CN101494640A - Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy - Google Patents
Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy Download PDFInfo
- Publication number
- CN101494640A CN101494640A CNA2008100566413A CN200810056641A CN101494640A CN 101494640 A CN101494640 A CN 101494640A CN A2008100566413 A CNA2008100566413 A CN A2008100566413A CN 200810056641 A CN200810056641 A CN 200810056641A CN 101494640 A CN101494640 A CN 101494640A
- Authority
- CN
- China
- Prior art keywords
- local
- token
- mobile node
- generates
- shared key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
Abstract
The invention discloses a method, a system, a node and a home agent which are used for protecting mobile IP routing optimization signaling, and belongs to the field of network communication. The method comprises the following steps: the home agent encrypts a home secret generating token and contains the encrypted home secret generating token in a home test message which is sent to a mobile node; and the mobile node decrypts the home secret generating token from the home test message. The system comprises a token encrypting module and a token decrypting module. The node comprises a home test message receiving module and a token decrypting module. The home agent comprises a token encrypting module. The invention ensures the safety of the routing optimization signaling between the mobile node and the home agent by protecting the confidentiality of the home secret generating token.
Description
Technical field
The present invention relates to network communication field, particularly a kind of method, system, node and home agent of protecting movable IP routing optimizing signaling.
Background technology
Relate to three kinds of basic network entities in the mobile IP v 6 system: mobile node (Mobile Node, MN), communication node (Correspondent Node, CN) and home agent (Home Agent, HA).When MN roams into field network, can generate Care-of Address, and (Binding Update, BU) message is notified home agent with Care-of Address by Binding Update by certain way.When CN when the MN that leaves the local sends message, home agent can be intercepted and captured the message that sends to moving nodes local network and mobile node, again message is transmitted to mobile node by tunnel mode; When MN when CN sends message, message sends to home agent by tunnel mode, home agent carries out being transmitted to CN after the decapsulation to message.Above communication pattern is called the bidirectional tunnel communication pattern.
If with MN present care-of address notice CN, the communication between MN and the CN mobile node can be passed through its home agent transfer, the method for direct communication is called the routing optimality pattern between this MN and the CN.Directly communicate in order to make between MN and the CN, MN need be with its Care-of Address by BU message informing CN.If but BU message is not protected, can be by the BU message of forging, make between MN and CN communicate by letter under attack.
Summary of the invention
For the communication security between mobile node and the home agent is guaranteed, the embodiment of the invention provides a kind of method, system, node and home agent of protecting movable IP routing optimizing signaling.Described technical scheme is as follows:
A kind of method of protecting movable IP routing optimizing signaling, described method comprises:
Home agent is encrypted the secret token that generates in local, and the secret token packet that generates in the local of encrypting is contained in the local test post that sends to mobile node;
Described mobile node decrypts the secret token that generates in described local from the described local test post that receives.
A kind of system that protects movable IP routing optimizing signaling, described system comprise token encrypting module and token deciphering module:
Described token encrypting module is used for the secret token that generates in local is encrypted, and the secret token that generates in the local of encrypting is sent to described token deciphering module;
Described token deciphering module is used for the secret token that generates in the described local of encrypting is decrypted, and obtains the secret token that generates in described local.
A kind of home agent, described home agent comprises:
The token encrypting module is used for the secret token that generates in local is encrypted, and the secret token that generates in the local of encrypting is placed in the local test post that sends to mobile node.
A kind of mobile node, described mobile node comprises:
Local test post receiver module is used to receive the local test post that described home agent sends, and described local test post comprises the secret token that generates in local of encryption;
The token deciphering module is used for decrypting the secret token that generates in described local from the local test post that receives.
The described technical scheme of the embodiment of the invention is by the secret confidentiality that generates token in protection local; can make between mobile node and home agent when not supporting ipsec capability; the safety of routing optimizing signaling is guaranteed between mobile node and home agent; and then mobile node routing optimality communication security is protected; and this technical scheme is simple, is easy to realize.In addition, can also classify to message according to heading.
Description of drawings
Fig. 1 be prior art provide return the schematic diagram that route can reach process approach;
Fig. 2 is the HoTI message format schematic diagram that prior art provides;
Fig. 3 is the HoT message format schematic diagram that prior art provides;
Fig. 4 is a kind of flow chart of protecting the method for movable IP routing optimizing signaling that the embodiment of the invention 1 provides;
Fig. 5 is a kind of flow chart of protecting the method for movable IP routing optimizing signaling that the embodiment of the invention 2 provides;
Fig. 6 is a kind of schematic diagram of protecting the system of movable IP routing optimizing signaling that the embodiment of the invention 3 provides.
Embodiment
RFC (Request for Comments, request note) 3775 stipulated in order to protect the binding update messages from MN to CN, need between MN and CN, set up a binding management key (Binding Management Key, Kbm).The binding management key utilization use return route can reach process (Return Routability Procedure, RRP) method, BU message between protection MN and the CN, this method as shown in Figure 1.When MN attempts to use routing optimality pattern and CN to communicate, can send HoTI (Home Test Init, the local test is initiated) message and CoTI (Care-of Test Init delivers test and initiates) message to CN, the HoTI message format is as shown in Figure 2.If CN supports and allow to use the routing optimality pattern to communicate by letter with MN, then after receiving HoTI message, calculate the secret token (Home Keygen Token) that generates in local by following method:
The secret generation in local token=First (64, HMAC-SHA1 (Kcn, HoA|Nonce|0))
Wherein, Kcn is the privately owned secret of CN, and Nonce is the random number that is generated by CN.
CN is placed on the local that generates secret generation token in HoT (Home Test, the local test) message and sends to MN by HA, and the HoT message format as shown in Figure 3.
After CN receives CoTI message, calculate as follows and deliver secret generation token, and send to MN:
Deliver the secret token=First of generation (64, HMAC-SHA1 (Kcn, CoA|Nonce|1))
MN receives HoT message and the CoT message that CN sends, and by after Cookies (cooky) inspection, take out that wherein local is secret to be generated token and deliver the secret token that generates, just can calculate Kbm=SHA1 (the secret token that generates in local | deliver the secret token that generates).
The design object of route-optimized secure is to wish to provide when MN leaves home network to communicate with communicating at home network and have equal fail safe; its prerequisite is communicating by letter of assailant's home network that can't intercept CN and MN; so can be by the communication security between protection mobile node and home agent, with the safety of protection routing optimizing signaling.
When MN leaves home network; in order to protect the safety of routing optimizing signaling between MN and HA; prior art provides the method for the HoT message on IPSecESP (IPSec Encapsulating Security Payload, IPSec ESP) tunnel mode protection MN and the home network.This method is by encrypting encapsulation HoT message; can protect the safety of routing optimizing signaling between MN and HA; but this method requires MN and HA all to support IPSec (IP Security; IP safety) function; because ipsec capability combining cipher protection service, security protocol group and dynamic key management are realized; but realization more complicated; if some MN (for example; micro-wave access global inter communication (WIMAX; Worldwide Interoperability for Microwave Access) terminal) can't support ipsec capability, then the secure communication meeting between MN and HA is subjected to very big threat.In addition, because this method is that HoT message is encrypted encapsulation, can't classify to message according to heading.
For making the purpose, technical solutions and advantages of the present invention clearer, embodiment of the present invention is described further in detail below in conjunction with accompanying drawing.
The embodiment of the invention is encrypted the secret token that generates in local by home agent; and the secret token packet that generates in the local of encrypting is contained in the local test post that sends to mobile node; mobile node decrypts the secret token that generates in local from the described local test post that receives and protects the secret confidentiality that generates token in local, and the safety of routing optimizing signaling between mobile node and home agent is guaranteed.
Embodiment 1
The embodiment of the invention provides a kind of method of protecting movable IP routing optimizing signaling; this method is by the secret confidentiality that generates token in local in the protection HoT message; can make between mobile node and home agent when not supporting IPSec; the safety of routing optimizing signaling is guaranteed between mobile node and home agent, and then mobile node routing optimality communication security is protected.Referring to Fig. 4, the concrete steps of the embodiment of the invention are as follows:
Step 101:MN carries out the local registration, and and HA between set up and share key K.
Wherein, the shared key between MN and HA can be one, also can be a plurality of, in the present embodiment, is example with a plurality of shared keys.
Step 102:MN sends HoTI message to HA, comprises the initial Cookie in local and the mobile SPI (Security Parameter Index, Security Parameter Index) of encryption in this message.
MN is when sending HoTI message, can put the position random value IV1 (the IV1 size is 64bit) by initial Cookie in the local, and key K is shared in use or derivative key Ks encrypts the initial Cookie in local and IV1 (also can be other compute mode through XOR, for example concatenation operation) the median MV1 of Sheng Chenging will encrypt back median MV1 and be placed in the mobile encrypted option.Wherein, the method for derivative key Ks is as follows:
(K, HoA|HAA|Label), wherein Label is a character string to Ks=KDF, such as " Home Test ".
, when calculating derivative key Ks, can generate mobile SPI, and place it in the mobile encrypted option according to shared key K.
Need to prove that mobile SPI is used for carrying out index to sharing key K or derivative key Ks.Mobile SPI neither be necessary, if the shared key between MN and HA has only one, then mobile SPI can not want; If there are a plurality of shared keys between MN and HA, need to generate SPI.Because in step 101, shared key K is a plurality of, therefore, need mobile SPI that the derivative key Ks that shares key K or shared key is carried out index.
As the preferred scheme of another kind, if MV1 generates secret initial Cookie in local and random value IV1 by concatenation operation, then the part with the median MV1 of encryption is placed in the mobile encrypted option, and a part is placed among the initial Cookie in local.
Step 103:HA receives HoTI message, uses shared key K to decrypt the initial Cookie in local according to SPI in the mobile encrypted option, and initial Cookie replaces random value IV1 on the initial Cookie position, local with the local that decrypts, and sends HoTI message to CN.
Need to prove, if in step 102, the part of the median MV1 that encrypts is placed in the mobile encrypted option, a part is placed on the initial Cookie in local, then in this step, the content of mobile encrypted option and the initial Cookie in local need be connected together, again median MV1 is decrypted, and then obtain the initial Cookie in local.
After step 104:CN receives HoTI message, send HoT message, comprise the secret token that generates in local in this message to HA.
After CN receives HoTI message, calculate the secret token that generates in local by following method:
The secret generation in local token=First (64, HMAC-SHA1 (Kcn, HoA|Nonce|0))
Wherein, Kcn is the privately owned secret of CN, and Nonce is the random number that is generated by CN.
CN is placed on the local that generates secret generation token in HoT (Home Test, the local test) message and sends to HA.
Step 105:HA receives HoT message,, use and share key K or derivative key Ks encrypts the secret token that generates in local, and the secret token that generates in the local of encrypting is placed in the HoT message and sends to MN, comprise mobile SPI in this message.
When HA sends HoT message to MN, a random value IV2 (the IV2 size is 128bit) is put in the secret token position that generates in initial Cookie position and local in the local, using shared key K or derivative key Ks encryption local secret generation token and IV2 (also can be other compute mode through XOR, for example concatenation operation) the median MV2 of Sheng Chenging, the median MV2 that encrypts is placed in the mobile encrypted option, and mobile encrypted option also comprises mobile SPI.
Mobile SPI in this step and mobile SPI in the step 102 can be identical, also can be different.
As alternative scheme, HA can use shared key K or derivative key Ks directly the local secret to be generated token and encrypt, and the local secret that the local secret generation token of encrypting is placed in the HoT message that sends to MN generates the token position.
Step 106:MN receives HoT message, uses shared key K or derivative key Ks to decrypt the secret token that generates in local according to SPI in the mobile encrypted option.
In step 105, median MV2 is to use and shares key K or derivative key Ks and encrypt secret token and the IV2 of generating in local and generate through XOR, in this step, MV2 and the IV2 that decrypts just can be drawn local secret generation token through XOR.
Need to prove that step 102 in the present embodiment and step 103 are that the initial Cookie in local is carried out encryption and decryption, but these two steps are not necessary.In the middle of the practical application, can the initial Cookie in local not being carried out encryption and decryption, why in the present embodiment the initial Cookie in local is carried out encryption and decryption, mainly is in order further to strengthen the fail safe of signaling between HA and the MN.
Embodiment 2
Be that the secret token that generates in local in the HoT message is carried out encryption and decryption among the embodiment 1, thereby guarantee the safety of signaling between HA and the MN.Present embodiment is that the secret median that generates token, the initial Cookie in local and random value generation in local in the HoT message is carried out encryption and decryption.Referring to Fig. 5, the concrete steps of present embodiment are as follows:
Step 201:MN executes local registration, and and HA between set up and share key K.
Concrete steps are identical with step 101 among the embodiment 1, repeat no more.
Step 202:MN sends HoTI message to HA, comprises the initial Cookie in local and the mobile SPI of encryption in this message.
Concrete steps are identical with step 102 among the embodiment 1, repeat no more.
Step 203:HA receives HoTI message, uses shared key K to decrypt the initial Cookie in local according to SPI in the mobile encrypted option, and initial Cookie replaces random value IV1 on the initial Cookie position, local with the local that decrypts, and sends HoTI message to CN.
Concrete steps are identical with step 103 among the embodiment 1, repeat no more.
After step 204:CN receives HoTI message, send HoT message, comprise the secret token that generates in local in this message to HA.
Concrete steps are identical with step 104 among the embodiment 1, repeat no more.
Step 205:HA receives HoT message, use and share key K or secret token and the initial Cookie in local of generating in derivative key Ks encryption local, and local secret generation token and the initial Cookie in local that encrypts is placed in the HoT message that sends to MN, also comprise mobile SPI in this message.
When HA sends HoT message to MN, a random value IV2 (the IV2 size is 128bit) is put in the secret token position that generates in initial Cookie position and local in the local, the secret token that generates of initial Cookie in local and local is carried out nonce of concatenation operation (also can be other compute mode) generation, key K is shared in use or derivative key Ks encrypts this nonce and IV2 (also can be other compute mode through XOR, for example concatenation operation) the median MV2 of Sheng Chenging, the median MV2 that encrypts is placed in the mobile encrypted option, and mobile encrypted option also comprises mobile SPI.The concrete operation formula that obtains median MV2 is as follows:
The secret generation in local token=First (64, HMAC-SHA1 (Kcn, HoA|Nonce|0))
Wherein, Kcn is the privately owned secret of CN, and Nonce is the random number that is generated by CN.
Mobile SPI in this step and mobile SPI in the step 202 can be identical, also can be different.
As alternative scheme, HA can use and share key K or derivative key Ks and directly generate token and the initial Cookie in local encrypts jointly to the local is secret, and secret token and the initial Cookie in local of generating in the local of encrypting is placed on secret the generation on token and the initial Cookie position, local in local in the HoT message that sends to MN.
Step 206:MN receives HoT message, uses shared key K to decrypt the secret token that generates of initial Cookie in local and local according to the SPI in the mobile encrypted option.
In this step, at first decrypt median MV2, again MV2 and the IV2 that decrypts just can be drawn the secret token that generates of initial Cookie in local and local through XOR.
Need to prove that step 202 in the present embodiment and step 203 are that the initial Cookie in local is carried out encryption and decryption, but these two steps are not necessary.In the middle of the practical application, can the initial Cookie in local not being carried out encryption and decryption, why in the present embodiment the initial Cookie in local is carried out encryption and decryption, mainly is in order further to strengthen the fail safe of signaling between HA and the MN.
Embodiment 3
The embodiment of the invention provides a kind of system that protects movable IP routing optimizing signaling, and is shown in Figure 6, and this system comprises token encrypting module and token deciphering module.Wherein,
The token encrypting module is used for the secret token that generates in local is encrypted, and the secret token that generates in the local of encrypting is sent to the token deciphering module;
The token deciphering module is used for the secret token that generates in the local of encrypting is decrypted, and obtains the secret token that generates in local.
Further, this system also comprises Cookie encrypting module and Cookie deciphering module:
The Cookie encrypting module is used for according to the derivative key of sharing key or shared key the initial Cookie in local being encrypted, and the initial Cookie in local that encrypts is sent to the Cookie deciphering module;
The Cookie deciphering module is used for according to the derivative key of enjoying key or shared key the initial Cookie in local that encrypts being decrypted, and obtains the initial Cookie in local.
Embodiment 4
The embodiment of the invention 4 provides a kind of home agent, and this home agent comprises:
The token encrypting module is used for the secret token that generates in local is encrypted, and the secret token that generates in the local of encrypting is placed in the local test post that sends to mobile node.
Further, this home agent also comprises:
The Home Test Initiation message receiver module is used to receive the Home Test Initiation message that mobile node sends, and Home Test Initiation message comprises the initial Cookie in local of encryption;
The Cookie deciphering module is used for decrypting the initial Cookie in local from the Home Test Initiation message that receives.
Embodiment 5
The embodiment of the invention 5 provides a kind of mobile node, and this mobile node comprises:
Local test post receiver module is used to receive the local test post that home agent sends, and this local test post comprises the secret token that generates in local of encryption;
The token deciphering module is used for decrypting the secret token that generates in local from the local test post that receives.
Further, this mobile node also comprises:
The Cookie encrypting module is used for the initial Cookie in local is encrypted, and the initial Cookie in local that encrypts is placed in the Home Test Initiation message that sends to home agent.
The described technical scheme of the embodiment of the invention is by the secret confidentiality that generates token in protection local; can make between mobile node and home agent when not supporting ipsec capability; the safety of routing optimizing signaling is guaranteed between mobile node and home agent; and then mobile node routing optimality communication security is protected; and this technical scheme is simple, is easy to realize.In addition, owing to need not encrypt, therefore can realize classification to message to heading.
The technical scheme that above embodiment provides can realize that software is stored on the storage medium that can read by hardware and software, as the floppy disk of computer, and hard disk or CD etc.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (13)
1, a kind of method of protecting movable IP routing optimizing signaling is characterized in that, described method comprises:
Home agent is encrypted the secret token that generates in local, and the secret token packet that generates in the local of encrypting is contained in the local test post that sends to mobile node;
Described mobile node decrypts the secret token that generates in described local from the described local test post that receives.
2, the method for protection movable IP routing optimizing signaling as claimed in claim 1 is characterized in that, described method specifically comprises:
The shared key between described home agent use and described mobile node or the derivative key of described shared key are directly encrypted the secret token that generates in described local, and the secret token that generates in the local of described encryption is placed in the described local test post that sends to described mobile node;
Described mobile node receives described local test post, and uses the derivative key of described shared key or described shared key to decrypt the secret token that generates in described local.
3, the method for protection movable IP routing optimizing signaling as claimed in claim 1 is characterized in that, described method specifically comprises:
The shared key between described home agent use and described mobile node or the derivative key of described shared key are encrypted the secret median that generates token and random value generation in described local, and the median of described encryption is placed in the described local test post that sends to described mobile node;
Described mobile node receives described local test post, and uses the derivative key of described shared key or described shared key that described median is decrypted, and decrypts the secret token that generates in described local according to described median.
4, the method for protection movable IP routing optimizing signaling as claimed in claim 1 is characterized in that, described method specifically comprises:
The shared key between described home agent use and mobile node or the derivative key of shared key are encrypted secret token and the initial Cookie in local of generating in described local, and local secret generation token and the initial Cookie in local that encrypts is placed in the described local test post that sends to described mobile node;
Described mobile node receives described local test post, and uses the derivative key of described shared key or described shared key to decrypt secret token and the initial Cookie in described local of generating in described local from the test post of described local.
5, the method for protection movable IP routing optimizing signaling as claimed in claim 1 is characterized in that, described method specifically comprises:
The shared key between described home agent use and described mobile node or the derivative key of described shared key are encrypted the secret median that generates token, the initial Cookie in local and random value generation in described local, and the median of described encryption is placed in the described local test post that sends to described mobile node;
Described mobile node receives described local test post, uses the derivative key of described shared key or described shared key that described median is decrypted, and decrypts secret token and the initial Cookie in described local of generating in described local according to described median.
6, as the method for any described protection movable IP routing optimizing signaling of claim of claim 1-5; it is characterized in that; also comprise mobile security index coefficient in the detecting information of described local, described safe index coefficient is used for the derivative key of described shared key or described shared key is carried out index.
As the method for any described protection movable IP routing optimizing signaling of claim of claim 1-5, it is characterized in that 7, described method also comprises:
Described mobile node sends Home Test Initiation message to described home agent, comprises the initial Cookie in local of the derivative key encryption of using described shared key or described shared key in the described message;
Described home agent receives described Home Test Initiation message, decrypts the initial Cookie in described local according to the derivative key of described shared key or described shared key.
8, a kind of system that protects movable IP routing optimizing signaling is characterized in that, described system comprises token encrypting module and token deciphering module:
Described token encrypting module is used for the secret token that generates in local is encrypted, and the secret token that generates in the local of encrypting is sent to described token deciphering module;
Described token deciphering module is used for the secret token that generates in the described local of encrypting is decrypted, and obtains the secret token that generates in described local.
9, as the system of protection movable IP routing optimizing signaling as described in the claim 8, it is characterized in that described system also comprises Cookie encrypting module and Cookie deciphering module:
Described Cookie encrypting module be used for according to the derivative key of sharing key or described shared key the initial Cookie in local being encrypted, and the initial Cookie in described local that will encrypt sends to described Cookie deciphering module;
Described Cookie deciphering module is used for according to the derivative key of described shared key or described shared key the initial Cookie in local that encrypts being decrypted, and decrypts the initial Cookie in described local.
10, a kind of home agent is characterized in that, described home agent comprises:
The token encrypting module is used for the secret token that generates in local is encrypted, and the secret token that generates in the local of encrypting is placed in the local test post that sends to mobile node.
11, home agent as claimed in claim 10 is characterized in that, described home agent also comprises:
The Home Test Initiation message receiver module is used to receive the Home Test Initiation message that mobile node sends, and described Home Test Initiation message comprises the initial Cookie in local of encryption;
The Cookie deciphering module is used for decrypting the initial Cookie in described local from the described Home Test Initiation message that receives.
12, a kind of mobile node is characterized in that, described mobile node comprises:
Local test post receiver module is used to receive the local test post that home agent sends, and described local test post comprises the secret token that generates in local of encryption;
The token deciphering module is used for decrypting the secret token that generates in described local from the described local test post that receives.
13, mobile node as claimed in claim 12 is characterized in that, described mobile node also comprises:
The Cookie encrypting module is used for the initial Cookie in local is encrypted, and the initial Cookie in local that encrypts is placed in the Home Test Initiation message that sends to described home agent.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100566413A CN101494640A (en) | 2008-01-23 | 2008-01-23 | Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy |
| PCT/CN2009/070258 WO2009094939A1 (en) | 2008-01-23 | 2009-01-21 | Method for protecting mobile ip route optimization signaling, the system, node, and home agent thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100566413A CN101494640A (en) | 2008-01-23 | 2008-01-23 | Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101494640A true CN101494640A (en) | 2009-07-29 |
Family
ID=40912285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008100566413A Pending CN101494640A (en) | 2008-01-23 | 2008-01-23 | Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101494640A (en) |
| WO (1) | WO2009094939A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109474425A (en) * | 2018-12-25 | 2019-03-15 | 国科量子通信网络有限公司 | A method of length derivative key is arbitrarily designated based on the acquisition of multiple shared keys |
| CN110022320A (en) * | 2019-04-08 | 2019-07-16 | 北京深思数盾科技股份有限公司 | A kind of communication partner method and communication device |
| CN110661759A (en) * | 2018-06-30 | 2020-01-07 | 华为技术有限公司 | Access detection method and device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100512954B1 (en) * | 2003-03-12 | 2005-09-07 | 삼성전자주식회사 | RR method for secure communication |
| CN1969526B (en) * | 2004-04-14 | 2010-10-13 | 北方电讯网络有限公司 | Securing home agent to mobile node communication with HA-MN key |
| CN101076195A (en) * | 2007-06-29 | 2007-11-21 | 中国移动通信集团公司 | Mobile terminal, network, method and system for switch network by mobile terminal |
-
2008
- 2008-01-23 CN CNA2008100566413A patent/CN101494640A/en active Pending
-
2009
- 2009-01-21 WO PCT/CN2009/070258 patent/WO2009094939A1/en active Application Filing
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110661759A (en) * | 2018-06-30 | 2020-01-07 | 华为技术有限公司 | Access detection method and device |
| CN110661759B (en) * | 2018-06-30 | 2021-10-01 | 华为技术有限公司 | Access detection method and device |
| CN109474425A (en) * | 2018-12-25 | 2019-03-15 | 国科量子通信网络有限公司 | A method of length derivative key is arbitrarily designated based on the acquisition of multiple shared keys |
| CN109474425B (en) * | 2018-12-25 | 2021-06-25 | 国科量子通信网络有限公司 | Method for obtaining derived key with any specified length based on multiple shared keys |
| CN110022320A (en) * | 2019-04-08 | 2019-07-16 | 北京深思数盾科技股份有限公司 | A kind of communication partner method and communication device |
| CN110022320B (en) * | 2019-04-08 | 2020-12-18 | 北京纬百科技有限公司 | Communication pairing method and communication device |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2009094939A1 (en) | 2009-08-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10931644B2 (en) | Methods, network nodes, mobile entity, computer programs and computer program products for protecting privacy of a mobile entity | |
| EP3499840B1 (en) | User-plane security for next generation cellular networks | |
| US11799650B2 (en) | Operator-assisted key establishment | |
| EP2309698B1 (en) | Exchange of key material | |
| US20060182083A1 (en) | Secured virtual private network with mobile nodes | |
| CN105376737B (en) | Machine-to-machine cellular communication security | |
| US20060291660A1 (en) | SIM UICC based broadcast protection | |
| US20030031151A1 (en) | System and method for secure roaming in wireless local area networks | |
| US8611543B2 (en) | Method and system for providing a mobile IP key | |
| US7107051B1 (en) | Technique to establish wireless session keys suitable for roaming | |
| Qiu et al. | Secure group mobility support for 6lowpan networks | |
| KR100512954B1 (en) | RR method for secure communication | |
| JP2007036641A (en) | Home agent device, and communication system | |
| CN102045669A (en) | Implementation method and system for encrypting short message services | |
| US7551915B1 (en) | Method of establishing route optimized communication in mobile IPv6 by securing messages sent between a mobile node and home agent | |
| CN101917712A (en) | Data encryption/decryption method and system for mobile communication network | |
| Angermeier et al. | PAL-privacy augmented LTE: A privacy-preserving scheme for vehicular LTE communication | |
| EP4239953A2 (en) | Encrypting data in a pre-associated state | |
| CN101494640A (en) | Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy | |
| CN114009075A (en) | Providing privacy for non-public networks | |
| CN101388801B (en) | Legal listening method, system and server | |
| CN100536471C (en) | Method for effective protecting signalling message between mobile route and hometown agent | |
| CN110650476B (en) | Management frame encryption and decryption | |
| JP2010161448A (en) | Authentication method and system in negotiation between terminals | |
| Paul et al. | A survey on wireless security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20090729 |