CN101483865A - Cipher key replacing method, system and device - Google Patents
Cipher key replacing method, system and device Download PDFInfo
- Publication number
- CN101483865A CN101483865A CNA2009101051476A CN200910105147A CN101483865A CN 101483865 A CN101483865 A CN 101483865A CN A2009101051476 A CNA2009101051476 A CN A2009101051476A CN 200910105147 A CN200910105147 A CN 200910105147A CN 101483865 A CN101483865 A CN 101483865A
- Authority
- CN
- China
- Prior art keywords
- cipher key
- replacing
- message
- key
- enb
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a key replacement method, which comprises: an evolution node point (eNB) sends an AS key replacement command message with the encryption and integration protected by the old key group to the user equipment (UE); the UE processes the AS key replacement command message with the old key group and sends an AS key replacement completion message with the integration protected by the new key to the eNB; then the UE encrypts or decrypts the user plane (UP) data with a new key; the eNB processes the AS key replacement completion message with a new key group and encrypts or decrypts the UP data with the new key. The invention further discloses a key replacement system and the combination equipment thereof. The adoption of the invention can ensure that the key used by the UE and the network user message is synchronous when the key is replaced, thus avoiding user communication data loss caused by asynchronous UE and network key and improving the communication quality of the user.
Description
Technical field
The present invention relates to the cipher key replacing technology in the mobile communication system, be meant a kind of subscriber equipment (UE) and network cipher key replacing method, system and the equipment under Radio Resource control (RRC) connection status especially.
Background technology
Third generation partner program (3GPP) Long Term Evolution (LTE, Long Term Evolution) system/System Architecture Evolution (SAE, System Architecture Evolution) access security adopts two-layer security architecture, that is to say, Access Layer (AS, Access Stratum) and the security mechanism of Non-Access Stratum (NAS, Non AccessStratum) separate, have oneself independently safe context separately.Wherein, safe context comprises: the value of key, key identifier, security algorithm and up-downgoing counter.The AS safe context ends at enode (eNB, evolved Node B), be responsible for generating the safe context that develops and manages AS by eNB, be used for Radio Resource control (RRC, Radio Resource Control) and the integrality and the Confidentiality protection of user plane (UP, User Plane) data; The NAS safe context ends at mobile management entity (MME; Mobility Management Entity); by the safe context that MME is responsible for generating foundation, preserves and manage NAS, be used for confidentiality and integrity protection to the NAS signaling, MME also preserves the root key K of management LTE/SAE simultaneously
ASMEThe key of AS/UP and NAS all is by K
ASMEDerive from, and its key identifier (eKSI, Key Set Identifier in E-UTRAN) is the same with the eKSI of root key, works as K
ASMEDuring change, the safety of AS/UP, NAS also can change thereupon, and AS/UP and NAS key can keep by same K
ASMEDerive from.
Usually, behind the UE security parameter relevant with network negotiate, network side can send AS or NAS safe mode command (SMC, Security Mode Command) gives UE, notice UE enables AS or NAS safe context, wherein, SMC comprise final determine set up the necessary security parameter of safe context, SMC message use with the pairing key of eKSI carry out integrity protection; After UE receives SMC, enable safe context, send out safe mode and finish message.Sending out AS safe mode command (AS SMC) message with the network side base station to UE is example, the base station is after transmission AS SMC message is to UE, descending RRC message and UP data are carried out encryption and decryption, after UE successfully handles AS SMC, also begin descending RRC message and UP data are carried out encryption and decryption at once; UE sends safe mode finish message after, carry out up RRC message and the UP data are carried out encryption and decryption at once, the base station receives that safe mode finishes, and equally also carries out up RRC message and the UP data are carried out encryption and decryption at once.Because the RRC/UP key can be deleted when RRC connects, and therefore means that AS SMC message always is to use new eNB key K
ENB
When UE when universal mobile telecommunications system (UMTS) network switches to the LTE/SAE network; use the LTE/SAE safe context of coming to carry out signaling and user face data protection earlier by the mapping of UMTS safe context; here, the LTE/SAE safe context that is come by the mapping of UMTS safe context is called mapping safe context (Mapped Security Context) again.At follow-up tracing section updating (TAU, TrackArea Update) in the process, UE finds that with MME both sides all have identical buffer memory safe context (Cached Security Context), then enable cipher key replacing (the Key Change on theFly) mechanism under the running status, enable the buffer memory safe context and replace the mapping safe context.Here, cipher key replacing is also referred to as the cipher key replacing (Key Change in RRC_CONNEC-TED) under the RRC connection status under the so-called running status, is meant under the situation that RRC and UP data do not have to stop to carry out cipher key replacing.Be under the RRC state of activation at UE, when PDCP (PDCP) counter reaches maximum, and base station key that need to upgrade or the root key among the MME are because when Authentication and Key Agreement reasons such as (AKA) changes again, network side also can be enabled cipher key replacing mechanism under the RRC connection status, carries out safe context and switches., in order to narrate conveniently, be called old key with enabling the key that has activated use before the cipher key replacing mechanism herein, the counterpart keys with being used for old key is substituted is called new key, and two or more keys are called set of cipher key.
Yet there are some defectives in the cipher key replacing under the RRC connection status of 3GPP definition at present, for example: exist network side and UE to use the asynchronous problem of key, cause signaling plane and user face data to be lost, cause communication disruption.
Describe for an example of concrete scene below, Fig. 1 is the signaling flow graph that a kind of cipher key replacing mechanism realizes under the RRC connection status, as shown in Figure 1, comprising:
Step 101~102: radio network controller (RNC) sends UMTS grounding wireless access network (UTRAN) switching command to UE, and behind the handover success, UE can send finishing switching message to eNB;
Here, the Access Layer successful switch is behind the LTE/SAE network, RRC and UP just open and use the mapping key to encrypt, the key that to come from the conversion of UMTS key herein, safe context uses before substituting is called old key, that is to say, from step 102, all RRC message are with encrypted and integrity verification, and the UP data also will be encrypted.
Step 103:UE and MME know by the TAU process whether both sides have common buffer memory key, if having, then MME will trigger cipher key replacing mechanism under the running status, safe context is changed, based on signaling be intra-cell hand off signaling message.
Step 104:MME sends out NAS SMC message and gives UE, and notice UE does NAS layer cipher key replacing, and wherein NAS SMC uses new key to do integrity protection.
Step 105:UE sends out the NAS safe mode and finishes message to MME, and this message uses new key group to carry out integrity protection and encryption.
Step 106:MME by the relevant request message of S1AP with buffer memory K
ASMEThe K that produces
ENBAnd eKSI issues eNB, excites eNB to carry out cipher key replacing.
Step 107:eNB sends out RRC and connects reconfiguration message to UE, wherein carries AS SMC, and notice UE does the AS cipher key replacing;
Carry the value (4 LSB of NASCOUNT) of minimum four significance bits of up NAS counter in this message, UE uses NAS counter and K
ASMEProduce K together
ENB, and then utilize K
ENBFurther produce the key of protection RRC message and the key of protection UP data, simultaneously RRC is connected reconfiguration message and carry out integrity verification.At this moment, descending RRC message and UP data bring into use new key to encrypt, and that is to say that descending UP The data new key is protected, and the old key of up UP The data is protected.
Step 109:UE sends out RRC and reshuffles and finish message and give eNB, wherein carries the AS safe mode and finishes message, and afterwards, up RRC message and UP data bring into use new key to encrypt.
Two problems can appear in the step 105 of above-mentioned flow process:
First problem is that the key of signaling plane is asynchronous; the TS33.401 regulation uses the key of the entrained eKSI indication of SMC that this message is carried out integrity protection at present; because from step 102; all NAS and AS message all are in old secret key encryption and the integrity protection state of using; therefore; the middle NAS SMC regulation of step 104 uses new key to carry out integrity protection; but because old key activates; this NAS message must use old key to encrypt and integrity verification; could guarantee processing by UE; otherwise UE will abandon this message; cause communication to occur interrupting; if use new key and old key to carry out this message is handled simultaneously, then can there be the integrity verification confusion, step 107 also same problem can occur.
Second asynchronous problem of key that problem is UP is exactly specifically: press TS33.401 regulation, eNB after sending AS SMC, the encryption that will begin in a minute of descending RRC and UP data.Owing to after UE receives AS SMC message, will check also whether the value of up NAS counting (COUNT) is consistent with eNB with security algorithm, and use buffer memory K
ASMEProduce new K
ENB, re-use new K
ENBProduce new RRC key and UP key, also will carry out integrity verification to message at last, if the integrity verification failure, then UE notifies eNB, and eNB also will send out AS SMC again again, and UE need recomputate key and checking.These processing all need a time period just can finish, user data in this time period between UE and the network is less than stopping, can transmit always, the UE user plane data can only carry out encryption and decryption with old key, but receiving the UP data that eNB sends this moment all encrypts with new key, therefore UE can't decipher the message of being received, this will cause owing to cipher key replacing causes part UP data and can't correctly be deciphered.Briefly, be exactly that UE and eNB use the new key life period poor to the UP data, thereby cause user data mistake to occur, cause communication quality to descend.
Above-mentioned similar problem also can appear in the cipher key replacing under the running status of other reasons triggering.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of cipher key replacing method, system and equipment, can guarantee the key synchronization that UE and network user's message use when cipher key replacing, the user communication data of avoiding causing owing to UE is asynchronous with netkey is lost, and then improves user communication quality.
According to an aspect of the present invention, the invention provides a kind of cipher key replacing method, this method comprises: enode eNB carries out integrity protection and encryption with old set of cipher key to the Access Layer AS cipher key replacing command messages of issuing user equipment (UE); Behind the described AS cipher key replacing of the UE good authentication command messages, with new key the AS cipher key replacing of issuing eNB is finished message and carry out integrity protection.
This method further comprises: described AS cipher key replacing command messages is radio resource control RRC connection reconfiguration or AS Security Mode Command message, and described AS cipher key replacing is finished message and reshuffled for corresponding RRC connects and finish message or the AS safe mode is finished message.UE is before transmission AS cipher key replacing is finished message or bring into use new key that up RRC message is encrypted afterwards.UE uses old set of cipher key that the AS cipher key replacing command messages of receiving is decrypted and integrity verification.ENB uses new key that follow-up ascending wireless resource control RRC message is carried out complete checking after sending the order of described AS cipher key replacing.ENB uses new key that follow-up ascending wireless resource control RRC message is carried out complete checking and deciphering after sending the order of described AS cipher key replacing.Behind the described AS cipher key replacing of the UE good authentication command messages, begin up RRC message to be carried out integrity protection with the new key group.
According to another aspect of the present invention, the invention provides a kind of cipher key replacing method, this method comprises:
Enode eNB carries out integrity protection and encryption with old set of cipher key to the Access Layer AS cipher key replacing command messages of issuing user equipment (UE);
Behind the described AS cipher key replacing of the UE good authentication command messages, with new key the AS cipher key replacing of issuing eNB is finished message and carry out integrity protection;
UE sends out the AS cipher key replacing and finishes message to behind the eNB, and UE begins with the new key group up follow-up RRC message to be encrypted and integrity protection; ENB begins with the new key group up follow-up RRC message to be decrypted, and with new key user plane UP data is encrypted or is deciphered.
According to another aspect of the present invention, the invention provides a kind of cipher key replacing method, this method comprises: enode eNB carries out integrity protection and encryption with old set of cipher key to the Access Layer AS cipher key replacing command messages of issuing user equipment (UE); Behind the described AS cipher key replacing of the UE good authentication command messages, with new key the AS cipher key replacing of issuing eNB is finished message and carry out integrity protection and encryption.
This method further comprises: UE sends out the AS cipher key replacing and finishes message to behind the eNB, and UE begins with the new key group up follow-up RRC message to be encrypted and integrity protection, begins the UP data are encrypted or deciphered; ENB encrypts or deciphers user plane UP data with new key.
According to another aspect of the present invention, the invention provides a kind of cipher key replacing method, this method comprises: mobile management entity MME uses old set of cipher key that the Non-Access Stratum safe mode command NAS SMC that issues user equipment (UE) is carried out integrity protection and encryption;
After the described NAS SMC of the UE good authentication message, with the new key group Non-Access Stratum NAS safe mode of issuing UE is finished message and carry out integrity protection and encryption.
According to another aspect of the present invention, the invention provides a kind of cipher key replacing system, this system comprises UE and eNB, wherein:
ENB is used to determine to enable the cipher key replacing under the running status, and with old set of cipher key the AS cipher key replacing command messages that sends to UE is encrypted and integrity protection;
UE, be used for good authentication AS cipher key replacing command messages after, with new key the AS cipher key replacing of issuing eNB is finished message and carries out integrity protection.
According to another aspect of the present invention, the invention provides a kind of cipher key replacing system, this system comprises UE and eNB, wherein:
ENB is used to determine to enable the cipher key replacing under the running status, and with old set of cipher key the AS cipher key replacing command messages that sends to UE is encrypted and integrity protection;
UE, be used for good authentication AS cipher key replacing command messages after, with new key the AS cipher key replacing of issuing eNB is finished message and carries out integrity protection and encryption.
According to another aspect of the present invention, the invention provides a kind of cipher key replacing system, this system comprises user equipment (UE) and mobile management entity MME, wherein:
MME uses old set of cipher key that the Non-Access Stratum safe mode command NAS SMC that issues UE is carried out integrity protection and encryption;
After the described NAS SMC of the UE good authentication message, with the new key group Non-Access Stratum NAS safe mode of issuing UE is finished message and carry out integrity protection and encryption.
According to another aspect of the present invention, the invention provides a kind of user equipment (UE), described UE finishes message with new key to the AS cipher key replacing of issuing eNB and carries out integrity protection after being used for good authentication AS cipher key replacing command messages.
According to another aspect of the present invention, the invention provides a kind of user equipment (UE), described UE finishes message with new key to the AS cipher key replacing of issuing eNB and carries out integrity protection and encryption after being used for good authentication AS cipher key replacing command messages.
According to another aspect of the present invention, the invention provides a kind of enode eNB, described eNB is used to determine to enable the cipher key replacing under the running status, and with old set of cipher key the AS cipher key replacing command messages that sends to UE is encrypted and integrity protection.
According to another aspect of the present invention, the invention provides a kind of mobile management entity MME, described MME uses old set of cipher key that the Non-Access Stratum safe mode command NAS SMC that issues UE is carried out integrity protection and encryption.
Cipher key replacing method provided by the present invention, system and equipment, replacement for AS layer key, use old set of cipher key that AS cipher key replacing command messages is carried out the protection of confidentiality and integrity, use new key (group) that the AS cipher key replacing is finished message and carry out integrality encryption or further encryption, and, after the AS cipher key replacing is finished message, bring into use new key to carry out enciphering/deciphering to the UP data; For follow-up descending RRC message; can after finishing message, the AS cipher key replacing just bring into use the new key group to carry out integrity protection and encryption; also can after sending the order of AS cipher key replacing, just bring into use the new key group to carry out integrity protection and encryption; up RRC message is respectively after the order of good authentication AS cipher key replacing; just bring into use new key to carry out integrity protection; use new key to encrypt for up RRC; can be behind good authentication AS cipher key replacing command messages; carry out simultaneously with up RRC integrity protection, also can after sending the success of AS cipher key replacing, just carry out.
Cipher key replacing for the NAS layer; MME sends the NAS safe mode command of using old set of cipher key to carry out integrity protection and encryption to UE; UE uses old set of cipher key that the NAS Security Mode Command message is decrypted integrity verification; and check carry comprise the token security parameter; as success; then send the NAS safe mode and finish message to MME, this message uses the new key group to carry out integrity protection and encryption.MME uses the new key group that up NAS message is decrypted and integrity verification after sending NAS SMC message, uses the new key group that descending NAS message is encrypted and integrity protection after good authentication NAS safe mode is finished message.UE uses in successfully checking NAS SMC and behind the security parameter, uses new key that up NAS message is carried out integrity protection and encryption, uses new key that descending NAS message is decrypted and integrity verification after transmission NAS safe mode is finished.
So, can guarantee the key synchronization that UE and network user's message use during cipher key replacing, can avoid because the asynchronous user communication data that causes of the old and new's key that UE and network use is lost, thus the raising user communication quality.
Description of drawings
Fig. 1 is the signaling flow graph that a kind of cipher key replacing mechanism realizes under the RRC connection status;
Fig. 2 is the realization flow schematic diagram of cipher key replacing method embodiment one of the present invention;
Fig. 3 is the realization flow schematic diagram of cipher key replacing method embodiment two of the present invention;
Fig. 4 is the signaling flow graph of cipher key replacing method embodiment one of the present invention;
Fig. 5 is the signaling flow graph of cipher key replacing method embodiment two of the present invention;
Fig. 6 is the realization flow schematic diagram of cipher key replacing method embodiment three of the present invention;
Fig. 7 is the signaling process figure of cipher key replacing method embodiment three of the present invention.
Embodiment
Basic thought of the present invention is: for the cipher key replacing of AS layer; use old set of cipher key that AS cipher key replacing command messages is carried out integrity protection and encryption; up follow-up RRC message comprises that the AS cipher key replacing finishes message and bring into use new key to carry out integrity protection or checking after the order of AS cipher key replacing sends; UP data and up RRC message bring into use new key to encrypt or decipher after the AS cipher key replacing is finished message; so; can guarantee that UE and network are when substituting key; the asynchronous problem of receiving-transmitting sides key do not occur, guarantee that cipher key replacing carries out smoothly.
Further, for descending RRC message, can after finishing message, the AS cipher key replacing just bring into use the new key group to carry out encrypt/decrypt and integrity protection/checking to descending RRC message; Also can after AS cipher key replacing command messages, just earlier bring into use the new key group to carry out integrity protection/checking and enciphering/deciphering to descending RRC message.
Above-mentioned AS cipher key replacing message can connect reconfiguration message or AS SMC message for RRC, and the AS cipher key replacing is finished message can finish message or the AS safe mode is finished message for corresponding RRC connects to reshuffle.
Replacement for NAS layer key; MME sends the NAS safe mode command of using old set of cipher key to carry out integrity protection and encryption to UE; UE uses old set of cipher key that the NAS Security Mode Command message is decrypted integrity verification; and check and carry the security parameter that comprises token; as success; then send the NAS safe mode and finish message to MME, this message uses the new key group to carry out integrity protection and encryption.MME uses the new key group that up NAS message is decrypted and integrity verification after sending NAS SMC message, uses the new key group that descending NAS message is encrypted and integrity protection after good authentication NAS safe mode is finished message.UE uses in successfully checking NAS SMC and behind the security parameter, uses new key that up NAS message is carried out integrity protection and encryption, uses new key that descending NAS message is decrypted and integrity verification after transmission NAS safe mode is finished.
Further NAS SMC or the order of AS cipher key replacing can be carried the token of handling with new key (token), and UE carries out verification with new key to token when checking the security parameter that NAS SMC or the order of AS cipher key replacing are carried.
So-called in this article token is by with corresponding new key eKSI (perhaps being selected for use other parameters according to system design, as cipher key replacing designator or counter or radio network temporary identifier or cell identification number etc.) carry out the value that Hash calculation produced, also can only intercept (truncate) wherein some bits, be used for the correct inspection of UE, also can be called signature or message authentication code new key.
Below in conjunction with the drawings and specific embodiments the present invention is described in detail and illustrates.
Embodiment one:
In the present embodiment; AS cipher key replacing command messages uses old set of cipher key to carry out integrity protection and encryption; the AS cipher key replacing is finished message and is used new key to carry out integrity protection or further encryption; up-downgoing UP data and up follow-up RRC message bring into use the new key group to carry out encryption and decryption after the AS cipher key replacing is finished message; descending follow-up RRC message brings into use the new key group to encrypt and integrity protection after AS cipher key replacing command messages; descending RRC message and descending UP data are enabled the asynchronism(-nization) that new key is encrypted, and up UP data and follow-up up RRC message encryption are all after the order of AS cipher key replacing is finished.
Fig. 2 is the realization flow schematic diagram of cipher key replacing method embodiment one under the running status of the present invention, may further comprise the steps:
Step 201:eNB determines to start the cipher key replacing process under the running status;
Generally, have three kinds of situations can trigger cipher key replacing mechanism: 1. the PDCP counter reaches threshold value; 2. the new AKA of MME generation has changed root key; 3. UE is when other networks switch to the LTE/SAE network, and MME finds that self and UE have common buffer memory key.Wherein, situation of 1. planting initiatively activates cipher key replacing mechanism under the running status by eNB oneself, all the other two kinds of situations excite eNB to activate cipher key replacing mechanism under the running status by MME, MME is exciting eNB to do AS layer cipher key replacing under the running status, before, must start the cipher key replacing of NAS layer earlier.
In addition, before cipher key replacing mechanism under the running status was enabled in eNB decision, the AS safe context was set up, and RRC message and UP data use old set of cipher key to carry out safeguard protection, and here, so-called set of cipher key comprises and is used for the K that the RRC enciphering/deciphering is used
RRCencAnd be used for the K of RRC integrity protection/checking
RRCint, and the K that is used for UP data enciphering/deciphering
UPenc, these three keys all are by base station key K
ENBDerive from and come, wherein for encrypting or integrity protection, the recipient be the deciphering or the integrity verification of correspondence to the data processing mode to transmit leg to the data processing mode.
Step 202:eNB sends AS cipher key replacing command messages to UE, requires UE to make cipher key replacing under the running status, and wherein, AS cipher key replacing command messages uses old set of cipher key to encrypt and integrity protection;
Further, AS cipher key replacing command messages can carry cipher key replacing designator (key changeindicator), represents that this message informing UE makes cipher key replacing.
Further, can carry the token that is used to verify new key in the order of AS cipher key replacing, token is by using the AS new key (generally to use the integrity protection key, algorithm is with the integral algorithm of new key correspondence) key identifier or cipher key replacing designator or cell identification number or radio network temporary identifier are carried out the value that Hash calculation is come out, perhaps only intercept wherein several bits of this value; Corresponding UE must use new key that token is checked before transmission AS cipher key replacing is finished message
Step 203:eNB brings into use the new key group that descending follow-up RRC message is encrypted and integrity protection, bring into use new key that up RRC message is carried out integrity verification, before receiving that not the AS safe mode is finished,, eNB still uses old key if will sending the UP data;
Simultaneously, UE uses old set of cipher key that the AS cipher key replacing command messages of receiving is decrypted and integrity verification, and the entrained security parameter of inspection AS cipher key replacing command messages, if handle successfully, then UE produces the new key group, and brings into use the new key group that descending follow-up RRC message is decrypted and integrity verification; If handle failure, then UE sends out AS cipher key replacing order failed message and gives eNB.
If eNB receives AS cipher key replacing order failed message or does not receive that at the appointed time correct AS safe mode finishes message, then need to retransmit the order of AS cipher key replacing, during repeating transmission, the order of AS cipher key replacing is still protected the AS cipher key replacing order of retransmitting with old set of cipher key; Perhaps carrying out other aspects handles.
Step 204:UE sends out the AS cipher key replacing and finishes message to eNB, and the AS cipher key replacing is finished message and carried out integrity protection with the new key group;
The AS safe mode is finished in the message can carry the time-parameters when the UP data bring into use new key, as timer, perhaps up-downgoing will be used the sequence number etc. of first PDCP PDU of new key encryption and decryption, when bring into use new key that the UP data are encrypted to notify the other side.
Step 205:UE brings into use the new key group that up follow-up RRC message is encrypted and integrity protection, brings into use new key that last/descending UP data are carried out corresponding enciphering/deciphering;
The eNB good authentication after the AS cipher key replacing finishes message, bring into use the new key group that up follow-up RRC message is decrypted, bring into use new key that last/descending UP data are separated accordingly/encrypted.
Here to illustrate, if lower floor have related mechanism can guarantee do not receive the AS safe mode finish before eNB can not send the UP data, have only receive by the time the AS safe mode finish after eNB just begin to send descending UP data, then eNB can be after sending AS cipher key replacing command messages, descending UP data bring into use new key to encrypt, and are equivalent in the step 205 eNB and bring into use new key to descending UP data encryption after the AS cipher key replacing is finished message receiving but be actually.
Step 206: the cipher key replacing process finishes, and UE and eNB delete the old set of cipher key of self separately.
Further, also can be in the foregoing description according to requirement of system design, AS described in the step 204 is substituted when finishing message and use new key to carry out integrity protection, use corresponding new key to encrypt.ENB brings into use new key that up RRC is decrypted then to be adjusted to step 203 in the corresponding step 205 therewith, and promptly eNB needs beginning new key group that up RRC message is decrypted and integrity verification after sending the order of AS cipher key replacing in the step 203.
Embodiment two:
In the present embodiment; AS cipher key replacing command messages uses old set of cipher key integrity protection and encryption; the AS cipher key replacing is finished message and is used new key to carry out integrity protection, and the follow-up RRC message of up-downgoing UP data and up-downgoing all brings into use the new key group to encrypt after the AS cipher key replacing is finished message.
Fig. 3 is the realization flow schematic diagram of cipher key replacing method embodiment two under the running status of the present invention, may further comprise the steps:
Step 301:eNB determines to start the cipher key replacing process under the running status;
Generally, have three kinds of situations can trigger cipher key replacing mechanism: 1. the PDCP counter reaches threshold value; 2. the new AKA of MME generation has changed root key; 3. UE is when other networks switch to the LTE/SAE network, and MME finds that self and UE have common buffer memory key.Wherein, the situation of 1. planting is triggered voluntarily by eNB, and all the other two kinds of situations excite eNB to trigger by MME, and MME before, must start the cipher key replacing of NAS layer earlier exciting eNB to do AS layer cipher key replacing under the running status.
In addition, before cipher key replacing mechanism under the running status was enabled in eNB decision, the AS safe context was set up, and RRC message and UP data use old set of cipher key to carry out safeguard protection, and here, so-called set of cipher key comprises and is used for the K that the RRC enciphering/deciphering is used
RRCencAnd be used for the K of RRC integrity protection/checking
RRCint, and the K that is used for the UP data encryption
UPenc, these three keys all are by base station key K
ENBDerive from and come.Wherein for encrypting or integrity protection, the recipient is corresponding deciphering or integrity verification to the data processing mode to transmit leg to the data processing mode.
Step 302:eNB sends AS cipher key replacing command messages to UE, requires UE to make cipher key replacing under the running status, and wherein, AS cipher key replacing command messages uses old set of cipher key to encrypt and integrity protection;
Further, AS cipher key replacing command messages can carry cipher key replacing designator (key changeindicator), represents that this message informing UE makes cipher key replacing.
Step 303:eNB begins with new key up RRC message to be carried out integrity verification after sending AS cipher key replacing command messages; UE uses old set of cipher key that AS cipher key replacing command messages is decrypted and integrity verification, and checks the entrained security parameter of AS cipher key replacing command messages, if handle successfully, then UE produces the new key group; If handle failure, then UE sends out AS cipher key replacing order failed message and gives eNB;
If eNB receives AS cipher key replacing order failed message or does not receive that at the appointed time correct AS safe mode finishes message, then need to retransmit the order of AS cipher key replacing, perhaps do other aspects and handle.
Step 304:UE sends out the AS cipher key replacing and finishes message to eNB, and the AS cipher key replacing is finished message and carried out integrity protection with new key;
The AS cipher key replacing is finished in the message can carry the time-parameters when the UP data bring into use new key, and as timer, perhaps up-downgoing begins the sequence number etc. of first PDCP PDU of encryption and decryption, when brings into use new key to notify the other side.
Step 305:UE brings into use the new key group that descending follow-up RRC message is decrypted and integrity verification, brings into use new key that UP data and up RRC message are encrypted accordingly or deciphered;
ENB brings into use the new key group that descending follow-up RRC message is encrypted and integrity protection after successfully using new key processing AS cipher key replacing to finish message, brings into use new key that UP data and up RRC message are encrypted accordingly or deciphered.
Step 306: the cipher key replacing process finishes, and UE and eNB delete the old set of cipher key of self separately.
Further, also can be in the foregoing description according to requirement of system design, when the cipher key replacing of AS described in the step 304 is finished message and used new key to carry out integrity protection, use corresponding new key to encrypt.ENB brings into use new key that up RRC is decrypted then to be adjusted to step 303 in the corresponding step 305 therewith, and promptly eNB needs beginning new key group that up RRC message is decrypted and integrity verification after sending the order of AS cipher key replacing in the step 203.
Fig. 4 is the signaling process figure of the mechanism of the cipher key replacing under the running status of the present invention embodiment one, may further comprise the steps:
The cipher key replacing under the running status is enabled in step 401:eNB decision;
Usually, under the state that MME, eNB and the corresponding safe context of UE have activated, reach threshold value owing to the PDCP counter occurs, eNB can initiatively activate the cipher key replacing mechanism under the running status; Perhaps, changed root key because new AKA takes place MME, or MME finds that self and UE have common buffer memory key, need switch to the buffer memory safe context from the mapping safe context, MME can excite the cipher key replacing mechanism under the eNB activation running status so, to change the key of eNB.Above-mentioned three kinds of reasons make the eNB decision enable cipher key replacing mechanism under the running status, produce new eNB set of cipher key.
Step 402:eNB sends out AS cipher key replacing order notice UE and makes cipher key replacing under the running status;
Here, the order of AS cipher key replacing is that RRC connects reconfiguration message, or AS SMC, and this RRC message uses old set of cipher key to carry out integrality and Confidentiality protection.
Step 403:eNB begins with the new key group descending follow-up RRC message to be encrypted and integrity protection; Bring into use new key that up RRC message is carried out integrity verification, if retransmit AS cipher key replacing command messages, still with old set of cipher key protection;
Simultaneously, UE uses old set of cipher key that AS cipher key replacing command messages is decrypted and integrity verification, and checks entrained security parameter in the message, if handle successfully, then produce the new key group, and bring into use the new key group that descending follow-up RRC message is decrypted and integrity verification; If handle failure, then send out AS cipher key replacing order failed message and give eNB.
Step 404:UE sends out the AS cipher key replacing and finishes message to eNB;
Here; can carry the time-parameters when the UP data bring into use new key in the message; as: timer; or up-downgoing begins the sequence number of first PDCP PDU of encryption and decryption; to notify the other side when to bring into use new key to carry out encryption and decryption, this RRC message uses the new key group to carry out integrity protection.
Step 405:UE brings into use the new key group that up follow-up RRC is done integrity protection and encryption, and up-downgoing UP data bring into use new key to encrypt accordingly or decipher, and delete old set of cipher key.
ENB uses new key integrity verification AS cipher key replacing to finish message, as handles success, brings into use the new key group that up follow-up RRC message is decrypted, and up-downgoing UP data bring into use new key to encrypt accordingly or decipher, and delete old set of cipher key.
Further, in the above-mentioned signaling process, can be according to requirement of system design, AS cipher key replacing in the step 404 is finished message further uses new key to encrypt, then eNB brings into use the new key group that up follow-up RRC message is decrypted then can be adjusted to step 403 in the corresponding step 405, and promptly eNB brings into use the new key group that up RRC message is decrypted and integrity verification after sending AS cipher key replacing command messages.
Fig. 5 is the signaling process figure of the mechanism of the cipher key replacing under the running status of the present invention embodiment two, may further comprise the steps:
The cipher key replacing under the running status is enabled in step 501:eNB decision;
Usually, under the state that MME, eNB and the corresponding safe context of UE have activated, reach threshold value owing to the PDCP counter occurs, eNB can initiatively activate the cipher key replacing mechanism under the running status; Perhaps, changed root key because new AKA takes place MME, or MME finds that self and UE have common buffer memory key, need switch to the buffer memory safe context from the mapping safe context, MME can excite the cipher key replacing mechanism under the eNB activation running status so, to change the key of eNB.Above-mentioned three kinds of reasons make the eNB decision enable cipher key replacing mechanism under the running status, produce new eNB set of cipher key.
Step 502:eNB sends out AS cipher key replacing order notice UE and makes cipher key replacing under the running status;
Here, the order of AS cipher key replacing can be RRC reshuffle or other RRC message in carry, this RRC message uses old set of cipher key to carry out integrality and Confidentiality protection.
Step 503:UE uses old set of cipher key that AS cipher key replacing command messages is decrypted and integrated authentication, and checks entrained security parameter in the message, if handle successfully, then produces the new key group.
Step 504:UE gives out a contract for a project and contains the AS cipher key replacing and finish the RRC of message and reshuffle end and give eNB;
Here; carry the time-parameters when the UP data bring into use new key in the message, as: timer, or up-downgoing begins the sequence number of the PDCP PDU of encryption and decryption; to notify the other side when to bring into use the new key encryption and decryption, this RRC message uses new key to carry out integrity protection.
Step 505:UE brings into use the new key group that up and down subsequent rows RRC message and UP data are encrypted accordingly or deciphered, and descending RRC message brings into use new key to carry out integrity verification, deletes old set of cipher key.
ENB uses new key checking AS cipher key replacing to finish message, if success, then follow-up RRC of up-downgoing and UP data bring into use new key to encrypt accordingly or decipher, and bring into use new key that descending UP data are carried out integrity protection, delete old set of cipher key.
Further, in the above-mentioned signaling process, can be according to requirement of system design, AS cipher key replacing in the step 504 is finished message further uses new key to encrypt, then eNB brings into use the new key group that up follow-up RRC message is decrypted then can be adjusted to step 503 in the corresponding step 505, and promptly eNB brings into use the new key group that up RRC message is decrypted and integrity verification after sending AS cipher key replacing command messages.
Fig. 6 is the realization flow schematic diagram of the mechanism of the cipher key replacing under the running status of the present invention embodiment three, may further comprise the steps:
Step 601:MME decision substitutes the key of NAS layer, and old NAS key activates and uses before substituting.Generally, have three kinds of situations can trigger NAS cipher key replacing mechanism: 1. the NAS counter reach threshold value or other reasons again AKA changed root key; 2. the NAS algorithm of MME changes the calculating that requires to do again the NAS key; 3. UE is when other networks switch to the LTE/SAE network, and MME finds that self and UE have common buffer memory key, requires to switch to the buffer memory context from shining upon safe context.The NAS layer is except root key K
ASMEAlso be useful on the K of NAS message integrity protection outward,
NASintAnd the K of confidentiality (promptly encrypting) protection
NASenc
Step 602:MME sends out NAS SMC and gives UE; this message uses old set of cipher key to do to encrypt and integrity protection; this message can portably use the token that new key produces; MME brings into use the new key group that up NAS message is decrypted and integrity verification; wherein token (generally can be the integrity protection key for using the NAS new key; algorithm can be protection algorithm integrallty) eKSI of new key or cipher key replacing designator or NAS counter are carried out the value that Hash calculation produced; can get several bits of this value, token is used for the verification of correctness of UE to new key.
Step 603:UE uses old set of cipher key that NAS SMC message is decrypted and complete checking, and checks the security parameter that carries, and as success, sends out the NAS safe mode and finishes to MME, and this message uses new key to carry out integrity protection and encryption.Wherein the security parameter of Jian Chaing comprises eKSI and uses new key that token is checked, if unsuccessfully do not send the NAS safe mode and finish message.
Step 604:MME finishes the NAS safe mode with the new key group and is decrypted and integrity verification, as success, begins descending NAS message is encrypted and integrity protection, and UE brings into use the new key group that descending NAS message is decrypted and integrity verification.UE and MME delete old set of cipher key.
Step 605:NAS key updating finishes.
Fig. 7 is the signaling process figure of the mechanism of the cipher key replacing under the running status of the present invention embodiment three, may further comprise the steps:
Step 701:MME sends out NAS SMC and gives UE; this message uses old set of cipher key to do to encrypt and integrity protection; this message can portably use the token that new key produces; MME brings into use the new key group that up NAS message is decrypted and integrity verification; wherein token carries out the value that Hash calculation produced for using the NAS new key to the eKSI of new key or cipher key replacing designator or NAS counter; can get several bits of its output valve, token is used for the verification of correctness of UE to new key.
Step 702:UE with deciphering of old set of cipher key and integrity verification AS SMC message after, the security parameter that inspection is carried, as success, bring into use the new key group that up NAS message is encrypted and integrity protection, and transmission NAS safe mode is finished message to MME, if unsuccessful, then do not send the NAS safe mode and finish message;
MME brings into use the new key group that up NAS message is decrypted and integrity verification after sending NAS SMC message.
Step 703, UE sends the NAS safe mode and finishes message to MME, and this message uses the new key group to carry out integrity protection and encryption.
Step 704, MME uses the new key group NAS safe mode of receiving to be finished message is decrypted and integrity verification, then deletes old set of cipher key as success; As unsuccessful or do not receive that at the appointed time correct NAS safe mode finishes message, then interrupt communication is to O﹠amp; The M report makes mistakes, and perhaps others are handled;
UE after transmission NAS safe mode is finished message, uses the new key group that descending NAS message is decrypted and integrity verification;
UE and MME delete old set of cipher key.
Be to realize said method, the present invention also provides a kind of UE respectively, a kind of eNB, a kind of MME wherein,
UE, be used for finishing message and carry out integrity protection and encryption with the AS cipher key replacing that new key group subtend eNB sends, and after sending the AS cipher key replacing and finishing message, use new key that the UP data are encrypted or deciphered, the token of NAS layer or AS layer is carried out verification;
This UE also is further used for using the new key group that last/descending follow-up RRC message is carried out enciphering/deciphering and integrity protection/checking after transmission AS cipher key replacing is finished message; Perhaps; after with new key checking AS cipher key replacing order success; use the new key group that descending follow-up RRC message is decrypted and integrity verification, and after transmission AS cipher key replacing is finished message, use the new key group that up follow-up RRC message is encrypted and integrity protection.
This UE also is used for old set of cipher key NAS SMC being decrypted and verifying; and after the good authentication NASSMC parameter safe to carry; use the new key group; up NAS message is encrypted and integrity protection, after sending the success of NAS safe mode, use the new key group that descending NAS message is decrypted and integrity verification.
ENB is used to determine to enable the cipher key replacing under the running status, and the AS cipher key replacing command messages that sends with old set of cipher key subtend UE carries out integrity protection and encryption, and produces AS layer token; Also be used for after finishing the message success, using new key that the UP data are encrypted or deciphered with new key group checking AS safe mode;
This eNB uses the new key group that the follow-up RRC message of up-downgoing is decrypted/encrypts and integrity verification/protection after being further used for finishing the message success with new key group checking AS cipher key replacing; Perhaps; after sending the order of AS cipher key replacing; use the new key group that descending follow-up RRC message is encrypted and integrity protection, and after finishing the message success, use the new key group that up follow-up RRC message is decrypted and integrity verification with old set of cipher key checking AS cipher key replacing.
MME is used for decision and substitutes NAS key or root key, and with old key NAS SMC is encrypted with integrity protection and with new key generation NAS layer token; After sending NAS SMC message, use the new key group that up NAS message is decrypted and integrity verification; After successfully handling the NAS safe mode and finishing message, descending NAS message is encrypted and integrity protection.
Above-mentioned AS cipher key replacing message can connect reconfiguration message or AS SMC message for RRC, and the AS cipher key replacing is finished message can finish message or the AS safe mode is finished message for corresponding RRC connects to reshuffle; NAS SMC can carry in tracing Area update request (TAU, Track Area Update) message, and the NAS tracing Area is upgraded to finish in the message and carried.
Above-mentioned UE, eNB and MME can constitute the cipher key replacing system that realizes the inventive method entire flow.The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention, all any modifications of being done within the spirit and principles in the present invention, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.
Claims (45)
1, a kind of cipher key replacing method is characterized in that, this method comprises:
Enode eNB carries out integrity protection and encryption with old set of cipher key to the Access Layer AS cipher key replacing command messages of issuing user equipment (UE);
Behind the described AS cipher key replacing of the UE good authentication command messages, with new key the AS cipher key replacing of issuing eNB is finished message and carry out integrity protection.
2, cipher key replacing method according to claim 1, it is characterized in that this method further comprises: described AS cipher key replacing command messages is radio resource control RRC connection reconfiguration or AS Security Mode Command message, and described AS cipher key replacing is finished message and reshuffled for corresponding RRC connects and finish message or the AS safe mode is finished message.
3, cipher key replacing method according to claim 1 is characterized in that this method further comprises: carry the token token that produces with new key in the order of described AS cipher key replacing; Described UE transmission AS cipher key replacing uses new key that token token is checked before finishing message.
4, cipher key replacing method according to claim 1, it is characterized in that this method further comprises: described token perhaps intercepts several bits of this value for AS floor new key new key identifier or cipher key replacing designator or cell identification number or radio network temporary identifier being calculated the value that is produced.
5, cipher key replacing method according to claim 1 is characterized in that, this method further comprises: UE is before transmission AS cipher key replacing is finished message or bring into use new key that up RRC message is encrypted afterwards.
6, cipher key replacing method according to claim 1 or 5, it is characterized in that this method further comprises: UE uses old set of cipher key that the AS cipher key replacing command messages of receiving is decrypted and integrity verification.
7, cipher key replacing method according to claim 1 is characterized in that, this method further comprises: eNB uses new key that follow-up ascending wireless resource control RRC message is carried out complete checking after sending the order of described AS cipher key replacing.
8, cipher key replacing method according to claim 5 is characterized in that, this method further comprises: eNB uses new key that follow-up ascending wireless resource control RRC message is carried out complete checking and deciphering after sending the order of described AS cipher key replacing.
9, according to claim 1 or 7 described cipher key replacing methods, it is characterized in that this method further comprises: behind the described AS cipher key replacing of the UE good authentication command messages, begin up RRC message to be carried out integrity protection with the new key group.
10, according to claim 5 or 8 described cipher key replacing methods, it is characterized in that this method further comprises: behind the described AS cipher key replacing of the UE good authentication command messages, begin up RRC message to be carried out integrity protection with the new key group.
11, according to claim 1 or 7 described cipher key replacing methods, it is characterized in that this method further comprises: after eNB sends described AS cipher key replacing command messages, begin descending follow-up RRC message to be encrypted and integrity protection with the new key group.
12, according to claim 5 or 8 described cipher key replacing methods, it is characterized in that this method further comprises: after eNB sends described AS cipher key replacing command messages, begin descending follow-up RRC message to be encrypted and integrity protection with the new key group.
13, cipher key replacing method according to claim 9, it is characterized in that, this method further comprises: UE begins with the new key group up follow-up RRC message to be encrypted after transmission AS cipher key replacing is finished message, and descending follow-up RRC message is carried out integrity verification and deciphering;
Accordingly, eNB begins with the new key group up follow-up RRC message to be decrypted after finishing message with new key checking AS cipher key replacing, and descending follow-up RRC message is encrypted and integrity protection.
14, cipher key replacing method according to claim 10, it is characterized in that, this method further comprises: UE begins with the new key group up follow-up RRC message to be encrypted after transmission AS cipher key replacing is finished message, and descending follow-up RRC message is carried out integrity verification and deciphering;
Accordingly, eNB begins with the new key group descending follow-up RRC message to be encrypted and integrity protection after finishing message with new key checking AS cipher key replacing.
15, cipher key replacing method according to claim 11 is characterized in that, behind the described AS cipher key replacing of the UE good authentication command messages, begins with the new key group descending follow-up RRC message to be decrypted and integrity verification.
16, cipher key replacing method according to claim 12 is characterized in that, behind the described AS cipher key replacing of the UE good authentication command messages, begins with the new key group descending follow-up RRC message to be decrypted and integrity verification.
17, cipher key replacing method according to claim 11 is characterized in that, this method further comprises: UE begins with the new key group up follow-up RRC message to be encrypted and integrity protection after transmission AS cipher key replacing is finished message;
Accordingly, eNB begins with the new key group up follow-up RRC message to be decrypted after finishing message with new key checking AS cipher key replacing.
18, cipher key replacing method according to claim 12 is characterized in that, this method further comprises: UE begins with the new key group up follow-up RRC message to be encrypted and integrity protection after transmission AS cipher key replacing is finished message.
19, cipher key replacing method according to claim 1 or 5 is characterized in that this method further comprises: UE begins with new key user plane UP data to be encrypted or deciphered after sending described AS safe mode and finishing; After the described AS cipher key replacing of eNB good authentication is finished message, begin user plane UP data to be encrypted or deciphered with new key.
20, cipher key replacing method according to claim 1 or 5 is characterized in that described AS Security Mode Command message or AS cipher key replacing are finished and carried the time-parameters when the UP data bring into use new key in the message.
21, cipher key replacing method according to claim 19 is characterized in that, described time-parameters is timer or the sequence number that begins the PDCP PDCP protocol Data Unit PDU of encryption and decryption for up-downgoing.
22, cipher key replacing method according to claim 18 is characterized in that, after UE and eNB began with new key the UP data to be encrypted or deciphered, this method further comprises: UE and eNB deleted the old set of cipher key of self separately.
23, cipher key replacing method according to claim 1 or 5 is characterized in that before cipher key replacing, the key that has been activated and has used is called old key, and the counterpart keys with being used for old key is substituted is called new key.
24, a kind of cipher key replacing method is characterized in that, this method comprises:
Enode eNB carries out integrity protection and encryption with old set of cipher key to the Access Layer AS cipher key replacing command messages of issuing user equipment (UE);
Behind the described AS cipher key replacing of the UE good authentication command messages, with new key the AS cipher key replacing of issuing eNB is finished message and carry out integrity protection;
UE sends out the AS cipher key replacing and finishes message to behind the eNB, and UE begins with the new key group up follow-up RRC message to be encrypted and integrity protection; ENB begins with the new key group up follow-up RRC message to be decrypted, and with new key user plane UP data is encrypted or is deciphered.
25, a kind of cipher key replacing method is characterized in that, this method comprises:
Enode eNB carries out integrity protection and encryption with old set of cipher key to the Access Layer AS cipher key replacing command messages of issuing user equipment (UE);
Behind the described AS cipher key replacing of the UE good authentication command messages, with new key the AS cipher key replacing of issuing eNB is finished message and carry out integrity protection and encryption.
26, cipher key replacing method according to claim 25, it is characterized in that, this method further comprises: UE sends out the AS cipher key replacing and finishes message to behind the eNB, and UE begins with the new key group up follow-up RRC message to be encrypted and integrity protection, begins the UP data are encrypted or deciphered; ENB encrypts or deciphers user plane UP data with new key.
27, according to claim 25 or 26 described cipher key replacing methods, it is characterized in that this method further comprises: described AS cipher key replacing command messages is radio resource control RRC connection reconfiguration or AS Security Mode Command message, and described AS cipher key replacing is finished message and reshuffled for corresponding RRC connects and finish message or the AS safe mode is finished message.
28, a kind of cipher key replacing method is characterized in that, this method comprises: mobile management entity MME uses old set of cipher key that the Non-Access Stratum safe mode command NAS SMC that issues user equipment (UE) is carried out integrity protection and encryption;
After the described NAS SMC of the UE good authentication message, with the new key group Non-Access Stratum NAS safe mode of issuing UE is finished message and carry out integrity protection and encryption.
29, cipher key replacing method according to claim 28 is characterized in that this method further comprises: described NAS SMC portably uses the token that new key produces.
30, cipher key replacing method according to claim 29, it is characterized in that this method further comprises: described token is for calculating institute's generation value with NAS layer new key to new key identifier or cipher key replacing designator or NAS counter, perhaps several bits that should be worth.
31, according to claim 28 or 29 described cipher key replacing methods, it is characterized in that this method further comprises: UE uses old set of cipher key that NAS SMC is decrypted and integrity verification, and checks the correctness of the security parameter that it carries.
32, cipher key replacing method according to claim 31 is characterized in that this method further comprises: UE uses new key that described token is verified when the security parameter that inspection is carried.
33, according to claim 26 or 29 described cipher key replacing methods; it is characterized in that this method further comprises: after UE successfully handles NAS SMC message; bring into use the new key group that up NAS message is carried out complete preservation and encryption; send the NAS safe mode finish message to MME after, bring into use the new key group that descending NAS message is decrypted and integrity verification.
34, cipher key replacing method according to claim 30, it is characterized in that this method further comprises: MME is after sending NAS SMC message, bring into use the new key group that up NAS message is decrypted and integrity verification, after successfully handling the NAS safe mode command, bring into use the new key group that descending NAS message is carried out encryption and decryption.
35, it is characterized in that according to claim 30 or 31 described cipher key replacing methods this method further comprises: after UE and MME successfully substitute key, delete old set of cipher key.
36, it is characterized in that according to claim 30 or 31 described cipher key replacing methods this method further comprises: described NAS SMC carries in the tracing Area update inquiry information, and the NAS safe mode is finished message and upgraded to finish in the message in the NAS tracing Area and carry.
37, a kind of cipher key replacing system is characterized in that this system comprises UE and eNB, wherein:
ENB is used to determine to enable the cipher key replacing under the running status, and with old set of cipher key the AS cipher key replacing command messages that sends to UE is encrypted and integrity protection;
UE, be used for good authentication AS cipher key replacing command messages after, with new key the AS cipher key replacing of issuing eNB is finished message and carries out integrity protection.
38, according to the described cipher key replacing of claim 37 system; it is characterized in that; described UE sends out the AS cipher key replacing and finishes message to behind the eNB; UE begins with the new key group up follow-up RRC message to be encrypted and integrity protection; described eNB begins with the new key group up follow-up RRC message to be decrypted, and with new key user plane UP data is encrypted or is deciphered.
39, a kind of cipher key replacing system is characterized in that this system comprises UE and eNB, wherein:
ENB is used to determine to enable the cipher key replacing under the running status, and with old set of cipher key the AS cipher key replacing command messages that sends to UE is encrypted and integrity protection;
UE, be used for good authentication AS cipher key replacing command messages after, with new key the AS cipher key replacing of issuing eNB is finished message and carries out integrity protection and encryption.
40, according to the described cipher key replacing of claim 39 system, it is characterized in that, described UE sends out the AS cipher key replacing and finishes message to behind the eNB, and UE begins with the new key group up follow-up RRC message to be encrypted and integrity protection, begins the UP data are encrypted or deciphered; Described eNB encrypts or deciphers user plane UP data with new key.
41, a kind of cipher key replacing system is characterized in that this system comprises user equipment (UE) and mobile management entity MME, wherein:
MME uses old set of cipher key that the Non-Access Stratum safe mode command NASSMC that issues UE is carried out integrity protection and encryption;
After the described NAS SMC of the UE good authentication message, with the new key group Non-Access Stratum NAS safe mode of issuing UE is finished message and carry out integrity protection and encryption.
42, a kind of user equipment (UE) is characterized in that, described UE finishes message with new key to the AS cipher key replacing of issuing eNB and carries out integrity protection after being used for good authentication AS cipher key replacing command messages.
43, a kind of user equipment (UE) is characterized in that, described UE finishes message with new key to the AS cipher key replacing of issuing eNB and carries out integrity protection and encryption after being used for good authentication AS cipher key replacing command messages.
44, a kind of enode eNB is characterized in that, described eNB is used to determine to enable the cipher key replacing under the running status, and with old set of cipher key the AS cipher key replacing command messages that sends to UE is encrypted and integrity protection.
45, a kind of mobile management entity MME is characterized in that, described MME uses old set of cipher key that the Non-Access Stratum safe mode command NAS SMC that issues UE is carried out integrity protection and encryption.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2009101051476A CN101483865A (en) | 2009-01-19 | 2009-01-19 | Cipher key replacing method, system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2009101051476A CN101483865A (en) | 2009-01-19 | 2009-01-19 | Cipher key replacing method, system and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101483865A true CN101483865A (en) | 2009-07-15 |
Family
ID=40880752
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2009101051476A Pending CN101483865A (en) | 2009-01-19 | 2009-01-19 | Cipher key replacing method, system and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101483865A (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102056157A (en) * | 2009-11-04 | 2011-05-11 | 大唐移动通信设备有限公司 | Method, system and device for determining keys and ciphertexts |
| CN102065420A (en) * | 2009-11-11 | 2011-05-18 | 大唐移动通信设备有限公司 | Method, system and device for determining secret key |
| CN102142942A (en) * | 2011-04-01 | 2011-08-03 | 中兴通讯股份有限公司 | Data processing method and system in relay node system |
| CN102143152A (en) * | 2010-02-01 | 2011-08-03 | 冲电气工业株式会社 | Communication terminal and communication system |
| WO2012024905A1 (en) * | 2010-08-25 | 2012-03-01 | 中兴通讯股份有限公司 | Method, terminal and ggsn for encrypting and decrypting data in mobile communication network |
| CN104704501A (en) * | 2012-08-13 | 2015-06-10 | 西门子公司 | Securely generating and storing passwords in computer system |
| WO2017133021A1 (en) * | 2016-02-06 | 2017-08-10 | 华为技术有限公司 | Security processing method and relevant device |
| CN107508672A (en) * | 2017-09-07 | 2017-12-22 | 浙江神州量子网络科技有限公司 | A kind of cipher key synchronization method and key synchronization device based on pool of symmetric keys, key synchronization system |
| CN107959569A (en) * | 2017-11-27 | 2018-04-24 | 浙江神州量子网络科技有限公司 | A kind of key compensation process and key supplementary device, key replenishment system based on pool of symmetric keys |
| CN108377494A (en) * | 2016-11-22 | 2018-08-07 | 深圳市中兴微电子技术有限公司 | A kind of terminal abnormal flow guard method and device |
| CN109640324A (en) * | 2017-05-05 | 2019-04-16 | 华为技术有限公司 | A kind of communication means and relevant apparatus |
| CN109803331A (en) * | 2017-11-16 | 2019-05-24 | 华为技术有限公司 | Data processing method, device and computer storage medium |
| CN110225372A (en) * | 2019-05-07 | 2019-09-10 | 成都三零凯天通信实业有限公司 | A kind of real time flow medium encryption and decryption key seamless handover method |
| WO2019170104A1 (en) * | 2018-03-06 | 2019-09-12 | Mediatek Singapore Pte. Ltd. | Apparatuses and methods for protection of an intial non-access stratum (nas) message |
| WO2019213925A1 (en) * | 2018-05-10 | 2019-11-14 | 华为技术有限公司 | Key update method, device, and storage medium |
| CN113271588A (en) * | 2020-02-14 | 2021-08-17 | 联发科技股份有限公司 | Security key synchronization method and communication device |
-
2009
- 2009-01-19 CN CNA2009101051476A patent/CN101483865A/en active Pending
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102056157A (en) * | 2009-11-04 | 2011-05-11 | 大唐移动通信设备有限公司 | Method, system and device for determining keys and ciphertexts |
| CN102056157B (en) * | 2009-11-04 | 2013-09-11 | 电信科学技术研究院 | Method, system and device for determining keys and ciphertexts |
| CN102065420B (en) * | 2009-11-11 | 2013-06-26 | 电信科学技术研究院 | Method, system and device for determining secret key |
| CN102065420A (en) * | 2009-11-11 | 2011-05-18 | 大唐移动通信设备有限公司 | Method, system and device for determining secret key |
| CN102143152A (en) * | 2010-02-01 | 2011-08-03 | 冲电气工业株式会社 | Communication terminal and communication system |
| CN102143152B (en) * | 2010-02-01 | 2014-09-17 | 冲电气工业株式会社 | Communication terminal and communication system |
| US9059839B2 (en) | 2010-02-01 | 2015-06-16 | Oki Electric Industry Co., Ltd. | Communication terminal using a temporary network key for assembling a secure communication frame |
| WO2012024905A1 (en) * | 2010-08-25 | 2012-03-01 | 中兴通讯股份有限公司 | Method, terminal and ggsn for encrypting and decrypting data in mobile communication network |
| CN102142942B (en) * | 2011-04-01 | 2017-02-08 | 中兴通讯股份有限公司 | Data processing method and system in relay node system |
| CN102142942A (en) * | 2011-04-01 | 2011-08-03 | 中兴通讯股份有限公司 | Data processing method and system in relay node system |
| CN104704501A (en) * | 2012-08-13 | 2015-06-10 | 西门子公司 | Securely generating and storing passwords in computer system |
| CN104704501B (en) * | 2012-08-13 | 2017-07-14 | 西门子公司 | Securely generate and store in computer systems password |
| WO2017133021A1 (en) * | 2016-02-06 | 2017-08-10 | 华为技术有限公司 | Security processing method and relevant device |
| US11140546B2 (en) | 2016-02-06 | 2021-10-05 | Huawei Technologies Co., Ltd. | Security processing method and related device |
| CN108377494A (en) * | 2016-11-22 | 2018-08-07 | 深圳市中兴微电子技术有限公司 | A kind of terminal abnormal flow guard method and device |
| CN109640324B (en) * | 2017-05-05 | 2019-11-19 | 华为技术有限公司 | A kind of communication means and relevant apparatus |
| CN109640324A (en) * | 2017-05-05 | 2019-04-16 | 华为技术有限公司 | A kind of communication means and relevant apparatus |
| US11272360B2 (en) | 2017-05-05 | 2022-03-08 | Huawei Technologies Co., Ltd. | Communication method and related apparatus |
| US10798578B2 (en) | 2017-05-05 | 2020-10-06 | Huawei Technologies Co., Ltd. | Communication method and related apparatus |
| US10798579B2 (en) | 2017-05-05 | 2020-10-06 | Huawei Technologies Co., Ltd | Communication method and related apparatus |
| CN107508672A (en) * | 2017-09-07 | 2017-12-22 | 浙江神州量子网络科技有限公司 | A kind of cipher key synchronization method and key synchronization device based on pool of symmetric keys, key synchronization system |
| CN107508672B (en) * | 2017-09-07 | 2020-06-16 | 浙江神州量子网络科技有限公司 | Key synchronization method, key synchronization device and key synchronization system based on symmetric key pool |
| CN109803331A (en) * | 2017-11-16 | 2019-05-24 | 华为技术有限公司 | Data processing method, device and computer storage medium |
| US11304107B2 (en) | 2017-11-16 | 2022-04-12 | Huawei Technologies Co., Ltd. | Data processing method and apparatus, and computer storage medium |
| US11627510B2 (en) | 2017-11-16 | 2023-04-11 | Huawei Technologies Co., Ltd. | Data processing method and apparatus, and computer storage medium |
| CN109803331B (en) * | 2017-11-16 | 2021-05-18 | 华为技术有限公司 | Data processing method, device and computer storage medium |
| US11902844B2 (en) | 2017-11-16 | 2024-02-13 | Huawei Technologies Co., Ltd. | Data processing method and apparatus, and computer storage medium |
| CN107959569A (en) * | 2017-11-27 | 2018-04-24 | 浙江神州量子网络科技有限公司 | A kind of key compensation process and key supplementary device, key replenishment system based on pool of symmetric keys |
| WO2019170104A1 (en) * | 2018-03-06 | 2019-09-12 | Mediatek Singapore Pte. Ltd. | Apparatuses and methods for protection of an intial non-access stratum (nas) message |
| US10813161B2 (en) | 2018-03-06 | 2020-10-20 | Mediatek Singapore Pte. Ltd. | Apparatuses and methods for protection of an initial non-access stratum (NAS) message |
| WO2019213925A1 (en) * | 2018-05-10 | 2019-11-14 | 华为技术有限公司 | Key update method, device, and storage medium |
| CN110225372A (en) * | 2019-05-07 | 2019-09-10 | 成都三零凯天通信实业有限公司 | A kind of real time flow medium encryption and decryption key seamless handover method |
| US11310661B2 (en) | 2020-02-14 | 2022-04-19 | Mediatek Inc. | Security key synchronization method and associated communications apparatus |
| TWI747480B (en) * | 2020-02-14 | 2021-11-21 | 聯發科技股份有限公司 | Security key synchronization method and communication apparatus |
| CN113271588A (en) * | 2020-02-14 | 2021-08-17 | 联发科技股份有限公司 | Security key synchronization method and communication device |
| CN113271588B (en) * | 2020-02-14 | 2024-05-17 | 联发科技股份有限公司 | Security key synchronization method and communication device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101483865A (en) | Cipher key replacing method, system and device | |
| CN101232731B (en) | Method and system for UE to generate cryptographic key switching from UTRAN to EUTRAN | |
| CN201286113Y (en) | Wireless emission/receiving unit | |
| CN101720539B (en) | Key refresh sae/lte system | |
| KR101447726B1 (en) | The generation method and the update method of authorization key for mobile communication | |
| CN108141355B (en) | Method and system for generating session keys using Diffie-Hellman procedure | |
| CN1857024B (en) | Enhanced security design for cryptography in mobile communication systems | |
| EP2291946B2 (en) | Cryptographic key generation | |
| CN101478752B (en) | Cipher key replacing method, system and device | |
| CN101272616B (en) | Safety access method of wireless metropolitan area network | |
| US8707045B2 (en) | Method and apparatus for traffic count key management and key count management | |
| CN101835156B (en) | Method and system for safeguarding user access | |
| EP3002965B1 (en) | Efficient terminal authentication in telecommunication networks | |
| CN101232736B (en) | Method for setting initialization of cryptographic key existence counter among different access systems | |
| CN101505479B (en) | Safe context negotiation method and system in authentication process | |
| CN100488281C (en) | Method for acquring authentication cryptographic key context from object base station | |
| CN101237444B (en) | Secret key processing method, system and device | |
| CN101304311A (en) | Method and system for generating cryptographic key | |
| CN101309503A (en) | Wireless switching method, base station and terminal | |
| CN103476028A (en) | NAS (Non Access Stratum) message treatment method and device during rollover of NAS COUNT | |
| CN102572819A (en) | Method, device and system for generating secret key | |
| CN102378174A (en) | Access method, device and system of user terminal of SIM (Subscriber Identity Module) card | |
| CN106358195B (en) | Safe activation optimization method suitable for LTE access layer | |
| CN1964259B (en) | A method to manage secret key in the course of switch-over | |
| CN101022330A (en) | Method and module for raising key management authorized information security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20090715 |