CN101969638A - Method for protecting international mobile subscriber identity (IMSI) in mobile communication - Google Patents

Method for protecting international mobile subscriber identity (IMSI) in mobile communication Download PDF

Info

Publication number
CN101969638A
CN101969638A CN2010105005291A CN201010500529A CN101969638A CN 101969638 A CN101969638 A CN 101969638A CN 2010105005291 A CN2010105005291 A CN 2010105005291A CN 201010500529 A CN201010500529 A CN 201010500529A CN 101969638 A CN101969638 A CN 101969638A
Authority
CN
China
Prior art keywords
imsi
user
vlr
hlr
pki
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2010105005291A
Other languages
Chinese (zh)
Other versions
CN101969638B (en
Inventor
谢涛
武传坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Software of CAS
Original Assignee
Institute of Software of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Software of CAS filed Critical Institute of Software of CAS
Priority to CN201010500529.1A priority Critical patent/CN101969638B/en
Publication of CN101969638A publication Critical patent/CN101969638A/en
Application granted granted Critical
Publication of CN101969638B publication Critical patent/CN101969638B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method for protecting international mobile subscriber identity (IMSI) in mobile communication, which comprises the following steps that: on the basis of the original identity identifier and authentication protocol of the mobile communication, users encrypt IMSI by using a home location register (HLR) public key and send the IMSI to a visitor location register (VLR); the VLR sends the encrypted IMSI to the HLR, the HLR decrypts the IMSI to generate an authentication vector; the HLR sends the encrypted IMSI and the corresponding authentication vector to the VLR; and the VLR performs the authentication on the users according to the encrypted IMSI and the corresponding authentication vector. In addition, the IMSI is also protected by combining the use of a public key certificate. Therefore, attackers cannot determine the identities of the users through passive interception or active inveiglement and cannot capture privacy such as tracks of the users and the like, and simultaneously, the determination of the VLR on HLR in which the users are positioned is not influenced, so the also known as (AKA) protocol can be performed smoothly.

Description

The method of in a kind of mobile communication IMSI being protected
Technical field
The invention belongs to the mobile communication security fields, particularly a kind of method that in the scene that user or base station is authenticated based on IMSI, realizes the privacy of user protection.
Background technology
International mobile subscriber identity (IMSI, International Mobile Subscriber Identity) is to be number that the mobile subscriber distributed of unique identification in the world.IMSI is issued to the registered user by mobile communication carrier, be stored in the home location register (HLR of mobile communication carrier's core net end, Home Location Register) and in the global Subscriber Identity Module of user side (USIM, Universal Subscriber Identity Module).
IMSI is 15, and each is 0 to 9 decimal number, is made up of Mobile Country Code MCC MCC, Mobile Network Code MNC, identification number of mobile subscriber MSIN three parts.Wherein, MCC (Mobile Country Code) is distributed unitedly and management by International Telecommunication Union, the country under unique identification mobile subscriber, and totally 3, China is 460; Mobile communications network under the unique identification user of MNC (Mobile NetworkCode), totally 2; Totally ten of MSIN (Mobile Subscriber IdentificationNumber), its structure is as follows: 09+M 0M 1M 2M 3+ ABCD, wherein M 0M 1M 2M 3The HLR that identifying user IMSI is stored, ABCD Random assignment identifying user.
When mobile communication carrier issues IMSI to the registered user, can issue shared key K to the user, K also is stored in HLR and the usim card.In the time of accessing mobile communication network for users, can send IMSI to operator's core net, both sides use AKA (Authentication and Key Agreement) agreement based on shared key K, realize authentication mutually, and the generation of session key and distribution.
But IMSI expressly sends in conversation; thereby if illegal individual or group by the exchange of the signaling on the monitoring wireless path steal the IMSI position of following the tracks of mobile client; so just cause infringement to privacy of user; so use interim identification code (TMSI) to reduce the use of IMSI in the mobile communication, thereby realize protection to privacy of user.
TMSI (Temporary Mobile Subscriber Identity) is a local number, only one given regional meaningful, this zone is identified by lane place identification code LAI (Location Area Identity).Access register VLR (Visitor Location Register) generates and to user's distribution T MSI, stores the corresponding relation between TMSI and the IMSI after authenticating by AKA.The user uses TMSI and network foundation to get in touch afterwards, as asking access network, routing update, adhering to request, beep-page message etc.Have only VLR not arrive at the regional search of LAI sign under the situation of legal TMSI, just understand the requirement of sending IMSI to the user.
In mobile communications network, under the situation of TMSI scheme protection, IMSI expressly still can use in following occasion:
1) the user's access network first time;
2) user's start;
3) user roams into a new network, does not have roaming agreement between new network and the former network;
4) network side TMSI loses.
In addition, bigger threat is that the assailant can forge the base station, to the spurious information that the user sends the TMSI access failure, inveigles the user to send IMSI.Like this, the assailant can collect an IMSI in the zone, when these IMSI and user identification relevancy together, the assailant can realize the tracking to user's whereabouts.Like this, just nonsensical based on the protection scheme of TMSI.
Application number provides a kind of IMSI protection scheme based on assumed name for 200910076453.1 Chinese patent application.After user and mobile operator core network are by authentication, VLR gives UE (User Equipment, subscriber equipment) distributes a GUTI (Globally Unique Temporary Identity, the unique interim identification code in the whole world) as temporary identity, also this value and its corresponding user ID IMSI are sent to HLR simultaneously.HLR has a memory cell that is used to store IMSI, comprises IMSI information, up-to-date GUTI and the GUTI that uses before.In the connection afterwards, if the TMSI authentification failure, when needing to send IMSI, the user only sends the identify label of GUTI as oneself.HLR determines the user according to the corresponding relation of IMSI that is stored and GUTI, and upgrades upgrading GUTI by VLR.
Above-mentioned IMSI protection scheme based on assumed name has bigger change for original user identity scheme in the mobile communication, also all needs bigger renewal and change in the storage of network terminal and user side and management.In addition, because GUTI dynamically updates, can not get rid of the possibility of authentification failure based on the IMSI of assumed name protection; this moment, the user still needed to send IMSI; as long as the situation that exists IMSI to send, the assailant just can forge the base station and inveigle the user to send IMSI, still can obtain user's whereabouts.
Summary of the invention
The object of the present invention is to provide a kind of method to international mobile subscriber identity (IMSI) Confidentiality protection; realize privacy protecting by in mobile communication, hiding IMSI, be applicable to based on IMSI scenes such as user or base station authenticate to the user.This method can not change under the situation of original system and agreement substantially, effectively prevents the destruction of assailant to privacy such as user's whereabouts.
Technical scheme of the present invention is based on following consideration and principle:
1. to fundamentally prevent to palm off the attack of base station user cheating IMSI, should avoid the plaintext of IMSI in the wireless connections that VLR initiates, to send the user;
For VLR when the user sends verify data, though do not send IMSI, at this moment do not consult TMSI, still need to confirm to connect the user by IMSI, therefore at this moment IMSI also can catch by victim, also needs at this moment IMSI is encrypted and protects;
3. because the storage and the computing capability of user side are all more weak, the storage that user side carried out is as far as possible little, so the computing of being carried out should be tried one's best simply;
4. can not carry out big change for the identify label form ripe and perfect relatively in the mobile communication and the basic agreement AKA agreement of authentication;
5.HLR can not determine unique identity of user before obtaining the IMSI plaintext, so all users in the HLR registration use common key;
6. utilize random number counter or timestamp to make that each IMSI through encrypting that sends is inequality, in order to avoid the assailant obtains user profile.
According to above consideration and principle,, provide following technical scheme in a first aspect of the present invention:
The method of in a kind of mobile communication IMSI being protected may further comprise the steps:
1) HLR issues PKI to its registered user, and PKI is stored in SIM card or the usim card with user's IMSI and user key K;
2) need utilize PKI that IMSI is carried out encryption when VLR sends IMSI and carries out authentication as the user, the user sends to VLR with encrypted result (IMSI after promptly encrypting), rather than sends IMSI;
3) VLR obtains the IMSI ciphertext behind the user encryption, ciphertext is sent to the HLR of user attaching;
4) obtain expressly IMSI after the ciphertext that HLR utilizes private key deciphering VLR to transmit, determine to use the Ciphering Key (tlv triple or five-tuple) of corresponding user key K generation AKA authentication protocol and pass to VLR behind the user;
5) IMSI behind the VLR storage encryption with this identify label as the user, and carries out associated record with the Ciphering Key that receives from described HLR, and the user is authenticated.
The flow process of above-mentioned IMSI guard method based on PKI as shown in Figure 1, the ME representative of consumer, the result that the user uses the PKI of HLR that IMSI is encrypted is IMSI *, the user is with IMSI *Send to VLR; VLR identifies IMSI *The information of middle sign HLR is with IMSI *Send to the HLR of user attaching; HLR uses private key to IMSI *Be decrypted and obtain IMSI, and calculate Ciphering Key; HLR is with IMSI *And corresponding Ciphering Key sends to VLR; VLR is according to IMSI *With Ciphering Key the user is authenticated; Simultaneously, VLR produces and IMSI *The temporary identity sign TMSI that is associated is used for connecting authentication next time.
Above-mentioned steps 2) utilize PKI that IMSI is carried out preferably elliptic curve public key cryptographic algorithm of public key encryption algorithm that encryption uses in.
Above-mentioned steps 5) VLR can also identify TMSI for the user produces the temporary identity that is associated with IMSI after the described encryption in case of necessity in.VLR stores TMSI, and with its with encrypt after IMSI and Ciphering Key be associated, be used for connecting authentication next time.
Above-mentioned steps 2) method that IMSI is carried out encryption can adopt one of following two kinds of concrete schemes:
Scheme one: obtain user's IMSI for preventing the assailant, when VLR required the user to send IMSI, the user used the PKI of HLR that IMSI is encrypted.But because VLR can not decrypt IMSI, so can not obtain the information of relevant HLR, therefore, the user need also send to VLR to the part of sign HLR among the IMSI in the IMSI that sends after encrypting.That is to say that after the user encrypted IMSI, the data that send to VLR also comprised preceding 11 bit digital of described IMSI except that the ciphertext that encryption obtains.Like this, VLR does not need deciphering, only the ciphertext behind the IMSI that encrypts is sent to corresponding HLR, uses the private key deciphering to obtain IMSI by HLR, and carries out next step AKA authentication.
Scheme two: this programme is based on the design feature of the third part mobile subscriber identifier sign indicating number MSIN of the design feature of IMSI, particularly IMSI.Because the opposing party's that authentication authorization and accounting carried out that 4 decade identifying users of use are registered among the MSIN HLR, and other 4 decade identifying users itself, therefore, when IMSI is encrypted, can only encrypt last 4 bit digital of IMSI, and preceding 11 bit digital of reservation IMSI are constant.Can use a kind of public key cryptography scheme, use is preset in the PKI of the HLR that registers of user side 4 decades of identifying user identity is hidden, and 4 decades of sign HLR still send with the plaintext form, make the current existing VLR of user can directly obtain the information of HLR to carry out next step AKA authentication.
Owing to be connected non-wireless connections between HLR and the VLR, we are commonly considered as safe, but after VLR obtains the data of HLR, still will seek the user according to IMSI, and what this also may victim catches.Therefore, the IMSI that HLR still can return after the encryption gives VLR, and user side is preserved behind the IMSI that sends after encrypting, and is identify label with it temporarily, up to by authentication, connects.Simultaneously; in order to prevent that each back of encrypting from sending identical result; user side should be filled random number to data and be found rule to protect not victim from ciphertext before encrypting; guarantee that the assailant can't obtain HLR information in addition; just when IMSI is carried out encryption, introduce a random number, make and encrypt the ciphertext difference that obtains at every turn.Because the effect of the random number here identical result occurs after just avoiding encrypting, therefore to pseudo-randomness quality and no requirement (NR), the result that user side can change according to variable elements such as timestamps, the result who perhaps adopts a timer to change gets final product.
IMSI guard method of the present invention is on the basis of using TMSI protection IMSI strategy, promptly after the TMSI authentification failure, carries out under the situation that must use IMSI to authenticate.Under normal circumstances, the user remains more use TMSI and initiates connection.The present invention is more suitable in preventing that the assailant from forging the active attack behavior of base station, and the special user that privacy is had higher requirements.Be in order to reduce the computation burden of user side and network terminal, also in order to reduce change like this to original scheme.
Comparatively speaking; the above-mentioned extra HLR of interpolation of scheme one transmission data needs information of IMSI being carried out encryption; the content of being revised also has the unnecessary content that does not need protection, and also can relatively large change be arranged to original form, not as scheme two flexible and actual effects.And scheme two will be done more filling to enciphered data in order to satisfy the requirement of public key encryption.Along with the upgrading and the renewal of mobile communications network, the form of IMSI and the variation that requires to take place bring bigger influence and change can for scheme two, and on compatibility, scheme one is better than scheme two.
In another aspect of this invention, can also be used for IMSI is protected in conjunction with making of public key certificate.Under the situation that public key certificate uses, the user does not need to preset the PKI of HLR, but the PKI that presets trust authority comes the signature of trust authority in the verification public key certificate, can consider to utilize the certificate of VLR, or utilize the certificate of HLR.Other places are then basic identical with the above-mentioned scheme that presets the HLR PKI.
(1) utilizes the technical scheme of VLR certificate
After the TMSI authentification failure, VLR is at the public key certificate that sends oneself in customer requirements IMSI to the user, because user this moment can not access network, VLR also will send the certificate revocation list or the certificate status Query Result of trust authority to the user, and by trust authority that the user trusts all certificates to the trust chain of this VLR.The user uses the PKI of VLR to encrypt IMSI according to above encipherment scheme after the legitimacy and availability of confirming the VLR PKI, and VLR gives HLR with IMSI after utilizing the private key of oneself to decipher.Concrete steps comprise:
1) user presets the PKI of trust authority, when the user need be when VLR sends IMSI and carries out authentication, send the public key certificate of oneself to the user by VLR, and the certificate revocation list of the trust authority that the user trusted or certificate status Query Result, with trust authority all certificates to the trust chain of this VLR, the user utilizes the PKI of trust authority that the signature of trust authority is verified then;
2) if the user confirms that the VLR PKI in the VLR public key certificate is legal and available, then utilize the VLR PKI that IMSI is carried out encryption, the user sends to VLR with encrypted result (IMSI after promptly encrypting), rather than sends IMSI;
3) after VLR obtains IMSI ciphertext behind the user encryption, utilize the private key deciphering of oneself to obtain IMSI, and IMSI is sent to the HLR of user attaching;
4) HLR receives IMSI, determines to use the Ciphering Key (tlv triple or five-tuple) of corresponding user key K generation AKA authentication protocol and pass to VLR behind the user;
5) IMSI behind the VLR storage encryption with this identify label as the user, and carries out associated record with the Ciphering Key that receives from HLR, and the user is authenticated.
(2) utilize the technical scheme of HLR certificate
After the TMSI authentification failure, VLR sends to the user inquired user place HLR earlier before customer requirements IMSI behind HLR inquiry certificate.Concrete steps comprise:
1) user presets the PKI of trust authority, when the user need be when VLR sends IMSI and carries out authentication, VLR elder generation is to the HLR of user's query user attaching, behind HLR inquiry public key certificate, send to the user then, the certificate revocation list or the certificate status Query Result of the trust authority that sends the user simultaneously and trusted, with trust authority all certificates to the trust chain of this HLR, the user utilizes the PKI of trust authority that the signature of trust authority is verified then;
2) if the user confirms that the HLR PKI in the HLR public key certificate is legal and available, then utilize the HLR PKI that IMSI is carried out encryption, the user sends to VLR with encrypted result (IMSI after promptly encrypting), rather than sends IMSI;
3) VLR obtains the IMSI ciphertext behind the user encryption, ciphertext is sent to the HLR of user attaching;
4) obtain expressly IMSI after the ciphertext that HLR utilizes private key deciphering VLR to transmit, determine to use the Ciphering Key (tlv triple or five-tuple) of corresponding user key K generation AKA authentication protocol and pass to VLR behind the user;
5) IMSI behind the VLR storage encryption with this identify label as the user, and carries out associated record with the Ciphering Key that receives from described HLR, and the user is authenticated.
Though the technical scheme user in conjunction with public key certificate will preset PKI equally, and the process of exchange certificate and the process of certification authentication are than the aforementioned all complexity of HLR PKI scheme that preset, but, the PKI that the user presets is difficult to change, therefore in the scheme that presets the HLR PKI, if the private key of HLR has leaked, want to change relatively difficulty of public and private secret key pair, and using under the situation of public key certificate, what the user preset is the PKI of trust authority, the level of security of trust authority is higher relatively, and risk is less, can ignore the situation of the needs change that may occur.The certificate of trust authority can be used widely, and the application of certificate makes that the management of PKI is convenient, also can consider the application scenarios of technical scheme under PKI (Public KeyInfrastructure, PKIX) in conjunction with public key certificate.
Safety analysis to the inventive method:
A) privacy
By the IMSI of user to the VLR transmission, and the identify label that VLR sends when the user initiates to authenticate connection all is the IMSI of process public key encryption *, under the assurance of algorithm security, the assailant can not therefrom obtain user profile.Because the possibility that has 4 decimal digit identifying users, assailant to obtain user profile from HLR information is about ten thousand/, thus making to attack does not have practical significance.Simultaneously, owing to added random number in the ciphering process, what make that each result who encrypts and inequality, assailant can not obtain the user from data encrypted obtains user's whereabouts for information about.
B) authentication property
IMSI *Introducing do not cause new safety problem.The assailant can't obtain the shared key K of user and HLR and fake user by the authentication of AKA agreement, can not carry out Replay Attack.In fact the inventive method is just changed user ID, does not influence the process of later authentication fully.
In addition, technical scheme of the present invention is to use public key encryption algorithm (being asymmetric cryptographic algorithm) to come IMSI is carried out encryption, but does not get rid of the feasibility of the protection scheme that uses symmetric cryptographic algorithm.If use the symmetric key cipher algorithm; can come encipherment protection IMSI by littler amount of calculation; but in order to guarantee that HLR can decrypt the IMSI of identifying user identity; must make HLR and each associated user who registers at this HLR share same key; under the identical situation of encrypting and decrypting key, the leakage part of any user side key can cause the scheme in the whole HLR log-on field invalid.As seen, public key cryptography scheme is better than the encrypted private key scheme in fail safe.
To sum up; the present invention is on the basis of original identify label of mobile communication and authentication protocol; by analysis to IMSI structure and original Verification System, the privacy of user guard method that the cryptographic algorithm that proposes to use public-key is hidden the part of sign user identity among the IMSI.Like this, the assailant can not confirm user's identity by passive wiretapping trick still initiatively, can not carry out catching user's privacies such as whereabouts.Simultaneously can not have influence on the affirmation of VLR again, thereby make the AKA agreement to carry out smoothly the HLR at user place.The present invention changes less to mobile communication original identify label method and Verification System; its cost is that the IMSI form after encrypting is had any different with plaintext IMSI data format; increase amount of calculation and memory space slightly at user side; do not increase new security threat, can effectively protect the privacy of IMSI.
Description of drawings
Fig. 1 is the flow chart that the present invention is based on the IMSI guard method of PKI.
Fig. 2 is the particular flow sheet of the protection IMSI scheme one that uses public-key of the embodiment of the invention 1 description.
Fig. 3 is the particular flow sheet of the protection IMSI scheme two that uses public-key of the embodiment of the invention 2 descriptions.
Embodiment
Below in conjunction with accompanying drawing, further describe the present invention by embodiment, but the scope that does not limit the present invention in any way.
User registration obtains USIM, comprising the shared key K of user's identify label IMSI, user and HLR, the PKI PK of HLR, and the associated public key encryption parameter.
At user's Access Network first, perhaps under the situation of TMSI authentification failure, VLR is to user's query IMSI.
Embodiment 1: to the scheme one of IMSI encryption
As shown in Figure 2, the user calculates IMSI *=IMSI 0|| E PK(IMSI||N), user storage IMSI *And send to VLR, wherein IMSI 0The part that comprises sign HLR among the IMSI, the random number that N produces for the user, E PKBe public key encryption algorithm; VLR is according to IMSI 0Obtain HLR information, and IMSI *Send to relevant HLR; HLR uses private key to IMSI *Middle IMSI 0The part deciphering of back obtains IMSI; After determining the user, HLR uses corresponding and user's cipher key shared K to produce the five-tuple of a plurality of AKA authentication protocols, with these five-tuples and IMSI *Send to VLR; VLR stores five-tuple, and according to IMSI *Arbitrary group of five-tuple wherein carries out the AKA agreement user authenticated.
Embodiment 2: to the IMSI encryption scheme two
As shown in Figure 3, the user calculates IMSI *=IMSI 1|| E PK(IMSI 2|| N), user storage IMSI *And send to VLR, wherein IMSI 1The part that comprises sign HLR among MCC, MNC among the IMSI and the MSIN, IMSI 2Be the part of identifying user identity, the random number that N produces for the user, E PKBe public key encryption algorithm; VLR is according to IMSI 1Obtain HLR information, IMSI *Send to relevant HLR, HLR uses the private key deciphering, obtains IMSI 2Thereby, obtain complete IMSI; After determining the user, HLR uses corresponding and user's cipher key shared K to produce the five-tuple of a plurality of AKA authentication protocols, with these five-tuples and IMSI *Send to VLR; VLR stores five-tuple, and according to IMSI *Arbitrary group of five-tuple wherein carries out the AKA agreement user authenticated.
After the foregoing description 1 or 2 authentications are passed through, produce TMSI by VLR, and send to the user after using the session key of consulting in the AKA agreement.Authentication finishes.VLR stores TMSI, and and IMSI *And five-tuple is associated, and is used for connecting authentication next time.
Instantiation about cryptographic algorithm
Elliptic curve cryptosystem is compared with other public-key cryptosystems, is all to have a clear superiority on fail safe or the calculated performance, is example with the elliptic curve public key cryptographic algorithm here, describes an instantiation of the present invention.
The IMSI of registered user A is 460030901178649, and wherein 460 are MCC sign country China, and 03 be the MNC marked network, and 0901178649 is the wherein HLR that registers of 0117 identifying user of MSIN unique identification user, 8649 identifying user individuals.IMSI is stored in user's the usim card.
In the elliptic curve public key cryptographic algorithm, HLR and user share following parameter:
p=6277101735386680763835789423207666416083908700390324961279,
a=fffffffffffffffffffffffffffffffefffffffffffffffc,
b=64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1,
G=03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012,
n=6277101735386680763835789423176059013767194773182842284081,
Wherein p, n are the decimal system, and a, b, G are hexadecimal.
The HLR private key is 65,105,677,090,601,507,605,681,076,345,635,856,719,010,015,669,561,566,565 9, and the calculating PKI is 0262b12d60690cdcf330babab6e69763b471f994dd702d16a5, and PKI is open.The PKI of HLR and above shared parameter also are stored in the usim card of user side.
When the user's access network first time or use TMSI authentification failure, carry out according to following scheme one or scheme two, IMSI is protected:
Scheme one: the user generates N=12345, and IMSI is filled into 20, and uses the public key encryption of HLR to get
6E9E9196C358AF435A3F4E73C4E771FD09BDAA8B377005F4D85FCB55 C2A5CF4D6618E9FA1EAEEE78, add HLR information and get before data encrypted:
IMSI *=460030901176E9E9196C358AF435A3F4E73C4E771FD09BDAA8B377005F4D85FCB55C2A5CF4D6618E9FA1EAEEE78
User storage IMSI *And send to VLR.
After VLR receives data, according to IMSI 0=46003090117, IMSI *Send to number and be 0117 HLR.
HLR uses the private key of oneself that 0117 later data are decrypted, and removes to fill to obtain IMSI=460030901178649, according to the user that IMSI identified, finds the corresponding key K of sharing, and the five-tuple that producing the AKA protocol authentication needs sends to VLR.
VLR is according to IMSI *Sign connects the user, carries out the AKA protocol authentication.
Scheme two: the user generates N=1234567890123456, to the part IMSI of sign individual subscriber among the IMSI 2=8649 are filled into 20, and the PKI that uses HLR is to IMSI 2|| N=86491234567890123456 encrypts,
E PK(IMSI 2||N)=AB4907A43BC84802F3DA6E960849A12A89944E180E559B79598520B500D09E5475D6C14E7ACC6292,
Add the IMSI that identifies national network and HLR among the IMSI 1Part:
IMSI *=46003090117AB4907A43BC84802F3DA6E960849A12A89944E180E559B79598520B500D09E5475D6C14E7ACC6292,
After VLR receives data, according to IMSI 1Obtain HLR sign, it is 0117 HLR that data are sent to number.
HLR uses the private key of oneself that 0117 later data are decrypted, and removes to fill to obtain
IMSI=460030901178649 according to the user that IMSI identified, finds the corresponding key K of sharing, and the five-tuple that producing the AKA protocol authentication needs sends to VLR.
VLR is according to IMSI *Sign connects the user, carries out the AKA protocol authentication.

Claims (9)

1. the method for in the mobile communication IMSI being protected may further comprise the steps:
1) HLR issues PKI to its registered user, and PKI is stored in SIM card or the usim card with user's IMSI and user key K;
2) when the user need be when VLR sends IMSI and carries out authentication, the user utilizes PKI that IMSI is carried out encryption, and the IMSI after encrypting is sent to VLR;
3) send it to the HLR of user attaching behind the IMSI after VLR obtains encrypting;
4) HLR utilizes the IMSI behind the private key enabling decryption of encrypted to obtain expressly IMSI, determines to use corresponding user key K to produce the Ciphering Key of AKA authentication protocol behind the user and pass to VLR;
5) IMSI behind the VLR storage encryption with this identify label as the user, and carries out associated record with the Ciphering Key that receives from described HLR, and the user is authenticated.
2. the method for in the mobile communication IMSI being protected may further comprise the steps:
1) user presets the PKI of trust authority, when the user need be when VLR sends IMSI and carries out authentication, send the public key certificate of oneself to the user by VLR, and the certificate revocation list of the trust authority that the user trusted or certificate status Query Result, with trust authority all certificates to the trust chain of this VLR, the user utilizes the PKI of trust authority that the signature of trust authority is verified then;
2) if the user confirms that the VLR PKI in the VLR public key certificate is legal and available, then utilize the VLR PKI that IMSI is carried out encryption, and the IMSI after will encrypting send to VLR;
3) IMSI behind the private key enabling decryption of encrypted of VLR utilization oneself obtains IMSI, and sends it to the HLR of user attaching;
4) HLR receives IMSI, determines to use the Ciphering Key of corresponding user key K generation AKA authentication protocol and pass to VLR behind the user;
5) IMSI behind the VLR storage encryption with this identify label as the user, and carries out associated record with the Ciphering Key that receives from HLR, and the user is authenticated.
3. the method for in the mobile communication IMSI being protected may further comprise the steps:
1) user presets the PKI of trust authority, when the user need be when VLR sends IMSI and carries out authentication, VLR elder generation is to the HLR of user's query user attaching, behind HLR inquiry public key certificate, send to the user then, the certificate revocation list or the certificate status Query Result of the trust authority that sends the user simultaneously and trusted, with trust authority all certificates to the trust chain of this HLR, the user utilizes the PKI of trust authority that the signature of trust authority is verified then;
2) if the user confirms that the HLR PKI in the HLR public key certificate is legal and available, then utilize the HLR PKI that IMSI is carried out encryption, and the IMSI after will encrypting send to VLR;
3) VLR obtains the IMSI behind the user encryption, sends it to the HLR of user attaching;
4) HLR utilizes the IMSI behind the private key enabling decryption of encrypted to obtain expressly IMSI, determines to use corresponding user key K to produce the Ciphering Key of AKA authentication protocol behind the user and pass to VLR;
5) IMSI behind the VLR storage encryption with this identify label as the user, and carries out associated record with the Ciphering Key that receives from described HLR, and the user is authenticated.
4. as claim 1 or 2 or 3 described methods, it is characterized in that step 2) to utilize PKI that IMSI is carried out the public key encryption algorithm that encryption adopts be the elliptic curve public key cryptographic algorithm to the user.
5. as claim 1 or 2 or 3 described methods, it is characterized in that, produce temporary identity sign TMSI for the user, and it is associated with IMSI and Ciphering Key after the encryption, be used for connecting authentication next time at step 5) VLR.
6. as claim 1 or 2 or 3 described methods, it is characterized in that step 2) comprise the whole result who carries out after the encryption among the IMSI after the described encryption to IMSI, also comprise the part that identifies HLR.
7. method as claimed in claim 6 is characterized in that step 2) user introduces a random number when IMSI is carried out encryption, make each ciphertext difference that obtains of encrypting.
8. as claim 1 or 2 or 3 described methods, it is characterized in that step 2) when the user encrypts IMSI, only encrypt last 4 bit digital of IMSI, and preceding 11 bit digital of reservation IMSI are constant.
9. method as claimed in claim 8 is characterized in that step 2) user introduces a random number when IMSI is carried out encryption, make each ciphertext difference that obtains of encrypting.
CN201010500529.1A 2010-09-30 2010-09-30 Method for protecting international mobile subscriber identity (IMSI) in mobile communication Expired - Fee Related CN101969638B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010500529.1A CN101969638B (en) 2010-09-30 2010-09-30 Method for protecting international mobile subscriber identity (IMSI) in mobile communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010500529.1A CN101969638B (en) 2010-09-30 2010-09-30 Method for protecting international mobile subscriber identity (IMSI) in mobile communication

Publications (2)

Publication Number Publication Date
CN101969638A true CN101969638A (en) 2011-02-09
CN101969638B CN101969638B (en) 2013-08-14

Family

ID=43548707

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010500529.1A Expired - Fee Related CN101969638B (en) 2010-09-30 2010-09-30 Method for protecting international mobile subscriber identity (IMSI) in mobile communication

Country Status (1)

Country Link
CN (1) CN101969638B (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580314A (en) * 2013-10-24 2015-04-29 中国移动通信集团广东有限公司 Data isolation method and device for cloud computing system as well as terminal
CN105208552A (en) * 2015-09-06 2015-12-30 集怡嘉数码科技(深圳)有限公司 Realization method for binding of mobile terminal and smart card
CN105306406A (en) * 2014-05-26 2016-02-03 中国移动通信集团公司 Negotiation method of authentication and key negotiation algorithm, network side equipment and user equipment
CN105813066A (en) * 2014-12-29 2016-07-27 联芯科技有限公司 Method and system for preventing mobile terminal tracking
CN107431916A (en) * 2015-03-05 2017-12-01 高通股份有限公司 Identity privacy in wireless network
CN107708103A (en) * 2017-11-05 2018-02-16 浙江东信昆辰科技股份有限公司 The method and system of number secrecy are realized based on MAP signalings
CN109496412A (en) * 2016-07-17 2019-03-19 高通股份有限公司 Use the verifying of privacy identification code
CN109691058A (en) * 2016-07-18 2019-04-26 瑞典爱立信有限公司 Use the operation related with user equipment of password identifiers
CN109803251A (en) * 2017-11-16 2019-05-24 诺基亚技术有限公司 Method and apparatus for the privacy management entity selection in communication system
CN109905879A (en) * 2019-03-23 2019-06-18 西安电子科技大学 Transmission line of electricity based on ECC algorithm monitors terminal security cut-in method
CN110167013A (en) * 2018-02-13 2019-08-23 华为技术有限公司 A kind of communication means and device
CN110248359A (en) * 2018-03-07 2019-09-17 中国移动通信有限公司研究院 A kind of encipherment scheme, terminal, network element device and computer storage medium
CN110351721A (en) * 2018-04-08 2019-10-18 中兴通讯股份有限公司 Access method and device, the storage medium, electronic device of network slice
CN110830990A (en) * 2018-08-09 2020-02-21 华为技术有限公司 Identity information processing method, equipment and system
US10834063B2 (en) 2017-07-06 2020-11-10 At&T Intellectual Property I, L.P. Facilitating provisioning of an out-of-band pseudonym over a secure communication channel
US10931445B2 (en) 2015-11-12 2021-02-23 Huawei International Pte Ltd. Method and system for session key generation with diffie-hellman procedure

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SG10201603367TA (en) 2016-04-27 2017-11-29 Huawei Int Pte Ltd Method and system for authentication with asymmetric key
US10136318B1 (en) 2017-06-21 2018-11-20 At&T Intellectual Property I, L.P. Authentication device selection to facilitate authentication via an updateable subscriber identifier
CN107580324B (en) * 2017-09-22 2020-05-08 中国电子科技集团公司第三十研究所 Method for protecting IMSI privacy of mobile communication system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101552668A (en) * 2008-03-31 2009-10-07 展讯通信(上海)有限公司 Certificating method, user equipment and base station for accessing user equipment into network
CN101741555A (en) * 2008-11-12 2010-06-16 中兴通讯股份有限公司 Method and system for identity authentication and key agreement
CN101808313A (en) * 2010-03-09 2010-08-18 华为技术有限公司 Method for acquiring TMSI (Temporary Mobile Subscriber Identity), mobile station, home location register and communication system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101552668A (en) * 2008-03-31 2009-10-07 展讯通信(上海)有限公司 Certificating method, user equipment and base station for accessing user equipment into network
CN101741555A (en) * 2008-11-12 2010-06-16 中兴通讯股份有限公司 Method and system for identity authentication and key agreement
CN101808313A (en) * 2010-03-09 2010-08-18 华为技术有限公司 Method for acquiring TMSI (Temporary Mobile Subscriber Identity), mobile station, home location register and communication system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
曾勇: "一种基于非对称密钥密码体制的IMSI保护方案", 《通信技术》, no. 09, 30 September 2008 (2008-09-30) *
邓亚平等: "基于公钥体制的3GPP认证与密钥协商协议", 《计算机应用》, no. 11, 30 November 2009 (2009-11-30) *

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580314A (en) * 2013-10-24 2015-04-29 中国移动通信集团广东有限公司 Data isolation method and device for cloud computing system as well as terminal
CN105306406A (en) * 2014-05-26 2016-02-03 中国移动通信集团公司 Negotiation method of authentication and key negotiation algorithm, network side equipment and user equipment
CN105813066A (en) * 2014-12-29 2016-07-27 联芯科技有限公司 Method and system for preventing mobile terminal tracking
CN107431916B (en) * 2015-03-05 2020-11-13 高通股份有限公司 Method, user equipment, server and non-transitory computer readable medium for network access technology
CN107431916A (en) * 2015-03-05 2017-12-01 高通股份有限公司 Identity privacy in wireless network
US11496891B2 (en) 2015-03-05 2022-11-08 Qualcomm Incorporated Identity privacy in wireless networks
US10237729B2 (en) 2015-03-05 2019-03-19 Qualcomm Incorporated Identity privacy in wireless networks
CN105208552A (en) * 2015-09-06 2015-12-30 集怡嘉数码科技(深圳)有限公司 Realization method for binding of mobile terminal and smart card
US10931445B2 (en) 2015-11-12 2021-02-23 Huawei International Pte Ltd. Method and system for session key generation with diffie-hellman procedure
CN109496412A (en) * 2016-07-17 2019-03-19 高通股份有限公司 Use the verifying of privacy identification code
CN109496412B (en) * 2016-07-17 2021-12-31 高通股份有限公司 Authentication using private identification codes
US11870765B2 (en) 2016-07-18 2024-01-09 Telefonaktiebolaget Lm Ericsson (Publ) Operation related to user equipment using secret identifier
US11539683B2 (en) 2016-07-18 2022-12-27 Telefonaktiebolaget Lm Ericsson (Publ) Operation related to user equipment using secret identifier
CN109691058A (en) * 2016-07-18 2019-04-26 瑞典爱立信有限公司 Use the operation related with user equipment of password identifiers
US10834063B2 (en) 2017-07-06 2020-11-10 At&T Intellectual Property I, L.P. Facilitating provisioning of an out-of-band pseudonym over a secure communication channel
CN107708103A (en) * 2017-11-05 2018-02-16 浙江东信昆辰科技股份有限公司 The method and system of number secrecy are realized based on MAP signalings
CN107708103B (en) * 2017-11-05 2020-08-14 浙江东信昆辰科技股份有限公司 Method for realizing number security based on MAP signaling
CN109803251A (en) * 2017-11-16 2019-05-24 诺基亚技术有限公司 Method and apparatus for the privacy management entity selection in communication system
CN109803251B (en) * 2017-11-16 2021-11-26 诺基亚技术有限公司 Method and apparatus for privacy management entity selection in a communication system
CN110167013B (en) * 2018-02-13 2020-10-27 华为技术有限公司 Communication method and device
CN110167013A (en) * 2018-02-13 2019-08-23 华为技术有限公司 A kind of communication means and device
CN110248359A (en) * 2018-03-07 2019-09-17 中国移动通信有限公司研究院 A kind of encipherment scheme, terminal, network element device and computer storage medium
CN110351721A (en) * 2018-04-08 2019-10-18 中兴通讯股份有限公司 Access method and device, the storage medium, electronic device of network slice
CN110830990A (en) * 2018-08-09 2020-02-21 华为技术有限公司 Identity information processing method, equipment and system
US11510052B2 (en) 2018-08-09 2022-11-22 Huawei Technologies Co., Ltd. Identity information processing method, device, and system
CN109905879A (en) * 2019-03-23 2019-06-18 西安电子科技大学 Transmission line of electricity based on ECC algorithm monitors terminal security cut-in method
CN109905879B (en) * 2019-03-23 2021-04-02 西安电子科技大学 ECC algorithm-based safe access method for power transmission line monitoring terminal

Also Published As

Publication number Publication date
CN101969638B (en) 2013-08-14

Similar Documents

Publication Publication Date Title
CN101969638B (en) Method for protecting international mobile subscriber identity (IMSI) in mobile communication
CN101116284B (en) Clone resistant mutual authentication method, identity module, server and system in a radio communication network
US7269730B2 (en) Method and apparatus for providing peer authentication for an internet key exchange
US9253178B2 (en) Method and apparatus for authenticating a communication device
CN101052033B (en) Certifying and key consulting method and its device based on TTP
CN1929371B (en) Method for negotiating key share between user and peripheral apparatus
CN100589381C (en) User identity secret-keeping method in communication system
CN101102186B (en) Method for implementing general authentication framework service push
Liu et al. Toward a secure access to 5G network
CN108683510A (en) A kind of user identity update method of encrypted transmission
Khan et al. Defeating the downgrade attack on identity privacy in 5G
CN101741555A (en) Method and system for identity authentication and key agreement
CN110995418A (en) Cloud storage authentication method and system, edge computing server and user router
CN108964897B (en) Identity authentication system and method based on group communication
CN114765534B (en) Private key distribution system and method based on national secret identification cryptographic algorithm
CN103118363A (en) Method, system, terminal device and platform device of secret information transmission
CN101192927B (en) Authorization based on identity confidentiality and multiple authentication method
Madhusudhan A secure and lightweight authentication scheme for roaming service in global mobile networks
Hwang et al. On the security of an enhanced UMTS authentication and key agreement protocol
Yang et al. A trust and privacy preserving handover authentication protocol for wireless networks
Niu et al. A novel user authentication scheme with anonymity for wireless communications
Zheng et al. Trusted computing-based security architecture for 4G mobile networks
Lu et al. On the security of an efficient mobile authentication scheme for wireless networks
WO2021093811A1 (en) Network access method and related device
Go et al. Wireless authentication protocol preserving user anonymity

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20130814

Termination date: 20160930