CN102547689A - Method and device for synchronizing encrypting and decrypting parameters - Google Patents

Method and device for synchronizing encrypting and decrypting parameters Download PDF

Info

Publication number
CN102547689A
CN102547689A CN2012100635602A CN201210063560A CN102547689A CN 102547689 A CN102547689 A CN 102547689A CN 2012100635602 A CN2012100635602 A CN 2012100635602A CN 201210063560 A CN201210063560 A CN 201210063560A CN 102547689 A CN102547689 A CN 102547689A
Authority
CN
China
Prior art keywords
hfn
reset
network equipment
ack
sends
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2012100635602A
Other languages
Chinese (zh)
Other versions
CN102547689B (en
Inventor
邓清珊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201210063560.2A priority Critical patent/CN102547689B/en
Publication of CN102547689A publication Critical patent/CN102547689A/en
Application granted granted Critical
Publication of CN102547689B publication Critical patent/CN102547689B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a method and a device for synchronizing encrypting and decrypting parameters, which relate to the technical field of communication networks. Data transmitted by network equipment can be correctly decrypted, and the efficiency of data transmission is enhanced. By configuring a new encrypting parameter according to the method and the device for synchronizing the encrypting and decrypting parameters, the encrypting parameter comprises a first hyper frame number (HFN) in an encrypting configuration to be effected, which is used for downlink decrypting data. When a radio link control (RLC) Reset triggering condition is met, Reset is transmitted to network equipment, and Reset Acknowledgement (Ack) transmitted by the network equipment is also received, wherein the Reset Ack comprises a second HFN; or, Reset transmitted by the network equipment is received, and the Reset Ack is also reverted, wherein the Reset comprises the second HFN; and a target HFN for decrypting downlink data is determined according to the first HFN and the second HFN. The method and the device for synchronizing the encrypting and decrypting parameters are suitable for a data transmission process in which similar access management (AM) exists and an acknowledgement and retransmission mechanism is arranged, and the efficiency of data transmission can be enhanced.

Description

A kind of method for synchronous of encryption/decryption parameter and device
Technical field
The present invention relates to the communication network technology field, relate in particular to a kind of method for synchronous and device of encryption/decryption parameter.
Background technology
The network equipment is through RB (Radio Bearer when initial foundation links; Radio bearer) sets up; Give UE (User Equipment with allocation of radio resources; Subscriber equipment), net side in number biography process is because the needs of scheduling of resource or monitor service traffics when changing, through the idle message notice UE switching state of RB reprovision.
UE is carrying out that RB sets up or during the RB reprovision, and after UE received the RB reallocation message that the network equipment sends, with new encryption parameter configuration, the RB reprovision was accomplished the back and sent reprovision completion message to the network equipment.If this moment, the network equipment triggered the Reset that resets; Reply reset answer Reset Ack, and descending HFN (Hyper Frame Number, Hyper Frame Number) is upgraded according to agreement; Because this moment, the new encryption configuration that remains to be activated was set to new encryption parameter configuration according to the HFN of agreement UE.Because time delay is arranged; The network equipment had the new data that need issue before the RB reprovision of receiving UE is accomplished message, the network equipment sends to UE after new data is encrypted; But because UE has adopted the new encryption parameter of setting this moment, the data that cause receiving in this time period all can't normally be deciphered.After the net side receives that the RB reprovision of UE is accomplished message, HFN is updated to the new encryption parameter of configuration, again with updated H FN enciphered data and issue, at this moment, the data UE of transmission can correctly resolve.
Yet, when adopting prior art to carry out RB foundation or reprovision, because the UE or the network equipment have triggered RLC Reset flow process; Network side just begins to issue data, causes deciphering downlink data and makes a mistake, if decipher when mistake occurring; Cause repeatedly retransmitting, thus the efficient of reduction transfer of data.
Summary of the invention
Embodiments of the invention provide a kind of method for synchronous and device of encryption/decryption parameter, can correctly decipher the data that the network equipment sends, thereby improve the efficient of transfer of data.
For achieving the above object, embodiments of the invention adopt following technical scheme:
A kind of method for synchronous of encryption/decryption parameter comprises:
Receive the radio bearer RB reallocation message that the network equipment sends, and dispose new encryption parameter, said new encryption parameter comprises the first Hyper Frame Number HFN that is used to decipher downlink data in the encryption configuration of waiting to come into force;
When satisfying Radio Link control and reset RLC Reset trigger condition, send Reset to the network equipment, and receive the reset answer Reset Ack that the said network equipment sends, said Reset Ack comprises the 2nd HFN; Perhaps, receive the Reset that the said network equipment sends, and reply Reset Ack, said Reset comprises the 2nd HFN;
According to a said HFN and said the 2nd HFN, confirm target HFN in order to the deciphering downlink data.
A kind of method for synchronous of encryption/decryption parameter comprises:
Send radio bearer RB reallocation message to user equipment (UE);
When satisfying Radio Link control and reset RLC Reset trigger condition; Receive the Reset that said UE sends; And replying reset answer Reset Ack, said Reset Ack comprises the second Hyper Frame Number HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, send the Reset that resets to said UE, and receive the Reset Ack that said UE sends, said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
A kind of method for synchronous of encryption/decryption parameter comprises:
Hang up to user equipment (UE) transmission radio bearer RB reallocation message and with professional RB;
When the RB reprovision that receives said UE transmission is accomplished message, said professional RB is separated extension, said RB reprovision is accomplished message and is comprised a HFN.
A kind of terminal comprises:
Dispensing unit is used to receive the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises a HFN who is used to decipher downlink data in the encryption configuration of waiting to come into force;
Processing unit is used for when satisfying Radio Link control and reset RLC Reset trigger condition, sending Reset to the network equipment, and receiving the reset answer Reset Ack that the said network equipment sends, and said Reset Ack comprises the 2nd HFN; Perhaps, said processing unit is used to receive the Reset that the said network equipment sends, and replys Reset Ack, and said Reset comprises the 2nd HFN;
Confirm the unit, be used for, confirm target HFN in order to the deciphering downlink data according to a said HFN and said the 2nd HFN.
A kind of network equipment comprises:
Transmitting element is used for sending radio bearer RB reallocation message to user equipment (UE);
Processing unit; Be used for when satisfying Radio Link control and reset RLC Reset trigger condition, receiving the Reset that said UE sends, and replying reset answer Reset Ack; Said Reset Ack comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, said processing unit is used for sending the Reset that resets to said UE, and receives the Reset Ack that said UE sends, and said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
A kind of network equipment comprises:
Hang up the unit, be used for hanging up to user equipment (UE) transmission radio bearer RB reallocation message and with professional RB;
Separate the extension unit, be used for when the RB reprovision that receives said UE transmission is accomplished message, said professional RB being separated extension, said RB reprovision is accomplished message and is comprised a HFN.
A kind of network communicating system comprises the terminal and the network equipment,
Said terminal is used to receive the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises the first Hyper Frame Number HFN that is used to decipher downlink data in the encryption configuration of waiting to come into force; When satisfying Radio Link control and reset RLC Reset trigger condition, send Reset to the said network equipment, and receive the reset answer Reset Ack that the said network equipment sends, said Reset Ack comprises the 2nd HFN; Perhaps, when satisfying Radio Link control and reset RLC Reset trigger condition, receive the Reset that the said network equipment sends, and reply Reset Ack, said Reset comprises the 2nd HFN; According to a said HFN and said the 2nd HFN, confirm target HFN in order to the deciphering downlink data;
The said network equipment is used for sending radio bearer RB reallocation message to user equipment (UE); When satisfying Radio Link control and reset RLC Reset trigger condition; Receive the Reset that said UE sends; And replying reset answer Reset Ack, said Reset Ack comprises the second Hyper Frame Number HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, when satisfying Radio Link control and reset RLC Reset trigger condition, send the Reset that resets to said UE, and receive the Reet Ack that said UE sends, said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
The embodiment of the invention provides a kind of method for synchronous and device of encryption/decryption parameter, and coming into force through waiting of disposing that new encryption parameter comprises is used to decipher a HFN of downlink data in the encryption configuration; When satisfying RLC Reset trigger condition, send Reset to the network equipment, and receive the reset answer ResetAck that the said network equipment sends, said Reset Ack comprises the 2nd HFN; Perhaps, receive the Reset that the said network equipment sends, and reply Reset Ack, said Reset comprises the 2nd HFN; According to a said HFN and said the 2nd HFN, confirm target HFN in order to the deciphering downlink data.With carry out in the prior art that RB sets up or during reprovision, the UE or the network equipment have triggered RLC Reset flow process, UE exists under the unenforced encryption configuration situation; UE directly adopts the HFN parameter of configuration to decipher, and when perhaps UE and network side were also not synchronous, network side just began to issue data; Causing deciphering downlink data makes a mistake; If when mistake appears in deciphering, cause repeatedly retransmitting, reduce the efficient of transfer of data.By contrast, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation, correctly deciphers the data that the network equipment sends, thereby improves the efficient of transfer of data.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art; To do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below; Obviously, the accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills; Under the prerequisite of not paying creative work property, can also obtain other accompanying drawing according to these accompanying drawings.
The flow chart of the method for synchronous of a kind of encryption/decryption parameter that Fig. 1 provides for the embodiment of the invention 1;
The flow chart of the method for synchronous of the another kind of encryption/decryption parameter that Fig. 2 provides for the embodiment of the invention 1;
The flow chart of the method for synchronous of the another kind of encryption/decryption parameter that Fig. 3 provides for the embodiment of the invention 1;
The block diagram at a kind of terminal that Fig. 4 provides for the embodiment of the invention 1;
The block diagram of a kind of network equipment that Fig. 5 provides for the embodiment of the invention 1;
The block diagram of the another kind of network equipment that Fig. 6 provides for the embodiment of the invention 1;
The flow chart of the method for synchronous of a kind of encryption/decryption parameter that Fig. 7 provides for the embodiment of the invention 2;
A kind of flow chart of confirming in order to the target HFN of data decryption that Fig. 8 provides for the embodiment of the invention 2;
The flow chart of the method for synchronous of the another kind of encryption/decryption parameter that Fig. 9 provides for the embodiment of the invention 2;
The block diagram at a kind of terminal that Figure 10 provides for the embodiment of the invention 2;
The block diagram of a kind of network equipment that Figure 11 provides for the embodiment of the invention 2;
The block diagram of the another kind of network equipment that Figure 12 provides for the embodiment of the invention 2;
The sketch map of a kind of network communicating system that Figure 13 provides for the embodiment of the invention 2;
The physical structure sketch map of a kind of network communicating system that Figure 14 provides for the embodiment of the invention 2.
Embodiment
To combine the accompanying drawing in the embodiment of the invention below, the technical scheme in the embodiment of the invention is carried out clear, intactly description, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills are not making the every other embodiment that is obtained under the creative work prerequisite, all belong to the scope of the present invention's protection.
Embodiment 1
The embodiment of the invention provides a kind of method for synchronous of encryption/decryption parameter, and the executive agent in the present embodiment can be the terminal, and this terminal can be user equipment (UE).As shown in Figure 1, this method may further comprise the steps:
Step 101 receives the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises the first Hyper Frame Number HFN that is used to decipher downlink data in the encryption configuration of waiting to come into force;
Further, send the RB reprovision to the said network equipment and accomplish message, said RB reprovision is accomplished message and is comprised a said HFN.
Step 102 when satisfying Radio Link control and reset RLC Reset trigger condition, is sent Reset to the network equipment, and is received the reset answer Reset Ack that the said network equipment sends, and said Reset Ack comprises the 2nd HFN; Perhaps,
When satisfying Radio Link control and reset RLC Reset trigger condition, receive the Reset that the said network equipment sends, and reply Reset Ack, said Reset comprises the 2nd HFN;
Step 103 according to a said HFN and said the 2nd HFN, is confirmed the target HFN in order to the deciphering downlink data.
Further, judge whether a said HFN is identical with said the 2nd HFN;
When a said HFN is identical with said the 2nd HFN, confirm that the 4th HFN is said target HFN and adopts said the 4th HFN data decryption; Wherein, said the 4th HFN is said the 2nd HFN and 1 sum;
When a said HFN and said the 2nd HFN are inequality, confirm that a said HFN is said target HFN and adopts a said HFN data decryption down.
Need to prove that the communication between the terminal and the network equipment can be to accomplish through the transmitting-receiving of base station, this belongs to present technique known general knowledge, does not therefore do and gives unnecessary details.
The method for synchronous of a kind of encryption/decryption parameter that the embodiment of the invention provides; Through after the RB reprovision is accomplished; The network equipment does not receive the RB reprovision and accomplishes before the message; If transmit data between the UE and the network equipment, then according to new encryption parameter the one HFN with reset or reset answer message in the 2nd HFN, confirm target HFN in order to the deciphering downlink data.With carry out in the prior art that RB sets up or during reprovision, the UE or the network equipment have triggered RLC Reset flow process, UE exists under the unenforced encryption configuration situation; UE directly adopts the HFN parameter of configuration to decipher, and when perhaps UE and network side were also not synchronous, network side just began to issue data; Causing deciphering downlink data makes a mistake; If when mistake appears in deciphering, cause repeatedly retransmitting, reduce the efficient of transfer of data.By contrast, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation, correctly deciphers the data that the network equipment sends, thereby improves the efficient of transfer of data.
The embodiment of the invention provides the method for synchronous of another kind of encryption/decryption parameter, and the executive agent in the present embodiment can be the network equipment, and is as shown in Figure 2, and this method may further comprise the steps:
Step 201 is sent radio bearer RB reallocation message to user equipment (UE);
Step 202 when satisfying Radio Link control and reset RLC Reset trigger condition, receives the Reset that said UE sends, and replys reset answer Reset Ack, and said Reset Ack comprises the second Hyper Frame Number HFN; Perhaps, send the Reset that resets to said UE, and receive the Reset Ack that said UE sends, said Reset comprises the 2nd HFN.
Said method comprises that also when receiving the RB reprovision completion message of said UE transmission, said RB reprovision is accomplished message and comprised a HFN, and adopts a said HFN that data are carried out encrypting and transmitting and give said UE; When the RB reprovision that does not receive said UE transmission is accomplished message, adopt the 4th HFN that data are carried out encrypting and transmitting and give said UE, said the 4th HFN is for being said the 2nd HFN and 1 sum.
The method for synchronous of a kind of encryption/decryption parameter that the embodiment of the invention provides; Before accomplishing message at the RB reprovision that receives the UE transmission; When satisfying Radio Link control and reset RLC Reset trigger condition; Receive the Reset that said UE sends, and reply reset answer Reset Ack, said Reset Ack comprises the second Hyper Frame Number HFN; Perhaps, send Reset to said UE, and receive the Reset Ack that said UE sends, said Reset comprises the 2nd HFN.With carry out in the prior art that RB sets up or during reprovision, the UE or the network equipment have triggered RLC Reset flow process, UE exists under the unenforced encryption configuration situation; UE directly adopts the HFN parameter of configuration to decipher, and when perhaps UE and network side were also not synchronous, network side just began to issue data; Cause deciphering downlink data and make a mistake,, cause repeatedly retransmitting if decipher when mistake occurring; Reduce the efficient of transfer of data and compare, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation; The data that the correct deciphering network equipment sends, the efficient of raising transfer of data.
The embodiment of the invention provides the method for synchronous of another kind of encryption/decryption parameter, and the executive agent in the present embodiment can be the network equipment, and is as shown in Figure 3, and this method may further comprise the steps:
Step 301 is hung up to user equipment (UE) transmission radio bearer RB reallocation message and with professional RB;
Step 302 when the RB reprovision that receives said UE transmission is accomplished message, is separated extension with said professional RB, and said RB reprovision is accomplished message and comprised a HFN.
Need to prove; Before the RB reprovision that receives the UE transmission is accomplished message; The data of issuing service RB when the RB reprovision that receives said UE transmission is accomplished message, are not separated extension with said professional RB; So that UE can adopt UE and the synchronous HFN of the network equipment when deciphering parameter, thereby correct Solution ciphertext data.
Said method also comprises, adopts a said HFN that data are carried out encrypting and transmitting and gives said UE.
The method for synchronous of a kind of encryption/decryption parameter that the embodiment of the invention provides; Through sending radio bearer RB reallocation message to user equipment (UE) and professional RB being hung up; When the RB reprovision that receives said UE transmission is accomplished message; Said professional RB is separated extension, and said RB reprovision is accomplished message and is comprised a HFN.With carry out in the prior art that RB sets up or during reprovision; The UE or the network equipment have triggered RLC Reset flow process, and when UE and network side were also not synchronous, the network equipment just began to issue data; Causing deciphering downlink data makes a mistake; If when mistake appears in deciphering, cause repeatedly retransmitting, reduce the efficient of transfer of data.By contrast, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation, correctly deciphers the data that the network equipment sends, thereby improves the efficient of transfer of data.
The embodiment of the invention provides a kind of terminal, and this terminal can be UE, and is as shown in Figure 4, and this terminal comprises: dispensing unit 401, processing unit 402 is confirmed unit 403.
Dispensing unit 401 is used to receive the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises a HFN who is used to decipher downlink data in the encryption configuration of waiting to come into force;
Processing unit 402 is used for when satisfying Radio Link control and reset RLC Reset trigger condition, sending Reset to the said network equipment, and receiving the reset answer Reset Ack that the said network equipment sends, and said Reset Ack comprises the 2nd HFN; Perhaps, said processing unit 402 is used for when satisfying Radio Link control and reset RLC Reset trigger condition, receiving the Reset that the said network equipment sends, and replying Reset Ack, and said Reset comprises the 2nd HFN;
Updating block 403 is used for according to a said HFN and said the 2nd HFN, confirms the target HFN in order to the deciphering downlink data.
A kind of terminal that the embodiment of the invention provides; Come into force through waiting of comprising in the new encryption parameter of dispensing unit configuration and to be used to decipher a HFN of downlink data in the encryption configuration; When satisfying RLC Reset trigger condition; Processing unit sends Reset to the network equipment, and receives the reset answer ResetAck that the said network equipment sends, and said Reset Ack comprises the 2nd HFN; Perhaps, receive the Reset that the said network equipment sends, and reply Reset Ack, said Reset comprises the 2nd HFN; According to a said HFN and said the 2nd HFN, confirm the definite target HFN in unit in order to the deciphering downlink data.With carry out in the prior art that RB sets up or during reprovision, the UE or the network equipment have triggered RLC Reset flow process, UE exists under the unenforced encryption configuration situation; UE directly adopts the HFN parameter of configuration to decipher, and when perhaps UE and network side were also not synchronous, network side just began to issue data; Cause deciphering downlink data and make a mistake,, cause repeatedly retransmitting if decipher when mistake occurring; Reduce the efficient of transfer of data and compare, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation; The data that the correct deciphering network equipment sends, the efficient of raising transfer of data.
The embodiment of the invention provides a kind of network equipment; This network equipment specifically can be for UTRAN (Universal Terrestrial Radio Access Network, universal land radio access web), and is as shown in Figure 5; This network equipment comprises: transmitting element 501, processing unit 502.
Transmitting element 501 is used for sending radio bearer RB reallocation message to user equipment (UE);
Processing unit 502; Be used for when satisfying Radio Link control and reset RLC Reset trigger condition, receiving the Reset that said UE sends, and replying reset answer Reset Ack; Said Reset Ack comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, said processing unit 502 is used for sending the Reset that resets to said UE, and receives the Reset Ack that said UE sends, and said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
The embodiment of the invention provides a kind of network equipment; Send the RB reallocation message through transmitting element to UE, when satisfying RLC Reset trigger condition, processing unit receives the Reset that said UE sends; And replying reset answer Reset Ack, said Reset Ack comprises the 2nd HFN; Perhaps, send the Reset that resets to said UE, and receive the Reset Ack that said UE sends, said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.With carry out in the prior art that RB sets up or during reprovision, the UE or the network equipment have triggered RLC Reset flow process, UE exists under the unenforced encryption configuration situation; UE directly adopts the HFN parameter of configuration to decipher, and when perhaps UE and network side were also not synchronous, network side just began to issue data; Causing deciphering downlink data makes a mistake; If when mistake appears in deciphering, cause repeatedly retransmitting, reduce the efficient of transfer of data.By contrast, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation, correctly deciphers the data that the network equipment sends, thereby improves the efficient of transfer of data.
The embodiment of the invention provides a kind of network equipment; This network equipment specifically can be for UTRAN (Universal Terrestrial Radio Access Network, universal land radio access web), and is as shown in Figure 6; This network equipment comprises: hang up unit 601, separate and hang unit 602.
Hang up unit 601, be used for hanging up to user equipment (UE) transmission radio bearer RB reallocation message and with professional RB;
Separate and hang unit 602, be used for when the RB reprovision that receives said UE transmission is accomplished message, said professional RB being separated extension, said RB reprovision is accomplished message and is comprised a HFN.
The said network equipment also comprises: encrypt transmitting element, be used to adopt a said HFN that data are carried out encrypting and transmitting and give said UE.
A kind of network equipment that the embodiment of the invention provides; Hang up to user equipment (UE) transmission radio bearer RB reallocation message and with professional RB through hanging up the unit; When the RB reprovision that receives said UE transmission is accomplished message; Separate the extension unit said professional RB is separated extension, said RB reprovision is accomplished message and is comprised a HFN.With carry out in the prior art that RB sets up or during reprovision; The UE or the network equipment have triggered RLC Reset flow process, and when UE and network side were also not synchronous, the network equipment just began to issue data; Causing deciphering downlink data makes a mistake; If when mistake appears in deciphering, cause repeatedly retransmitting, the efficient of drop data transmission.By contrast, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation, correctly deciphers the data that the network equipment sends, from improving the efficient of transfer of data down.
Embodiment 2
The embodiment of the invention provides a kind of method for synchronous of encryption/decryption parameter, and wherein, the network equipment in the embodiment of the invention can be for universal land radio access web UTRAN, and as shown in Figure 7, this method may further comprise the steps:
Step 701, the network equipment sends radio bearer RB reallocation message to user equipment (UE);
In the RB reallocation message, can carry out monolateral reconstruction or bilateral reconstruction by notice UE, monolateral reconstruction refers to rebuild up link or rebuilds down link, and bilateral reconstruction refers to that uplink downlink all needs to rebuild.The embodiment of the invention is with CELL_FACH->CELL_DCH, and professional RB carries out the descending monolateral example that is redeveloped into and is described in detail.Particularly, network equipment notice UE earlier carries out the RB reconstruction, sets up the down physical channel under the CELL_DCH state then, lets descending the carrying out of UE set up uplink physical channel subsequently more synchronously, and the UE's that desynchronizes is up.
Wherein, CELL_FACH (Forward Access Channel, forward access channel), CELL_DCH (Dedicated Channel; Dedicated channel) be different conditions in the connection mode, state is different, and the data volume of transmission is also different; CELL_FACH is a common signal channel, and data volume is little, often descending RLC (the Radio Link Control of configuration under this state; Radio Link control) SIZE is less and fixing, like 336bit.CELL_DCH is a DPCH, is used for the big business of high speed throughput, and this state descending RLCSIZE of configuration is not down fixed than big and length, like 2416bit.
Step 702, said UE receives the said RB reallocation message that the said network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises the first Hyper Frame Number HFN that is used to decipher downlink data in the encryption configuration of waiting to come into force;
After UE receives the RB reallocation message, discharge the physical channel under the CELL_FACH state earlier, and the downward special physical channel CELL_DCH of synchronous network device end; After the success, set up corresponding DPCH synchronously, dispose MAC (Media Access Control again; Medium access control) and RLC, the new encryption parameter of configuration when configuration RLC, the new encryption parameter of configuration comprises the first Hyper Frame Number HFN; In addition; Also comprise new ciphering activation time SN (Sequence Number, sequence number), this SN can be 0.
Step 703, said UE sends the RB reprovision to the said network equipment and accomplishes message, and said RB reprovision is accomplished message and is comprised a said HFN.
When under the encryption situation, sending the RB reconstruction, the start value of accomplishing in the message through the RB reprovision during HFN of encryption is next synchronous, and this moment, the start value was a HFN.
When UE sends the RB reallocation message to the network equipment, under the situation that has disposed the periodic triggers status report, the state bag that it is ACK that RLC may trigger a type; The SN of this state bag is 0, promptly new ciphering activation time SN, TTI (the Transmission Time Interval of professional RB at this moment; Transmission Time Interval) is 10ms; Then, the network equipment can be received this state bag earlier, just can receive the RB reallocation message then.After the network equipment received this state bag, network equipment end did not also begin to rebuild its RLC, and the SN of the state bag that therefore receives satisfies trigger condition this moment not in range of receiving, trigger the Reset that resets.
In addition, cause that the mode that triggers RLC Reset comprises following at least two kinds, one, transmit leg sends Vt (A) to the interior packet of Vt (S) scope, receives Vt (A) and triggers RLCReset to the state Bao Shihui beyond Vt (S) scope; Wherein, the SN value that Vt (A) expression recipient has confirmed, the SN value of the maximum that Vt (S) expression is sent; Two, when the number of times that transmit leg repeats to send certain data reaches the maximum retransmission of configuration, can trigger RLC Reset; After satisfying trigger condition, send the Reset bag by a side who satisfies trigger condition.That satisfies trigger condition in the embodiment of the invention can be UE, also can be the network equipment.
That satisfies trigger condition can be UE, may further comprise the steps:
Step 704, when satisfying RLC Reset trigger condition, said UE sends the Reset that resets to the said network equipment;
When sending Reset, in the Reset bag, carry the HFN that this moment, UE adopted;
Step 705, the said network equipment receive the Reset that said UE sends, and reply reset answer ResetAck, and said Reset Ack comprises the second Hyper Frame Number HFN, so that said UE can confirm to decipher the target HFN of downlink data;
Here, the 2nd HFN is the HFN that this moment, network equipment end adopted.
Step 706, said UE receives the Reset Ack that the said network equipment sends, and said Reset Ack comprises the 2nd HFN;
That satisfies trigger condition can be the network equipment, may further comprise the steps:
Step 707, when satisfying RLC Reset trigger condition, the said network equipment sends the Reset that resets to said UE, and said Reset comprises the 2nd HFN, so that said UE can confirm the target HFN of data decryption; Here, the 2nd HFN is the HFN that this moment, network equipment end adopted.
Step 708, said UE receives the Reset that the said network equipment sends, and replys reset answer ResetAck;
Step 709, the said network equipment receive the reset answer Reset Ack that said UE sends;
Step 710, according to a said HFN and said the 2nd HFN, said UE confirms the target HFN in order to the deciphering downlink data;
Step 711, the said network equipment receive the RB reprovision completion message that said UE sends, and said RB reprovision is accomplished message and comprised a HFN, and adopt a said HFN that data are carried out encrypting and transmitting and give said UE;
Step 712 when the RB reprovision that does not receive said UE transmission is accomplished message, adopts the 4th HFN that data are carried out encrypting and transmitting and gives said UE, and said the 4th HFN is for being said the 2nd HFN and 1 sum.
Need to prove, only execution in step 711 or step 712, two steps are step arranged side by side, do not carry out simultaneously.
Particularly, as shown in Figure 8, UE can adopt following substep when confirming in order to the target HFN of deciphering downlink data:
Step 801, said UE judges whether a said HFN is identical with said the 2nd HFN;
Step 802 when a said HFN is identical with said the 2nd HFN, confirms that the 4th HFN is said target HFN and adopts said the 4th HFN deciphering downlink data;
Said the 4th HFN is said the 2nd HFN and 1 sum.
Need to prove that HFN is owing to can be along with the variation of sending the SN in the packet changes, promptly in number biography processes, the UE and the network equipment can be safeguarded local descending HFN separately, when the RLC of down link SN turn-takes, promptly accomplish one-period after, HFN can add 1.
Therefore; When a said HFN was identical with said the 2nd HFN, promptly the network equipment had received the RB reprovision completion message that UE sends, and new encryption configuration activates; At this moment; If trigger RLC Reset flow process, Rlc Reset flow process is AM pattern a kind of motor synchronizing mechanism in transmission course, therefore needs the 2nd HFN is added 1 according to the agreement regulation.
Step 803 when a said HFN and said the 2nd HFN are inequality, confirms that a said HFN is said target HFN and adopts said HFN deciphering downlink data down.
When a said HFN and said the 2nd HFN were inequality, promptly the network equipment did not also receive the RB reprovision that UE sends and accomplishes message, and new encryption configuration does not also activate, and at this moment, adopts new encryption parameter the one HFN of configuration to decipher the HFN of usefulness as the back.
The embodiment of the invention provides a kind of method for synchronous of encryption/decryption parameter, compares through the 2nd HFN that carries in HFN in the new encryption parameter of UE configuration and the triggering Reset process, thereby determines the target HFN in order to the decoding downlink data.With carry out in the prior art that RB sets up or during reprovision, the UE or the network equipment have triggered RLC Reset flow process, UE exists under the unenforced encryption configuration situation; UE directly adopts the HFN parameter of configuration to decipher, and when perhaps UE and network side were also not synchronous, network side just began to issue data; Causing deciphering downlink data makes a mistake; If when mistake appears in deciphering, cause repeatedly retransmitting, reduce the efficient of transfer of data.By contrast, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation, correctly deciphers the data that the network equipment sends, thereby improves the efficient of transfer of data.
The embodiment of the invention provides the method for synchronous of another kind of encryption/decryption parameter, and is as shown in Figure 9, and this method comprises:
Step 901, the network equipment sends radio bearer RB reallocation message to UE, and professional RB is hung up;
In RB reprovision process, do not carry out the transmission of the data of professional RB.
Step 902, said UE receives the RB reallocation message that the said network equipment sends, and carries out the RB reprovision;
Step 903, said UE sends the RB reprovision to the said network equipment and accomplishes message;
Step 904, the said network equipment receive the RB reprovision completion message that said UE sends, and said professional RB is separated extension, and said RB reprovision is accomplished message and comprised a HFN;
Step 905, the said network equipment adopt a said HFN that data are carried out encrypting and transmitting and give said UE.
After professional RB separates extension, can carry out the transmission and the processing of the data of professional RB, when the transmission of the data of carrying out professional RB, adopt new encryption/decryption parameter the one HFN of configuration to carry out encryption and decryption.
The method for synchronous of a kind of encryption/decryption parameter that the embodiment of the invention provides; Through in RB reprovision process, professional RB is hung up, after reprovision is accomplished; Again professional RB is separated extension; Thereby can guarantee that encryption/decryption parameter HFN can keep correctly deciphering downlink data synchronously at the UE and the network equipment, improves the efficient of transfer of data.
This law schema instance provides a kind of terminal, and this terminal specifically can be UE, and is shown in figure 10, and this device comprises: dispensing unit 1001; Transmitting element 1002, processing unit 1003 is confirmed unit 1004; Judging unit 10041, the first is confirmed 10042, the second definite unit 10043, unit.
Dispensing unit 1001 is used to receive the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises a HFN who is used to decipher downlink data in the encryption configuration of waiting to come into force;
After the RB reprovision was accomplished, transmitting element 1002 was used for sending the RB reprovision to the said network equipment and accomplishes message, and said RB reprovision is accomplished message and comprised a said HFN;
Before the network equipment does not receive RB reprovision completion message, may trigger RLC Reset, that triggers RLC Reset can be UE, also can be the network equipment.
When triggering RLC Reset is UE; And when satisfying RLC Reset trigger condition, processing unit 1003 is used for sending the Reset that resets to the said network equipment; And receiving the reset answer Reset Ack that the said network equipment sends, said Reset Ack comprises the 2nd HFN;
Perhaps, when triggering RLC Reset is the network equipment, and when satisfying RLC Reset trigger condition, said processing unit 1003 is used to receive the Reset that the said network equipment sends, and replys reset answer ResetAck, and said Reset comprises the 2nd HFN;
According to a said HFN and said the 2nd HFN, confirm unit 1004, be used for confirming target HFN that particularly, the judging unit 10041 in said definite unit 1004 is used to judge whether a said HFN is identical with said the 2nd HFN in order to the deciphering downlink data;
When a said HFN is identical with said the 2nd HFN; Be that the network equipment possibly receive the RB reprovision completion message that UE sends; New encryption configuration activates; Unit 10042 is confirmed in said definite unit 1004 first, is used for confirming that according to said the 2nd HFN said target HFN is the 4th HFN, and adopts said the 4th HFN deciphering downlink data; Said the 4th HFN is said the 2nd HFN and 1 sum.
When a said HFN and said the 2nd HFN are inequality; Be that the network equipment does not also receive the RB reprovision completion message that UE sends; New encryption configuration does not also activate; Unit 10043 is confirmed in said definite unit 1004 second, is used for confirming that a said HFN is said target HFN and adopts said HFN deciphering downlink data down.
The embodiment of the invention provides a kind of terminal; Through new encryption parameter the one HFN of dispensing unit configuration, when satisfying trigger condition, processing unit sends the Reset that resets to the network equipment; And receiving the reset answer Reset Ack that the said network equipment sends, said Reset Ack comprises the 2nd HFN; Perhaps, receive the Reset that the said network equipment sends, and reply reset answer Reset Ack, said Reset comprises the 2nd HFN; According to a said HFN and said the 2nd HFN, confirm the definite target HFN in unit in order to data decryption.With carry out in the prior art that RB sets up or during reprovision, the UE or the network equipment have triggered RLC Reset flow process, UE exists under the unenforced encryption configuration situation; UE directly adopts the HFN parameter of configuration to decipher, and when perhaps UE and network side were also not synchronous, network side just began to issue data; Causing deciphering downlink data makes a mistake; If when mistake appears in deciphering, cause repeatedly retransmitting, reduce the efficient of transfer of data.By contrast, the scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation, correctly deciphers the data that the network equipment sends, thereby improves the efficient of transfer of data.
The embodiment of the invention provides a kind of network equipment, and this network equipment specifically can be UTRAN, and is shown in figure 11, and this network equipment comprises: transmitting element 1101, and processing unit 1102, receiving element 1103 is encrypted transmitting element 1104.
Transmitting element 1101 is used for sending radio bearer RB reallocation message to user equipment (UE);
Do not receive at the network equipment before the RB reprovision completion message of UE transmission, may trigger RLCReset, that triggers RLC Reset can be UE, also can be the network equipment.
When UE triggers RLC Reset; And when satisfying RLC Reset trigger condition; Processing unit 1102 is used to receive the Reset that resets that said UE sends, and replys reset answer Reset Ack; Said Reset Ack comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data;
Perhaps; When the network equipment triggers RLC Reset, and when satisfying RLC Reset trigger condition, said processing unit 1102; Send the Reset that resets to said UE; And receiving the reset answer Reset Ack that said UE sends, said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
Through in RB reprovision process; When triggering Reset, in Reset Ack or Reset, carry the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data; Thereby make UE correctly decipher the data that the network equipment sends, improve the efficient of transfer of data.
Receiving element 1103, when being used to receive the RB reprovision completion message of said UE transmission, said RB reprovision is accomplished message and is comprised a HFN; When the RB reprovision that receives said UE transmission is accomplished message, encrypt transmitting element 1104, be used to adopt a said HFN that data are carried out encrypting and transmitting and give said UE;
When the RB reprovision that does not receive said UE transmission was accomplished message, said encryption transmitting element 1104 also was used for, and adopted the 4th HFN that data are carried out encrypting and transmitting and gave said UE, and said the 4th HFN is for being said the 2nd HFN and 1 sum.
A kind of network equipment that the embodiment of the invention provides through in RB reprovision process, is hung up professional RB; Reprovision is separated extension with professional RB after accomplishing again, thereby can guarantee that encryption/decryption parameter HFN can keep synchronously at the UE and the network equipment; The correct Solution ciphertext data, the efficient of raising transfer of data.
The another kind of network equipment that the embodiment of the invention provides, this network equipment specifically can be UTRAN, and be shown in figure 12, and the said network equipment comprises: hang up unit 1201, separate and hang unit 1202, encrypt transmitting element 1203;
Hang up unit 1201, be used for sending radio bearer RB reallocation message and, in RB reprovision process, not carrying out the transmission of the data of professional RB professional RB hang-up to user equipment (UE).When the RB reprovision that receives said UE transmission is accomplished message, separate and hang unit 1202, be used for said professional RB is separated extension, said RB reprovision is accomplished message and is comprised a HFN.After professional RB separates extension, can carry out the transmission and the processing of the data of professional RB, encrypt transmitting element 1203, be used to adopt a said HFN that data are carried out encrypting and transmitting and give said UE.
A kind of network equipment that the embodiment of the invention provides through in RB reprovision process, is hung up professional RB; Reprovision is separated extension with professional RB after accomplishing again, thereby can guarantee that encryption/decryption parameter HFN can keep synchronously at the UE and the network equipment; The correct Solution ciphertext data, the efficient of raising transfer of data.
Need to prove; Accompanying drawing 11 of the present invention can be a network equipment with the network equipment shown in the accompanying drawing 12; Be about to each module integrated being in the same place of the accompanying drawing 11 and the network equipment shown in the accompanying drawing 12; Two network equipments also can be separate equipment separately, and the embodiment of the invention does not limit it.
A kind of network communicating system that the embodiment of the invention provides, shown in figure 13, comprise the terminal 1301 and the network equipment 1302, wherein,
Said terminal 1301 is used to receive the radio bearer RB reallocation message that the network equipment 1302 sends, and disposes new encryption parameter, and said new encryption parameter comprises the first Hyper Frame Number HFN that is used to decipher downlink data in the encryption configuration of waiting to come into force; When satisfying Radio Link control and reset RLC Reset trigger condition, send Reset to the said network equipment 1302, and receive the reset answer ResetAck that the said network equipment 1302 sends, said Reset Ack comprises the 2nd HFN; Perhaps, when satisfying Radio Link control and reset RLC Reset trigger condition, receive the Reset that the said network equipment 1302 sends, and reply Reset Ack, said Reset comprises the 2nd HFN; According to a said HFN and said the 2nd HFN, confirm target HFN in order to the deciphering downlink data;
The said network equipment 1302 is used for sending radio bearer RB reallocation message to user equipment (UE) 1301; When satisfying Radio Link control and reset RLC Reset trigger condition; Receive the Reset that said UE1301 sends; And replying reset answer Reset Ack, said Reset Ack comprises the second Hyper Frame Number HFN, so that said UE1301 can confirm to decipher the target HFN of downlink data; Perhaps; When satisfying Radio Link control and reset the RLCReset trigger condition, send the Reset that resets to said UE1301, and receive the Reset Ack that said UE1301 sends; Said Reset comprises the 2nd HFN, so that said UE1301 can confirm to decipher the target HFN of downlink data;
Optional, the said network equipment 1302 also is used for, and after user equipment (UE) 1301 sends radio bearer RB reallocation message, professional RB is hung up; When the RB reprovision that receives said UE1301 transmission is accomplished message, said professional RB is separated extension, said RB reprovision is accomplished message and is comprised a HFN.
Wherein, said terminal 1301 comprises:
Dispensing unit 13011 is used to receive the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises a HFN who is used to decipher downlink data in the encryption configuration of waiting to come into force;
Processing unit 13012 is used for when satisfying Radio Link control and reset RLC Reset trigger condition, sending Reset to the network equipment, and receiving the reset answer Reset Ack that the said network equipment sends, and said Reset Ack comprises the 2nd HFN; Perhaps, said processing unit 13012 is used to receive the Reset that the said network equipment sends, and replys Reset Ack, and said Reset comprises the 2nd HFN;
Confirm unit 13013, be used for, confirm target HFN in order to the deciphering downlink data according to a said HFN and said the 2nd HFN;
The said network equipment 1302 comprises:
Transmitting element 13021 is used for sending radio bearer RB reallocation message to user equipment (UE);
Processing unit 13022; Be used for when satisfying Radio Link control and reset RLC Reset trigger condition, receiving the Reset that said UE sends, and replying reset answer Reset Ack; Said Reset Ack comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, said processing unit 13022 is used for sending the Reset that resets to said UE, and receives the Reset Ack that said UE sends, and said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data;
Optional, the said network equipment 1302 also comprises:
Hang up unit 13023, be used for hanging up to user equipment (UE) transmission radio bearer RB reallocation message and with professional RB;
Separate and hang unit 13024, be used for when the RB reprovision that receives said UE transmission is accomplished message, said professional RB being separated extension, said RB reprovision is accomplished message and is comprised a HFN.
Optional, the terminal in the embodiment of the invention is the terminal shown in the accompanying drawing 10 of the present invention, and the network equipment is the accompanying drawing 11 of the present invention and the network equipment shown in the accompanying drawing 2.
Shown in figure 14; Physical structure sketch map for network communicating system; Comprise terminal 1403 (for example can be smart mobile phone), terminal 1405 (for example can be cellphone), terminal 1407 (for example can be dull and stereotyped mobile phone) among the figure, the base station 1401 and the network equipment 1402 (for example can be radio network controller), wherein; The network equipment sends radio bearer RB reallocation message through the base station to the terminal; The terminal receives the radio bearer RB reallocation message that the network equipment sends through the base station, and disposes new encryption parameter, and said new encryption parameter comprises a HFN who is used to decipher downlink data in the encryption configuration of waiting to come into force; When satisfying Radio Link control and reset RLC Reset trigger condition, Reset is sent to the network equipment in the terminal, and receives the reset answer Reset Ack that the said network equipment sends, and said Reset Ack comprises the 2nd HFN; Perhaps, the terminal receives the Reset that the said network equipment sends, and replys Reset Ack, and said Reset comprises the 2nd HFN; The target HFN in order to the deciphering downlink data is confirmed according to a said HFN and said the 2nd HFN in the terminal.The scheme that the embodiment of the invention provides can trigger RLC Reset flow process at the UE or the network equipment, and UE exists under the unenforced encryption configuration situation, correctly deciphers the data that the network equipment sends, and improves the efficient of transfer of data.
The scheme that the embodiment of the invention provides is fit to be applied to exist in the data transmission procedure that affirmation and retransmission mechanism are arranged of similar AM (Acknowledged Mode, affirmation mode).
Those of ordinary skills can recognize, the unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions still are that software mode is carried out with hardware actually, depend on the application-specific and the design constraint of technical scheme.The professional and technical personnel can use distinct methods to realize described function to each certain applications, but this realization should not thought and exceeds scope of the present invention.
The those skilled in the art can be well understood to, for the convenience described with succinct, the concrete course of work of the system of foregoing description, device and unit can repeat no more at this with reference to the corresponding process among the preceding method embodiment.
In several embodiment that the application provided, should be understood that the system that is disclosed, apparatus and method can realize through other mode.For example, device embodiment described above only is schematically, for example; The division of said unit; Only be that a kind of logic function is divided, during actual the realization other dividing mode can be arranged, for example a plurality of unit or assembly can combine or can be integrated into another system; Or some characteristics can ignore, or do not carry out.Another point, the coupling each other that shows or discuss or directly coupling or communication to connect can be through some interfaces, the INDIRECT COUPLING of device or unit or communication connect, and can be electrically, machinery or other form.
Said unit as separating component explanation can or can not be physically to separate also, and the parts that show as the unit can be or can not be physical locations also, promptly can be positioned at a place, perhaps also can be distributed on a plurality of NEs.Can realize the purpose of present embodiment scheme according to the needs selection some or all of unit wherein of reality.
In addition, each functional unit in each embodiment of the present invention can be integrated in the processing unit, also can be that the independent physics in each unit exists, and also can be integrated in the unit two or more unit.
If said function realizes with the form of SFU software functional unit and during as independently production marketing or use, can be stored in the computer read/write memory medium.Based on such understanding; The part that technical scheme of the present invention contributes to prior art in essence in other words or the part of this technical scheme can be come out with the embodied of software product; This computer software product is stored in the storage medium; Comprise some instructions with so that computer equipment (can be personal computer, server, the perhaps network equipment etc.) carry out all or part of step of the said method of each embodiment of the present invention.And aforesaid storage medium comprises: various media that can be program code stored such as USB flash disk, portable hard drive, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD.
The above; Be merely embodiment of the present invention, but protection scope of the present invention is not limited thereto, any technical staff who is familiar with the present technique field is in the technical scope that the present invention discloses; Can expect easily changing or replacement, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion by said protection range with claim.

Claims (18)

1. the method for synchronous of an encryption/decryption parameter is characterized in that, comprising:
Receive the radio bearer RB reallocation message that the network equipment sends, and dispose new encryption parameter, said new encryption parameter comprises the first Hyper Frame Number HFN that is used to decipher downlink data in the encryption configuration of waiting to come into force;
When satisfying Radio Link control and reset RLC Reset trigger condition, send Reset to the said network equipment, and receive the reset answer Reset Ack that the said network equipment sends, said Reset Ack comprises the 2nd HFN; Perhaps, when satisfying Radio Link control and reset RLC Reset trigger condition, receive the Reset that the said network equipment sends, and reply Reset Ack, said Reset comprises the 2nd HFN;
According to a said HFN and said the 2nd HFN, confirm target HFN in order to the deciphering downlink data.
2. the method for synchronous of encryption/decryption parameter according to claim 1 is characterized in that, and is said according to a said HFN and said the 2nd HFN, confirms to comprise in order to the target HFN of deciphering downlink data:
Judge whether a said HFN is identical with said the 2nd HFN;
When a said HFN is identical with said the 2nd HFN, confirms that according to said the 2nd HFN said target HFN is the 4th HFN, and adopt said the 4th HFN data decryption;
When a said HFN and said the 2nd HFN are inequality, confirm that a said HFN is said target HFN and adopts a said HFN data decryption.
3. the method for synchronous of encryption/decryption parameter according to claim 2 is characterized in that, said the 4th HFN is said the 2nd HFN and 1 sum.
4. the method for synchronous of encryption/decryption parameter according to claim 1 is characterized in that, receives the radio bearer RB reallocation message that the network equipment sends said, and disposes after the new encryption parameter, also comprises:
Send the RB reprovision to the said network equipment and accomplish message, said RB reprovision is accomplished message and is comprised a said HFN.
5. the method for synchronous of an encryption/decryption parameter is characterized in that, comprising:
Send radio bearer RB reallocation message to user equipment (UE);
When satisfying Radio Link control and reset RLC Reset trigger condition; Receive the Reset that said UE sends; And replying reset answer Reset Ack, said Reset Ack comprises the second Hyper Frame Number HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, when satisfying Radio Link control and reset RLC Reset trigger condition, send the Reset that resets to said UE, and receive the Reset Ack that said UE sends, said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
6. the method for synchronous of encryption/decryption parameter according to claim 5; It is characterized in that, when satisfying Radio Link control and reset RLC Reset trigger condition, receive the Reset that said UE sends said; And replying reset answer Reset Ack, said Reset Ack comprises the second Hyper Frame Number HFN; Perhaps, when satisfying Radio Link control and reset RLC Reset trigger condition, send the Reset that resets to said UE, and receive the Reset Ack that said UE sends, said Reset comprises after the 2nd HFN, also comprises:
When receiving the RB reprovision completion message of said UE transmission, said RB reprovision is accomplished message and is comprised a HFN, and adopts a said HFN that data are carried out encrypting and transmitting and give said UE;
When the RB reprovision that does not receive said UE transmission is accomplished message, adopt the 4th HFN that data are carried out encrypting and transmitting and give said UE, said the 4th HFN is for being said the 2nd HFN and 1 sum.
7. the method for synchronous of an encryption/decryption parameter is characterized in that, comprising:
Hang up to user equipment (UE) transmission radio bearer RB reallocation message and with professional RB;
When the RB reprovision that receives said UE transmission is accomplished message, said professional RB is separated extension, said RB reprovision is accomplished message and is comprised a HFN.
8. the method for synchronous of encryption/decryption parameter according to claim 7 is characterized in that,, said professional RB is separated after the extension when receiving RB reprovision that said UE sends when accomplishing message said, also comprises:
Adopt a said HFN that data are carried out encrypting and transmitting and give said UE.
9. a terminal is characterized in that, comprising:
Dispensing unit is used to receive the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises a HFN who is used to decipher downlink data in the encryption configuration of waiting to come into force;
Processing unit is used for when satisfying Radio Link control and reset RLC Reset trigger condition, sending Reset to the said network equipment, and receiving the reset answer Reset Ack that the said network equipment sends, and said ResetAck comprises the 2nd HFN; Perhaps, said processing unit is used for when satisfying Radio Link control and reset RLC Reset trigger condition, receiving the Reset that the said network equipment sends, and replying Reset Ack, and said Reset comprises the 2nd HFN;
Confirm the unit, be used for, confirm target HFN in order to the deciphering downlink data according to a said HFN and said the 2nd HFN.
10. terminal according to claim 9 is characterized in that, said definite unit comprises:
Judging unit is used to judge whether a said HFN is identical with said the 2nd HFN;
First confirms the unit, is used for when a said HFN is identical with said the 2nd HFN, confirming that according to said the 2nd HFN said target HFN is the 4th HFN, and adopts said the 4th HFN data decryption;
Second confirms the unit, is used for when a said HFN and said the 2nd HFN are inequality, confirming that a time said HFN is said target HFN and adopts a said HFN data decryption.
11. terminal according to claim 10 is characterized in that, said the 4th HFN is said the 2nd HFN and 1 sum.
12. terminal according to claim 9 is characterized in that, said terminal also comprises:
Transmitting element is used for sending the RB reprovision to the said network equipment and accomplishes message, and said RB reprovision is accomplished message and comprised a said HFN.
13. a network equipment is characterized in that, comprising:
Transmitting element is used for sending radio bearer RB reallocation message to user equipment (UE);
Processing unit; Be used for when satisfying Radio Link control and reset RLC Reset trigger condition, receiving the Reset that said UE sends, and replying reset answer Reset Ack; Said Reset Ack comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, said processing unit is used for when satisfying Radio Link control and reset RLC Reset trigger condition; Send the Reset that resets to said UE; And receiving the Reset Ack that said UE sends, said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
14. the network equipment according to claim 13 is characterized in that, the said network equipment also comprises:
Receiving element, when being used to receive the RB reprovision completion message of said UE transmission, said RB reprovision is accomplished message and is comprised a HFN; Encrypt transmitting element, be used for when the RB reprovision that receives said UE transmission is accomplished message, adopting a said HFN that data are carried out encrypting and transmitting and giving said UE; When the RB reprovision that does not receive said UE transmission is accomplished message, adopt the 4th HFN that data are carried out encrypting and transmitting and give said UE, said the 4th HFN is for being said the 2nd HFN and 1 sum.
15. a network equipment is characterized in that, comprising:
Hang up the unit, be used for hanging up to user equipment (UE) transmission radio bearer RB reallocation message and with professional RB;
Separate the extension unit, be used for when the RB reprovision that receives said UE transmission is accomplished message, said professional RB being separated extension, said RB reprovision is accomplished message and is comprised a HFN.
16. the network equipment according to claim 15 is characterized in that, the said network equipment also comprises:
Encrypt transmitting element, be used to adopt a said HFN that data are carried out encrypting and transmitting and give said UE.
17. a network communicating system is characterized in that, comprises the terminal and the network equipment, wherein,
Said terminal is used to receive the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises the first Hyper Frame Number HFN that is used to decipher downlink data in the encryption configuration of waiting to come into force; When satisfying Radio Link control and reset RLC Reset trigger condition, send Reset to the said network equipment, and receive the reset answer Reset Ack that the said network equipment sends, said Reset Ack comprises the 2nd HFN; Perhaps, when satisfying Radio Link control and reset RLC Reset trigger condition, receive the Reset that the said network equipment sends, and reply Reset Ack, said Reset comprises the 2nd HFN; According to a said HFN and said the 2nd HFN, confirm target HFN in order to the deciphering downlink data;
The said network equipment is used for sending radio bearer RB reallocation message to user equipment (UE); When satisfying Radio Link control and reset RLC Reset trigger condition; Receive the Reset that said UE sends; And replying reset answer Reset Ack, said Reset Ack comprises the second Hyper Frame Number HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, when satisfying Radio Link control and reset RLC Reset trigger condition, send the Reset that resets to said UE, and receive the Reset Ack that said UE sends, said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
18. network communicating system according to claim 17 is characterized in that,
Said terminal comprises:
Dispensing unit is used to receive the radio bearer RB reallocation message that the network equipment sends, and disposes new encryption parameter, and said new encryption parameter comprises a HFN who is used to decipher downlink data in the encryption configuration of waiting to come into force;
Processing unit is used for when satisfying Radio Link control and reset RLC Reset trigger condition, sending Reset to the network equipment, and receiving the reset answer Reset Ack that the said network equipment sends, and said Reset Ack comprises the 2nd HFN; Perhaps, said processing unit is used to receive the Reset that the said network equipment sends, and replys Reset Ack, and said Reset comprises the 2nd HFN;
Confirm the unit, be used for, confirm target HFN in order to the deciphering downlink data according to a said HFN and said the 2nd HFN;
The said network equipment comprises:
Transmitting element is used for sending radio bearer RB reallocation message to user equipment (UE);
Processing unit; Be used for when satisfying Radio Link control and reset RLC Reset trigger condition, receiving the Reset that said UE sends, and replying reset answer Reset Ack; Said Reset Ack comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data; Perhaps, said processing unit is used for sending the Reset that resets to said UE, and receives the Reset Ack that said UE sends, and said Reset comprises the 2nd HFN, so that said UE can confirm to decipher the target HFN of downlink data.
CN201210063560.2A 2012-03-12 2012-03-12 Method and device for synchronizing encrypting and decrypting parameters Active CN102547689B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210063560.2A CN102547689B (en) 2012-03-12 2012-03-12 Method and device for synchronizing encrypting and decrypting parameters

