login request;
C. home agent HA receives described mobile IP login request, and ask aaa server to issue the HA relevant key information, with mobile IP cipher key MN-HA-K between acquisition mobile node and the home agent and the mobile IP cipher key FA-HA-K between external agent and the home agent; And when described mobile IP login request is carried MN-HA-AE, verify described MN-HA-AE; If aaa server does not issue random number mn-fa-nonce between mobile node and the external agent to the network authentication server among the step a, then aaa server issues described this random number to home agent, being sent to the external agent by mobile IP registration report, thus the informing network authentication server;
D. home agent sends and carries the register report of MN-HA-AE and FA-HA-AE to external agent FA, after the external agent receives described register report, from mobile IP cipher key MN-FA-K between described network authentication server acquisition mobile node and the external agent and the mobile IP cipher key FA-HA-K between external agent and the home agent, and behind checking FA-HA-AE, transmit the mobile IP registration that carries MN-FA-AE and report to mobile node;
E. mobile node receives the mobile IP registration report, obtains MN-FA-K from described network authentication server, and tests and levy MN-FA-AE.
Described root key comprises one of them of relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK;
Described key information also comprises: mobile IP cipher key MN-HA-K between mobile node and the home agent or the random number mn-ha-nonce between mobile node and the home agent, and/or the key MN-AAA-K between mobile node and the aaa server.
The relevant key information of HA described in the step c comprises: MN-HA-K and FA-HA-K; Perhaps
Relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK three one of them, the random number fa-ha-nonce between MN-HA-K and external agent and the home agent; Perhaps
Relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK three one of them, the random number fa-ha-nonce between random number mn-ha-nonce between mobile node and the home agent and external agent and the home agent.
In the authentication process, the network authentication server sends to AAA to the FA-IP address; Perhaps
At home agent during to AAA request HA relevant key information, with the parameter of outside Agent IP as request.
Described method also comprises:
F. externally after the agency migration, initiate mobile IP login request, obtain target external by described home agent HA from aaa server and act on behalf of mobile IP cipher key TFA-HA-K and TFA correlation random number between TFA and the home agent HA to home agent HA;
G. the TFA correlation random number is sent to the external agent, and notifies described network authentication server, the network authentication server produces the relevant mobile IP cipher key of TFA according to the IP address of described TFA correlation random number or TFA; Mobile node and target external agency obtain the relevant mobile IP cipher key of corresponding TFA from described network authentication server.
Described method also comprises:
Set up each and move Security Association between the IP functional entity.
After re-authenticating authentication, carry out the renewal of mobile IP association key.
Re-authenticating when authentication, produce new key between mobile terminal MS and the aaa server again, this aaa server issue new key information to the network authentication server to produce new MN-HA-K and/or MN-AAA-K; Notify home agent that new authentication has taken place simultaneously;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out step b again to step e.
Re-authenticating when authentication, produce new key between mobile terminal MS and the aaa server again, and this aaa server issue new key information to the network authentication server to produce new MN-HA-K and/or MN-AAA-K;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out described step b again to step e.
After mobile node, external agent and home agent are learnt and re-authenticated authentication, delete the relevant Security Association of existing mobile IP.
The replacement of key is accompanied by the replacement or the foundation of Security Association in mobile IP functional entity.
A kind of generation of mobile IP cipher key and distribution method is characterized in that:
In the authentication process, the authentication and authorization charging aaa server issue comprise the random number fa-ha-nonce between root key and external agent FA and the home agent HA key information to the network authentication server;
Home agent HA obtains the relevant mobile IP cipher key of home agent HA by aaa server; If aaa server does not issue random number mn-fa-nonce between mobile node MN and the external agent FA and/or the random number mn-ha-nonce between mobile node MN and the home agent HA, then aaa server issues described random number to home agent, and notice corresponding mobile IP functional entity;
The external agent obtains the relevant mobile IP cipher key of FA according to the IP address of FA correlation random number and/or FA from described network authentication server;
Mobile node obtains the relevant mobile IP cipher key of MN according to the MN correlation random number.
Described method specifically comprises the steps:
A. in the authentication process, the authentication and authorization charging aaa server issue comprise the random number fa-ha-nonce between root key and external agent FA and the home agent HA key information to the network authentication server;
B. portable terminal is initiated the mobile IP login request carry authentication extension MN-AAA-AE between mobile node and the aaa server, and is forwarded to home agent HA through external agent FA;
C. home agent receives mobile IP login request, request aaa server checking MN-AAA-AE also issues the HA relevant key information, and HA is according to mobile IP cipher key MN-HA-K between described HA relevant key information acquisition mobile node and the home agent and the mobile IP cipher key FA-HA-K between external agent and the home agent; If aaa server does not issue random number mn-ha-nonce between random number mn-fa-nonce between mobile node MN and the external agent FA or mobile node and home agent among the step a, then aaa server issues mn-fa-nonce or mn-ha-nonce to home agent HA, to be sent to corresponding mobile IP functional entity by follow-up mobile IP registration report;
D. home agent sends mobile IP registration and reports to the external agent, and authentication extension MN-HA-AE between mobile node and home agent and the authentication extension FA-HA-AE between external agent and home agent are carried in this mobile IP registration report; After the external agent receives described register report, from mobile IP cipher key MN-FA-K between described network authentication server acquisition mobile node and the external agent and the mobile IP cipher key FA-HA-K between external agent and the home agent, and behind checking FA-HA-AE, transmit the mobile IP registration that carries MN-FA-AE and report to portable terminal;
E. portable terminal receives described mobile IP registration report, obtains MN-HA-K and MN-FA-K according to random number, and verifies corresponding authentication extension.
Described root key comprises: one of them of relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK.
Described HA relevant key information comprises: MN-HA-K and FA-HA-K; Perhaps
Relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK three one of them, the random number fa-ha-nonce between MN-HA-K and external agent and the home agent; Perhaps
Relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK three one of them, the random number fa-ha-nonce between random number mn-ha-nonce between mobile node and the home agent and external agent and the home agent.
Described method also comprises:
In the authentication process, the network authentication server sends to HAAA to the FA-IP address; Perhaps
At home agent during to AAA request HA relevant key information, with the parameter of outside Agent IP as request.
Described method also comprises:
If f. the external agent moves, obtain target external by described home agent HA from aaa server and act on behalf of mobile IP cipher key TFA-HA-K and TFA correlation random number between TFA and the home agent HA, and be notified to corresponding mobile IP functional entity;
G. the external agent obtains the relevant mobile IP cipher key of TFA according to the IP address of described TFA correlation random number or TFA from the network authentication server; Mobile node obtains the relevant mobile IP cipher key of MN according to the MN correlation random number.
Described method also comprises:
Set up each and move Security Association between the IP functional entity.
After re-authenticating authentication, carry out the renewal of mobile IP association key.
When re-authenticating authentication, produce new key between mobile terminal MS and the aaa server again, this aaa server issues new key information to the network authentication server; New authentication has taken place in aaa server notice home agent simultaneously;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out step b again to step e.
When re-authenticating authentication, produce new key between mobile terminal MS and the aaa server again, and this aaa server issues new key information to the network authentication server;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out described step b again to step e.
After mobile node, external agent and home agent are learnt and re-authenticated authentication, delete the relevant Security Association of existing mobile IP.
The replacement of key is accompanied by the replacement or the foundation of Security Association in mobile IP functional entity.
A kind of generation of mobile IP cipher key and distribution method is characterized in that:
A. in the authentication process, portable terminal and authentication and authorization charging server AAA produce the portable terminal association key;
B. portable terminal is initiated the mobile IP login request carry authentication extension MN-AAA-AE between mobile node and the aaa server, and is forwarded to home agent HA through external agent FA;
C. home agent issues the HA relevant key information to HA to aaa server request HA relevant key information behind the aaa server good authentication MN-AAA-AE; If aaa server does not issue random number mn-ha-nonce to portable terminal among the step a, then aaa server issues corresponding random number to home agent;
D. home agent is handled described mobile IP login request, and is forwarded to portable terminal via the external agent, carries MN-HA-AE in this mobile IP login request; If aaa server does not issue random number mn-ha-nonce to portable terminal among the step a, then in described register requirement, carry mn-ha-nonce;
E. portable terminal calculates MN-HA-K, and verifies described MN-HA-AE according to random number and by EMSK or the derivative root key of this EMSK.
Described method also comprises:
Set up each and move Security Association between the IP functional entity.
When re-authenticating authentication, produce new key between mobile terminal MS and the aaa server again;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out described step b again to step e.
The replacement of key is accompanied by the replacement or the foundation of Security Association in mobile IP functional entity.
A kind of generation of mobile IP cipher key and distribution method is characterized in that comprising:
A. in the authentication process, authentication and authorization charging server AAA sends key information to the network authentication server;
B. mobile node obtains key PMIP-K between mobile node and the home agent from described network authentication server, and sends the mobile IP login request of carrying PMIP-AE, is forwarded to home agent HA via external agent FA;
C.HA is by obtaining PMIP-K to AAA request key, and sends the mobile IP registration that carries PMIP-AE and report to mobile node.
Described key information comprises: the key PMIP-K between mobile node and the home agent, perhaps
Random number mn-ha-nonce between root key and mobile node and the home agent; Described root key comprises extended master session key EMSK or mobile IP root key MIP-RK.
If the key information that AAA issues comprises the key MN-AAA-K between mobile node and the AAA, then described mobile IP login request is also carried the authentication extension MN-AAA-AE between mobile node and the AAA; And during to AAA request key, verify described authentication extension MN-AAA-AE by AAA at HA.
When re-authenticating authentication, produce new key between mobile terminal MS and the aaa server again;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out described step b again to step c.
Method of the present invention is clear to have provided the relevant key production process of MIP and the distribution procedure of MIP key, has guaranteed the execution of MIP registration process.And provided FA and moved generation and the renewal that reaches again key under the authentication scenario.
Description of drawings
Fig. 1 is a WiMAX security architecture system centralized in the prior art;
Fig. 2 is a distributed WiMAX security architecture system in the prior art;
Fig. 3 a is the complete safe network architecture system based on CMIP;
Fig. 3 b is the complete safe network architecture system based on PMIP;
Fig. 4 is that the key of PMIPv4 does not produce and the distribution flow schematic diagram when not being issued to anchor authentication person in authentication process according to the key between the MN-AAA of the present invention;
Fig. 5 is that the key of PMIPv4 produces and the distribution flow schematic diagram when being issued to anchor authentication person according to the key between the MN-AAA of the present invention in authentication process;
Fig. 6 is that the key of PMIPv4 does not produce and the distribution flow schematic diagram when not producing the FA association key among the present invention;
Fig. 7 is that the key of CMIPv4 produces and the distribution flow schematic diagram when producing the FA association key among the present invention;
Fig. 8 is that the key of CMIPv4 does not produce and the distribution flow schematic diagram when not producing the FA association key among the present invention;
Fig. 9 is that the key of correspondence produced and distribution flow figure when AAA proactive notification HA authenticated again under the CMIP pattern among the present invention;
Figure 10 is that the key of correspondence produced and distribution flow figure when AAA proactive notification HA authenticated again under the PMIP pattern among the present invention;
Figure 11 is that the key of correspondence produced and distribution flow figure when HA proactive notification AAA authenticated again under the CMIP pattern among the present invention;
Figure 12 is that the key of correspondence produced and distribution flow figure when HA proactive notification AAA authenticated again under the CMIP pattern among the present invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, specific embodiments of the invention are elaborated below in conjunction with accompanying drawing.
The present invention is intended to clearly to provide MIP relevant key production process and generation mechanism, and the distribution procedure of MIP key, guarantees the execution of MIP registration process, and provides the FA migration or again in the verification process, related entities can both be upgraded key information safely.
Can carry out the calculating of mobile IP cipher key based on random number among the present invention, and random number is produced by AAA all the time and is issued to network authentication server NAS and/or MS, obtains just can calculating the MIP key according to EMSK/MIP-RK/MIP-FA-RK after the random number (FA-HA-K also needs to learn FA-IP).
The present invention also utilizes the root key of MIP-FA-RK as the special FA of derivation association key, to strengthen internet security.
At first association key among the present invention is described below.
Wherein, MIP-FA-RK be by EMSK directly or derive from indirectly be specifically designed to the root key that produces FA association key (MN-FA-K and FA-HA-K).The described EMSK that is meant indirectly derives MIP-RK earlier, derives from MIP-FA-RK by MIP-RK then.
The formula that derives from MIP-FA-RK can be as follows:
MIP-FA-RK=HMAC-SHA1 (EMSK, " FA ROOT KEY "); Perhaps
MIP-FA-RK=H(EMSK,“FA?ROOT?KEY”);
Below only be that (root key is produced by the EAP process in the access authentication procedure relation that MIP-FA-RK and root key are described as an example, EMSK is a kind of of root key), but its functional form and parameter all are not limited thereto, to one skilled in the art, can be easy to obtain producing the root key of FA association key according to EMSK or MIP-RK.
Calculating for other association key can be exemplified below:
PMIP-K/MN-HA-K:H(MIP-RK,”MN?HA”,mn-ha-nonce);
MN-FA-K:H(MIP-FA-RK,”MN?FA”,mn-fa-nonce);
FA-HA-K:H(fa-ha-nonce,”FA?HA”,FA-IP)。
H is a Hash function in the above formula, illustrate the MIP key how with the random number correspondence, and and MIP-FA-RK between relation.The function that H represents can be SHA-1, MD5, and RIPEMD-128/160, but be not limited to this.
