CN102595403A - Authentication method and authentication device for relay node binding - Google Patents
Authentication method and authentication device for relay node binding Download PDFInfo
- Publication number
- CN102595403A CN102595403A CN2011100082474A CN201110008247A CN102595403A CN 102595403 A CN102595403 A CN 102595403A CN 2011100082474 A CN2011100082474 A CN 2011100082474A CN 201110008247 A CN201110008247 A CN 201110008247A CN 102595403 A CN102595403 A CN 102595403A
- Authority
- CN
- China
- Prior art keywords
- key
- authentication
- symmetric
- agreement
- mme
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an authentication method for relay node binding. The authentication method comprises the following steps of: carrying out key agreement authentication between a DeNB (Donor Evolved NodeB) and an RN (Relay Node); establishing a shared symmetrical device key according to an agreement authentication result; generating a novel system security key by an MME (Mobility Management Entity) and the RN respectively according to the symmetrical device key and a system security key; and deriving a novel AS (Access Stratum) and/or NAS (Non-Access Stratum) security protection key by utilizing the novel system security key, and carrying out encryption and integrity protection for communication business data between a network side and the RN. The invention simultaneously discloses an authentication device for the relay node binding. According to the authentication method and the authentication device which are disclosed by the invention, the protection for identity legality of the RN is enhanced, the RN can be accessed into a communication system to participate in communication just after the RN passes through the legality authentication at the network side, the access of an illegal RN is eliminated, and the communication security between the network side and the RN is ensured.
Description
Technical field
The present invention relates to the via node authentication techniques in the relay system, relate in particular to authentication method and the device of binding via node in a kind of relay system.
Background technology
Fig. 1 is Long Term Evolution (LTE; Long Term Evolution) the composition structural representation of network; As shown in Figure 1, the LTE network is by evolution Universal Terrestrial Radio Access Network (E-UTRAN, Evolved UniversalTerrestrial Radio Access Network) and evolution packet switching center (EPC; Evolved PacketCore) form, network presents flattening.EUTRAN links to each other with EPC through the S1 interface.Wherein, EUTRAN is made up of a plurality of interconnective evolution base stations (eNB, Evolved NodeB), connects through X2 interface between each eNB; EPC is made up of Mobility Management Entity (MME, Mobility Management Entity), service gateway entity (S-GW, Serving Gateway) and packet data network gateway network elements such as (P-GW, PacketData Networks Gateway).In addition, in the LTE network architecture, also have Home Environment (HE, Home Environment), promptly home subscriber server (HSS, Home Subscriber Server) is as customer data base.Wherein comprise user profile, carry out user's authentication and mandate, and the information etc. of relevant user's physical location can be provided.
In order to satisfy the demand that growing big bandwidth high-speed mobile inserts; Third generation partnership project (3GPP; Third Generation Partnership Projects) releases senior Long Term Evolution (LTE-Advanced, Long-Term Evolution advance) standard.LTE-Advanced has kept the core of LTE for the evolution of LTE system, adopts a series of technology that frequency domain, spatial domain are expanded on this basis, improves the availability of frequency spectrum to reach, increases purposes such as power system capacity.Wireless relay (Relay) technology promptly is one of technology among the LTE-Advanced, is intended to the coverage of Extended Cell, reduces the area, dead angle in the communication; Balanced load; Shift the business of hot zones, saving subscriber equipment (UE, User Equipment) is the transmitting power at terminal.(RN, the network after Relay-Node) is formed sketch map to Fig. 2, and is as shown in Figure 2, uses wireless connections between this newly-increased RN and the alms giver's evolution base station (Donor-eNB) in order to increase via node in the existing network framework.Wherein, the interface between Donor-eNB and the RN is called the Un mouth, and Radio Link between the two is called back haul link (backhaul link); Interface between RN and the UE is called the Uu mouth, and Radio Link therebetween is called access link (access link).Downlink data arrives Donor-eNB earlier, passes to RN then, and RN transfers to UE again, and upstream data arrives UE earlier, passes to RN then, and RN transfers to Donor-eNB again.
In the practical communication process, RN both can be used as a common terminal equipment, also can be used as a base station.As RN during as a terminal equipment, RN can be as common UE access of radio network.
Common UE is when access network; Network side can carry out user's authentication and cryptographic key agreement (AKA to it; Authentication and Key Agreement); This process is called evolved packet system authentication and cryptographic key agreement (EPS AKA, Evolved Packet System AKA) flow process in the LTE system.Need to prove; UE is meant the general name of mobile device (Mobile Equipment) and Universal Integrated Circuit Card (UICC, Universal Integrated Circuit Card) in the foregoing description, in UICC, has universal subscriber identity module (USIM; Universal SubscriberIdentity Module); Be used for purposes such as multiple application and authenticating user identification, above-mentioned EPS AKA process is actual not to be accomplished by USIM, in subsequent descriptions as not specified otherwise; USIM is UICC, and usim card is the UICC card.Therefore this process has been accomplished USIM authentication (or claim signatory authentication, subscription Authentication) and the cryptographic key agreement of network to the terminal, claims also in the subsequent descriptions that the USIM authentication is an authentification of user.
Through authentification of user, UE and network side can generate Integrity Key according to root key K (IK IntegrityKey) sends to ME with encryption key (CK, Cipher Key), and ME is according to IK and CK generation intermediate key K
ASME, utilize this intermediate key K then
ASMEDerive from other new key, respectively the communication data of Access Layer (AS, Acesss stratum) and Non-Access Stratum (NAS, Non-access stratum) is protected.Wherein, Non-Access Stratum safeguard protection key is (such as Non-Access Stratum encryption key K
NASenc, Non-Access Stratum Integrity Key K
NASint) respectively by K
ASMEAlgorithm by appointment derives from; Access Layer safeguard protection key is (such as Radio Resource control encryption key K
RRCenc, Radio Resource control Integrity Key K
RRCintWith the customer side encryption key K
UPenc) respectively by base station key K
ENBDerive from according to algorithms of different, and K
ENBBe by intermediate key K
ASMEDerivation comes, and framework and derived method that above-mentioned EPS safe key is concrete all are known technologies, repeat no more.
Similar with UE, RN is the general name of via node (RN platform) and UICC card during as a common terminal equipment, and RN can accomplish the UICC authentication of RN according to above-mentioned EPS AKA process.But, as RN during,, then may threaten the subscriber equipment of its service if this base station is an illegality equipment as the base station, therefore, before this base station services UE, at first need guarantee the legitimacy of this equipment (being RNplatform).
In addition; Even for a RN who accomplishes the legitimacy authentication of authentification of user and equipment respectively; Also have following security threat, Fig. 3 for the RN that possibly exist by the process sketch map of rogue attacks, as shown in Figure 3; If there is rogue attacks person (Attacker) that legal UICC card is inserted among the illegal RN; Simultaneously illegal UICC card is inserted among the legal RN, like this, the assailant uses legal USIM and legal RN to accomplish corresponding authentification of user and device authentication respectively when authentication.In the practical communication process; Illegal RN can get access to the Access Layer safeguard protection key that legal UICC card authentication produces; And the part communication data between illegal RN and the network side adopts the protection of Access Layer safeguard protection key, and the assailant just possibly distort or eavesdrop the Content of Communication between RN and the DeNB through illegal RN.Therefore, existing legitimacy authentication to RN can not guarantee that legal UICC card is inserted on the legal RN equipment, promptly can not realize the binding of authentification of user and the equipment of RN, thereby can not guarantee the communication data safety between RN and network side.
Authentication (or claiming RN platform authentication) about equipment; Ceng You company proposes to be utilized in to set up Transport Layer Security (TLS between DeNB and the RN; Transport Layer Security) connects tunnel (TLStunnel); In order to realizing the device authentication of DeNB to RN, and connect the master key (master secret) of consulting to generate in the tunnel establishment procedure according to TLS and generate a biasing key K o, utilizing Ko and existing Access Layer safe key (is Radio Resource control encryption key K
RRCenc, Radio Resource control Integrity Key K
RRCintWith the customer side encryption key K
UPenc) to generate the new Access Layer safe key of binding with RN equipment (RNplatform) respectively as input (be new K
RRCenc, new K
RRCintWith new K
UPenc), can guarantee that like this this safety certification and authentification of user before terminate in same RN node, thereby stop the security threat shown in Fig. 3.But this scheme has following shortcoming:
1) in this verification process, it is unnecessary that the said TLS of foundation connects tunnel (TLS Tunnel), because can't use the TLS tunnel in this scheme.
2) if the mobility problem of RN after considering, promptly RN has moved under the covering of another DeNB in the covering of a DeNB, then originally with RN between TLS be connected then and can't safeguard.
3) do not do binding for the employed Non-Access Stratum key of non-access layer information, so still there is potential safety hazard in NAS message.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of authentication method and device of binding via node, can carry out key authentication to legal via node, has avoided illegal via node to be linked into communication system.
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of authentication method of binding via node comprises:
Between DeNB and RN, initiate key agreement authentication;
Set up the symmetric key of sharing according to the key of consulting authentication;
Said MME and said RN generate new system safety key according to said symmetric key and system safety key respectively;
Utilize said new new Access Layer and/or the Non-Access Stratum safeguard protection key of system safety key derivation, the communication service data between network side and the RN is encrypted and integrity protection.
Preferably, said key agreement authentication realizes through following manner:
Internet Key Exchange IKE agreement flow process, or Transport Layer Security tls handshake protocol flow process, or SSL ssl protocol flow process, or Extensible Authentication Protocol EAP flow process, or EAP-TLS identifying procedure.
Preferably, said symmetric key is set up by said DeNB, and sends to said MME;
Perhaps, said DeNB sends to said MME with the key of key agreement authentication, is set up the symmetric key of sharing by said MME.
Between said DeNB and said RN, initiate message corresponding in the key agreement authentication flow process and can be respectively be connected transmission with user face data between the DeNB through RN; Also can transmit (promptly the form as container (Container) is encapsulated in the chain of command signaling) through existing Radio Resource control (RRC) chain of command signaling.
Preferably, said DeNB makes key or said symmetric key with key agreement authentication send to said MME through S1 message.
Preferably, the said symmetric key that foundation is shared according to the negotiation authentication result is specially:
With the key of key agreement authentication directly as said symmetric key;
The key that perhaps, will be generated by the part ciphertext in the key of key agreement authentication is as said symmetric key;
Perhaps, will be according to the key of key agreement authentication, the key that derives from again with set algorithm is as said symmetric key.
Preferably, said key agreement authentication is the key agreement authentication based on symmetric key;
Perhaps, said key agreement authentication is the key agreement authentication based on public key system.
Preferably, saidly generate new system safety key according to said symmetric key and system safety key and be specially:
Utilize said symmetric key and said system safety key as input, regenerate new key by set algorithm; Wherein, said set algorithm is employed key derivation function KDF in the said system safety key generative process, or is pseudo-random function, or is one-way function.
Preferably, said system safety key is at least a of following key: intermediate key KASME, encryption key CK and Integrity Key IK, base station key KeNB.
A kind of authenticate device of binding via node comprises MME, DeNB and RN in the said relay system, said device comprises authentication ' unit, sets up the unit, transmitting element, generation unit and ciphering unit, wherein,
Authentication ' unit is used between DeNB and RN, initiating key agreement authentication;
Set up the unit, be arranged in DeNB or MME, be used for setting up the symmetric key of sharing according to the key of consulting authentication;
Transmitting element is arranged in DeNB, is used for the key of said symmetric key or said authentication ' unit key agreement authentication is sent to MME;
Generation unit is arranged in MME and RN, is used for generating new system safety key according to said symmetric key and system safety key;
Ciphering unit is used to utilize said new new Access Layer and/or the Non-Access Stratum safeguard protection key of system safety key derivation, and the communication service data between network side and the RN is encrypted and integrity protection.
Preferably; The key agreement authentication that said authentication ' unit is carried out realizes through following manner: Internet Key Exchange IKE agreement flow process, or Transport Layer Security tls handshake protocol flow process, or SSL ssl protocol flow process; Or Extensible Authentication Protocol EAP flow process, perhaps EAP-TLS identifying procedure.
Preferably, said transmitting element is used for making key or said symmetric key with said authentication ' unit key agreement authentication send to said MME through S1 message.
Preferably, said set up the unit further with the key of said authentication ' unit key agreement authentication directly as said symmetric key; The key that perhaps, will be generated by the part ciphertext in the key of said authentication ' unit key agreement authentication is as said symmetric key; Perhaps, will be according to the key of said authentication ' unit, the key that derives from again with set algorithm is as said symmetric key.
Preferably, the employed key agreement authentication of said authentication ' unit is the key agreement authentication based on symmetric key; Perhaps, the employed key agreement authentication of said authentication ' unit is levied for recognizing based on the key agreement of public key system.
Preferably, said generation unit further utilizes said symmetric key and said system safety key as input, regenerates new key by set algorithm; Wherein, said set algorithm is employed key derivation function KDF in the said system safety key generative process, or is pseudo-random function, or is one-way function.
Among the present invention, at first between DeNB and RN, initiate the key agreement authentication flow process, and set up the symmetric key of sharing according to consulting authentication result.Among the present invention, it is basic identical to consult identifying procedure and existing authentication mode, through this verification process, realizes the Basic Authentication to RN, and the access of having stopped illegal structure, the present invention also on this authentication infrastructure, are further set up the symmetric key; Simultaneously this symmetric key is sent to MME, generate new system safety key according to said symmetric key and system safety key respectively by MME and RN, and use this new system safety key to carry out the processing of information encryption.The present invention has strengthened the protection to the RN identity legitimacy, the legal authentication that RN need be through network side just can be linked into and participate in communication in the communication system, and the access of having stopped illegal RN has guaranteed the fail safe of communicating by letter between network side and the RN.
Description of drawings
Fig. 1 is the composition structural representation of LTE network;
Fig. 2 is that the network behind the increase RN is formed sketch map in the existing network framework;
Fig. 3 for the RN that possibly exist by the process sketch map of rogue attacks;
Fig. 4 binds the flow chart of the authentication method embodiment one of via node for the present invention;
Fig. 5 binds the flow chart of the authentication method embodiment two of via node for the present invention;
Fig. 6 binds the flow chart of the authentication method embodiment three of via node for the present invention;
Fig. 7 is that safe key of the present invention is bound sketch map;
Fig. 8 binds the composition structural representation of the authenticate device of via node for the present invention.
Embodiment
The basic thought of the embodiment of the invention is at first between DeNB and RN, to initiate the key agreement authentication flow process, and set up the symmetric key of sharing according to consulting authentication result.Further this symmetric key is sent to MME, generate new system safety key according to said symmetric key and system safety key respectively by MME and RN, and use this new system safety key to carry out the processing of information encryption.
For making the object of the invention, technical scheme and advantage clearer, below lift embodiment and with reference to accompanying drawing, to further explain of the present invention.
Below at first the integral body of technical scheme of the present invention is described.Need to prove; The present invention is not only applicable to comprise in the LTE system situation of via node, is applicable to the situation that comprises via node in the evolved packet system yet, that is to say; The present invention is applicable in all junction networks that comprise via node; Above-mentioned via node can be general relay base station, also can be the network node that Home eNodeB etc. has relay function.Because the verification process to via node in these systems all is similarly, will describe no longer one by one among the present invention.
Among the present invention; Between DeNB and RN, initiate the key agreement authentication flow process, also set up the symmetric key of sharing in order to realize the authentication between DeNB and the via node platform (RN platform), after this flow process success; DeNB sends to MME with the symmetric key; Bind according to this symmetric key and evolved packet system safe key respectively by MME and RN, generate new evolved packet system safe key, in order to the communication security between protection RN and the network.Wherein, said key agreement authentication flow process can refer to existing any flow process that is used for carrying out between communication entity authentication and key agreement, such as internet key exchange (IKE, Internet Key Exchange; Or IKEv2; The IKE version 2) flow process, perhaps tls handshake protocol (TLS handshake) flow process, perhaps secure socket layer protocol (SSL; Secure SocketsLayer) flow process; Perhaps Extensible Authentication Protocol (EAP, Extended Authentication Protocol) flow process, perhaps EAP-TLS identifying procedure.The method of setting up the symmetric key can be, directly utilizes the key of consulting in the key agreement authentication flow process, and perhaps the key to this negotiation blocks (truncate), perhaps derives from again to generate said symmetric key.Among the present invention, it promptly is as said symmetric key with the key that is generated by the part ciphertext in the key that generates in the said key agreement authentication flow process that what is called is blocked; As key preceding 10 as the symmetric key, or key back 10 as symmetric key etc.Perhaps, will be according to the key that generates in the said key agreement authentication flow process, the key that derives from again with set algorithm is as said symmetric key.It promptly is according to corresponding algorithm that what is called derives from again, and the key of current key being consulted to generate in the identifying procedure by set algorithm calculates, and as the key that generates in the key agreement authentication flow process is shifted accordingly, or sets up corresponding position etc.
Above-mentioned key agreement authentication flow process can be based on symmetric key, also can be based on public key system (being certificate).
The method of above-mentioned DeNB notice MME symmetric key can be that DeNB utilizes the order of S1 message that this key is sent to MME.This S1 message order can be existing S1 signaling, also can be the S1 signaling that increases newly.
Said symmetric key also can be generated by MME, needs this moment DeNB that the key of consulting in the key agreement authentication flow process is sent to MME through S1 mouth message, adopts the generation method identical with aforementioned RN to set up the symmetric key by MME.
Wherein, MME and RN bind the method that generates new key according to symmetric key and evolved packet system (EPS) safe key, can be meant and utilize symmetric key and EPS safe key as input that algorithm regenerates new key by appointment.Wherein engagement arithmetic can be the key derivation function (KDF that uses in the existing EPS safe key generative process; Key Derivation Function), perhaps other pseudo-random function (Pseudo-random function) or one-way function (One-way function).
Below, further illustrate the essence of technical scheme of the present invention through concrete example.
Embodiment one
Fig. 4 binds the flow chart of the authentication method embodiment one of via node for the present invention, and is as shown in Figure 4, in this example; Realize mutual authentication and key agreement through tls handshake protocol between DeNB and the RN; After this flow performing success, utilize the key of consulting in the flow process to generate new symmetric key K platform, and this key and EPS safe key are bound; Generate new EPS safe key, in order to protect follow-up communication security.The authentication method of the binding via node of this example specifically may further comprise the steps:
Step 401 is initiated TLS and is shaken hands between DeNB and the RN, be used for mutual authentication between the two, and MME and RN set up shared master key (Master Secret) respectively in the TLS handshake procedure simultaneously, set up symmetric key K platform according to this master key.Wherein the generation method of Kplatform can be one of following mode:
Kplatform=master_secret, promptly Kplatform directly uses master key;
Perhaps, Kplatform=Truncated (master_secret), promptly Kplatform uses the master key that blocks;
Perhaps, Kplatform=KDF (master_secret), promptly Kplatform derives from algorithm computation by appointment by master key and gets.Selectively, this algorithm can also have other input parameters.Such as Kplatform=PRF (master_secret, X), wherein PRF is the TLS pseudo-random function, X is other optional parameters, can be the random number that RN and/or MME generate, and also can be the parameter of sharing between other RN and the MME.
Concrete, corresponding uplink and downlink message can be respectively be connected transmissions through RN with user face data between the DeNB in the above-mentioned tls handshake protocol flow process, promptly passes through Data Radio Bearer (DRB, Data Radio Bearer) transmission as user face data; Also can through on the existing chain of command/the downlink signaling transmission; Promptly the form as container (Container) is encapsulated in the chain of command signaling; Such as using uplink information transmission (ULInformationTransfer) and downlink information transmission (DLInformationTransfer) message transmission respectively, what encapsulate in the container that in the chain of command signaling, need clearly indicate this message to carry is tls handshake protocol message.The direction of transfer of chain of command signaling that wherein is used for carrying tls handshake protocol is consistent with the direction of transfer of the related news of tls handshake protocol.
Step 402, DeNB sends to MME with this symmetric key K platform through 1 mouthful of message of S.Such as through up NAS transmission (Uplink NAS Transport) message, wherein carry Kplatform.
Concrete; DeNB also can pass through other S1 mouth dedicated signalings and (or claim UE related signaling; UE-associated Signalling) transmits Kplatform; Set up response (InitialUE Context Response) such as the initial UE context, perhaps the non-transmission indication of NAS signalings such as (NAS NON DELIVERYINDICATION).
DeNB can also such as a newly-increased S1 mouth message, in a said S1 mouth message, carry Kplatform information, and RN be as the identification information of UE identity at the S1 mouth through in the S1 message order that increases newly, transmitting Kplatform.
Step 403, the EPS safe key K that MME utilizes symmetric key K platform and in EPS AKA, generates
ASMEBind, generate the new safe key Kamse_platform that binds with equipment (being RN platform).
K
ASMEThe generation method of _ platform can be to use K
ASMEGinseng is gone in conduct with Kplatform, uses the key derivation algorithm computation of agreement, and Fig. 7 is that safe key of the present invention is bound sketch map, and is as shown in Figure 7:
K
ASME_platform=KDF(K
ASME,Kplatform,X1)
Wherein KDF is the key derivation algorithm of agreement, and X1 is other optional inputs of this algorithm.
Pass through said process; MME has accomplished the legitimacy authentication to the authentification of user of RN and equipment; The potential safety hazard between RN platform and UICC interface has been eliminated in the binding of the symmetric key K platform that has also realized simultaneously generating in EPS safe key and the via node authentication.Follow-up, MME and RN can be with K
ASME_ platform replaces original K
ASME, derive other the AS layer and the safe key of NAS layer, be used to protect signaling and data security between RN and the network side, concrete derivation algorithm is identical with security mechanism among the existing LTE with the protection algorithm, repeats no more.
According to the difference of concrete implementation, in the method that embodiment one describes, after MME obtains symmetric key K platform through step 402, also can transmit a reply message to DeNB.Said answer message can be any message of S1 mouth, such as transmitting (DLInformationTransport) through downlink information.Perhaps other S1 mouth specific messages also can pass through newly-increased S1 mouth message.
The answer message of above-mentioned MME can be sent by the random time point after step 402.
According to the difference of concrete implementation, in the method that embodiment one describes, the TLS handshake procedure in the step 401 can initiatively be initiated by DeNB, also can initiatively be initiated by RN.
According to the difference of concrete implementation, in the method that embodiment one describes, step 402 also can be IK and CK as the EPS safe key of binding or use K
ENBSuch as:
K
ASME_ platform=KDF (CK, IK, Kplatform, Y1) or
K
eNB_platform=KDF(K
eNB,Kplatform,Z1)
Wherein KDF is respectively the engagement arithmetic that uses in the calculating, and Y1 or Z1 are respectively other optional parameters that use in the calculating.Its computational methods are similarly, can be different but bind the agreement derivation algorithm concrete form that uses.The K that generates according to said process in addition
ASME_ platform and K
ENB_ platform also can substitute existing K respectively
ASMEAnd K
ENB, derive from new NAS layer and/or AS layer safe key again, protect the communication security of follow-up RN and network.
Among the present invention; TLS handshake procedure in the step 401 is a contents known; And can adopt simply according to the different demands in the concrete application and to shake hands (Simple TLS Handshake) or the TLS of the checking client forms such as (Client-authenticated TLS handshake) of shaking hands; This verification process can initiatively be initiated by RN, also can initiatively be initiated by DeNB.
Need to prove that above-mentioned key agreement authentication process also can adopt other flow process, such as SSL (SSL handshake) process of shaking hands, perhaps EAP authentication, perhaps EAP-TLS identifying procedure etc.These key agreement authentication processes also can be changed according to concrete application demand in practical application to some extent, but do not influence purport of the present invention.
In step 403, in order to guarantee between MME and the RN to realize the synchronous binding of key, MME with can carry out the binding of EPS safe key and symmetric key through NAS signaling process indication RN.Such as, MME binds through NAS safe mode command (NAS SMC, NAS Security Mode Command) notice RN, in message, increases and binds indication; Accomplish the binding back at RN and reply MME, indicate to bind to complete successfully through NAS safe mode completion (NAS Security Mode Complete).
The generation of above-mentioned symmetric key K platform also can be carried out at MME; Behind the master key that promptly DeNB obtains to share in step 401; DeNB sends to MME through 402 steps with master key; Generate Kplatform by MME according to master key, method is identical in concrete generating mode and the step 401, then the MME key bindings process in the execution in step 403 again.
Embodiment two
Fig. 5 binds the flow chart of the authentication method embodiment two of via node for the present invention, and is as shown in Figure 5, in this example; Utilize tls handshake protocol to realize the symmetric key updating between DeNB and the RN; After upgrading successfully, DeNB sends to MME with the key that upgrades, and MME utilizes this key and EPS safe key to bind; Generate new EPS safe key, in order to protect follow-up communication security.The authentication method of the binding via node of this example specifically may further comprise the steps:
Step 500 has realized two-way authentication between DeNB and the RN, and has set up the EPS safe key of sharing with apparatus bound, such as intermediate key K
ASME, or base station key K
ENBDeng.
Step 501 in order to upgrade the symmetric key between DeNB and the RN, is initiated the TLS handshake procedure between DeNB and the RN, if shake hands successfully, authentication success between DeNB and the RN platform is described then.DeNB and RN rebulid shared master key (Master Secret) in handshake procedure, set up the symmetric key K platform that upgrades according to this this master key.Concrete mode is identical with the method for embodiment one.
Concrete, the message transfer mode of above-mentioned TLS handshake procedure is identical with embodiment one.
Step 502 is with step 402.Here repeat no more.
Step 503 is with step 403.Here repeat no more.
Through said process, accomplished the symmetric key updating between MME and the RN, and the renewal of the EPS safe key of binding.Follow-up processing procedure can adopt the mode identical with embodiment one, repeats no more here.
Embodiment three
Fig. 6 binds the flow chart of the authentication method embodiment two of via node for the present invention, and is as shown in Figure 6, in this example; Utilize the IKE agreement to realize consulting authentication between DeNB and the RN, and set up the IPsec tunnel, give the opposite end through the symmetric key that this tunnel transmission is shared; DeNB sends to MME with this key then; MME utilizes this key and EPS safe key to bind, and generates new EPS safe key, in order to protect follow-up communication security.
Step 601; DeNB initiates the IKE flow process to RN, is used to realize the mutual authentication between DeNB and the RN, sets up IPsec tunnel (IPsec Tunnel) behind the authentication success; Through this tunnel DeNB symmetrical safe key Kplatform is sent to RN, wherein Kplatform is the random number that DeNB generates.
This IKE flow process also can initiatively be initiated to DeNB by RN.
Step 602 is with step 402
Step 603 is with step 403
Through above-mentioned IKE process, accomplished mutual authentication and the foundation of symmetric key between DeNB and the RN, and accomplished the binding of Device keys and EPS safe key at MME and RN.Follow-up processing procedure can adopt the mode identical with embodiment one, repeats no more here.
Need to prove; Top key agreement authentication process can be used the TLS handshake procedure, and perhaps SSL shakes hands, perhaps ike negotiation; Perhaps process such as EAP authentication; Can be based on wildcard (Pre-shared key, or claim symmetric key Symmetric key) in these processes, also can be based on PKI (Publickey) or based on (Certificate) of certificate.Therefore, these keys or certificate all are that requirement is present among DeNB and/or the RN platform (RN platform promptly is stored among the RN), and this is a precondition of the present invention.
Fig. 8 binds the composition structural representation of the authenticate device of via node for the present invention; As shown in Figure 8; The authenticate device that the present invention binds via node is mainly used in the relay system, and relay system comprises MME, DeNB and RN, and the authenticate device that the present invention binds via node specifically comprises authentication ' unit 80, sets up unit 81, transmitting element 82, generation unit 83 and ciphering unit 84; Wherein
Authentication ' unit 80 is used between DeNB and RN, initiating key agreement authentication;
Set up unit 81, be arranged in DeNB or MME, be used for setting up the symmetric key of sharing according to consulting authentication result;
Transmitting element 82 is arranged in DeNB, is used for the key of said symmetric key or said authentication ' unit key agreement authentication is sent to MME;
Generation unit 83 is arranged in MME and RN, is used for generating new system safety key according to said symmetric key and system safety key;
Ciphering unit 84 is used to utilize said new new Access Layer and/or the Non-Access Stratum safeguard protection key of system safety key derivation, and the communication service data between network side and the RN is encrypted and integrity protection.
The key agreement authentication that above-mentioned authentication ' unit 80 is carried out realizes through following manner: Internet Key Exchange IKE agreement flow process; Or Transport Layer Security tls handshake protocol flow process; Or SSL ssl protocol flow process, or Extensible Authentication Protocol EAP flow process, perhaps EAP-TLS identifying procedure.
Above-mentioned transmitting element 82 is used for making key or said symmetric key with authentication ' unit 80 key agreement authentication send to said MME through S1 message.Among the present invention, the order of S1 message can be the signaling in the existing communication system, promptly existing S1 message order is expanded, and uses existing S1 message order to carry relevant informations such as key according to the invention.It also can be the S1 message order of newly establishing.
Between said DeNB and said RN, initiate message corresponding in the key agreement authentication flow process and can be respectively be connected transmission with user face data between the DeNB through RN; Also can transmit (promptly the form as container (Container) is encapsulated in the chain of command signaling) through existing Radio Resource control (RRC) chain of command signaling.
Above-mentioned set up unit 81 further with the key (being above-mentioned master key) of authentication ' unit 80 key agreement authentication directly as said symmetric key; The key that perhaps, will be generated by the part ciphertext in the key of authentication ' unit 80 key agreement authentication is as said symmetric key; Perhaps, will be according to the key of said authentication ' unit key agreement authentication, the key that derives from again with set algorithm is as said symmetric key.
Above-mentioned authentication ' unit 80 employed key agreement authentication are the key agreement authentication based on symmetric key; Perhaps, the employed key agreement authentication of said authentication ' unit is the key agreement authentication based on public key system.
Above-mentioned generation unit 83 further utilizes said symmetric key and said system safety key as input, regenerates new key by set algorithm; Wherein, said set algorithm is employed key derivation function KDF in the said system safety key generative process, or is pseudo-random function, or is one-way function.
Those skilled in the art are to be understood that; The authenticate device of binding via node shown in Figure 8 is to design for the authentication method of realizing aforesaid binding via node; The function of each processing unit can be with reference to the description of preceding method and understand in the authenticate device of binding via node shown in Figure 8; The function of each processing unit can realize through the program that runs on the processor, also can realize through concrete logical circuit.
The above is merely preferred embodiment of the present invention, is not to be used to limit protection scope of the present invention.
Claims (14)
1. an authentication method of binding via node is characterized in that, said method comprises:
Between donor base station DeNB and via node RN, initiate key agreement authentication;
Set up the symmetric key of sharing according to the key of consulting authentication;
Said MME and said RN generate new system safety key according to said symmetric key and system safety key respectively;
Utilize said new new Access Layer and/or the Non-Access Stratum safeguard protection key of system safety key derivation, the communication service data between network side and the RN is encrypted and integrity protection.
2. according to the said method of claim 1, it is characterized in that said key agreement authentication realizes through following manner:
Internet Key Exchange IKE agreement flow process, or Transport Layer Security tls handshake protocol flow process, or SSL ssl protocol flow process, or Extensible Authentication Protocol EAP flow process, or EAP-TLS identifying procedure.
3. according to the said method of claim 1, it is characterized in that said symmetric key is set up by said DeNB, and send to said MME;
Perhaps, said DeNB sends to said MME with the key of key agreement authentication, is set up the symmetric key of sharing by said MME.
4. according to claim 1 or 3 said methods, it is characterized in that said DeNB makes key or said symmetric key with key agreement authentication send to said MME through S1 message.
5. according to claim 1 or 3 said methods, it is characterized in that the said symmetric key that foundation is shared according to the negotiation authentication result is specially:
With the key of key agreement authentication directly as said symmetric key;
The key that perhaps, will be generated by the part ciphertext in the key of key agreement authentication is as said symmetric key;
Perhaps, will be according to the key of key agreement authentication, the key that derives from again with set algorithm is as said symmetric key.
6. according to the said method of claim 2, it is characterized in that said key agreement authentication is the key agreement authentication based on symmetric key;
Perhaps, said key agreement authentication is the key agreement authentication based on public key system.
7. according to the said method of claim 1, it is characterized in that, saidly generate new system safety key according to said symmetric key and system safety key and be specially:
Utilize said symmetric key and said system safety key as input, regenerate new key by set algorithm; Wherein, said set algorithm is employed key derivation function KDF in the said system safety key generative process, or is pseudo-random function, or is one-way function.
8. according to claim 1 or 7 said methods, it is characterized in that said system safety key is at least a of following key: intermediate key K
ASME, encryption key CK and Integrity Key IK, base station key K
ENB
9. an authenticate device of binding via node comprises MME, DeNB and RN in the said relay system, it is characterized in that, said device comprises authentication ' unit, sets up the unit, transmitting element, generation unit and ciphering unit, wherein,
Authentication ' unit is used between DeNB and RN, initiating key agreement authentication;
Set up the unit, be arranged in DeNB or MME, be used for setting up the symmetric key of sharing according to the key of consulting authentication;
Transmitting element is arranged in DeNB, is used for the key of said symmetric key or said authentication ' unit key agreement authentication is sent to MME;
Generation unit is arranged in MME and RN, is used for generating new system safety key according to said symmetric key and system safety key;
Ciphering unit is used to utilize said new new Access Layer and/or the Non-Access Stratum safeguard protection key of system safety key derivation, and the communication service data between network side and the RN is encrypted and integrity protection.
10. according to the said device of claim 9; It is characterized in that; The key agreement authentication that said authentication ' unit is carried out realizes through following manner: Internet Key Exchange IKE agreement flow process, or Transport Layer Security tls handshake protocol flow process, or SSL ssl protocol flow process; Or Extensible Authentication Protocol EAP flow process, perhaps EAP-TLS identifying procedure.
11., it is characterized in that said transmitting element is used for making key or said symmetric key with said authentication ' unit key agreement authentication send to said MME through S1 message according to the said device of claim 9.
12. according to claim 1 or 10 said devices, it is characterized in that, said set up the unit further with the key of said authentication ' unit key agreement authentication directly as said symmetric key; The key that perhaps, will be generated by the part ciphertext in the key of said authentication ' unit key agreement authentication is as said symmetric key; Perhaps, will be according to the key of said authentication ' unit, the key that derives from again with set algorithm is as said symmetric key.
13., it is characterized in that the employed key agreement authentication of said authentication ' unit is the key agreement authentication based on symmetric key according to claim 1 or 10 said devices; Perhaps, the employed key agreement authentication of said authentication ' unit is the key agreement authentication based on public key system.
14., it is characterized in that said generation unit further utilizes said symmetric key and said system safety key as input, regenerates new key by set algorithm according to claim 1 or 10 said devices; Wherein, said set algorithm is employed key derivation function KDF in the said system safety key generative process, or is pseudo-random function, or is one-way function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100082474A CN102595403A (en) | 2011-01-14 | 2011-01-14 | Authentication method and authentication device for relay node binding |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100082474A CN102595403A (en) | 2011-01-14 | 2011-01-14 | Authentication method and authentication device for relay node binding |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102595403A true CN102595403A (en) | 2012-07-18 |
Family
ID=46483514
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011100082474A Pending CN102595403A (en) | 2011-01-14 | 2011-01-14 | Authentication method and authentication device for relay node binding |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102595403A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103813272A (en) * | 2012-11-14 | 2014-05-21 | 普天信息技术研究院有限公司 | Cluster group calling downlink transmission method |
| CN104486077A (en) * | 2014-11-20 | 2015-04-01 | 中国科学院信息工程研究所 | End-to-end secret key negotiation method for VoIP (Voice Over Internet Protocol) real-time data safety transmission |
| US11523277B2 (en) | 2019-06-14 | 2022-12-06 | Samsung Electronics Co., Ltd. | Method of dynamically provisioning a key for authentication in relay device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101931953A (en) * | 2010-09-20 | 2010-12-29 | 中兴通讯股份有限公司 | Method and system for generating safety key bound with device |
| CN101945386A (en) * | 2010-09-10 | 2011-01-12 | 中兴通讯股份有限公司 | Method and system for implementing synchronous binding of safe secret keys |
| CN101945387A (en) * | 2010-09-17 | 2011-01-12 | 中兴通讯股份有限公司 | Method and system of binding access layer secret key and device |
-
2011
- 2011-01-14 CN CN2011100082474A patent/CN102595403A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101945386A (en) * | 2010-09-10 | 2011-01-12 | 中兴通讯股份有限公司 | Method and system for implementing synchronous binding of safe secret keys |
| CN101945387A (en) * | 2010-09-17 | 2011-01-12 | 中兴通讯股份有限公司 | Method and system of binding access layer secret key and device |
| CN101931953A (en) * | 2010-09-20 | 2010-12-29 | 中兴通讯股份有限公司 | Method and system for generating safety key bound with device |
Non-Patent Citations (2)
| Title |
|---|
| SA3: "《3GPP TSG-SA3 (Security) S3-100896》", 2 July 2010 * |
| ZTE CORPORATION: "《3GPP TSG-SA3 (Security) Meeting – SA3 Ad Hoc S3-101063》", 29 September 2010 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103813272A (en) * | 2012-11-14 | 2014-05-21 | 普天信息技术研究院有限公司 | Cluster group calling downlink transmission method |
| CN104486077A (en) * | 2014-11-20 | 2015-04-01 | 中国科学院信息工程研究所 | End-to-end secret key negotiation method for VoIP (Voice Over Internet Protocol) real-time data safety transmission |
| CN104486077B (en) * | 2014-11-20 | 2017-09-15 | 中国科学院信息工程研究所 | A kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission |
| US11523277B2 (en) | 2019-06-14 | 2022-12-06 | Samsung Electronics Co., Ltd. | Method of dynamically provisioning a key for authentication in relay device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108781366B (en) | Authentication mechanism for 5G technology | |
| CN104737572B (en) | To the method and apparatus based on neighbouring service discovery offer integrity protection of the discovery range of extension | |
| JP5572720B2 (en) | Method and apparatus for securing a wireless relay node | |
| CN101945387B (en) | The binding method of a kind of access layer secret key and equipment and system | |
| CN101931955B (en) | Authentication method, device and system | |
| CN101640886B (en) | Authentication method, re-authentication method and communication device | |
| CN101945386B (en) | A kind of method and system realizing safe key synchronous binding | |
| CN101500229B (en) | Method for establishing security association and communication network system | |
| KR101499367B1 (en) | Method and apparatus for relay node management and authorization | |
| US9667413B2 (en) | Encryption realization method and system | |
| US20110305339A1 (en) | Key Establishment for Relay Node in a Wireless Communication System | |
| CN101931953B (en) | Generate the method and system with the safe key of apparatus bound | |
| US20130091556A1 (en) | Method for establishing a secure and authorized connection between a smart card and a device in a network | |
| CN103098435A (en) | Relay node device authentication mechanism | |
| CN101951590B (en) | Authentication method, device and system | |
| US20150334560A1 (en) | Mtc key management for key derivation at both ue and network | |
| CN108293223A (en) | A kind of data transmission method, user equipment and network side equipment | |
| WO2010124474A1 (en) | Method and device for establishing security mechanism of air interface link | |
| CN104285422A (en) | Secure communications for computing devices utilizing proximity services | |
| CN101977378B (en) | Information transferring method, network side and via node | |
| CN102056159A (en) | Method and device for acquiring safe key of relay system | |
| KR20230172603A (en) | Method and apparatus for provisioning, authentication, authorization, and user equipment (UE) key generation and distribution in an on-demand network | |
| CN102595395A (en) | Relay node authentication method and system | |
| CN105764052A (en) | TD-LTE authentication and protective encryption method | |
| CN102595403A (en) | Authentication method and authentication device for relay node binding |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120718 |
|
| RJ01 | Rejection of invention patent application after publication |