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210063560.2A CN102547689B (en) 2012-03-12 2012-03-12 Method and device for synchronizing encrypting and decrypting parameters

Publications (2)

Publication Number Publication Date
CN102547689A true CN102547689A (en) 2012-07-04
CN102547689B CN102547689B (en) 2014-12-24

Family

ID=46353396

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210063560.2A Active CN102547689B (en) 2012-03-12 2012-03-12 Method and device for synchronizing encrypting and decrypting parameters

Country Status (1)

Country Link
CN (1) CN102547689B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106559912A (en) * 2015-09-24 2017-04-05 联芯科技有限公司 RLC resets the triggering method and device of flow process
WO2022205230A1 (en) * 2021-03-31 2022-10-06 北京小米移动软件有限公司 Method and apparatus for determining hyper frame number of packet data convergence protocol entity

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040196803A1 (en) * 2003-04-03 2004-10-07 Lg Electronics Inc. Apparatus and method for controlling access to network in wireless communication system
CN101360040A (en) * 2007-08-03 2009-02-04 上海摩波彼克半导体有限公司 Method assuring ciphered parameter synchronization when resetting mobile terminal and link between networks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040196803A1 (en) * 2003-04-03 2004-10-07 Lg Electronics Inc. Apparatus and method for controlling access to network in wireless communication system
CN101360040A (en) * 2007-08-03 2009-02-04 上海摩波彼克半导体有限公司 Method assuring ciphered parameter synchronization when resetting mobile terminal and link between networks

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106559912A (en) * 2015-09-24 2017-04-05 联芯科技有限公司 RLC resets the triggering method and device of flow process
CN106559912B (en) * 2015-09-24 2020-03-20 联芯科技有限公司 Triggering method and device of RLC reset procedure
WO2022205230A1 (en) * 2021-03-31 2022-10-06 北京小米移动软件有限公司 Method and apparatus for determining hyper frame number of packet data convergence protocol entity

Also Published As

Publication number Publication date
CN102547689B (en) 2014-12-24

Similar Documents

Publication Publication Date Title
EP2282598B1 (en) Method and apparatus for handling physical downlink control channel orders in wireless communication system
EP2874460B1 (en) Method and device for recovering link failure
CN110140409A (en) Communication device, infrastructure equipment and method
US10932251B2 (en) Data receiving method and apparatus thereof, and data sending method and apparatus thereof
CN101072236A (en) Method and apparatus for setting ciphering activation time in a wireless communications system
KR102588139B1 (en) Method and apparatus for implementing bearer specific changes as part of a connection reconfiguration that impacts the security keys being used
CN101616411A (en) The evolved universal terrestrial radio access network and the means of communication thereof and subscriber equipment
CN103200599A (en) Method and device for data transmission
EP2107709A2 (en) Method and apparatus of transmission time interval bundling management
US10034276B2 (en) Downlink data transmission method, base station, and user equipment
CN102761905A (en) Message handling method, apparatus and system
CN104303578A (en) Method, Apparatus And System For Processing Data Transmission
CN104519486A (en) Method and system for updating secret key on wireless side in heterogeneous network
WO2017020302A1 (en) Method and apparatus for establishing data radio bearer
CN101355507B (en) Method and system for generating cipher key for updating tracking zonetime
CN103812622A (en) Method for data retransmission in end-to-end communication and user devices
CN101754393A (en) Method, device and system for reporting scheduling information
CN107534984B (en) Configuration method and equipment of component carrier group
EP1942625A2 (en) Methods and apparatuses for performing security error recovery in a wireless communications system
CN102547689B (en) Method and device for synchronizing encrypting and decrypting parameters
CN109644475A (en) Data transmission method, device and system
CN101174943A (en) Synchronization process and system for data safety
CN104301945A (en) Duration adjusting method for timer and base station
CN101835197A (en) Method and device for transmitting and receiving data
CN108631905B (en) Data sending method and device, terminal equipment and network equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant