CN101257723A - Method, apparatus and system for generating cipher key - Google Patents

Method, apparatus and system for generating cipher key Download PDF

Info

Publication number
CN101257723A
CN101257723A CNA2008100919434A CN200810091943A CN101257723A CN 101257723 A CN101257723 A CN 101257723A CN A2008100919434 A CNA2008100919434 A CN A2008100919434A CN 200810091943 A CN200810091943 A CN 200810091943A CN 101257723 A CN101257723 A CN 101257723A
Authority
CN
China
Prior art keywords
key
asme
target cell
request message
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2008100919434A
Other languages
Chinese (zh)
Inventor
甘露
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CNA2008100919434A priority Critical patent/CN101257723A/en
Publication of CN101257723A publication Critical patent/CN101257723A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a key generation method, a device and a system, wherein, the method includes steps that: according to a key KASME and an objective district identification and/or other parameters, MME generates a key and sends switching request message with the key to an objective eNB; the subscribers apparatus generates a key used by the objective eNB according to the key KASME and the objective district identification and/or other parameters. The embodiments of the invention can generate a key during switching the subscriber apparatus from other networks to an EUTRAN network to improve safety of an access layer.

Description

Key generation method, Apparatus and system
Technical field
The present invention relates to key generation technique in the communications field, particularly, relate to key generation method, Apparatus and system when between different system, switching.
Background technology
Third generation partner program (3rd Generation Partnership Project, abbreviation 3GPP) grouping system (the Evolved Packet System of evolution, be called for short EPS) by land radio access web (the Evolved UMTS Terrestrial Radio AccessNetwork of evolution, be called for short EUTRAN) and packet-based core networks (Evolved PacketCore the is called for short EPC) composition of EPS evolution.EPC can support the user from global system for mobile communications enhanced data rates for gsm evolution entity wireless access network (Global System for MobileCommunication Enhanced Data Rate for GSM Evolution radio accessnetwork, be called for short GERAN) and the access of universal land radio access web (Universal TerrestrialRadio Access Network, abbreviation UTRAN).
The EPC packet-based core networks comprise mobile management entity (Mobility ManagementEntity is called for short MME), and MME is responsible for the processing of ambulant management, Non-Access Stratum signaling and the relevant work of chains of command such as management of user security model.Wherein, MME preserve EUTRAN root key---(Key AccessSecurity Management Entity is abbreviated as K to the access security managing entity key ASME).In EUTRAN, base station equipment is the base station (evolved Node-B is called for short eNB) of evolution, mainly is responsible for radio communication, wireless communications management and the contextual management of mobility.The root key of the Access Layer that uses for eNB is that (Key eNB is abbreviated as K for the base station key of evolution ENB).
3GPP universal mobile telecommunications system (Universal Mobile TelecommunicationSystem, abbreviation UMTS) equipment of the management of responsible contextual management of mobility and/or user security model is service universal grouping wireless business supporting node (ServingGeneral Packet Radio Service Support Node is called for short SGSN) in the system.SGSN also is responsible for authenticated user equipment (User Equipment is called for short UE).
In the 3GPP UMTS system, the equipment of being responsible for wireless communications management is the radio network controller (Radio Network Controller is called for short RNC) among the UTRAN.As shown in Figure 1, when UE switches to EUTRAN from UTRAN, if do not preserve the EPS security-related parameters among UE and the MME, as K ASME, then RNC need make the key K among the MME generation EUTRAN by sending redirect request ASMEMME transmits redirected the answer to RNC after eNB confirms handoff request, RNC carries out the UTRAN switching command, and the UE adnation becomes the key K among the EUTRAN ASME, finish switching to EUTRAN.
In realizing process of the present invention, when the inventor finds to switch at present, when UTRAN switches to EUTRAN, there is following defective at least between different access systems as UE:
In the prior art when other networks switch to EUTRAN, though can generate the root key K of EUTRAN ASME, but can't generate the key that uses by Access Layer, as root key K for the Access Layer of eNB use ENB, therefore, the signaling of Access Layer and/or data can not be effectively protected, and have potential safety hazard.
Summary of the invention
The objective of the invention is to generate intermediate key, the not high defective of using by Access Layer of Access Layer fail safe when switching between different access systems in the prior art, a kind of key generation method and system are proposed, to generate the intermediate key that Access Layer uses, the fail safe that improves Access Layer.
For achieving the above object, according to an aspect of the present invention, provide a kind of key generation method.
According to the key generation method of the embodiment of the invention, be used for generating key from the process that other networks switch to the EUTRAN network at subscriber equipment, comprising: MME is according to the root key K of EUTRAN network ASME, Target Cell Identifier and/or other parameters, generate key, and to send the handoff request message of carrying key be target eNB to the base station of target evolution; Subscriber equipment is according to the root key K of EUTRAN network ASME, Target Cell Identifier and/or other parameters, generate the key that target eNB is used.
Send by the radio network controller of current network simultaneously when Target Cell Identifier sends redirect request by the radio network controller of current network, be transmitted to mobile management entity through SGSN.
Root key K according to the EUTRAN network ASME, Target Cell Identifier and/or other parameters, the operation that generates key specifically can comprise: with Target Cell Identifier and/or other parameters and root key K ASMEThe one-pass key generating function that input is default; With the output of one-pass key generating function as key.
MME can generate the root key K of EUTRAN network according to the redirect request message that receives ASME
Target eNB is received after the key, can also comprise: MME receives the switching request acknowledgement message corresponding with handoff request message, and sends the redirected answer message corresponding with redirect request message to the SGSN of current network; The SGSN of current network receives to be redirected and replys message, and sends redirect command message; The radio network controller of current network sends switching command message to subscriber equipment; Subscriber equipment generates the root key K of EUTRAN network according to the switching command message that receives ASME
Target eNB is received after the key, can also comprise: MME receives the handoff request failed message corresponding with handoff request message; The radio network controller of current network resends redirect request message after the handoff request failure; MME sends handoff request message to another target eNB of EUTRAN network; MME receives the switching request acknowledgement message corresponding with handoff request message.
For achieving the above object, according to another aspect of the present invention, provide a kind of key generating device.
Key generating device according to the embodiment of the invention comprises: first module is used for the root key K according to the EUTRAN network ASME, Target Cell Identifier and/or other parameters, generate key.
First module can be arranged at MME, and first module comprises: the first key generation module is used for generating root key K according to the redirect request message that receives ASME, and according to root key K ASME, Target Cell Identifier, and/or other parameters generate key; First sending module, be used to send carry key handoff request message to target eNB.
First module can also all be arranged on the subscriber equipment.
For achieving the above object, according to another aspect of the present invention, provide a kind of key generation system.
Key generation system according to the embodiment of the invention comprises:
Mobile management entity is used for the root key K according to the EUTRAN network ASME, Target Cell Identifier and/or other parameters,, generate key, and send the handoff request message of carrying key; Subscriber equipment is used to receive switching command message, and according to the root key K of EUTRAN network ASME, Target Cell Identifier and/or other parameters, generate key.
The key of various embodiments of the present invention generates methods, devices and systems, because adopt Target Cell Identifier, K ASMEAnd/or other parameters, export key, therefore, the signaling of Access Layer and/or data can be effectively protected, and strengthen the fail safe of Access Layer.
Further; the key generation method of various embodiments of the present invention, device and system; because use the Target Cell Identifier (cell-ID) of EUTRAN network to generate key; make different sub-district (cell) can use different keys; therefore; guarantee the key that different sub-districts has different Access Layers to use, thereby tighten security protection.
Other features and advantages of the present invention will be set forth in the following description, and, partly from specification, become apparent, perhaps understand by implementing the present invention.Purpose of the present invention and other advantages can realize and obtain by specifically noted structure in the specification of being write, claims and accompanying drawing.
Description of drawings
Accompanying drawing is used to provide further understanding of the present invention, and constitutes the part of specification, is used from explanation the present invention with embodiments of the invention one, is not construed as limiting the invention.In the accompanying drawings:
Fig. 1 is for switching to the key generation method flow chart of EUTRAN from UTRAN according to the UE of prior art;
Fig. 2 is the flow chart according to the key generation method of the inventive method embodiment;
Fig. 3 is the flow chart according to the key generation method of the inventive method embodiment one;
Fig. 4 is the signaling process figure according to the key generation method of the inventive method embodiment two;
Fig. 5 is the signaling process figure according to the key generation method of the inventive method embodiment three;
Fig. 6 is the key generating device schematic diagram according to apparatus of the present invention embodiment;
Fig. 7 is the schematic diagram according to the detailed structure of the key generating device of apparatus of the present invention embodiment;
Fig. 8 is the key generation system schematic diagram of system according to the invention embodiment.
Embodiment
Below in conjunction with accompanying drawing the preferred embodiments of the present invention are described, should be appreciated that preferred embodiment described herein only is used for description and interpretation the present invention, and be not used in qualification the present invention.
Method embodiment
Fig. 2 is the flow chart according to the key generation method of the embodiment of the invention.As shown in Figure 2, present embodiment comprises:
Step 202:MME is according to the root key K of EUTRAN network ASME, Target Cell Identifier, and/or other parameters generate key, and send and carry the handoff request message of key to target eNB;
Step 204: subscriber equipment is according to the root key K of EUTRAN network ASME, Target Cell Identifier, and/or other parameters generate the described key that target eNB is used.
The key generation method of the embodiment of the invention can generate the key that the EUTRAN network access layer is used, and makes the signaling of Access Layer and/or data to be effectively protected, and strengthens the fail safe of Access Layer.
Simultaneously,, make different sub-district (cell) can use different keys, therefore, guarantee the key that different sub-districts has different Access Layers to use, thereby tighten security protection because present embodiment uses the Target Cell Identifier cell-ID of EUTRAN network to generate key.
Embodiment one
Fig. 3 is the flow chart according to the key generation method of the embodiment of the invention one, and as shown in Figure 3, present embodiment shows UE from the flow chart that UTRAN switches to the key generation method of EUTRAN, may further comprise the steps:
After step S310, MME receive the redirect request message of being transmitted by SGSN from RNC, generate K according to redirect request message ASME, comprise Target Cell Identifier cell-ID in the redirect request;
Step S320, MME uses Target Cell Identifier and K ASMEGenerate key;
Step S330, MME carries this key and sends to target eNB in handoff request message after generating key;
Step S340, UE generate K after receiving switching command ASME
Step S350, UE uses Target Cell Identifier and K ASMEGenerate the key of this target eNB.
The key generation method of present embodiment is because adopt Target Cell Identifier and K ASMEExport, when UTRAN switches to EUTRAN, can't generate K at UE so overcome in the prior art ENBProblem, thereby can tighten security protection.
Preferably, MME can use the parameter in the redirect request message to generate K ASME, parameter comprises Integrity Key (Integrity Key is abbreviated as IK), encryption key (Ciphering Key is abbreviated as CK).
Preferably, can also further use public land mobile radio communication sign (Public Land Mobile Network Identity the is called for short PLMN-ID) information in the redirect request message to generate K ASME
Preferably; after the key of the Access Layer that generation eNB uses; further comprising the steps of: eNB and UE can also be further according to the keys that generates, and the encryption key, integrity protection key and/or the customer side encryption key that generate the EUTRAN network are to start corresponding safeguard protection.
Embodiment two
Fig. 4 is the signaling process figure according to the key generation method of the embodiment of the invention two, present embodiment shows the signaling process figure of key generation method according to the preferred embodiment of the invention, wherein, source RNC and source SGSN represent equipment among the UMTS that UE is currently connected among Fig. 4; Equipment among the EPS that target eNB and target MME sign UE will switch to.As shown in Figure 4, present embodiment comprises:
Step S401, the source RNC decision among the UTRAN is initiated to switch, and specifically can be the measurement report triggering of issuing this RNC according to UE, also can be to initiate to switch decision according to other reasons by RNC;
Step S402, source RNC sends redirect request message to source SGSN, sends switching target small area sign cell-ID simultaneously;
Step S403, source SGSN transmits this redirect request message to target MME, and sends IK simultaneously, and CK gives target MME;
After step S404, target MME receive redirect request message, use Integrity Key IK, encryption key CK and other parameter,, generate K as PLMN-ID ASME
Step S405, target MME uses Target Cell Identifier and K ASME, generate key K;
Step S406, target MME sends to target eNB with key K in handoff request message;
Step S407, target eNB can also further be used other keys of key K generation EUTRAN network, as: Radio Resource control encryption key, integrity protection key, and customer side encryption key.Target eNB successfully starts safeguard protection;
Step S408, target eNB is replied switching request acknowledgement message to target MME, and handoff request is accepted in expression;
Step S409, target MME receive after the switching request acknowledgement message of target eNB to send to transmit to be redirected to source SGSN and reply message;
Step S410, source SGSN sends redirect command to source RNC;
Step S411, source RNC sends the UTRAN switching command to UE;
Step S412, UE generate K according to the switching command of current UTRAN ASME
Step S413, UE uses Target Cell Identifier and K ASMEGenerate the key K of UE side;
Step S414, UE further use key K to generate other keys of EUTRAN network: Radio Resource control encryption key, integrity protection key, and customer side encryption key.UE successfully starts safeguard protection;
Step S415; UE sends to switch to target eNB and finishes command messages; this switching is finished Radio Resource control encryption key that command messages can use the EUTRAN network and is encrypted and use Integrity Key to carry out integrity protection; because the Radio Resource that target eNB generates control encryption key and Integrity Key are consistent with the UE side; therefore, can be successful the switching that sends of decrypted user side UE finish command messages.
In the key generative process of the foregoing description, can use Target Cell Identifier and K ASMEAnd/or other parameters, as input parameter, adopt the one-pass key generating function to generate, other parameters can be chosen according to actual conditions, and present embodiment is not selected other parameters for use for the sake of simplicity, those skilled in the art should understand, other parameters are not defined as nothing, and this does not influence the essence of the embodiment of the invention.
Embodiment three
Fig. 5 is the signaling process figure according to the key generation method of the embodiment of the invention three.Source RNC and source SGSN represent the equipment among the UMTS that UE is currently connected among Fig. 5; Equipment among the EPS that target eNB and target MME sign UE will switch to.As shown in Figure 5, present embodiment comprises:
Step S501, the source RNC decision among the UTRAN is initiated to switch, and specifically can be the measurement report triggering of issuing this RNC according to UE, also can be to initiate to switch decision according to other reasons by RNC;
Step S502, source RNC sends redirect request message to source SGSN, sends first Target Cell Identifier (being abbreviated as cell-ID1) simultaneously;
Step S504, source SGSN transmits this redirect request message to target MME, and sends IK simultaneously, and CK gives target MME,
After step S506, target MME receive redirect request message, at first use IK, CK and other parameter, for example PLMN-ID generates K ASME
Step S508, target MME uses Target Cell Identifier and K ASMEGenerate first key K 1
Step S510, target MME send to target the one eNB and carry first key K 1Handoff request message;
Step S512, first target eNB is used first key K 1Generate other keys of EUTRAN network: Radio Resource is controlled first encryption key, the first integrity protection key, and user's face first encryption key;
Step S514, first target eNB is replied switch failure information to target MME, and this handoff request is not accepted in expression;
Step S516, the source RNC among the UTRAN determine to initiate to switch to same objective network once more, initiate second as source RNC among Fig. 5 and switch decision;
Step S518, source RNC sends the second redirect request message to source SGSN, sends second Target Cell Identifier (being abbreviated as cell-ID2) simultaneously;
Step S520, target MME at first use IK after receiving the second redirect request message, and CK and other parameter generate K ASME, target MME uses Target Cell Identifier and K ASMEGenerate second key K 2
Step S522, target MME sends handoff request to second target eNB, sends second key K simultaneously 2
Step S524, second target eNB is used second key K 2Generate other keys of EUTRAN network: Radio Resource is controlled second encryption key, the second integrity protection key, and user's face second encryption key;
Step S526, second target eNB is replied switching request acknowledgement message to target MME, and second handoff request is accepted in expression;
Step S528, target MME send to transmit to be redirected to source SGSN and reply message, the success of expression redirect request;
Step S530, source SGSN sends redirect command to source RNC;
Step S532, source RNC sends the UTRAN switching command to UE;
Step S534, UE generate K according to the switching command of current UTRAN ASME
Step S536, UE uses K ASMEAnd second Target Cell Identifier identical with second target eNB, adopt the one-pass key generating function to generate second key K 2
Step S538, UE can further use the 2nd K 2Generate other keys: Radio Resource is controlled second encryption key, the second integrity protection key, and user's face second encryption key.UE successfully starts safeguard protection;
Step S540; UE sends to switch to second target eNB and finishes command messages; this switching is finished command messages and can be used Radio Resource to control second encryption key to encrypt and use second Integrity Key to carry out integrity protection; because the Radio Resource that second target eNB generates control encryption key and Integrity Key are consistent with the UE side; therefore, can be successful the switching that sends of decrypted user side UE finish command messages.
Can be easy to find out by above-mentioned steps, if first key K 1With second key K 2Identical, and the assailant has obtained first key K 1, just can obtain second key K of current use 2, present embodiment is owing to using different Cell-ID, as generating first key K according to a Cell-ID 1, use the 2nd Cell-ID to generate second key K 2, then can effectively avoid attacking, safeguard protection is strengthened greatly.
Device embodiment
Fig. 6 is the key generating device schematic diagram according to the embodiment of the invention.As shown in Figure 6, present embodiment comprises:
First module 62 is used for the root key K according to the EUTRAN network ASME, Target Cell Identifier and/or other parameters, generate key K.
The key generative process of present embodiment key generating device and method embodiment is similar, need be according to K ASMEWith the cell-ID of Target cell, generate EUTRAN network access layer key.
Fig. 7 is the detailed structure schematic diagram according to the key generating device of the embodiment of the invention.As shown in Figure 7, first module 72 is arranged at MME in the present embodiment, and wherein, first module 72 comprises: the first key generation module 722 is used for generating root key K according to the redirect request message that receives ASME, and according to root key K ASMEAnd Target Cell Identifier, generate key K; First sending module 724, be used to send carry key K handoff request message to target eNB.
Present embodiment is specializing of Fig. 6 embodiment, and first module is arranged on the MME, and the correlation function of first module specifically can no longer carry out repeat specification referring to the related description of method embodiment.
Among above-mentioned Fig. 6 device embodiment, first module also can all be arranged on the subscriber equipment, to realize the generation of user equipment side EUTRAN network access layer key, no longer is illustrated.
System embodiment
Fig. 8 is the key generation system schematic diagram according to the embodiment of the invention.As shown in Figure 8, present embodiment comprises:
Mobile management entity 82 is used for the root key K according to the EUTRAN network ASME, Target Cell Identifier information and/or other parameters, generate key K, and send the handoff request message of carrying key K;
Subscriber equipment 84 is used to receive switching command message, and according to the root key K of EUTRAN network ASME, Target Cell Identifier information and/or other parameters, generate key K.
Present embodiment specifically can be referring to the concrete handling process explanation of Fig. 2-Fig. 5 method embodiment, the embodiment that Fig. 2-Fig. 5 also can be understood as according to the key generation system of the embodiment of the invention resolves schematic diagram, realizes that target eNB and subscriber equipment generate the key that the EUTRAN network access layer is used.
In sum, the key generation method of various embodiments of the present invention, device and system adopt Target Cell Identifier and K ASMEExport key, make the signaling of Access Layer and/or data to be effectively protected, strengthen the fail safe of Access Layer.Simultaneously, make sub-districts (cell) different in the different Access Layer (as eNB) can use different keys, can effectively avoid attacking, safeguard protection is strengthened greatly.
Obviously, those skilled in the art should be understood that, above-mentioned each module of the present invention or each step can realize with the general calculation device, they can concentrate on the single calculation element, perhaps be distributed on the network that a plurality of calculation element forms, alternatively, they can be realized with the executable program code of calculation element, thereby, they can be stored in the storage device and carry out by calculation element, perhaps they are made into each integrated circuit modules respectively, perhaps a plurality of modules in them or step are made into the single integrated circuit module and realize.Like this, the present invention is not restricted to any specific hardware and software combination.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (10)

1. a key generation method is used for generating key at subscriber equipment from the process that other networks switch to the EUTRAN network, it is characterized in that, comprising:
Mobile management entity is according to the root key K of EUTRAN network ASME, Target Cell Identifier and/or other parameters, generate key, and send and carry the handoff request message of described key to target eNB;
Subscriber equipment is according to the root key K of EUTRAN network ASME, Target Cell Identifier and/or other parameters, generate the described key that described target eNB is used.
2. key generation method according to claim 1, it is characterized in that, send by the radio network controller of described current network simultaneously when described Target Cell Identifier sends redirect request by the radio network controller of current network, be transmitted to described mobile management entity through SGSN.
3. key generation method according to claim 1 is characterized in that, described root key K according to described EUTRAN network ASME, Target Cell Identifier and/or other parameters, the operation that generates key specifically comprises:
With Target Cell Identifier and/or other parameters and described root key K ASMEThe one-pass key generating function that input is default;
With the output of described one-pass key generating function as described key.
4. key generation method according to claim 2 is characterized in that, described mobile management entity generates the root key K of described EUTRAN network according to the redirect request message that receives ASME
5. key generation method according to claim 2 is characterized in that, described target eNB is received after the described key, also comprised:
Described mobile management entity receives and the corresponding switching request acknowledgement message of described handoff request message, and sends the redirected answer message corresponding with described redirect request message to the SGSN of current network;
The SGSN of described current network receives described redirected answer message, and sends redirect command message;
The radio network controller of current network sends switching command message to described subscriber equipment;
Described subscriber equipment generates the root key K of described EUTRAN network according to the switching command message that receives ASME
6. according to each described key generation method among the claim 1-5, it is characterized in that described target eNB is received after the described key, also comprised:
Described mobile management entity receives the handoff request failed message corresponding with described handoff request message;
The radio network controller of current network resends redirect request message after the handoff request failure;
Described mobile management entity sends handoff request message to another target eNB of described EUTRAN network;
Described mobile management entity receives and the corresponding switching request acknowledgement message of described handoff request message.
7. a key generating device is characterized in that, comprising:
First module is used for the root key K according to the EUTRAN network ASME, the Target cell that switches Target Cell Identifier information and/or other parameters, generate key.
8. key generating device according to claim 7 is characterized in that described first module is arranged at mobile management entity, and described first module comprises:
The first key generation module is used for generating root key K according to the redirect request message that receives ASME, and according to described root key K ASMEAnd Target Cell Identifier information and/or other parameters of the Target cell that switches, generate key;
First sending module, be used to send carry described key handoff request message to target eNB.
9. key generating device according to claim 7 is characterized in that described first module is arranged on the subscriber equipment.
10. a key generation system is characterized in that, comprising:
Mobile management entity is used for the root key K according to the EUTRAN network ASME, the Target cell that switches Target Cell Identifier information and/or other parameters, generate key, and send the handoff request message of carrying described key;
Subscriber equipment is used to receive switching command message, and according to the root key K of EUTRAN network ASME, the Target cell that switches Target Cell Identifier information and/or other parameters, generate key.
CNA2008100919434A 2008-04-08 2008-04-08 Method, apparatus and system for generating cipher key Pending CN101257723A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA2008100919434A CN101257723A (en) 2008-04-08 2008-04-08 Method, apparatus and system for generating cipher key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA2008100919434A CN101257723A (en) 2008-04-08 2008-04-08 Method, apparatus and system for generating cipher key

Publications (1)

Publication Number Publication Date
CN101257723A true CN101257723A (en) 2008-09-03

Family

ID=39892118

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2008100919434A Pending CN101257723A (en) 2008-04-08 2008-04-08 Method, apparatus and system for generating cipher key

Country Status (1)

Country Link
CN (1) CN101257723A (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009127114A1 (en) * 2008-04-16 2009-10-22 中兴通讯股份有限公司 A cryptographic key generating method, device and system
WO2010028603A1 (en) * 2008-09-12 2010-03-18 中兴通讯股份有限公司 Key generation method and system when a tracking area is updated
CN101835152A (en) * 2010-04-16 2010-09-15 中兴通讯股份有限公司 Method and system for establishing reinforced secret key when terminal moves to reinforced UTRAN (Universal Terrestrial Radio Access Network)
CN101925059A (en) * 2009-06-12 2010-12-22 中兴通讯股份有限公司 Method and system for generating keys in switching process
CN101938744A (en) * 2010-07-01 2011-01-05 中兴通讯股份有限公司 Method and system for ensuring key consistency of SRNC (Serving Radio Network Controller) and core network node
CN101945384A (en) * 2009-07-09 2011-01-12 中兴通讯股份有限公司 Method, device and system for processing safe key in reconnection of RRC (Radio Resource Control)
WO2011006390A1 (en) * 2009-07-15 2011-01-20 中兴通讯股份有限公司 Method and device for generating security keys
CN102137398A (en) * 2011-03-10 2011-07-27 中兴通讯股份有限公司 Updating method, device and user facility of improved secret key
CN102316451A (en) * 2010-07-02 2012-01-11 电信科学技术研究院 Method and device for processing next hop chain counter
WO2012116599A1 (en) * 2011-03-01 2012-09-07 华为技术有限公司 Security tunnel establishing method and enb
CN102804826A (en) * 2010-03-17 2012-11-28 瑞典爱立信有限公司 Enhanced key management for SRNS relocation
CN101873584B (en) * 2009-04-22 2013-04-03 大唐移动通信设备有限公司 Method and system for regenerating key in cell during failed switching
CN101938743B (en) * 2009-06-30 2013-05-08 中兴通讯股份有限公司 Generation method and device of safe keys
CN101383702B (en) * 2008-10-06 2014-07-02 中兴通讯股份有限公司 Method and system protecting cipher generating parameter in tracing region updating
CN104010276A (en) * 2013-02-27 2014-08-27 中兴通讯股份有限公司 Group key hierarchical management method and system for broadband cluster system, and terminal
CN105592455A (en) * 2014-11-13 2016-05-18 中兴通讯股份有限公司 Secret key updating method and apparatus, and main transmission node TP
WO2018126783A1 (en) * 2017-01-03 2018-07-12 中兴通讯股份有限公司 Key transmission method, device, and computer storage medium
CN109309920A (en) * 2017-07-28 2019-02-05 华为技术有限公司 Safety implementation method, relevant apparatus and system
CN109981273A (en) * 2016-07-01 2019-07-05 华为技术有限公司 Safe consultation method, security function entity, core network element and user equipment
WO2019158117A1 (en) * 2018-02-15 2019-08-22 Huawei Technologies Co., Ltd. System and method for providing security in a wireless communications system with user plane separation
CN109409118B (en) * 2017-08-17 2020-12-11 中国移动通信有限公司研究院 File protection method and device and computer readable storage medium
CN112806041A (en) * 2018-10-30 2021-05-14 华为技术有限公司 Key generation method, device and system

Cited By (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8452007B2 (en) 2008-04-16 2013-05-28 Zte Corporation Security key generating method, device and system
WO2009127114A1 (en) * 2008-04-16 2009-10-22 中兴通讯股份有限公司 A cryptographic key generating method, device and system
WO2010028603A1 (en) * 2008-09-12 2010-03-18 中兴通讯股份有限公司 Key generation method and system when a tracking area is updated
CN101355507B (en) * 2008-09-12 2012-09-05 中兴通讯股份有限公司 Method and system for generating cipher key for updating tracking zonetime
CN101383702B (en) * 2008-10-06 2014-07-02 中兴通讯股份有限公司 Method and system protecting cipher generating parameter in tracing region updating
CN101873584B (en) * 2009-04-22 2013-04-03 大唐移动通信设备有限公司 Method and system for regenerating key in cell during failed switching
CN101925059B (en) * 2009-06-12 2014-06-11 中兴通讯股份有限公司 Method and system for generating keys in switching process
CN101925059A (en) * 2009-06-12 2010-12-22 中兴通讯股份有限公司 Method and system for generating keys in switching process
CN101938743B (en) * 2009-06-30 2013-05-08 中兴通讯股份有限公司 Generation method and device of safe keys
WO2011003299A1 (en) * 2009-07-09 2011-01-13 中兴通讯股份有限公司 Security key processing method, device and system for radio resource control (rrc) connection re-establishing
CN101945384A (en) * 2009-07-09 2011-01-12 中兴通讯股份有限公司 Method, device and system for processing safe key in reconnection of RRC (Radio Resource Control)
CN101945384B (en) * 2009-07-09 2013-06-12 中兴通讯股份有限公司 Method, device and system for processing safe key in reconnection of RRC (Radio Resource Control)
WO2011006390A1 (en) * 2009-07-15 2011-01-20 中兴通讯股份有限公司 Method and device for generating security keys
CN102804826B (en) * 2010-03-17 2016-03-02 瑞典爱立信有限公司 For the enhancing key management of SRNS reorientation
CN102804826A (en) * 2010-03-17 2012-11-28 瑞典爱立信有限公司 Enhanced key management for SRNS relocation
CN101835152A (en) * 2010-04-16 2010-09-15 中兴通讯股份有限公司 Method and system for establishing reinforced secret key when terminal moves to reinforced UTRAN (Universal Terrestrial Radio Access Network)
CN101938744A (en) * 2010-07-01 2011-01-05 中兴通讯股份有限公司 Method and system for ensuring key consistency of SRNC (Serving Radio Network Controller) and core network node
CN101938744B (en) * 2010-07-01 2016-06-15 中兴通讯股份有限公司 A kind of method and system ensureing SRNC and core net node cipher consistency
CN102316451A (en) * 2010-07-02 2012-01-11 电信科学技术研究院 Method and device for processing next hop chain counter
CN102316451B (en) * 2010-07-02 2013-12-04 电信科学技术研究院 Method and device for processing next hop chain counter
WO2012116599A1 (en) * 2011-03-01 2012-09-07 华为技术有限公司 Security tunnel establishing method and enb
CN102137398B (en) * 2011-03-10 2017-04-12 中兴通讯股份有限公司 Updating method, device and user facility of improved secret key
CN102137398A (en) * 2011-03-10 2011-07-27 中兴通讯股份有限公司 Updating method, device and user facility of improved secret key
CN104010276A (en) * 2013-02-27 2014-08-27 中兴通讯股份有限公司 Group key hierarchical management method and system for broadband cluster system, and terminal
CN104010276B (en) * 2013-02-27 2019-02-15 中兴通讯股份有限公司 A kind of group key tiered management approach, system and the terminal of broadband cluster system
US10567172B2 (en) 2014-11-13 2020-02-18 Xi'an Zhongxing New Software Co., Ltd. Method for updating a key, and master transmission point
WO2016074444A1 (en) * 2014-11-13 2016-05-19 中兴通讯股份有限公司 Key updating method, device and primary transmission point (tp)
CN105592455A (en) * 2014-11-13 2016-05-18 中兴通讯股份有限公司 Secret key updating method and apparatus, and main transmission node TP
CN109981273A (en) * 2016-07-01 2019-07-05 华为技术有限公司 Safe consultation method, security function entity, core network element and user equipment
US10880744B2 (en) 2016-07-01 2020-12-29 Huawei Technologies Co., Ltd. Security negotiation method, security function entity, core network element, and user equipment
WO2018126783A1 (en) * 2017-01-03 2018-07-12 中兴通讯股份有限公司 Key transmission method, device, and computer storage medium
CN109309920A (en) * 2017-07-28 2019-02-05 华为技术有限公司 Safety implementation method, relevant apparatus and system
US11228905B2 (en) 2017-07-28 2022-01-18 Huawei Technologies Co., Ltd. Security implementation method, related apparatus, and system
CN109409118B (en) * 2017-08-17 2020-12-11 中国移动通信有限公司研究院 File protection method and device and computer readable storage medium
WO2019158117A1 (en) * 2018-02-15 2019-08-22 Huawei Technologies Co., Ltd. System and method for providing security in a wireless communications system with user plane separation
CN112806041A (en) * 2018-10-30 2021-05-14 华为技术有限公司 Key generation method, device and system
US11863977B2 (en) 2018-10-30 2024-01-02 Huawei Technologies Co., Ltd. Key generation method, device, and system

Similar Documents

Publication Publication Date Title
CN101257723A (en) Method, apparatus and system for generating cipher key
CN101232731B (en) Method and system for UE to generate cryptographic key switching from UTRAN to EUTRAN
CN101267668A (en) Secret key generation method, device and system
CN101083839B (en) Cipher key processing method for switching among different mobile access systems
EP3761598B1 (en) Generating keys for protection in next generation mobile networks
EP2293515B1 (en) Method, network element, and mobile station for negotiating encryption algorithms
EP2293610B1 (en) Method and device for preventing loss of network security synchronization
EP2416598B1 (en) Method, device and system for deducing keys
CN101304311A (en) Method and system for generating cryptographic key
CN101232736B (en) Method for setting initialization of cryptographic key existence counter among different access systems
CN101516089B (en) Switching method and system
EP2034658B1 (en) Method and system for distributing key in wireless network
EP2854329B1 (en) Method, system, and device for securely establishing wireless local area network
CN101237444B (en) Secret key processing method, system and device
CN101299888B (en) Cryptographic key generation method, switching method, mobile management entity and customer equipment
CN101521873B (en) Method for enabling local security context
US20110135095A1 (en) Method and system for generating key identity identifier when user equipment transfers
CN101102600A (en) Secret key processing method for switching between different mobile access systems
CN102457844A (en) Method and system for managing group key in M2M (machine-to-machine) group authentication
CN101552983A (en) Key generating method, key generating device, mobile management entity and user equipment
CN101355507B (en) Method and system for generating cipher key for updating tracking zonetime
CN102572819A (en) Method, device and system for generating secret key
CN101645877A (en) Method, system and network node for consulting cipher key derivative function
CN102821385A (en) Methods and network entity for sending public warning system (PWS) key information to terminal
CN101267670B (en) An initialization setup method for secret key survival counter between different access systems

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20080903