CN101547443B - Signaling transmission method and a communication apparatus - Google Patents

Signaling transmission method and a communication apparatus Download PDF

Info

Publication number
CN101547443B
CN101547443B CN 200810035406 CN200810035406A CN101547443B CN 101547443 B CN101547443 B CN 101547443B CN 200810035406 CN200810035406 CN 200810035406 CN 200810035406 A CN200810035406 A CN 200810035406A CN 101547443 B CN101547443 B CN 101547443B
Authority
CN
China
Prior art keywords
signaling
key
shared
type
setting
Prior art date
Application number
CN 200810035406
Other languages
Chinese (zh)
Other versions
CN101547443A (en
Inventor
徐小英
潘炜
高闻
Original Assignee
上海华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 上海华为技术有限公司 filed Critical 上海华为技术有限公司
Priority to CN 200810035406 priority Critical patent/CN101547443B/en
Publication of CN101547443A publication Critical patent/CN101547443A/en
Application granted granted Critical
Publication of CN101547443B publication Critical patent/CN101547443B/en

Links

Abstract

本发明实施例公开了LTE系统中信令的传输方法及通信装置。 Example discloses a transmission method and a communication apparatus in the LTE system according to the present invention signaling. 一种LTE系统中信令的传输方法,包括:发送方在发送的信令中设置标识密钥类型的标志位;发送方将信令发送给接收方。 A method for transmitting signaling in LTE system, comprising: setting a sender identification key type flag transmitted in the signaling; signaling sender sends to the recipient. 利用本发明实施例,可以区分信令采用私有密钥加密或采用共享密钥加密。 Embodiment of the present invention using the embodiment, it is possible to distinguish the signaling or using private key encryption using the common key cryptosystem.

Description

信令的传输方法及通信装置 Signaling transmission method and a communication apparatus

技术领域 FIELD

[0001] 本发明涉及无线通信技术领域,特别涉及一种长期演进(Long TermEvolution, LTE)系统中信令的传输方法及通信装置。 [0001] The present invention relates to wireless communication technologies, and in particular relates to a transmission method and a communication device for long term evolution (Long TermEvolution, LTE) system signaling.

背景技术 Background technique

[0002] 在LTE系统之后的进一步演进中,采用了中继台(Relay Station, RS)这一重要技术,从而就无线接入技术进行了多方位的强化。 [0002] In a further evolution of LTE system after using this important technical relay station (Relay Station, RS), thereby performing a multi-directional reinforced on radio access technology. 中继台的部署可以提升系统的无线接入性能,改善阴影区域的覆盖,扩大基站(Base Station, BS)的有效覆盖半径,增强特定区域数据速率。 Can improve system performance deploy wireless access relay station and improve the coverage of the shaded area, the expansion of the effective coverage radius of the base station (Base Station, BS), the specific region data rate enhancement.

[0003] 在无线通信系统中,数据和信令在空中接口传输时都需要加密或完整性保护,加密和完整性保护都需要采用密钥进行,密钥分为私有密钥和共享密钥。 [0003] In wireless communication systems, data and signaling at the air interface requires encryption or integrity protection, encryption and integrity protection are required for using the key, the key and the private key into the shared key.

[0004] 首先介绍采用私有密钥的一种情况。 [0004] The first describes a case of using the private key. 每个终端都会分配一个私有密钥,这个私有密钥只有使用的终端和与该终端通信的基站知道,那么它们之间所传的数据和信令都要通过这个私有密钥加密后再在空中接口上传输,所传的数据和信令只能被使用私有密钥的终端和与该终端通信的基站才能解密出来,这样,保证了系统的安全性。 Each terminal is assigned a private key, the private key of the base station that the terminal and only used for communicating with the terminals know, then the transmitted data and signaling between them should be encrypted by the private key and then the air transmitted on the interface, the data transmission and signaling can be used by the terminal and a private key of the base station communicating with the terminal can decrypt it, so that, to ensure the security of the system.

[0005] 以下介绍共享密钥的一种情况。 [0005] The following describes a case where the shared key. 在电子和电气工程师协会(Institute ofElectrical and Electronics Engineers, IEEE) 802. 16 j 协议中,定义了安全区域密钥(Security Zone Key, SZK),SZK为BS和一组处于相同安全区域的RS间共享的密钥。 In the Institute of Electrical and Electronics Engineers (Institute ofElectrical and Electronics Engineers, IEEE) 802. 16 j protocol defines the security area key (Security Zone Key, SZK), SZK is set between BS and RS in the same shared security zone key. 在16j系统中,对数据进行加密,对信令做完整性保护,SZK就是用于信令的完整性保护的共享密钥。 16j in the system, the data is encrypted, integrity protected signaling done, for SZK shared key is used for integrity protection of signaling. 图1给出了共享密钥在网络中的原理示意图。 Figure 1 shows a schematic view of the principle of a shared key in the network. 如图1中所示,BS与RS1,RS2,RS3 属于同一安全区域(如图中虚线内范围所示),因此,其采用相同的共享密钥SZK1。 As shown in FIG. 1, the BS and RS1, RS2, RS3 belong to the same security zone (shown in broken lines in FIG. Range), so that the same shared key SZK1. 也可以是多个RS属于同一安全区域。 A plurality of RS may belong to the same security zone. 例如图1中的RSI、RS2和RS3属于同一安全区域(图中未用虚线示出)。 For example in FIG. 1 RSI, RS2 and RS3 belong to the same security zone (not shown in the drawing by a broken line).

[0006] 在802. 16j系统中,对于同时存在共享密钥和私有密钥的情况,采用连接标识(Connection ID, CID)对共享密钥和私有密钥进行区分。 [0006] In the system 802. 16j, for the case of shared key and a private key while using the connection identifier (Connection ID, CID) for the shared key and a private key distinction. CID是802. 16 j系统中空口链路的标识,其可以唯一表示BS和MS或RS间的一条用户数据或者控制的通路。 802. 16 j CID is hollow interface link identification system in which a user can uniquely represent data path between the BS and the MS or RS or controlled. 现有CID的长度一般为16bits,可以分为Basic CID, PrimaryManagement CID 等管理CID,以及Transport CID,Tunnel CID等业务CID。 The length of the existing CID is generally 16bits, it can be divided into Basic CID, PrimaryManagement CID and other management CID, and Transport CID, Tunnel CID business CID. 现有的采用802. 16j协议的系统中,依靠分配Multicast CID 来承载SZK加密的共享信令,以区别用Basic CID或者Primary Management CID来承载私有密钥加密的私有信令。 The system uses existing protocol 802. 16j, relying Multicast CID assigned to carry SZK encrypted shared signaling bearer to be distinguished from the encrypted private key using the private signaling or Basic CID Primary Management CID.

[0007] 随着LTE系统的发展,也需要在LTE系统中也引入RS,并且也将会采用私有密钥和共享密钥对数据和信令在空中接口进行加密或完整性保护。 [0007] With the development of the LTE system, we need to be introduced in the LTE system RS, and will also be used for the private key and the shared key and data encryption or integrity protection for signaling in the air interface.

[0008] 在对现有技术的研究和实践过程中,发明人发现现有技术中存在以下问题: [0008] In the research and practice of the prior art, the inventors have found the following problems in the prior art:

[0009] LTE系统中并没有CID的概念,也没有其它能够支持区分私有密钥和共享密钥的技术方案。 [0009] LTE system and no concept of the CID, no other support distinguishing aspect of the private key and the shared key. 发明内容 SUMMARY

[0010] 本发明实施例的目的是提供一种LTE系统中信令的传输方法及通信装置,以实现支持区分私有密钥和共享密钥的传输。 [0010] object of embodiments of the present invention is to provide a transmission method and a communication apparatus in an LTE system signaling, in order to achieve transport supports case the private key and the shared key.

[0011] 为解决上述技术问题,本发明实施例提供一种LTE系统中信令的传输方法及通信装置,具体实现如下: [0011] To solve the above problems, embodiments of the present invention provide a transmission method and a communication apparatus in an LTE system signaling, specifically implemented as follows:

[0012] 一种LTE系统中信令的传输方法,包括: [0012] A method for transmitting signaling in LTE system, comprising:

[0013] 发送方在发送的信令中设置标识密钥类型的标志位,其中,LTE系统中信 [0013] The sender identification key setting a flag bit in the signaling type transmission in which, LTE system CITIC

[0014] 令的加解密和完整性保护都是由包数据汇聚协议PDCP层来处理; [0014] encryption and integrity protection orders are processed by a packet data convergence protocol PDCP layer;

[0015] 发送方将信令发送给接收方。 [0015] The signaling sender to the recipient.

[0016] 一种LTE系统中信令的通信装置,包括: [0016] LTE communication device signaling system, comprising:

[0017] 密钥类型设置单元,用于在发送的信令中设置标识密钥类型的标志位,其中,LTE 系统中信令的加解密和完整性保护都是由包数据汇聚协议PDCP层来处理; [0017] The key type setting unit for setting a flag bit identifies the key type in the signaling transmitted, wherein, LTE signaling system of encryption and decryption and integrity protection are to the Packet Data Convergence Protocol PDCP layer deal with;

[0018] 发送单元,用于发送加密的信令。 [0018] The transmitting unit for transmitting encrypted signaling.

[0019] 一种LTE系统中信令的通信装置,包括: [0019] LTE communication device signaling system, comprising:

[0020] 接收单元,用于接收发来的信令; [0020] a receiving unit, for receiving signaling sent;

[0021] 密钥判断单元,用于根据接收到的信令中增加的标志位判断密钥类型;或还根据信令格式中标识的共享密钥组判断所处安全区域采用的共享密钥; [0021] The key judgment means for judging the type of the key according to the received signaling flag increases; or further determines a shared key using the safe area is located under the shared key group identified in the signaling format;

[0022] 解密单元,用于利用判断得到的密钥对所述信令进行解密,其中,LTE系统中信令的加解密和完整性保护都是由包数据汇聚协议PDCP层来处理。 [0022] a decryption unit for decrypting the signaling judgment obtained using a key, wherein, LTE signaling system integrity protection and encryption and decryption are processed by a packet data convergence protocol PDCP layer.

[0023] 由以上本发明实施例提供的技术方案可见,发送方在发送的信令中设置标识密钥类型的标志位,发送方将信令发送给接收方,这样,可以区分信令采用私有密钥加密或采用共享密钥加密,在所述信令中设置用于区分不同安全区域所采用的共享密钥的共享密钥组,还可以区分不同安全区域所采用的共享密钥的共享密钥组。 [0023] The technical solutions provided by the above embodiment of the present invention can be seen, the sender identification key type set flag transmitted in the signaling, the signaling sender sends to the recipient, so that, using the private signaling can be distinguished or using a shared key encryption key encrypted in the signaling is provided for distinguishing the shared key group used different security zones shared key, the shared secret can also distinguish between different security zones shared key used key groups.

附图说明 BRIEF DESCRIPTION

[0024] 图1为现有技术中共享密钥的原理示意图; [0024] FIG. 1 is a schematic prior art schematic diagram of a shared key;

[0025] 图2为现有技术中LTE系统下PDCP层的信令格式图; [0025] FIG. 2 is a prior art signaling format of FIG PDCP layer in the LTE system;

[0026] 图3为本发明方法实施例的流程图; A flowchart of a method [0026] FIG 3 embodiments of the present invention;

[0027] 图4为本发明方法实施例中PDCP层一信令格式图; A PDCP layer signaling format embodiment of FIG. [0027] The method of the present invention FIG 4;

[0028] 图5为本发明方法实施例中PDCP层另一信令格式图; FIG PDCP layer signaling format another embodiment [0028] The method of the present invention FIG 5;

[0029] 图6为本发明通信装置一实施例的框图; [0029] FIG. 6 is a block diagram of an embodiment of a communication device of the invention;

[0030] 图7为本发明通信装置一实施例的框图。 [0030] FIG. 7 is a schematic block diagram of an embodiment of the invention the communication device.

具体实施方式 Detailed ways

[0031] 本发明实施例提供一种LTE系统中信令的传输方法及通信装置。 Embodiment [0031] The present invention provides a communication apparatus and a transmission method in an LTE system signaling.

[0032] 为了使本技术领域的人员更好地理解本发明方案,下面结合附图和实施方式对本发明实施例作进一步的详细说明。 [0032] In order to make those skilled in the art better understand the present invention, the following examples of the present invention will be described in further detail in conjunction with the accompanying drawings and embodiments.

[0033] LTE系统中信令的加解密和完整性保护都是由包数据汇聚协议(PacketData Convergence Protocol, PDCP)层来处理的,LTE系统中PDCP层的控制面信令格式可以如图2中所示。 [0033] LTE system signaling integrity protection and encryption and decryption are the Packet Data Convergence Protocol (PacketData Convergence Protocol, PDCP) layer processing, LTE system, the PDCP layer control plane signaling format may be as shown in Fig. 如图2,3个R位是PDCP层头格式中的3个保留位,其它是正常的PDCP层序列号和信令数据。 R is a 2, 3-bit PDCP header format layer 3 reserved bits, the other is normal PDCP layer sequence numbers and signaling data. 可以利用这些保留位来标识信令采用的密钥类型。 These reserved bits can be utilized to identify the type of the signaling used in the key.

[0034] 图3显示出了本发明方法实施例的流程图,如图: [0034] FIG. 3 shows a flowchart of an embodiment of the method of the present invention, as shown:

[0035] 步骤301 :发送方在发送的信令中设置标识加密类型的标志位。 [0035] Step 301: The sender identifies the type of encryption setting a flag bit in the signaling transmitted.

[0036] 具体的,发送方可以利用信令中空闲的保留位来标识加密类型。 [0036] Specifically, the sender can use to identify the type of encryption reserved bit signaling idle.

[0037] 如前述图2中,PDCP层信令格式中的3个空闲的标志位中一位,即3个保留位R 位中的任一个R位,都可以用来标识采用的密钥类型。 [0037] As in the FIG. 2, PDCP layer 3 signaling format in an idle flag, i.e. any one of R Bit 3 reserved bits R bits, may be used to identify the type of use of the key . 例如,如图4中所示,可以采用私有/共享(Private/Share,P/S)来标志所采用的密钥类型是共享密钥还是私有密钥。 For example, as shown in FIG. 4, the key type may be employed private / shared (Private / Share, P / S) is used to mark the shared key or private key. 图4所示的例子中,采用的是第一位空闲的保留位,即第一位R位来标识所采用的密钥的类型。 Example shown in FIG. 4, using reserved bits of a free, i.e. one type of R bits to identify the keys used. 当然,也可以采用第二位R位或第三位R位来标识。 Of course, it can also be used a second or third bit R R bits to identify.

[0038] 具体可以为:当发送方采用的是共享密钥,就设置P/S位等于S的标志表示为共享信令;当发送方采用的是私有密钥,就设置P/S位等于P的标志表示为私有信令。 [0038] specifically as follows: When the sender uses the shared key, to set the P / S flag is equal to S bits represented as a shared signaling; When the sender uses a private key, is set P / S bit is equal to the P flag indicates private signaling. P/S位的设置值可以是0和1中的一个,具体对应关系可视标准而定。 Set value P / S bit can be 0 and 1 in a specific corresponding relation may be visual standard.

[0039] 此外,当信令中没有空闲的标志位可被利用的情况下,发送方也可以在发送的信令中增加标识密钥类型的标志位。 [0039] Further, in the case when there is no spare signaling flag may be utilized, the sender can also increase the type of identification key flag bit in the signaling transmitted.

[0040] 当采用共享密钥,并且存在多个安全区域的情况下,将会有多个共享密钥。 [0040] When the case of using the shared key, and a plurality of security zones, there will be a plurality of shared keys. 而不同的安全区域采用不同的共享密钥,因此还需要加以区分不同安全区域所采用的不同共享密钥。 Different security zones using different shared keys, it is also necessary to distinguish between different shared keys used by different security zones.

[0041] 在采用共享密钥,且存在多个安全区域的情况下,可以在PDCP层信令格式中增加用于区分不同安全区域所采用的共享密钥的共享密钥组。 [0041] In the case of the shared key, and there are a plurality of security zones, it is possible to increase the shared key group used to distinguish different shared keys used by the security zone in the PDCP layer signaling format. 前面提到,SZK被定义为处于相同安全区域RS之间共享的密钥。 Mentioned, SZK is defined to be in the same security zone shared between the RS keys. 这里,具体的,可以如图5所示,在PDCP头格式后增加一个字节的SZK Group字段来区分不同的SZK组。 Here, in particular, as shown in FIG 5, a byte SZK Group increased after PDCP header fields to distinguish different formats SZK groups.

[0042] 步骤302 :发送方将信令发送给接收方。 [0042] Step 302: the sender will send signaling to the recipient.

[0043] 这样,接收方在接收到信令后,通过读取相应标识位上表示的加密类型,用正确的密钥进行解密。 [0043] Thus, the recipient after receiving the signaling, the encryption is decrypted by reading the type represented by the respective identification bits with the correct key.

[0044] 具体的,如果在信令中标识出了加密类型为私有密钥,则接收方可以采用私有密钥进行解密;如果在信令中标识出了加密类型为共享密钥,则接收方可以采用共享密钥进行解密。 [0044] Specifically, if in the signaling to identify the type of encryption private key, the recipient can decrypt using the private key; if in the signaling to identify the type of encryption shared key, the recipient shared key can be used to decrypt. 例如,接收方根据P/S标志位可以得知发送方采用的是私有密钥还是共享密钥,从而采用正确的密钥解密。 For example, the receiver according to P / S flag may be that the sender uses a private key or a shared key, so that the correct decryption key. 特别的,如果在信令中标识出了加密类型为共享密钥,且信令中还存在区分不同安全区域所采用的共享密钥的共享密钥组,则接收方可以采用所指示的共享私有组对共享密钥进行解密。 In particular, if an identifier in the signaling type shared key group encryption key is shared, and there is also signaling to distinguish between different shared keys used in the security zone, the recipient can use the shared private indicated group shared key to decrypt it. 具体的可以是接收方通过SZK Group得知发送方所采用的SZK 组。 It may be particular receiver via SZK Group SZK group that the sender used.

[0045] 需要指出的是,上述发送方可以包括BS和/或RS,上述接收方可以包括BS和/或RS。 [0045] It is noted that the BS may include the sender and / or the RS the recipient may include a BS and / or RS.

[0046] 由以上实施例可见,发送方在发送的信令中设置标识密钥类型的标志位,发送方将信令发送给接收方,这样,可以区分信令采用私有密钥加密或采用共享密钥加密,在所述信令中设置用于区分不同安全区域所采用的共享密钥的共享密钥组,还可以区分不同安全区域所采用的共享密钥的共享密钥组。 [0046] Example seen from the above embodiment, a sender identification key type set flag bit signaling, the signaling sender to the recipient, so that signaling can be distinguished using private key encryption uses a shared or key encryption, the signaling is provided for distinguishing the shared key group used different security zones shared key, the shared key group can also distinguish between different shared keys used by the security zone.

[0047] 以下介绍本发明LTE系统中通信装置实施例,图6示出了该通信装置实施例的框图,如图,包括: [0047] The following describes embodiments of the present invention, the LTE system in the communication apparatus, FIG. 6 shows a block diagram of the communication device embodiment, as shown, comprising:

[0048] 密钥类型设置单元601,用于在发送的信令中设置标识密钥类型的标志位; [0048] Key type setting unit 601 for setting a flag bit identifies the key type in the signaling transmitted;

[0049] 发送单元602,用于发送信令。 [0049] The sending unit 602, configured to send signaling.

[0050] 具体的,所述密钥类型设置单元可以利用信令中空闲的保留位标识密钥类型,或在发送的信令中增加标识密钥类型的标志位。 [0050] Specifically, the key type may utilize a reserved bit setting unit identifies the type of signaling idle key or key type identifies the increase in the signaling flag transmitted.

[0051] 所述通信装置还可以包括共享密钥组设置单元603,用于设置共享密钥组字段,所述共享密钥组字段用于区分不同安全区域所采用的共享密钥。 [0051] The communication apparatus may further include a setting unit 603 sets the shared key, the shared key group field for setting the shared key set of fields used to distinguish between different shared keys used in the security zone.

[0052] 所述信令包括包数据汇聚协议层信令。 The [0052] signaling includes a packet data convergence protocol layer signaling.

[0053] 所述通信装置包括BS和/或RS。 [0053] The communication means includes a BS and / or RS.

[0054] 以下介绍本发明LTE系统中信令的通信装置实施例,图7示出了该通信装置实施例的框图,如图,包括: [0054] The following describes the embodiment of a communication apparatus according to the present invention in an LTE system signaling, FIG. 7 shows a block diagram of the communication device embodiment, as shown, comprising:

[0055] 接收单元701,用于接收发来的信令; [0055] The receiving unit 701 is configured to receive incoming signaling;

[0056] 密钥判断单元702,用于根据接收到的信令中增加的标志位判断密钥类型;或还根据信令格式中标识的共享密钥组判断所处安全区域采用的共享密钥; [0056] The key determination unit 702 for determining the type of the key according to the received signaling flag increases; or further secure area in which the shared key is determined using the signaling format in accordance with the shared key group identified ;

[0057] 解密单元703,用于利用判断得到的密钥对所述信令进行解密。 [0057] The decryption unit 703 for decrypting the signaling judgment obtained using a key.

[0058] 所述信令包括包数据汇聚协议层信令。 [0058] The signaling includes a packet data convergence protocol layer signaling.

[0059] 所述通信装置包括BS和/或RS。 The [0059] communication apparatus includes a BS and / or RS.

[0060] 另外,还可以在LTE系统中增加一个专门的逻辑信道来承载共享信令,例如增加一个中继共享控制信道(Relay Share Control Channel,RSCCH)。 [0060] It is also possible to add a dedicated logical channel in the LTE system to the shared signaling bearer, for example, increasing a relay shared control channel (Relay Share Control Channel, RSCCH). 共享信令发送时都承载于RSCCH,接收方接收时在RSCCH信道上收到的信令就用共享密钥进行后续处理。 It is transmitted on the shared signaling bearer RSCCH, when the receiver receives the shared key to use for subsequent processing in the signaling channel received RSCCH.

[0061] 特别的,当存在多个安全区域的情况下,可以在RSCCH的格式中增加用于区分不同安全区域所采用的共享密钥的共享密钥组。 [0061] In particular, in the case where there are a plurality of security zones, the shared key group can be increased to distinguish between different shared keys for the security zone in RSCCH used in the format. 与前面类似的,可以在增加一个SZK Group 字段来区分不同的SZK组。 Similar to the above, the increase may be a Group SZK SZK field to distinguish between different groups.

[0062] 虽然通过实施例描绘了本发明实施例,本领域普通技术人员知道,本发明有许多变形和变化而不脱离本发明的精神,希望所附的权利要求包括这些变形和变化而不脱离本发明的精神。 [0062] Although the present invention is depicted by way of example embodiments, those of ordinary skill in the art know that there are many modifications and variations of the present invention without departing from the spirit of the invention, it intended that the appended claims cover such modifications and variations are possible without departing from the spirit of the invention.

Claims (9)

1. 一种长期演进LTE系统中信令的传输方法,其特征在于,包括:发送方在发送的信令中设置标识密钥类型的标志位以及设置共享密钥组字段,所述共享密钥组字段用于区分不同安全区域所采用的共享密钥,其中,LTE系统中信令的加解密和完整性保护都是由包数据汇聚协议PDCP层来处理; 发送方将信令发送给接收方。 1. A method for transmitting an LTE signaling system, characterized by comprising: setting a sender identification key type flag and a shared key group transmitted in the signaling field, the shared key group field is used to distinguish between different shared keys used in the security zone, wherein, LTE signaling system integrity protection and encryption are handled by the packet data convergence protocol PDCP layer; signaling sender sends to the recipient .
2.如权利要求1所述的方法,其特征在于,所述发送方在发送的信令中设置标识密钥类型的标志位包括:发送方利用信令中空闲的保留位标识密钥类型。 2. The method according to claim 1, wherein the sender identification key setting type flag included in the signaling transmitted: the sender identification key using a reserved bit signaling type idle.
3.如权利要求1所述的方法,其特征在于,所述发送方在发送的信令中设置标识密钥类型的标志位包括:发送方在发送的信令中增加标识密钥类型的标志位。 3. The method according to claim 1, wherein the sender identification key setting type flag included in the signaling transmitted: increased signaling sender's identity key type flag bit.
4.如权利要求1〜3中任一项所述的方法,其特征在于,所述信令包括包数据汇聚协议层信令。 4. A method according to any one of claims 1~3 claims, wherein the signaling includes a packet data convergence protocol layer signaling.
5. 一种LTE系统中信令传输的通信装置,其特征在于,包括:密钥类型设置单元,用于在发送的信令中设置标识密钥类型的标志位,其中,LTE系统中信令的加解密和完整性保护都是由包数据汇聚协议PDCP层来处理;共享密钥组设置单元,用于在密钥类型设置单元设置后的信令中设置共享密钥组字段,所述共享密钥组字段用于区分不同安全区域所采用的共享密钥; 发送单元,用于发送信令。 A LTE system signaling communication transmission apparatus, characterized by comprising: a key type setting unit for setting a flag bit identifies the key type in the signaling transmitted, wherein, the signaling in the LTE system the integrity protection and encryption are handled by the packet data convergence protocol PDCP layer; shared key group setting unit for setting a signaling field shared key group after the key type setting unit, the shared group field is used to distinguish the key shared key used by different security zones; transmitting means for transmitting signaling.
6.如权利要求5所述的通信装置,其特征在于,所述密钥类型设置单元利用信令中空闲的保留位标识密钥类型,或在发送的信令中增加标识密钥类型的标志位。 The communication apparatus according to claim 5, wherein said key reserved bit key type identifies the type setting unit using the idle signaling, or increased key type identification flag transmitted in the signaling bit.
7.如权利要求5或6所述的通信装置,其特征在于,所述信令包括包数据汇聚协议层信令。 The communication device of claim 5 or claim 6, wherein the signaling includes a packet data convergence protocol layer signaling.
8. —种LTE系统中信令传输的通信装置,其特征在于,包括: 接收单元,用于接收发来的信令;密钥判断单元,用于根据接收到的信令中设置的标志位判断密钥类型;以及根据信令格式中标识的共享密钥组判断所处安全区域采用的共享密钥;解密单元,用于利用判断得到的密钥对所述信令进行解密,其中,LTE系统中信令的加解密和完整性保护都是由包数据汇聚协议PDCP层来处理。 8. - Species LTE system signaling communication transmission apparatus, characterized by comprising: a receiving unit, for receiving signaling sent; key judgment unit, according to the received signaling flag set Analyzing key type; Analyzing and signaling format according to the shared key group identified in the security zone using the shared key is located; a decryption unit configured to decrypt the signaling judgment obtained using a key, wherein, LTE signaling system integrity protection and encryption and decryption are processed by a packet data convergence protocol PDCP layer.
9.如权利要求8所述的通信装置,其特征在于,所述信令包括包数据汇聚协议层信令。 The communication apparatus as claimed in claim 8, wherein the signaling includes a packet data convergence protocol layer signaling.
CN 200810035406 2008-03-28 2008-03-28 Signaling transmission method and a communication apparatus CN101547443B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 200810035406 CN101547443B (en) 2008-03-28 2008-03-28 Signaling transmission method and a communication apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 200810035406 CN101547443B (en) 2008-03-28 2008-03-28 Signaling transmission method and a communication apparatus

Publications (2)

Publication Number Publication Date
CN101547443A CN101547443A (en) 2009-09-30
CN101547443B true CN101547443B (en) 2011-12-21

Family

ID=41194253

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200810035406 CN101547443B (en) 2008-03-28 2008-03-28 Signaling transmission method and a communication apparatus

Country Status (1)

Country Link
CN (1) CN101547443B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6986046B1 (en) 2000-05-12 2006-01-10 Groove Networks, Incorporated Method and apparatus for managing secure collaborative transactions
CN101039180A (en) 2007-05-09 2007-09-19 中兴通讯股份有限公司 Method and system for generating and transmitting key

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6986046B1 (en) 2000-05-12 2006-01-10 Groove Networks, Incorporated Method and apparatus for managing secure collaborative transactions
CN101039180A (en) 2007-05-09 2007-09-19 中兴通讯股份有限公司 Method and system for generating and transmitting key

Also Published As

Publication number Publication date
CN101547443A (en) 2009-09-30

Similar Documents

Publication Publication Date Title
CN1268093C (en) Distribution method of wireless local area network encrypted keys
EP1981223B1 (en) Base station, relay station and bandwith allocation method
JP4103611B2 (en) Wireless ad-hoc communication system, a terminal, an authentication method at the terminal, the encryption method and terminal management method and program for executing these methods to the terminal
US20050123141A1 (en) Broadcast encryption key distribution system
JP4866909B2 (en) Shared key encryption using a long keypad
US20080198863A1 (en) Bridged Cryptographic VLAN
EP2218272B1 (en) Methods and apparatuses for enabling non-access stratum (nas) security in lte mobile units
CN1183707C (en) Method for encryption of data transfer and data communication system
US8107629B2 (en) Method of providing security for relay station
EP2063567B1 (en) A network access authentication and authorization method and an authorization key updating method
US8161543B2 (en) VLAN tunneling
US8347377B2 (en) Bridged cryptographic VLAN
EP1804462B1 (en) Method and apparatus for transmitting message to wireless devices that are classified into groups
US8630416B2 (en) Wireless device and method for rekeying with reduced packet loss for high-throughput wireless communications
AU2013260295A1 (en) Method and system for connectionless transmission during uplink and downlink of data packets
CN101534189A (en) Data transmission controlling method and data transmission system
EP1805920B1 (en) System and method for providing security for a wireless network
MY159588A (en) Method and apparatus for transfer of a message on a common control channel for random access in a wireless communication network
CN1922824B (en) Protection of management frames in wireless LAN
US8295488B2 (en) Exchange of key material
CN1280727A (en) Security of data connections
KR20080041562A (en) Radio base station, relay station and radio communication method
CN101512537A (en) Method and system for secure processing of authentication key material in an Ad Hoc Wireless Network
KR100594153B1 (en) The method of forming and the secure communication of a logical link in the network topology, many-to-many points
US7284123B2 (en) Secure communication system and method for integrated mobile communication terminals comprising a short-distance communication module

Legal Events

Date Code Title Description
C06 Publication
C10 Request of examination as to substance
C14 Granted