Mn-fa-nonce (random number between the MN-FA) wherein, mn-ha-nonce (random number between the MN-HA), fa-ha-nonce (random number between the FA-HA) produces and issues by aaa server.Here define three random numbers, do not mean that three random numbers must be different mutually.
If do not define MN-FA-RK, so all MIP keys can all be produced by MIP-RK (or EMSK), and the MIP-FA-RK in the above description all can be replaced by MIP-RK.
At specific embodiment the present invention is described respectively below.
The key of embodiment 1:PMIPv4 produces and distribution
Under the PMIPv4 pattern, can be divided into following several situation and describe:
(1) need fail safe to guarantee between the MN-FA and between the FA-HA, and the key of the key between the MN-AAA when not being issued to anchor authentication person in authentication produces and distribution flow:
Fig. 4 as shown in Figure 4, comprises the steps: for key generation and the distribution flow figure of corresponding PMIP when not issuing key between the MN-AAA to anchor authentication person
1. in the authentication process, aaa server with MS authentication process in obtain EMSK after, calculating and preservation EMSK/MIP-FA-RK/MIP-RK and PMIP-K are (optional, PMIP-K is the additional character of MN-HA-K in the PMIP pattern), and issue key information to NAS (this moment, anchor authentication person was as NAS).Aaa server can be deleted EMSK after preserving MIP-FA-RK/MIP-RK.AAA keeps EMSK/MIP-RK/MIP-FA-RK, just can produce the key between random number and derivation HA and the FA/ target FA according to the request of HA.
The data that aaa server is issued to NAS in this step comprise:
PMIP-K (or the random number mn-ha-nonce between MN and the HA), the random number fa-ha-nonce between FA and the HA, and root key (one of them of EMSK, MIP-RK and MIP-FA-RK);
The data that are issued to NAS in addition can also comprise the FA correlation random number, as the random number mn-fa-nonce between MN and the FA.This random number also can issue in follow-up process.
EMSK/MIP-RK/MIP-FA-RK is issued to anchor authentication person in the authentication process, make anchor authentication person can calculate the key between MN-FA and the FA-HA.
If aaa server has issued mn-ha-nonce, anchor authentication person just can calculate PMIP-K by one of EMSK/MIP-RK.Under the PMIP pattern, do not issue and count to MS at random, if issued, MS will ignore this information.
2.PMIP-client ask PMIP-K (and network access Identifier NAI information of MS) to anchor authentication person, set up and the Security Association of HA and produce MN-HA-AE and NAI with it and expand and be attached in the mobile IP login request message, be forwarded to HA by FA.Not additional identification expansion of FA because this moment FA not and MN (PMIP-client) and HA set up Security Association.If random number mn-fa-nonce has been issued to anchor authentication person in the step 1, after mobile IP login request is transmitted, can ask Security Association between MN-FA-K and foundation and HA and the MN (being PMIP-client under the PMIP pattern) to anchor authentication person.
Explanation for the relation of key and Security Association: require corresponding mobile IP entity generally speaking in the needs key, just go for and ask or computation key information; Mobile IP entity can obtain key before really needing key information, but did not represent just to set up at that time Security Association.
Because anchor authentication person, PMIP-client and FA initially are positioned on the same physical entity, what these keys can be safe between them shares.Therefore the response message (K-respond) that returns of key request (K-request) that PMIP-client initiates to anchor authentication person among Fig. 4 and anchor authentication person is inside story, so dot.
3.HA receive after the mobile IP login request PMIP-K/mn-ha-nonce to aaa server request NAI correspondence, EMSK/MIP-RK/MIP-FA-RK/FA-HA-K, and relevant random number mn-fa-nonce and the fa-ha-nonce of FA (directly issued at AAA under the situation of FA-HA-K, can not issue fa-ha-nonce), obtain PMIP-K and FA-HA-K with direct acquisition or by calculating.AAA is handed down to HA to institute's information requested.Because AAA could calculate FA-HA-K according to FA-IP, so AAA is when calculating FA-HA-K, needs that NAS sends to FA-IP AAA or be notified to aaa server by HA when AAA asks key in step 3 in the step 1.
If AAA does not directly issue PMIP-K and FA-HA-K, then HA need calculate PMIP-K and FA-HA-K according to random number.If HA is positioned at visited network, need be by VAAA as the agency, ability and HAAA are mutual.
If aaa server does not issue random number mn-fa-nonce in the step 1, then need in this step 3, issue described random number mn-fa-nonce to HA, with anchor authentication person as described in being notified to by follow-up message (as the mobile IP registration report message).
4. after being PMIP-AE by HA checking MN-HA-AE, if legal, processing register request message.If succeed in registration, send then and carry mn-fa-nonce (if not issuing in the step 1), the MIP register report of MN-HA-AE and FA-HA-AE is given FA.Simultaneously, the Security Association of HA foundation and MN and FA.
5.FA after receiving the MIP register report,, tell random number mn-fa-nonce anchor authentication person to ask to calculate MN-FA-K and FA-HA-K if FA does not also obtain relevant key information (not issuing as random number mn-fa-nonce in the step 1).After obtaining key, verify FA-HA-AE and in the MIP register report of transmitting, carry mn-fa-nonce (optional), MN-FA-AE and MN-HA-AE.Security Association between FA foundation and HA and the MN (should be PMIP-Client under the PMIP pattern).
6. after PMIP-Client receives the MIP register report,, carry mn-fa-nonce and ask MN-FA-K to anchor authentication person if also there is not relevant key information between acquisition and the FA, and checking MN-FA-AE.Security Association between PMIP-client foundation and the FA.At this moment, all key and Security Association are all distributed or are set up and finish.Have only the migration as FA, perhaps key is expired, just need recomputate all or part of key.
7.FA after the migration, can be that proxy-mobile IP miscellaneous function entity (PMIP-Assist-Entity) is asked complete MIP login request message to PMIP-Client, also can be that PMIP-Client itself sends the MIP login request message.This login request message (carry MN-HA-AE, the NAI expansion, according to the requirement of RFC3957, request is about the random number between the MN-FA) be forwarded to HA through TFA.TFA do not have and MN and HA between Security Association.HA is to AAA server request NAI random number corresponding mn-tfa-nonce and TFA-HA-K.Security Association between HA foundation and the TFA.
8.HA behind the checking MN-HA-AE, handle the MIP register requirement,, send the MIP register report and carry TFA-HA-AE and random number mn-tfa-nonce if succeed in registration.After TFA receives MIP register report message, connect and carry new random number mn-tfa-nonce and ask key to anchor authentication person (MN-TFA-K is different from original cipher key and is to have introduced new random number as calculating parameter, TFA-HA-K is different from original cipher key and is to have introduced new TFA-IP address as calculating parameter), and the Security Association of foundation and MN (should be PMIP-Client under the PMIP pattern) and HA.Behind the checking TFA-HA-AE, TFA transmits the MIP register report and carries MN-HA-AE (PMIP-AE) and MN-TFA-AE.
9. if after mobile IP miscellaneous function entity (PMIP-Assist-Entity) receives the MIP register report, need be forwarded to PMIP-Client and require checking, perhaps PMIP-Client directly asks MN-TFA-K to anchor authentication person once more, and verify the Security Association between PMIP-client foundation and the TFA.If there is PMIP-Assist-Entity to participate in, at last the checking result is sent to the access service network gateway (ASN-GW) at the PMIP-Assist-Entity place of binding with FA.
(2) need fail safe to guarantee between the MN-FA and between the FA-HA, and the key of the key between the MN-AAA when being issued to anchor authentication person in authentication produces and distribution flow:
Fig. 5 as shown in Figure 4, comprises the steps: for key generation and the distribution flow figure of corresponding PMIP when issuing key between the MN-AAA to anchor authentication person
1. in the authentication process, AAA with MS authentication process in obtain EMSK after, calculating and preservation EMSK/MIP-FA-RK/MIP-RK and PMIP-K are (optional, PMIP-K is the additional character of MN-HA-K in the PMIP pattern), and issue key information to NAS (anchor authentication person is as NAS in this process).Aaa server can be deleted EMSK after preserving MIP-FA-RK/MIP-RK.The data that aaa server is issued to NAS in this process can comprise:
PMIP-K/mn-ha-nonce, MN-AAA-K, fa-ha-nonce, EMSK/MIP-RK/MIP-FA-RK; The data that are issued to NAS in addition can also comprise random number mn-fa-nonce.This random number also can issue in follow-up process.
If issued mn-ha-nonce, anchor authentication person just can calculate PMIP-K by EMSK or MIP-RK.Under the PMIP pattern, do not issue and count to MS at random, if issued, MS will ignore this information.
2.PMIP-client the NAI information to anchor authentication person asks MN-AAA-K and MS is attached in the mobile IP login request message according to the mode of RFC3957 and with its generation MN-AAA-AE and NAI expansion, is forwarded to HA by FA.Not additional identification expansion of FA because this moment FA not and MN (PMIP-client) and HA set up Security Association.If random number mn-fa-nonce has been issued to anchor authentication person in the step 1, after mobile IP login request was transmitted, FA can ask Security Association between MN-FA-K and foundation and HA and the MN (PMIP-client) to anchor authentication person.
3.HA receive after the mobile IP login request PMIP-K or mn-ha-nonce to aaa server request NAI correspondence, EMSK/MIP-RK/MIP-FA-RK/FA-HA-K, and relevant random number mn-fa-nonce and the fa-ha-nonce (directly issued at AAA under the situation of FA-HA-K, can not issue fa-ha-nonce) of FA.Behind the AAA good authentication MN-AAA-AE, institute's information requested is handed down to HA.If AAA does not directly issue PMIP-K and FA-HA-K, then HA need calculate PMIP-K and FA-HA-K.If HA is positioned at visited network, need be by VAAA as the agency, ability and HAAA are mutual.
If aaa server does not issue random number mn-fa-nonce in the step 1, then need in this step 3, issue described random number mn-fa-nonce to HA, with anchor authentication person as described in being notified to by follow-up message (as the mobile IP registration report message).
After 4.AAA server authentication is passed through, by HA processing register request message.If succeed in registration, send then and carry mn-fa-nonce, the MIP register report of MN-HA-AE and FA-HA-AE is given FA.The Security Association of HA foundation and MN (should be PMIP-Client under the PMIP pattern) and FA.
5.FA after receiving the MIP register report,, tell random number mn-fa-nonce anchor authentication person to ask to calculate MN-FA-K and FA-HA-K if FA does not also obtain relevant key information (not issuing as random number mn-fa-nonce in the step 1).After obtaining key, verify FA-HA-AE and in the MIP register report of transmitting, carry mn-fa-nonce, MN-FA-AE and MN-HA-AE.Security Association between FA foundation and HA and the MN (should be PMIP-Client under the PMIP pattern).
6. after PMIP-Client receives the MIP register report,, carry mn-fa-nonce and ask MN-FA-K to anchor authentication person if also there is not relevant key information (not issuing) between acquisition and the FA as random number mn-fa-nonce in the step 1, and checking MN-FA-AE.Security Association between PMIP-client foundation and the FA.At this moment, all key and Security Association are all distributed or are set up and finish.Have only the migration as FA, perhaps key is expired, just need recomputate all or part of key.
7.FA after the migration, can be that proxy-mobile IP miscellaneous function entity (PMIP-Assist-Entity) is asked complete MIP login request message to PMIP-Client, also can be that PMIP-Client itself sends the MIP login request message.This login request message (carry MN-HA-AE, the NAI expansion, MN-AAA-AE, according to the requirement of RFC3957, request is about the random number between the MN-FA) be forwarded to HA through TFA.TFA do not have and MN and HA between Security Association.HA is to aaa server request NAI random number corresponding mn-tfa-nonce and TFA-HA-K.Security Association between HA foundation and the TFA.
8.HA behind the checking MN-HA-AE, handle the MIP register requirement,, send the MIP register report and carry TFA-HA-AE and random number mn-tfa-nonce if succeed in registration.After TFA receives MIP register report message, connect and carry new random number mn-tfa-nonce and ask key to anchor authentication person, and the Security Association of foundation and MN (should be PMIP-Client under the PMIP pattern) and HA.Behind the checking TFA-HA-AE, TFA transmits the MIP register report and carries MN-HA-AE (PMIP-AE) and MN-TFA-AE.
9. if after mobile IP miscellaneous function entity (PMIP-Assist-Entity) receives the MIP register report, need be forwarded to PMIP-Client and require checking, perhaps PMIP-Client directly asks MN-TFA-K to anchor authentication person once more, and verify the Security Association between PMIP-client foundation and the TFA.If there is PMIP-Assist-Entity to participate in, at last the checking result is sent to the access service network gateway (ASN-GW) at the PMIP-Assist-Entity place of binding with FA.
Key when (three) not producing the FA association key produces and distribution
As shown in Figure 6, specifically comprise the steps:
1.PMIP-K (the perhaps random number mn-ha-nonce between root key EMSK/MIP-RK and MN and the HA) produces in the authentication process and issues, and also can issue MN-AAA-K simultaneously;
2.PMIP client asks PMIP-K to anchor authentication person;
3.PMIP client sends the MIP register requirement of carrying MN-HA-AE, is forwarded to HA via FA; If MN-AAA-K has issued in step 1, then described MIP register requirement can also be carried MN-AAA-AE;
4.HA to HAAA request PMIP-K, if carried MN-AAA-AE in the step 3, HAAA just needs checking MN-AAA-AE earlier, if HA is positioned at visited network, needs VAAA as the agency;
5.HA behind the checking MN-HA-AE, handle the MIP register requirement, if succeed in registration, send mobile IP registration report MIP-RRP (carrying MN-HA-AE), be forwarded to PMIP client via FA.
The key of embodiment 2:CMIPv4 produces and distribution
(1) need the key of the CMIPv4 under the fail safe assurance situation to produce and distribution between the MN-FA and between the FA-HA:
As shown in Figure 7, specifically comprise the steps:
1. in the authentication process, AAA with MS authentication process in obtain EMSK after, calculate and also preserve EMSK/MIP-FA-RK/MIP-RK and MN-HA-K (optional), and be issued to NAS (anchor authentication person is as NAS in this process).The data that aaa server is issued to NAS in this process can comprise: the random number fa-ha-nonce between FA and the HA, EMSK/MIP-RK/MIP-FA-RK.The data that are issued to NAS in addition can also comprise the random number mn-fa-nonce between MN and the FA, and this random number also can issue in follow-up process.
AAA also can be issued to MS to mn correlation random number (mn-ha-nonce and/or mn-fa-nonce) in this process.
If anchor authentication person has attached FA-IP when asking, AAA just can calculate FA-HA-K so.
When MS receive FA act on behalf of broadcast after, MS initiates a MIP register requirement (according to the requirement of RFC3957, request is about the random number between the MN-HA/MN-FA), carries MN-AAA-AE.This MIP register requirement is forwarded to HA via FA.If random number mn-ha-nonce has been issued to MS in the step 1, MS just can calculate MN-HA-K, just can affix MN-HA-AE in register requirement, MS set up and HA between Security Association.
3.HA can't verify MN-AAA-AE, so the aaa server of seeking help.After aaa server checking MN-AAA-AE passes through, if do not produce random number in the step 1, then produce three random numbers and (be designated as mn-fa-nonce, mn-ha-nonce, fa-ha-nonce), and calculate MN-HA-K and FA-HA-K (FA-IP can in step 1, send to AAA or by in the mobile IP login request of HA, carrying) to AAA, and random number (mn-ha-nonce fa-ha-nonce) is issued to HA together.If HA has the ability of calculating mobile IP cipher key, also can (mn-ha-nonce fa-ha-nonce) be handed down to HA, calculates MN-HA-K and FA-HA-K (the IP address of the known FA of HA) by HA together with random number EMSK/MIP-RK.If HA is positioned at visited network, need be by VAAA as the agency, ability and HAAA are mutual.If aaa server does not issue mn-fa-nonce to anchor authentication person or do not issue mobile node correlation random number (mn-ha-nonce and/or mn-fa-nonce) to portable terminal in the step 1, then aaa server issues mn-fa-nonce or mn-ha-nonce to home agent HA, to be sent to anchor authentication person or mobile terminal MS accordingly by follow-up mobile IP registration report;
4.HA receive AAA checking result, after key and the random number,, also need to verify MN-HA-AE if added MN-HA-AE in the step 1, if legal, perhaps add MN-HA-AE, then processing register request message in the step 1.If succeed in registration, HA utilizes the Security Association between MN-HA-K and FA-HA-K foundation and MN and the FA.HA sends the MIP register report to FA, carries random number (mn-fa-nonce, mn-ha-nonce), MN-HA-AE and FA-HA-AE.
5.FA after receiving MIP register report message from HA,, send secret key request message K-Request (the IP address of required key correlation random number and FA) and ask key information to anchor authentication person if FA does not also obtain relevant key information.Anchor authentication person issues FA to the key of being asked as response.FA obtains the Security Association between key (MN-FA-K and FA-HA-K) back foundation and MS and the HA, and the FA-HA-AE of checking MIP report message, and transmission MIP register report (carry mn-fa-nonce and mn-ha-nonce, and MN-HA-AE, MN-FA-AE).
6.MS according to MIP-RK and or MIP-FA-RK and the random number (mn-fa-nonce and mn-ha-nonce) that from the message of MIP register report, obtains calculate MN-FA-K and MN-HA-K, and MN-FA-AE and MN-HA-AE are verified.Security Association between MS foundation and FA and the HA then.Like this, all entities have all obtained due key information and Security Association, have only the migration as FA, and perhaps key is expired, just need recomputate all or part of key.
7. work as FA migration has taken place, MS receives acting on behalf of after the broadcast of TFA, sends MIP register requirement (carry MN-HA-AE, NAI expands, and MN-AAA-AE according to the requirement of RFC3957, asks about the random number between the MN-TFA).TFA receives that this message is transmitted to HA later on.
8.HA finding does not have TFA-HA-K, just to aaa server request random number (mn-tfa-nonce) and TFA-HA-K.HA obtains or calculates the random number (mn-tfa-nonce) that behind the TFA-HA-K AAA is newly produced to send to TFA from AAA, and carries MN-HA-AE and TFA-HA-AE in MIP register report message.Security Association between HA foundation and the TFA.
9.TFA after receiving MIP register report message, directly carrying new random number asks key to anchor authentication person (MN-TFA-K is different from original cipher key and is to have introduced new random number mn-tfa-nonce as calculating parameter, TFA-HA-K is different from original cipher key and is to have introduced new TFA-IP address as calculating parameter, and random number fa-ha-nonce does not need to upgrade) and foundation and MS and HA between Security Association, and checking TFA-HA-AE.MS verifies MN-TFA-AE after receiving and calculating MN-TFA-K behind the mn-tfa-nonce, verifies MN-HA-AE with original MN-HA-K.
Key when (two) not producing the FA association key produces and distribution
As shown in Figure 8, comprise the steps:
1. do not have delivering key in the authentication process, but MS can produce identical MIP-RK with AAA; Optionally, AAA also can be issued to MS to mn correlation random number (mn-ha-nonce) in this process.
2.MS after receiving the FA broadcast, send MIP registration message (carrying MN-AAA-AE), be forwarded to HA by FA; If random number mn-ha-nonce has been issued to MS in the step 1, MS just can calculate MN-HA-K, just can affix MN-HA-AE in register requirement, MS set up and HA between Security Association.
3.HA,, need VAAA as the agency if HA is positioned at visited network to HAAA request MN-HA-K and random number;
4.HA behind the checking MN-HA-AE, handle the MIP register requirement, if succeed in registration, send mobile IP registration report MIP-RRP (carrying random number and MN-HA-AE), be forwarded to MS via FA;
5.MS obtain after the random number, just can calculate MN-HA-K according to MIP-RK, verify MN-HA-AE then.
Embodiment 3: the generation and the distribution of key during the discrimination weight authentication
When re-authenticating authentication, AAA produces random number again, all entity deletion associated safety alliances (perhaps do not delete, and in the follow-up replacement of carrying out Security Association), produce and distributed key information according to step of the present invention again.HA can be to re-authenticate authentication by the AAA proactive notification under PMIP pattern and CMIP pattern, also can be that the MN-AAA-AE from mobile IP login request MIP-RRQ judges.
One, under the CMIP pattern, the key of correspondence produces and distribution during AAA proactive notification HA
As shown in Figure 9, specifically comprise the steps:
1. when re-authenticating authentication, produce new MS association key between mobile terminal MS and the aaa server again; Produce at needs under the situation of FA association key, AAA sends new key information to anchor authentication person, and FA and anchor authentication person are directly mutual by inside story;
2.AAA after producing the MS association key again, authentication has taken place to re-authenticate in proactive notification (for example by authenticating indication Re-Authen-Ind notice again) HA;
3. the mobile IP functional entity of all interventions, learn re-authenticate authentication after, delete the relevant Security Association of original existing mobile IP registration;
4. the new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, thereby reenters (one) the middle step 2 and the subsequent step of embodiment under the CMIP pattern, begins to rebulid Security Association and distributed key.
When not producing the FA association key, key produces and distribution is the further simplification of above-mentioned steps under the CMIP pattern:
When re-authenticating authentication, produce new MS association key between mobile terminal MS and the aaa server again; AAA is after producing the MS association key again, and authentication has taken place to re-authenticate proactive notification HA;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out (two) middle step 2 and the subsequent step thereof of embodiment 2 again.
Two, under the PMIP pattern, the key of correspondence produces and distribution during AAA proactive notification HA
As shown in figure 10, specifically comprise the steps:
1. when re-authenticating authentication, the key that MS is relevant produces again, and AAA sends new key information to anchor authentication person, and FA, PMIP-client and anchor authentication person are directly mutual by inside story;
2.AAA after producing the MS association key again, authentication has taken place to re-authenticate in proactive notification HA;
3. the mobile IP functional entity of all interventions, learn re-authenticate authentication after, delete the relevant Security Association of original existing mobile IP registration;
4. the new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, step afterwards, thus reenter under the PMIP pattern step 2 and subsequent step in the embodiment, begin to rebulid Security Association and distributed key.
When not producing the FA association key, key produces and distribution is the further simplification of above-mentioned steps under the PMIP pattern, is not described in detail at this.
Three, under the CMIP pattern, the key of correspondence produces and distribution during HA proactive notification AAA
As shown in figure 11, specifically comprise the steps:
1. when re-authenticating authentication, produce new MS association key between mobile terminal MS and the aaa server again; Produce at needs under the situation of FA association key, AAA sends new key information to anchor authentication person, and FA and anchor authentication person are directly mutual by inside story;
2.MS the initiation mobile IP login request, and carry MN-AAA-AE, FA transmits the mobile IP login request message of receiving, after HA receives the mobile IP login request message that contains MN-AAA-AE, just knows authentication has taken place to re-authenticate; The mobile IP functional entity of all interventions, learn re-authenticate authentication after, delete the relevant Security Association of original existing mobile IP registration;
3. the new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, thus under newly entering the CMIP pattern step 2 and subsequent step (one) of embodiment, begin to rebulid Security Association and distributed key.
When not producing the FA association key, key produces and distribution is the further simplification of above-mentioned steps under the CMIP pattern, is not described in detail at this.
Four, under the PMIP pattern, the key of correspondence produces and distribution during HA proactive notification AAA
As shown in figure 12, specifically comprise the steps:
1. when re-authenticating authentication, the key that MS is relevant produces again, and AAA sends new key information to anchor authentication person, and FA, PMIP-client and anchor authentication person are directly mutual by inside story;
2.PMIP-client the initiation mobile IP login request, and carry MN-AAA-AE, FA transmits the mobile IP login request message of receiving, after HA receives the mobile IP login request message that contains MN-AAA-AE, just knows authentication has taken place to re-authenticate; The mobile IP functional entity of all interventions, learn re-authenticate authentication after, delete the relevant Security Association of original existing mobile IP registration;
3. the new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, step afterwards, thus reenter under the PMIP pattern step 2 and subsequent step in the embodiment, begin to rebulid Security Association and distributed key.
When not producing the FA association key, key produces and distribution is the further simplification of above-mentioned steps under the PMIP pattern, is not described in detail at this.
In sum, the present invention is clear to have provided relevant key production process and the generation mechanism of MIP, and the distribution procedure of MIP key, guarantees the execution of MIP registration process.And provided FA and moved generation and the renewal that reaches again key under the authentication scenario.
Above embodiment only is used to illustrate the present invention, but not is used to limit the present invention.Within the spirit and principles in the present invention all, any modification of being made, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (32)
1. the generation of a mobile IP cipher key and distribution method is characterized in that:
In the authentication process, the authentication and authorization charging aaa server issue comprise the random number fa-ha-nonce between root key and external agent FA and the home agent HA key information to the network authentication server;
Home agent HA obtains the relevant mobile IP cipher key of home agent by aaa server; If aaa server does not issue random number mn-fa-nonce between mobile node MN and the external agent FA to the network authentication server, then aaa server issues this random number to home agent, and through external agent's informing network authentication server;
The external agent obtains the relevant mobile IP cipher key of FA according to the IP address of FA correlation random number and/or FA from described network authentication server;
Mobile node obtains the relevant mobile IP cipher key of MN from described network authentication server.
2. method according to claim 1 is characterized in that specifically comprising the steps:
A. in the authentication process, the authentication and authorization charging aaa server issues key information to the network authentication server, and the network authentication server obtains mobile IP cipher key MN-HA-K between mobile node and the home agent and/or the key MN-AAA-K between mobile node and the aaa server at least according to described key information; Described key information comprises the random number fa-ha-nonce between root key and external agent FA and the home agent HA at least;
B. mobile node is initiated mobile IP login request, is forwarded to home agent HA through external agent FA, carries the authentication extension MN-AAA-AE between MN-HA-AE and/or mobile node and the aaa server in this mobile IP login request;
C. home agent HA receives described mobile IP login request, and ask aaa server to issue the HA relevant key information, with mobile IP cipher key MN-HA-K between acquisition mobile node and the home agent and the mobile IP cipher key FA-HA-K between external agent and the home agent; And when described mobile IP login request is carried MN-HA-AE, verify described MN-HA-AE; If aaa server does not issue random number mn-fa-nonce between mobile node and the external agent to the network authentication server among the step a, then aaa server issues described this random number to home agent, being sent to the external agent by mobile IP registration report, thus the informing network authentication server;
D. home agent sends and carries the register report of MN-HA-AE and FA-HA-AE to external agent FA, after the external agent receives described register report, from mobile IP cipher key MN-FA-K between described network authentication server acquisition mobile node and the external agent and the mobile IP cipher key FA-HA-K between external agent and the home agent, and behind checking FA-HA-AE, transmit the mobile IP registration that carries MN-FA-AE and report to mobile node;
E. mobile node receives the mobile IP registration report, obtains MN-FA-K from described network authentication server, and checking MN-FA-AE.
3. method according to claim 1 and 2 is characterized in that:
Described root key comprises one of them of relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK;
Described key information also comprises: mobile IP cipher key MN-HA-K between mobile node and the home agent or the random number mn-ha-nonce between mobile node and the home agent, and/or the key MN-AAA-K between mobile node and the aaa server.
4. method according to claim 2 is characterized in that:
The relevant key information of HA described in the step c comprises: MN-HA-K and FA-HA-K; Perhaps
Relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK three one of them, the random number fa-ha-nonce between MN-HA-K and external agent and the home agent; Perhaps
Relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK three one of them, the random number fa-ha-nonce between random number mn-ha-nonce between mobile node and the home agent and external agent and the home agent.
5. method according to claim 2 is characterized in that:
In the authentication process, the network authentication server sends to AAA to the FA-IP address; Perhaps
At home agent during to AAA request HA relevant key information, with the parameter of outside Agent IP as request.
6. method according to claim 1 is characterized in that also comprising:
F. externally after the agency migration, initiate mobile IP login request, obtain target external by described home agent HA from aaa server and act on behalf of mobile IP cipher key TFA-HA-K and TFA correlation random number between TFA and the home agent HA to home agent HA;
G. the TFA correlation random number is sent to the external agent, and notifies described network authentication server, the network authentication server produces the relevant mobile IP cipher key of TFA according to the IP address of described TFA correlation random number or TFA; Mobile node and target external agency obtain the relevant mobile IP cipher key of corresponding TFA from described network authentication server.
7. according to the described method of claim 1,2 or 6, it is characterized in that also comprising:
Set up each and move Security Association between the IP functional entity.
8. method according to claim 1 is characterized in that:
After re-authenticating authentication, carry out the renewal of mobile IP association key.
9. method according to claim 2 is characterized in that:
Re-authenticating when authentication, produce new key between mobile terminal MS and the aaa server again, this aaa server issue new key information to the network authentication server to produce new MN-HA-K and/or MN-AAA-K; Notify home agent that new authentication has taken place simultaneously;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out step b again to step e.
10. method according to claim 1 is characterized in that:
Re-authenticating when authentication, produce new key between mobile terminal MS and the aaa server again, and this aaa server issue new key information to the network authentication server to produce new MN-HA-K and/or MN-AAA-K;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out described step b again to step e.
11., it is characterized in that according to claim 9 or 10 described methods:
After mobile node, external agent and home agent are learnt and re-authenticated authentication, delete the relevant Security Association of existing mobile IP.
12., it is characterized in that according to claim 9 or 10 described methods:
The replacement of key is accompanied by the replacement or the foundation of Security Association in mobile IP functional entity.
13. the generation of a mobile IP cipher key and distribution method is characterized in that:
In the authentication process, the authentication and authorization charging aaa server issue comprise the random number fa-ha-nonce between root key and external agent FA and the home agent HA key information to the network authentication server;
Home agent HA obtains the relevant mobile IP cipher key of home agent HA by aaa server; If aaa server does not issue random number mn-fa-nonce between mobile node MN and the external agent FA and/or the random number mn-ha-nonce between mobile node MN and the home agent HA, then aaa server issues described random number to home agent, and notice corresponding mobile IP functional entity;
The external agent obtains the relevant mobile IP cipher key of FA according to the IP address of FA correlation random number and/or FA from described network authentication server;
Mobile node obtains the relevant mobile IP cipher key of MN according to the MN correlation random number.
14. method according to claim 13 is characterized in that specifically comprising the steps:
A. in the authentication process, the authentication and authorization charging aaa server issue comprise the random number fa-ha-nonce between root key and external agent FA and the home agent HA key information to the network authentication server;
B. portable terminal is initiated the mobile IP login request carry authentication extension MN-AAA-AE between mobile node and the aaa server, and is forwarded to home agent HA through external agent FA;
C. home agent receives mobile IP login request, request aaa server checking MN-AAA-AE also issues the HA relevant key information, and HA is according to mobile IP cipher key MN-HA-K between described HA relevant key information acquisition mobile node and the home agent and the mobile IP cipher key FA-HA-K between external agent and the home agent; If aaa server does not issue random number mn-ha-nonce between random number mn-fa-nonce between mobile node MN and the external agent FA or mobile node and home agent among the step a, then aaa server issues mn-fa-nonce or mn-ha-nonce to home agent HA, to be sent to corresponding mobile IP functional entity by follow-up mobile IP registration report;
D. home agent sends mobile IP registration and reports to the external agent, and authentication extension MN-HA-AE between mobile node and home agent and the authentication extension FA-HA-AE between external agent and home agent are carried in this mobile IP registration report; After the external agent receives described register report, from mobile IP cipher key MN-FA-K between described network authentication server acquisition mobile node and the external agent and the mobile IP cipher key FA-HA-K between external agent and the home agent, and behind checking FA-HA-AE, transmit the mobile IP registration that carries MN-FA-AE and report to portable terminal;
E. portable terminal receives described mobile IP registration report, obtains MN-HA-K and MN-FA-K according to random number, and verifies corresponding authentication extension.
15., it is characterized in that according to claim 13 or 14 described methods:
Described root key comprises: one of them of relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK.
16., it is characterized in that according to claim 13 or 14 described methods:
Described HA relevant key information comprises: MN-HA-K and FA-HA-K; Perhaps
Relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK three one of them, the random number fa-ha-nonce between MN-HA-K and external agent and the home agent; Perhaps
Relevant mobile IP root key MIP-FA-RK of extended master session key EMSK, FA and mobile IP root key MIP-RK three one of them, the random number fa-ha-nonce between random number mn-ha-nonce between mobile node and the home agent and external agent and the home agent.
17. method according to claim 14 is characterized in that also comprising:
In the authentication process, the network authentication server sends to HAAA to the FA-IP address; Perhaps at home agent during to AAA request HA relevant key information, with the parameter of outside Agent IP as request.
18. method according to claim 13 is characterized in that also comprising:
If f. the external agent moves, obtain target external by described home agent HA from aaa server and act on behalf of mobile IP cipher key TFA-HA-K and TFA correlation random number between TFA and the home agent HA, and be notified to corresponding mobile IP functional entity;
G. the external agent obtains the relevant mobile IP cipher key of TFA according to the IP address of described TFA correlation random number or TFA from the network authentication server; Mobile node obtains the relevant mobile IP cipher key of MN according to the MN correlation random number.
19., it is characterized in that also comprising: set up each and move Security Association between the IP functional entity according to the described method of claim 13,14 or 18.
20. method according to claim 13 is characterized in that:
After re-authenticating authentication, carry out the renewal of mobile IP association key.
21. method according to claim 14 is characterized in that:
When re-authenticating authentication, produce new key between mobile terminal MS and the aaa server again, this aaa server issues new key information to the network authentication server; New authentication has taken place in aaa server notice home agent simultaneously;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out step b again to step e.
22. method according to claim 14 is characterized in that:
When re-authenticating authentication, produce new key between mobile terminal MS and the aaa server again, and this aaa server issues new key information to the network authentication server;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out described step b again to step e.
23., it is characterized in that according to claim 21 or 22 described methods:
After mobile node, external agent and home agent are learnt and re-authenticated authentication, delete the relevant Security Association of existing mobile IP.
24., it is characterized in that according to claim 21 or 22 described methods:
The replacement of key is accompanied by the replacement or the foundation of Security Association in mobile IP functional entity.
25. the generation of a mobile IP cipher key and distribution method is characterized in that:
A. in the authentication process, portable terminal and authentication and authorization charging server AAA produce the portable terminal association key;
B. portable terminal is initiated the mobile IP login request carry authentication extension MN-AAA-AE between mobile node and the aaa server, and is forwarded to home agent HA through external agent FA;
C. home agent issues the HA relevant key information to HA to aaa server request HA relevant key information behind the aaa server good authentication MN-AAA-AE; If aaa server does not issue random number mn-ha-nonce to portable terminal among the step a, then aaa server issues corresponding random number to home agent;
D. home agent is handled described mobile IP login request, and is forwarded to portable terminal via the external agent, carries MN-HA-AE in this mobile IP login request; If aaa server does not issue random number mn-ha-nonce to portable terminal among the step a, then in described register requirement, carry mn-ha-nonce;
E. portable terminal calculates MN-HA-K, and verifies described MN-HA-AE according to random number and by EMSK or the derivative root key of this EMSK.
26. method according to claim 23 is characterized in that also comprising:
Set up each and move Security Association between the IP functional entity.
27. method according to claim 23 is characterized in that:
When re-authenticating authentication, produce new key between mobile terminal MS and the aaa server again;
The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out described step b again to step e.
28. method according to claim 25 is characterized in that:
The replacement of key is accompanied by the replacement or the foundation of Security Association in mobile IP functional entity.
29. the generation of a mobile IP cipher key and distribution method is characterized in that comprising:
A. in the authentication process, authentication and authorization charging server AAA sends key information to the network authentication server;
B. mobile node obtains key PMIP-K between mobile node and the home agent from described network authentication server, and sends the mobile IP login request of carrying PMIP-AE, is forwarded to home agent HA via external agent FA;
C.HA is by obtaining PMIP-K to AAA request key, and sends the mobile IP registration that carries PMIP-AE and report to mobile node.
30. method according to claim 29 is characterized in that:
Described key information comprises: the key PMIP-K between mobile node and the home agent, perhaps
Random number mn-ha-nonce between root key and mobile node and the home agent; Described root key comprises extended master session key EMSK or mobile IP root key MIP-RK.
31. method according to claim 29 is characterized in that:
If the key information that AAA issues comprises the key MN-AAA-K between mobile node and the AAA; Then described mobile IP login request is also carried the authentication extension MN-AAA-AE between mobile node and the AAA; And during to AAA request key, verify described authentication extension MN-AAA-AE by AAA at HA.
32. method according to claim 29 is characterized in that:
When re-authenticating authentication, produce new key between mobile terminal MS and the aaa server again; The new key of mobile node utilization substitutes corresponding old key, and initiates mobile IP login request, carries out described step b again to step c.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610093037 CN101094066A (en) | 2006-06-19 | 2006-06-19 | Method for generating and distributing mobile IP cipher key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610093037 CN101094066A (en) | 2006-06-19 | 2006-06-19 | Method for generating and distributing mobile IP cipher key |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101094066A true CN101094066A (en) | 2007-12-26 |
Family
ID=38992120
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200610093037 Pending CN101094066A (en) | 2006-06-19 | 2006-06-19 | Method for generating and distributing mobile IP cipher key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101094066A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009155807A1 (en) * | 2008-06-25 | 2009-12-30 | 华为技术有限公司 | Pre-authentication method, authentication system and authentication apparatus |
| CN101656959B (en) * | 2009-09-10 | 2012-02-29 | 中兴通讯股份有限公司 | Method, apparatus and system for obtaining MN-HA key in HA of PMIP |
| CN109547487A (en) * | 2018-12-28 | 2019-03-29 | 北京奇安信科技有限公司 | Message treatment method, apparatus and system |
-
2006
- 2006-06-19 CN CN 200610093037 patent/CN101094066A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009155807A1 (en) * | 2008-06-25 | 2009-12-30 | 华为技术有限公司 | Pre-authentication method, authentication system and authentication apparatus |
| US8407474B2 (en) | 2008-06-25 | 2013-03-26 | Huawei Technologies Co., Ltd. | Pre-authentication method, authentication system and authentication apparatus |
| CN101656959B (en) * | 2009-09-10 | 2012-02-29 | 中兴通讯股份有限公司 | Method, apparatus and system for obtaining MN-HA key in HA of PMIP |
| CN109547487A (en) * | 2018-12-28 | 2019-03-29 | 北京奇安信科技有限公司 | Message treatment method, apparatus and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101106452B (en) | Generation and distribution method and system for mobile IP secret key | |
| CN101156352B (en) | Authentication method, system and authentication center based on mobile network P2P communication | |
| US7472269B2 (en) | System and method for strong authentication achieved in a single round trip | |
| KR20060067263A (en) | Fast re-authentication method when handoff in wlan-umts interworking network | |
| CN103096311B (en) | The method and system of Home eNodeB secure accessing | |
| CN101079705B (en) | Generation and distribution method and system of mobile IP secret key after second authentication | |
| CN101502078A (en) | Method and system for providing an access specific key | |
| US8447981B2 (en) | Method and system for generating and distributing mobile IP security key after re-authentication | |
| KR20070110178A (en) | Authentication system in a communication system and method thereof | |
| CN101075870B (en) | Method for generating and distributing movable IP Key | |
| JP5535331B2 (en) | Authenticator transfer method for WIMAX system | |
| CN101610507A (en) | A kind of method that inserts the 3G-WLAN internet | |
| WO2009155807A1 (en) | Pre-authentication method, authentication system and authentication apparatus | |
| CN101330438B (en) | Safe communication method and system between nodes | |
| CN101114958A (en) | Method for implementing mobile IP cipher key update in WiMAX system | |
| CN101094066A (en) | Method for generating and distributing mobile IP cipher key | |
| Raja et al. | Reduced overhead frequent user authentication in EAP-dependent broadband wireless networks | |
| CN101291215B (en) | Method and device for generating and distributing mobile IP cipher key | |
| CN101123815B (en) | Method for microwave to access home agent root secret key synchronization in global intercommunication mobile IPv4 | |
| CN101917715B (en) | Method and system for producing and distributing mobile Internet protocol (IP) key | |
| CN101227458B (en) | Mobile IP system and method for updating local agent root key | |
| CN101051893B (en) | Movable key generating and distributing method | |
| CN101119594B (en) | Method of implementing home agent root key synchronization between home agent and foreign agent | |
| Shen et al. | Fast handover pre-authentication protocol in 3GPP-WLAN heterogeneous mobile networks | |
| CN101447978A (en) | Method for acquiring correct HA-RK Context by accessing AAA server in WiMAX network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |