CN102143490B - Method and device for generating message identifying code in LTE (Long Term Evolution) system - Google Patents

Method and device for generating message identifying code in LTE (Long Term Evolution) system Download PDF

Info

Publication number
CN102143490B
CN102143490B CN201010104128.4A CN201010104128A CN102143490B CN 102143490 B CN102143490 B CN 102143490B CN 201010104128 A CN201010104128 A CN 201010104128A CN 102143490 B CN102143490 B CN 102143490B
Authority
CN
China
Prior art keywords
data
mul
tables
message
xor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201010104128.4A
Other languages
Chinese (zh)
Other versions
CN102143490A (en
Inventor
孔令斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Leadcore Technology Co Ltd
Original Assignee
Leadcore Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Leadcore Technology Co Ltd filed Critical Leadcore Technology Co Ltd
Priority to CN201010104128.4A priority Critical patent/CN102143490B/en
Publication of CN102143490A publication Critical patent/CN102143490A/en
Application granted granted Critical
Publication of CN102143490B publication Critical patent/CN102143490B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a method and device for generating a message identifying code in an LTE (Long Term Evolution) system. The method for generating the message identifying code in the LTE system comprises the steps of: presetting a first MUL (multiplication) datasheet and a second MUL datasheet with a first variable and a second variable as header element values, wherein the first and the second MUL datasheets consist of sixty four 64-bit elements respectively; traversing 64-bit long message segments divided from current messages and conducting look-up table operation on the first MUL datasheet on the basis of each bit datum in turn; carrying out XOR operation on the operation result and the current message length, then traversing the results of the XOR operation and conducting look-up table operation on the second MUL datasheet on the basis of each bit datum of the results in turn; and finally generating the message identifying code based on the results of look-up table operation on the second MUL datasheet and a third variable. By adopting the method or the device provided the invention, memory space can be reduced and the time of generating the identifying code is also reduced.

Description

Generate the method and the device of Message Authentication Code in a kind of LTE system
Technical field
The present invention relates to data processing field, particularly relate to the method and the device that generate Message Authentication Code in a kind of LTE system.
Background technology
Along with the development of mobile communication technology, (safety problem becomes one of key problem of mobile communications device to agreement Network Based for Internet Protocol, open network architedure IP) and the characteristic of radio transmission.(Long Term Evolution, LTE) in the device, fail safe relates to two aspects of confidentiality and integrity at present Long Term Evolution.Generally speaking; the user plane of LTE (User Plane; UP) data need Confidentiality protection; control plane (Control Plane; CP) Radio Resource control (Radio Resource Control; RRC) (NonAccess Stratum, NAS) signaling needs the confidentiality and integrity protection for signaling and Non-Access Stratum.EPS confidentiality algorithm (EEA) and the EPS Integrity Algorithm (EIA) of realizing LTE fail safe protection mechanism comprise, based on 128-EEA1 and the 128-EIA1 of SNOW 3G, and based on 128-EEA2 and the 128-EIA2 of AES.Wherein, the implementation of integrity protection mechanism 128-EIA1 mainly constitutes 128 initial vectors (IV) by counting (COUNT), carrying (BEARER), direction (DIRECTION); under the control of Integrity Key (IK); for message (MESSAGE) generates 32 message authentication code (MAC), utilize this message authentication code between transmit leg and recipient, can verify to the integrality of message.
Concrete, according to LTE correlation technique standard, 128-EIA1 mainly comprises in implementation procedure: with IK and the IV input parameter as SNOW 3G key stream generator, the key stream word sequence that generation is made of 5 32 words, and according to 3 variablees of this 5 key stream word sequence definitions, the first variable P, second variable Q and the ternary OTP; When carrying out MAC calculating, according to the length of MESSAGE, MESSAGE is divided into D 64 message section M,
Figure GSA00000009299100011
Figure GSA00000009299100021
M is estimated by the MUL function at the P point initial value of definition estimated value (EVAL) is 0.With message section M iWith previous message section M I-1The EVAL that calculates carries out XOR and (uses symbol
Figure GSA00000009299100022
Expression) computing is again by MUL function calculation M iEstimated value in that P is ordered is stored among the EVAL.The rest may be inferred, when finishing last message section M D-1After the estimated value that P is ordered, EVAL and LENGTH are carried out XOR, calculate the value E that the XOR value is estimated by the MUL function at Q point, intercept preceding 32 and carry out XOR of E at last with OTP, generate the MAC of the MESSAGE of application 128-EIA1 algorithm.
In the prior art, when using look-up table to calculate X in the estimated value that P is ordered, ordinary circumstance is given a definition 8 and is shown PM[0], PM[1] ..., PM[7], each table comprises 256 the 64 plain PM[i of bit] [0], PM[i] [1], ..., PM[i] [255], define MULx (V) function and 64 bit constant r=0x000000000000001B simultaneously, if the highest order V[0 of V] equal 0, then V is moved to left (with symbol<<expression) 1, i.e. MULx (V)=V<<1; Otherwise V moved to left carry out XOR with r after 1, promptly
Figure GSA00000009299100023
From said process as can be seen; in existing LTE integrity protection mechanism 128-EIA1; need the individual 64 bit table elements in storage 2048 (8 * 256); the nested operation that replaces the MUL function by look-up table; though in the process that generates Message Authentication Code, simplified the operation of MUL function; but generate the list item process therein and taken a large amount of memory spaces, also increased a large amount of processing times simultaneously.
Summary of the invention
Technical problem to be solved by this invention provides the method that generates Message Authentication Code in a kind of LTE system, generates the problem that Message Authentication Code takies a large amount of memory spaces and increased a large amount of processing times in the prior art in order to solve.
Another object of the present invention is that above-mentioned design is applied in the concrete applied environment, and the device that generates Message Authentication Code in a kind of LTE system is provided, thereby guarantees the realization and the application of this method.
For solving the problems of the technologies described above, the embodiment of the invention provides the method that generates Message Authentication Code in a kind of LTE system, comprising:
Preset respectively with first variable and second variable MUL tables of data and the 2nd MUL tables of data as header element numerical value, the element number of a described MUL tables of data and the 2nd MUL tables of data is 64, and the figure place of each element is 64;
64 long message sections that traversal is divided current message, successively according to bits per inch according to the MUL tables of data computing of tabling look-up: judge whether the data of the corresponding numerical digit of a described MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of a described MUL tables of data are carried out XOR and output; Otherwise, a described MUL tables of data corresponding positions is directly exported;
Above-mentioned operation result and described current message-length are carried out XOR, and travel through the result of described XOR, according to the certificate of the bits per inch among this result the 2nd MUL tables of data is carried out the described computing of tabling look-up successively;
Result and ternary according to computing that the 2nd MUL tables of data is tabled look-up generate Message Authentication Code.
Preferably, other list cell prime implicants of a described MUL tables of data and the 2nd MUL tables of data are derived according to header element numerical value and are obtained, and described derivation mode is specially:
Adopt formula PMC[i]=MULx (PMC[i-1]), i=1......63, successively in the calculated data table except header element the value of other 63 bit table elements;
Wherein, the account form of described MULx (V) function is:
Highest order V[0 as V] be 0, MULx (V)=V<<1 then; Otherwise, MULx ( V ) MULx ( V ) = ( V < < 1 ) &CirclePlus; 0 x 000000000000001 B .
Preferably, described judging whether carried out XOR to the data of the corresponding numerical digit of a described MUL tables of data, specifically comprises:
Judge each numerical value of 64 input parameters by turn, if be 1, then the initial value of table element that will be corresponding with this input parameter and output parameter carries out XOR and output according to following formula:
OUT = OUT &CirclePlus; PMC [ i ] , i = 0,1 , . . . , 63 ;
If be 0, then a described MUL tables of data corresponding positions is directly exported.
Preferably, also comprise:
Be sent to the recipient according to described Message Authentication Code and target message, so that the recipient is according to the integrality of described Message Authentication Code checking target message.
Preferably, described foundation generates Message Authentication Code to the table look-up result of computing and ternary of the 2nd MUL tables of data, specifically comprises:
Intercept preceding 32 of the operation result of tabling look-up of described second calculating process, and and ternary carry out XOR, to obtain the identifying code of described current message.
The embodiment of the invention also provides the device that generates Message Authentication Code in a kind of LTE system, comprising:
Pretreatment module is used to preset respectively with first variable and second variable MUL tables of data and the 2nd MUL tables of data as header element numerical value, and the element number of a described MUL tables of data and the 2nd MUL tables of data is 64, and the figure place of each element is 64;
First computing module, be used to travel through 64 long message sections that current message is divided, successively according to bits per inch according to the MUL tables of data computing of tabling look-up: judge whether the data of the corresponding numerical digit of a described MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of a described MUL tables of data are carried out XOR and output; Otherwise, a described MUL tables of data corresponding positions is directly exported;
Second computing module, be used for the operation result and the described current message-length of described first computing module are carried out XOR, and travel through the result of described XOR, successively according to the bits per inch among this result according to the 2nd MUL tables of data is carried out the described computing of tabling look-up;
Generate the identifying code module, be used for generating Message Authentication Code according to the result and the ternary of computing that the 2nd MUL tables of data is tabled look-up.
Preferably, other list cell prime implicants of a described MUL tables of data and the 2nd MUL tables of data are derived according to header element numerical value and are obtained, and described derivation mode is specially:
Adopt formula PMC[i]=MULx (PMC[i-1]), i=1......63, successively in the calculated data table except header element the value of other 63 bit table elements;
Wherein, the account form of described MULx (V) function is:
Highest order V[0 as V] be 0, MULx (V)=V<<<<1 then; Otherwise, MULx ( V ) MULx ( V ) = ( V < < 1 ) &CirclePlus; 0 x 000000000000001 B .
Preferably, described first computing module specifically is used for: judge each numerical value of 64 input parameters by turn, if be 1, then the initial value of table element that will be corresponding with this input parameter and output parameter carries out XOR and output according to following formula:
OUT = OUT &CirclePlus; PMC [ i ] , i = 0,1 , . . . , 63 ;
If be 0, then a described MUL tables of data corresponding positions is directly exported.
Preferably, also comprise:
Sending module is used for being sent to the recipient according to described Message Authentication Code and target message, so that the recipient is according to the integrality of described Message Authentication Code checking target message.
Preferably, described generation identifying code module specifically comprises:
The intercepting submodule is used to intercept preceding 32 of the operation result of tabling look-up of described second calculating process;
The operator module is used for the result and the ternary of described intercepting submodule are carried out XOR, to obtain the identifying code of described current message.
Compared with prior art, the present invention has the following advantages:
In the present embodiment, by in generating the Message Authentication Code process to the optimization of lookup table mode, make and have only 64 bit elements in the MUL tables of data that the length of every bit element also is 64, thereby can save the memory space of table element, and when calculating, also can reduce the processing time.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the flow chart that generates the embodiment 1 of Message Authentication Code in the LTE of the present invention system;
Fig. 2 is the flow chart that generates the embodiment 2 of Message Authentication Code in the LTE of the present invention system;
Fig. 3 is the structural representation that generates the device embodiment 1 of Message Authentication Code in the LTE of the present invention system;
Fig. 4 is the structural representation that generates the device embodiment 2 of Message Authentication Code in the LTE of the present invention system.
Embodiment
For above-mentioned purpose of the present invention, feature and advantage can be become apparent more, the present invention is further detailed explanation below in conjunction with the drawings and specific embodiments.
With reference to figure 1, show the flow chart that generates the method embodiment 1 of Message Authentication Code in a kind of LTE of the present invention system, can may further comprise the steps:
Step 101: preset respectively with first variable and second variable MUL tables of data and the 2nd MUL tables of data as header element numerical value, the element number of a described MUL tables of data and the 2nd MUL tables of data is 64, and the figure place of each element is 64.
In the present embodiment, carrying out at first needing to preset two tables of data in the process of Message Authentication Code generation, promptly is a MUL tables of data and the 2nd MUL tables of data, the element number of a described MUL tables of data and the 2nd MUL tables of data is 64, and the figure place of each element is 64.The header element value of a described MUL tables of data also needs to be appointed as in advance the first variable P, PMC[0]=P; The one MUL tables of data PMC need comprise 64 the 64 plain PMC[0 of bit], PMC[1] ..., PMC[63]; Simultaneously, the initial value of output parameter OUT1 is set to 0 in step 101.
For i=1,2 ..., 63, calculating each table element of MUL tables of data promptly is PMC[i] value, can utilize formula PMC[i]=MULx (PMC[i-1]) derives.Promptly being according to the header element value P that a MUL tables of data is set, deriving the numerical value of other each table elements in the MUL tables of data, promptly is PMC[1] by PMC[0] derive PMC[2] again by PMC[1] derive.The rest may be inferred, up to PMC[63] by PMC[62] derive, promptly finished the derivation of a MUL data list element.
Step 102: 64 long message sections that traversal is divided current message, successively according to bits per inch according to the MUL tables of data computing of tabling look-up: judge whether the data of the corresponding numerical digit of a described MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of a described MUL tables of data are carried out XOR and output; Otherwise, a described MUL tables of data corresponding positions is directly exported.
In the present embodiment, 64 long message sections to current message division, can be used as one 64 input parameter X, work as i=0,1, ...,, need judge the value of X by turn, at 63 o'clock if X[i] value be 1, the element PMC[i among the MUL tables of data PMC then] participate in XOR, its operational formula is
Figure GSA00000009299100071
If X[i] value be 0, PMC[i then] do not participate in XOR.Utilize this mode to travel through after each of X, the output parameter value OUT1 that obtains through XOR is a generation value of looking into MUL table generation process.
Step 103: above-mentioned operation result and described current message-length are carried out XOR, and travel through the result of described XOR, according to the certificate of the bits per inch among this result the 2nd MUL tables of data is carried out the described computing of tabling look-up successively.
The header element value of described the 2nd MUL tables of data is set to the second variable Q, and then derive the successively value of each element of obtaining the 2nd MUL tables of data of the derivation mode in the refer step 101.Simultaneously, generation value OUT1 with a MUL tables of data, with current message-length promptly be that 64 number carries out XOR, with the result of this XOR as the reference data, the computing of carrying out in according to this reference data of 64 data of 64 of the correspondences in described the 2nd MUL tables of data carry out steps 102 successively of tabling look-up obtains the output valve of the 2nd MUL tables of data.
Step 104: result and ternary according to computing that the 2nd MUL tables of data is tabled look-up generate Message Authentication Code.
Output valve and ternary OTP according to described the 2nd MUL tables of data can calculate Message Authentication Code.
In the present embodiment, the data list element of definition (being list item) all needs to take memory space.And each table element is all derived by initial value, and table element quantity is many more, and the calculation times that needs is also just many more, and the corresponding processing time is also just long more.Because the essence of look-up table is in the prior art: if one 64 figure place X is divided into N M figure place, promptly N * M=64 then needs N table, and each table comprises 2 MIndividual table element, table element add up to N * 2 MWhen N=64, M=1, be 2 7And the special case of foundation of the present invention when being N=64, M=1, but this special case is optimized, only need to generate 64 table elements of table PMC,, judge whether each element in a MUL tables of data and the 2nd MUL tables of data needs to participate in computing by the judgment mode by turn among the embodiment.Therefore, the improvement that can bring two aspects in the present embodiment for the change of table element quantity in the tables of data: the one, reduced the table element number that needs storage; The 2nd, reduced the calculation times of table element value.
Because the LTE system need satisfy broadband services demand (downstream rate 100Mb/s, upstream rate 50Mb/s), therefore its processing speed to security algorithm requires very high, and portable terminal all has strict demand to power consumption and volume, and in the present embodiment, adopt the method for above-mentioned generation Message Authentication Code can satisfy LTE to the requirement of security algorithm on processing speed and memory space, saved the memory space of table element, simultaneously also reduce the calculation times of table element value, thereby can reduce the processing time of calculating.
With reference to figure 2, show the flow chart that generates the method embodiment 2 of Message Authentication Code in a kind of LTE of the present invention system, present embodiment can may further comprise the steps:
Step 201: the element number that a MUL tables of data and the 2nd MUL tables of data are set is respectively 64, the figure place of the one MUL tables of data and the 2nd MUL data list element is 64, the header element value of a described MUL tables of data is first variable, the header element value of described the 2nd MUL tables of data is second variable, and, the initial value OUT1 of the output parameter of the one MUL tables of data is that the initial value OUT2 of the output parameter of 0, the two MUL tables of data is 0.
Step 202: adopt formula PMC[i]=MULx (PMC[i-1]), i=1......63 calculates in a MUL tables of data and the 2nd MUL tables of data value of other 63 bit table elements except header element successively.
Concrete, in actual applications, the account form of described MULx (V) function is: as the highest order V[0 of V] be 0, MULx (V)=V<<<<1 then; Otherwise, MULx ( V ) MULx ( V ) = ( V < < 1 ) &CirclePlus; 0 x 000000000000001 B .
Step 203: current message is divided 64 long message sections, judge each numerical value of 64 long message sections by turn,, then enter step 204,, then enter step 205 if be 0 if be 1.
Step 204: the table element that will be corresponding with this input parameter and the initial value of output parameter carry out XOR according to following formula:
Figure GSA00000009299100083
I=0,1 ..., 63, enter step 206.
Adopt formula
Figure GSA00000009299100084
I=0,1 ..., 63, get access to the operation result that need carry out the corresponding numerical digit of XOR, and carry out deterministic process the next bit numerical value of input parameter.
Step 205: a described MUL tables of data corresponding positions is directly exported, entered step 206.
In this step, then be that then the table element value in the Dui Ying MUL tables of data does not participate in computing when the value of the corresponding numerical digit of input parameter is 0.
Need to prove, step 204 and step 205 are step 203 different follow-up processing flow when traveling through, after the ergodic process of step 203 finished, the computational process of step 204 and step 205 just finished, and just can acquire the estimated value that each message section is ordered at P.
Step 206: the final output valve and the described current message-length of a MUL tables of data are carried out XOR, and travel through the result of described XOR, according to the certificate of the bits per inch among this result the 2nd MUL tables of data is carried out the described computing of tabling look-up successively.
In this step, because be consistent with lookup table mode, so do not repeat them here to a MUL tables of data to the lookup table mode of the 2nd MUL tables of data.Through described the 2nd MUL tables of data is carried out after the described computing of tabling look-up, can obtain the estimated value that the final output valve of a MUL tables of data and XOR value that message-length carries out XOR are ordered at Q.
Step 207: intercept preceding 32 of the operation result of tabling look-up of described the 2nd MUL tables of data, and and ternary carry out XOR, to obtain the identifying code of described current message.
Wherein, described ternary is OTP, promptly be at first to intercept preceding 32 of estimated value that described XOR value orders at Q, and and OTP carry out XOR, with the Message Authentication Code of XOR as described current message.
Step 208: be sent to the recipient according to described Message Authentication Code and target message, so that the recipient is according to the integrality of described Message Authentication Code checking target message.
In the present embodiment, transmit leg can be sent to the recipient together with described Message Authentication Code and message to be sent, so that the recipient can verify the integrality of target message according to described Message Authentication Code.
Need to prove, for aforesaid each method embodiment, for simple description, so it all is expressed as a series of combination of actions, but those skilled in the art should know, the present invention is not subjected to the restriction of described sequence of movement, because according to the present invention, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in the specification all belongs to preferred embodiment, and related action and module might not be that the present invention is necessary.
With reference to figure 3, show the structured flowchart that generates the device embodiment 1 of Message Authentication Code in a kind of LTE of the present invention system, can comprise with lower module:
Pretreatment module 301, be used to preset respectively with first variable and second variable a MUL tables of data and the 2nd MUL tables of data as header element numerical value, the element number of a described MUL tables of data and the 2nd MUL tables of data is 64, and the figure place of each element is 64.
First computing module 302, be used to travel through 64 long message sections that current message is divided, successively according to bits per inch according to the MUL tables of data computing of tabling look-up: judge whether the data of the corresponding numerical digit of a described MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of a described MUL tables of data are carried out XOR and output; Otherwise, a described MUL tables of data corresponding positions is directly exported.
Second computing module 303, be used for the operation result and the described current message-length of described first computing module are carried out XOR, and travel through the result of described XOR, successively according to the bits per inch among this result according to the 2nd MUL tables of data is carried out the described computing of tabling look-up.
Generate identifying code module 304, be used for generating Message Authentication Code according to the result and the ternary of computing that the 2nd MUL tables of data is tabled look-up.
With reference to figure 4, show the structured flowchart that generates the device embodiment 2 of Message Authentication Code in a kind of LTE of the present invention system, can comprise with lower module:
Pretreatment module 301, be used to preset respectively with first variable and second variable a MUL tables of data and the 2nd MUL tables of data as header element numerical value, the element number of a described MUL tables of data and the 2nd MUL tables of data is 64, and the figure place of each element is 64;
First computing module 302, be used to travel through 64 long message sections that current message is divided, successively according to bits per inch according to the MUL tables of data computing of tabling look-up: judge whether the data of the corresponding numerical digit of a described MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of a described MUL tables of data are carried out XOR and output; Otherwise, a described MUL tables of data corresponding positions is directly exported;
Other list cell prime implicants of a described MUL tables of data and the 2nd MUL tables of data are derived according to header element numerical value and are obtained, and described derivation mode is specially:
Adopt formula PMC[i]=MULx (PMC[i-1]), i=1......63, successively in the calculated data table except header element the value of other 63 bit table elements;
Wherein, the account form of described MULx (V) function is:
Highest order V[0 as V] be 0, MULx (V)=V<<<<1 then; Otherwise, MULx ( V ) MULx ( V ) = ( V < < 1 ) &CirclePlus; 0 x 000000000000001 B .
Described first computing module specifically is used for: judge each numerical value of 64 input parameters by turn, if be 1, then the initial value of table element that will be corresponding with this input parameter and output parameter carries out XOR and output according to following formula:
OUT = OUT &CirclePlus; PMC [ i ] , i = 0,1 , . . . , 63 ;
If be 0, then a described MUL tables of data corresponding positions is directly exported.
Second computing module 303, be used for the operation result and the described current message-length of described first computing module are carried out XOR, and travel through the result of described XOR, successively according to the bits per inch among this result according to the 2nd MUL tables of data is carried out the described computing of tabling look-up.
Intercepting submodule 401 is used to intercept preceding 32 of the operation result of tabling look-up of described second calculating process;
Operator module 402 is used for the result and the ternary of described intercepting submodule are carried out XOR, to obtain the identifying code of described current message.
Sending module 403 is used for being sent to the recipient according to described Message Authentication Code and target message, so that the recipient is according to the integrality of described Message Authentication Code checking target message.
Need to prove that each embodiment in this specification all adopts the mode of going forward one by one to describe, what each embodiment stressed all is and the difference of other embodiment that identical similar part is mutually referring to getting final product between each embodiment.For device class embodiment, because it is similar substantially to method embodiment, so description is fairly simple, relevant part gets final product referring to the part explanation of method embodiment.
Need to prove, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thereby make and comprise that process, method, article or the equipment of a series of key elements not only comprise those key elements, but also comprise other key elements of clearly not listing, or also be included as this process, method, article or equipment intrinsic key element.Do not having under the situation of more restrictions, the key element that limits by statement " comprising ... ", and be not precluded within process, method, article or the equipment that comprises described key element and also have other identical element.
More than the device that generates Message Authentication Code in the method that generates Message Authentication Code in a kind of LTE provided by the present invention system and the LTE system is described in detail, used specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, the part that all can change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.

Claims (8)

1. generate the method for Message Authentication Code in the LTE system, it is characterized in that, comprising:
Preset respectively with first variable and second variable a MUL tables of data and the 2nd MUL tables of data as header element numerical value, the element number of a described MUL tables of data and the 2nd MUL tables of data is 64, the figure place of each element is 64, other list cell prime implicants of a described MUL tables of data and the 2nd MUL tables of data are derived according to header element numerical value and are obtained, and described derivation mode is specially:
Adopt formula PMC[i]=MULx (PMC[i-1]), i=1 ... 63, successively in the calculated data table except header element the value of other 63 table elements, described PMC[i] be i table element in a MUL tables of data or the 2nd MUL tables of data;
Wherein, the account form of described MULx (V) function is:
Highest order V[0 as V] be 0, MULx (V)=V<<1 then; Otherwise, MULx ( V ) = ( V < < 1 ) &CirclePlus; 0 x 000000000000001 B ;
Current message is divided into a plurality of 64 long message sections and travels through each message section, successively according to the bits per inch of each message section according to computing that a MUL tables of data is tabled look-up: judge whether the data of the corresponding numerical digit of a described MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of a described MUL tables of data are carried out XOR and output; Otherwise, a described MUL tables of data corresponding positions is directly exported;
Above-mentioned operation result and described current message-length are carried out XOR, and travel through the result of described XOR, successively according to the bits per inch among the result of described XOR according to computing that the 2nd MUL tables of data is tabled look-up: judge whether the data of the corresponding numerical digit of described the 2nd MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of described the 2nd MUL tables of data are carried out XOR and output; Otherwise, described the 2nd MUL tables of data corresponding positions is directly exported;
Result and ternary according to computing that the 2nd MUL tables of data is tabled look-up generate Message Authentication Code.
2. the method for claim 1 is characterized in that, described judging whether carried out XOR to the data of the corresponding numerical digit of a described MUL tables of data, specifically comprises:
Judge each numerical value of 64 input parameters by turn,, table element PMC[i that then will be corresponding with this input parameter if be 1] and the initial value OUT of output parameter carry out XOR and output according to following formula:
OUT = OUT &CirclePlus; PMC [ i ] , i = 0,1 , . . . , 63 ;
If be 0, then a described MUL tables of data corresponding positions is directly exported.
3. the method for claim 1 is characterized in that, also comprises:
Described Message Authentication Code and target message are sent to the recipient, so that the recipient is according to the integrality of described Message Authentication Code checking target message.
4. the method for claim 1 is characterized in that, described foundation generates Message Authentication Code to the table look-up result of computing and ternary of the 2nd MUL tables of data, specifically comprises:
Intercept preceding 32 of the operation result of tabling look-up of described the 2nd MUL tables of data, and and ternary carry out XOR, to obtain the identifying code of described current message.
5. generate the device of Message Authentication Code in the LTE system, it is characterized in that, comprising:
Pretreatment module, be used to preset respectively with first variable and second variable a MUL tables of data and the 2nd MUL tables of data as header element numerical value, the element number of a described MUL tables of data and the 2nd MUL tables of data is 64, the figure place of each element is 64, other list cell prime implicants of a described MUL tables of data and the 2nd MUL tables of data are derived according to header element numerical value and are obtained, described derivation mode is specially: adopt formula PMC[i]=MULx (PMC[i-1]), i=1 ... 63, successively in the calculated data table except header element the value of other 63 table elements, described PMC[i] be i table element in a MUL tables of data or the 2nd MUL tables of data; Wherein, the account form of described MULx (V) function is: as the highest order V[0 of V] be 0, MULx (V)=V<<1 then; Otherwise, MULx ( V ) = ( V < < 1 ) &CirclePlus; 0 x 000000000000001 B ;
First computing module, be used for current message is divided into a plurality of 64 long message sections and travels through each message section, successively according to the bits per inch of each message section according to computing that a MUL tables of data is tabled look-up: judge whether the data of the corresponding numerical digit of a described MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of a described MUL tables of data are carried out XOR and output; Otherwise, a described MUL tables of data corresponding positions is directly exported;
Second computing module, be used for the operation result and the described current message-length of described first computing module are carried out XOR, and travel through the result of described XOR, successively according to the bits per inch among the result of described XOR according to computing that the 2nd MUL tables of data is tabled look-up: judge whether the data of the corresponding numerical digit of described the 2nd MUL tables of data are carried out XOR, if then the data of this corresponding numerical digit and the output valve of described the 2nd MUL tables of data are carried out XOR and output; Otherwise, described the 2nd MUL tables of data corresponding positions is directly exported;
Generate the identifying code module, be used for generating Message Authentication Code according to the result and the ternary of computing that the 2nd MUL tables of data is tabled look-up.
6. device as claimed in claim 5, it is characterized in that, described first computing module specifically is used for: each the numerical value of judging 64 input parameters by turn, if be 1, table element PMC[i that then will be corresponding with this input parameter] and the initial value OUT of output parameter carry out XOR and output according to following formula:
OUT = OUT &CirclePlus; PMC [ i ] , i = 0,1 , . . . , 63 ;
If be 0, then a described MUL tables of data corresponding positions is directly exported.
7. device as claimed in claim 6 is characterized in that, also comprises:
Sending module is used for described Message Authentication Code and target message are sent to the recipient, so that the recipient is according to the integrality of described Message Authentication Code checking target message.
8. device as claimed in claim 7 is characterized in that, described generation identifying code module specifically comprises:
The intercepting submodule is used to intercept preceding 32 of the operation result of tabling look-up of described the 2nd MUL tables of data;
The operator module is used for the result and the ternary of described intercepting submodule are carried out XOR, to obtain the identifying code of described current message.
CN201010104128.4A 2010-01-28 2010-01-28 Method and device for generating message identifying code in LTE (Long Term Evolution) system Active CN102143490B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010104128.4A CN102143490B (en) 2010-01-28 2010-01-28 Method and device for generating message identifying code in LTE (Long Term Evolution) system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010104128.4A CN102143490B (en) 2010-01-28 2010-01-28 Method and device for generating message identifying code in LTE (Long Term Evolution) system

Publications (2)

Publication Number Publication Date
CN102143490A CN102143490A (en) 2011-08-03
CN102143490B true CN102143490B (en) 2013-07-31

Family

ID=44410654

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010104128.4A Active CN102143490B (en) 2010-01-28 2010-01-28 Method and device for generating message identifying code in LTE (Long Term Evolution) system

Country Status (1)

Country Link
CN (1) CN102143490B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102594797B (en) * 2011-12-30 2014-07-30 飞天诚信科技股份有限公司 Method and device for generating verification code in embedded system
CN115834028A (en) * 2021-09-18 2023-03-21 Oppo广东移动通信有限公司 Chip and method for generating message authentication code

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060408A (en) * 2006-04-17 2007-10-24 株式会社瑞萨科技 Message authentication code producing apparatus, message authentication code verifying apparatus, and authentication system
CN101202623A (en) * 2006-11-13 2008-06-18 韩国电子通信研究院 Method of generating message authentication code using stream cipher and authentication/encryption and authentication/decryption methods using stream cipher
CN101406024A (en) * 2006-03-22 2009-04-08 Lg电子株式会社 Security considerations for the LTE of UMTS

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI341095B (en) * 2007-12-12 2011-04-21 Nat Univ Tsing Hua Light-overhead and flexible wireless sensor message authentication method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101406024A (en) * 2006-03-22 2009-04-08 Lg电子株式会社 Security considerations for the LTE of UMTS
CN101060408A (en) * 2006-04-17 2007-10-24 株式会社瑞萨科技 Message authentication code producing apparatus, message authentication code verifying apparatus, and authentication system
CN101202623A (en) * 2006-11-13 2008-06-18 韩国电子通信研究院 Method of generating message authentication code using stream cipher and authentication/encryption and authentication/decryption methods using stream cipher

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
3GPP.S3-000084.《3GPP TSG SA 3 Meeting #10 S3-000084》.2000, *
ETSI/SAGE Specification.Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 & UIA2. Document 2: SNOW 3G Specification.《Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 & UIA2. Document 2: SNOW 3G Specification》.2005,
ETSI/SAGE Specification.Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 &amp *
UIA2. Document 2: SNOW 3G Specification.《Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 &amp *
UIA2. Document 2: SNOW 3G Specification》.2005, *

Also Published As

Publication number Publication date
CN102143490A (en) 2011-08-03

Similar Documents

Publication Publication Date Title
CN106850221B (en) Information encryption and decryption method and device
CN108712261A (en) A kind of key generation method, device and medium based on block chain
CN102594566B (en) Chaos message authentication code realization method for wireless sensor network
Glas et al. Prime field ECDSA signature processing for reconfigurable embedded systems
CN105681026A (en) Dynamic S-box construction method and system suitable for lightweight encryption algorithm
CN104092534A (en) Method for achieving iterative compression in SM3 password hash algorithm
Milosavljevic et al. Efficient algorithms for the data exchange problem
Chen et al. A multiparty error-correcting method for quantum secret sharing
CN105407483A (en) Method for safe aggregation model communication based on public-state key in wireless sensor network
CN114548418A (en) Secret sharing-based transverse federal IV algorithm
CN105306212B (en) A kind of label decryption method that identity is hiding and safe by force
CN103414552A (en) Method and device for encrypting and decrypting by using binary tree traversal mode
CN102143490B (en) Method and device for generating message identifying code in LTE (Long Term Evolution) system
Zhao et al. Weakly secure coded distributed computing
Hayouni et al. A novel energy-efficient encryption algorithm for secure data in WSNs
CN1848724B (en) Method for realizing key consultation in mobile self-organizing network
Yi et al. Multidimensional zero‐correlation linear cryptanalysis of the block cipher KASUMI
Mao et al. Achieving full secrecy rate with low packet delays: An optimal control approach
Ahmed et al. New algorithm for wireless network communication security
CN104902471A (en) Identity-based key exchange design method in wireless sensor network
Pan et al. Secure control using homomorphic encryption and efficiency analysis
CN104753662A (en) Encryption key stream generating method based on AES (Advanced Encryption Standard) algorithm
CN114154200A (en) Privacy set merging method and system based on exchangeable weak pseudorandom function
Lisickiy et al. Block symmetric cipher with random s-boxes
Georgiadis et al. Performance evaluation on IoT devices secure data delivery processes

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant