CN104602236A - Group-based anonymous switching authentication method during machine-type communication - Google Patents

Abstract

The invention discloses a group-based anonymous switching authentication method during machine-type communication. By the aid of the group-based anonymous switching authentication method, the problem of congestion conditions due to the fact that large quantities of machine-type devices are switched over in existing standards mainly can be solved. The group-based anonymous switching authentication method includes procedures of enabling a current base station or current MME (mobile management entity) to transmit secure session information of all switched group members to a target base station or MME when first machine-type devices in machine-type communication device switched groups are about to be switched to the target base station from the current base station; allowing switching authentication procedures to be carried out between other machine-type devices in the switched groups and the target base station without MME contact, allowing the other machine-type devices to negotiate with the target base station eNB to obtain session keys so as to implement quick switching authentication of the devices in the groups. The group-based anonymous switching authentication method has the advantages that the signaling overhead can be greatly reduced under the condition that the privacy of users is guaranteed, and signaling conflict can be prevented.

Description

Based on the anonymous switching authentication method of group in a kind of machine type communication

Technical field

The invention belongs to Security Technology for wireless Communications Network field, more specifically, the present invention relates to the anonymous switching authentication method based on group in a kind of machine type communication.

Background technology

Along with the development of communication, machine type communication (MTC) has become the actuating force that mobile operator develops the application of a large amount of real-time network.Machine type communication (MTC), is also called Machine To Machine (M2M), causes the huge in a mobile network concern of equipment vendors and research institution.MTC is a kind of data communication of specific type.It between an equipment and another entity at the Internet or core network, without any need for the manual intervention of form.Due to reduction lower deployment cost and these features of more excellent covering of MTC, in our daily life, there is a lot of new services and applications from the concept of MTC, as health care service, remote measurement application, fleet's management, intelligent grid etc.Along with the expansion of potential range of application, the forum of many standards and organize the current technology all developed and strengthen to go to support MTC application program.Particularly, it is more active that third generation partner program (3GPP) becomes in this field that MTC defines, especially Long Term Evolution version 10 i.e. LTE-A.

Be different from the traditional mankind (H2H) communication, two challenges mainly contained for MTC, processes the Machine Type equipment (MTCDs) of enormous amount simultaneously and realize energy-conservation.According to estimates, large 1000 times of the number of the subscriber equipment (UE) that the number ratio of MTCDs is common.In addition, analysis result shows, the quantitative range being connected to a base station at the year two thousand twenty MTCDs is 10000 to 100000.Along with the demand of mobility is increasing, guarantee the application program process of the MTC of movement in real time in LTE-A network, a large amount of MTCDs leaves current eNB simultaneously and moves to another new eNB, and it is indispensable for realizing quick, safe seamless handover.The 3GPP committee has defined the framework of MTC, threat, service and demand for security.In addition, the 3GPP committee it is also proposed the mobility scene between various contingent eNBs, comprises the switching based on X2, the switching of Mobility Management Entity (MME), and describes the flow process about switching in detail.According to 3GPP standard, each MTCD needs to perform handoff procedure that is identical and UE.But under current handover mechanism, because Signalling exchange taken turns by needs more, it may cause Access Network and the serious signaling overload of LTE-A core network, increases the energy ezpenditure of MTCDs.In addition, due to some base stations, such as local eNB (or Home eNodeB HeNB) and via node (RN's) can easily be had by third party, therefore, in the process switching authenticated exchange sensitive information, assailant can obtain the privacy information about the motion of this equipment and the MTCD of position.Therefore, how realizing switching that MTC device has an ambulant safety and efficiently is a key issue in LTE-A network.

3GPP TR 33.868 has proposed and has avoided congested MTCD group technology, and by the method, a large amount of MTC device can be combined into a MTC group and manage to facilitate LTE-A network.Group technology is applicable to the LTE-A network having a large amount of mobile MTC device, but this method is just applied to the communication between MTCD and MTC server and does not consider at the substandard handover security of current 3GPP.Root as far as we know, does not also not switch the correlative study of verification process at present in 3GPP network for large number quipments, existingly still do not consider the moving process of large number quipments or inapplicable LTE-A network based on the access authentication method of group in the lte networks.

Summary of the invention

The object of the invention is the defect overcoming prior art, devise the anonymous switching authentication method based on group in a kind of machine type communication, significantly signalling loads is reduced by new method, optimize large-scale equipment in LTE network and move cause congested, realize the access authentication that large number quipments in group is quick and safe.

Realizing technical scheme of the present invention is: under the existing LTE-A network system of 3GPP, use new key management mechanism, realizes group fast and switches certification and guarantee privacy of user.First the Machine Type equipment switched in group when machine type communication device is switched to the process of target BS from current base station, and current base station or current MME transmit the secured session information of all switching group members to target BS or MME; (2) switch remaining Machine Type equipment in group can directly carry out switching verification process and consult to obtain session key with target eNB respectively by and target BS direct when not contacting MME, thus realize the Fast handoff authentication scheme of equipment in group.The method greatly reduces signaling consumption when guaranteeing privacy of user, avoids signalling conflicts.

It specifically comprises the anonymous switching authentication method based on group in a kind of machine type communication, it is characterized in that: comprise the following steps,

In the S1 initial authentication stage, it comprises:

S1.1, when machine type communication MTC switching group accesses Long Term Evolution LTE-A network, switches each the machine type communication device MTCD in group to MTC _i(i=1 ~ n) application standard evolved packet system certifiede-mail protocol EPS AKA process carries out initial authentication;

After the success of S1.2 initial authentication, each machine type communication device MTCD _ia shared key K is generated with home subscriber server HSS _aSMEi, then HSS is by shared key K _aSMEibe transferred to mobile management entity MME;

S1.3MME receives shared key K _aSMEimTCD is obtained afterwards according to existing handover key administrative mechanism _iand the session key between source base station SeNB with down hop parameter then temporary identifier information GUTI is calculated _i;

S1.4MME will with send to source base station SeNB, by GUTI _imTCD is issued by source base station SeNB _i;

S2 switches authentication phase based on the anonymity of group, and it comprises,

If S2.1 MTC switches first machine type communication device MTCD in group ₁move to the coverage of object base station TeNB for the first time, MTCD ₁send one to source base station SeNB and comprise TeNB physical location ID, the measurement report message of E-UTRAN unit comprehensive identification code and tracking area identification symbol; MTCD ₁refer to that MTC switches the machine type communication device moving to object base station TeNB in group at first;

Described in S2.2, source base station SeNB is from MTCD ₁after receiving message, group is used to switch grouping algorithm to the MTCD within the scope of current SeNB _sclassify, then source base station SeNB searches for MTCD ₁the MTC at place switches all members of group, and according to Search Results, source base station SeNB switches each MTCD in group by calculating MTC respectively _inew temporary identifier information and intermediate key wherein be used to calculate new session key or new intermediate key with down hop parameter

S2.3 source base station SeNB performs following operation according to different handoff scenario:

(1) when switching occurs between source base station and object base station and there is an X2 interface, process jumps to S3;

(2) there is not X2 interface when switching occurs between source base station and object base station, and when being managed by same MME, redirect S4;

(3) when switching occurs between source base station and object base station, and when source base station and object base station are managed by different MMEs, redirect S5;

S3 comprises it:

S3.1SeNB to TeNB send one comprise whole MTC switch group own with

After S3.2TeNB receives handover request message, Handover Request Acknowledge symbol message will be sent to SeNB and come for each MTCD _iconfirm switch and calculate new session key its computing formula is as follows:

$K_{\mathrm{eNBi}}^{**}=\mathrm{KDF}(K_{\mathrm{eNBi}}^{*},{\mathrm{GUTI}}_i^{*},I{D}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}});$ Wherein KDF is key-function, FRQ _teNBfor the relevant frequency spectrum parameter of target BS;

S3.3, will to MTCD after SeNB receives switching request acknowledgement message ₁send a switching command and perform switching, then jump procedure S6;

S4 comprises it,

S4.1SeNB to source mobile management entity SMME send one comprise whole MTC switch group own with with the handover request information of other call parameters;

S4.2, after SMME receives handover request information, will utilize for MTC switches each MTCD of group _icalculate new intermediate key respectively with down hop parameter meanwhile, SMME prepares sending to the switching of base station for the purpose of the new handover request message of TeNB mono-, and described handoff request message switches all of group containing whole MTC with and other call parameters; Wherein with for calculating new session key secret parameter;

S4.3, after TeNB receives handover request message, will send switching request acknowledgement message to confirm to SMME and switches and be each MTCD _icalculate new session key, its computing formula is as follows:

$K_{\mathrm{eNBi}}^{**}=\mathrm{KDF}(K_{\mathrm{eNBi}}^{*},{\mathrm{GUTI}}_i^{*},I{D}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}});$

S4.4, will by SeNB to MTCD after SMME receives switching request acknowledgement message ₁send a switching command message and perform switching, then, jump to S6;

S5 comprises it,

S5.1SeNB to source MME (SMME) send one comprise whole MTC switch group own with with the handover request information of other call parameters;

S5.2 is after receiving handover request message, and source mobile management entity SMME is by switching the K of all MTCD in group by MTC _aSMEibe added to handover request message construction forward transition request message, and this message is issued object mobile management entity TMME;

S5.3TMME performs the process identical with SMME in S4.2;

S5.4TeNB sends a switching request acknowledgement message to TMME and calculates

S5.5, will by SeNB to MTCD after SMME receives switching request acknowledgement message ₁send a switching command message and perform switching, then jump to S6;

S6, it comprises;

S6.1 after receiving switching command message, MTCD ₁calculate with and send a switch acknowledgment message to complete switching to TeNB;

S7 comprises it,

When same MTC switches all the other MTCD in group _swhen entering the coverage of TeNB, handoff procedure is as follows;

(1) first, MTCD _isend a measurement report message to SeNB to ask to perform switching.Then, SeNB is directly to MTCD _isend switching command message and do not need other processes, because or at MTCD ₁teNB is transferred in handoff procedure;

(2) MTCD _iset up with TeNB and contact and send switch acknowledgment message to complete switching.

On the basis of technique scheme, described step S1.3 calculates MTCD _itemporary identifier information GUTI _iformula is as follows:

GUTI _i=(GUMMEI, F _gUTI(IMSI _i, P _mME); Wherein GUMMEI is globally unique MME identity information, P _mMEthe MME parameter uniquely set by MME, F _gUTIit is an one-way Hash function.

On the basis of technique scheme, calculate MTC in described step S2.2 and switch each MTCD in group _inew with computing formula is as follows:

${\mathrm{GUTI}}_i^{*}=F_{\mathrm{GUTI}}({\mathrm{NH}}_{{\mathrm{NCC}}_i},{\mathrm{GUTI}}_i,\mathrm{NCC}),$

$K_{\mathrm{eNBi}}^{*}=\mathrm{KDF}({\mathrm{NH}}_{{\mathrm{NGG}}_i},{\mathrm{GUTI}}_i^{*},I{D}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}});$

On the basis of technique scheme, session key new in described step S3.2 computing formula is as follows:

$K_{\mathrm{eNBi}}^{**}=\mathrm{KDF}(K_{\mathrm{eNBi}}^{*},{\mathrm{GUTI}}_i^{*},I{D}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}});$ Wherein ID _teNBit is the identity information of object base station.

On the basis of technique scheme, calculate new in described step S4.2 with its computing formula is as follows: $K_{\mathrm{eNBi}}^{*+}=\mathrm{KDF}(K_{\mathrm{ASMEi}},K_{\mathrm{eNBi}}^{*}),$ ${\mathrm{NH}}_{\mathrm{NCCi}}^{*}=\mathrm{KDF}(K_{\mathrm{ASMEi}},K_{\mathrm{eNBi}}^{*+}).$

The present invention compared with prior art tool has the following advantages:

1) the present invention is owing to being the design carrying out scheme according to 3GPP standard, thus without the need to the communication equipment in change standard, can be applied to the network of all LTE-A mobile contexts;

2) the present invention is owing to utilizing new switchover policy, utilizes equipment that in group, first is switched to TeNB to locate affiliated group, and classifies to equipment in group, utilizes different switchover policy to deal with different equipment and switches.And eliminate the signaling traffic of all devices and MME, thus greatly reduce the communications cost of switching, reduce the signaling congestion on link between service network and home network.This is when running into number of devices and being huge, and advantage is more outstanding;

3) last, verify data mutual between SeNB and TeNB, undertaken by a kind of safe mode, and in first time verification process, complete information interaction, subsequently in group equipment can directly and TeNB carry out mutual certification, thus network congestion is greatly reduced when in the face of large number quipments, there is advantage safely and fast.

Accompanying drawing explanation

Fig. 1 switches verification process general flow chart based on the anonymity of group in machine type communication in the present invention;

Fig. 2 be in the present invention in machine type communication based on the switching flow figure of the anonymity of group based on X2;

Fig. 3 be in the present invention in machine type communication based on the anonymity of group for MME inside switching flow figure;

Fig. 4 be in the present invention in machine type communication based on the anonymity of group for the flow chart switched between MME;

Fig. 5 is all the other MTCD equipment switching flows figure in the present invention.

Embodiment

The present invention proposes the anonymous switching authentication method based on group in a kind of machine type communication, and the method can be applied in all LTE-A network mobile handoff processes.Below in conjunction with drawings and Examples, technical scheme of the present invention is described in detail.

In order to technical scheme of the present invention is clearly described, first define technical term implication in this patent:

ENB: base station; EPS AKA: the packet switching authenticated key agreement of evolution;

E-UTRAN: the universal land radio access web GUTI of evolution: the unique interim ID of the overall situation;

HSS: home subscriber server; LTE-A: Long Term Evolution; MME: mobile management entity;

MTC: machine type communication; MTCD: machine type communication device; SeNB: source base station;

SMME: source mobile management entity; TeNB: object base station.

Based on an anonymous switching authentication method for group in machine type communication, as shown in Figure 1, specifically comprise the following steps:

The S1 initial authentication stage:

S1.1, when machine type communication MTC switching group accesses Long Term Evolution LTE-A network, switches each the machine type communication device MTCD in group to MTC _i(i=1 ~ n) application standard evolved packet system certifiede-mail protocol EPS AKA process carries out initial authentication;

After the success of S1.2 initial authentication, each machine type communication device MTCD _ia shared key K is generated with home subscriber server HSS _aSMEi, then HSS is by shared key K _aSMEibe transferred to mobile management entity MME;

S1.3MME receives shared key K _aSMEimTCD is obtained afterwards according to existing handover key administrative mechanism _iand the session key between source base station SeNB with down hop parameter then temporary identifier information GUTI is calculated _i; Computing formula is as follows:

GUTI _i＝(GUMMEI，F _GUTI(IMSI _i，P _MME)。Wherein GUMMEI is globally unique MME identity information, P _mMEthe MME parameter uniquely set by MME, F _gUTIit is an one-way Hash function.

S1.4 is last, will send to SeNB, by GUTI _imTCD is issued by SeNB _i.

S2 switches authentication phase based on the anonymity of group:

If S2.1 is MTCD ₁move to the coverage of object base station TeNB for the first time, MTCD ₁send one to SeNB and comprise TeNB physical location ID (ID _teNB), the measurement report message of E-UTRAN unit comprehensive identification code (ECGI) and tracking area identification symbol (TAI).

Described in S2.2, source base station SeNB is from MTCD ₁after receiving message, group is used to switch grouping algorithm to the MTCD within the scope of current SeNB _sclassify, then source base station SeNB searches for MTCD ₁the MTC at place switches all members of group, and according to Search Results, source base station SeNB switches each MTCD in group by calculating MTC respectively _inew temporary identifier information and intermediate key wherein be used to calculate new session key or new intermediate key with with computing formula is as follows:

${\mathrm{GUTI}}_i^{*}=F_{\mathrm{GUTI}}({\mathrm{NH}}_{{\mathrm{NCC}}_i},{\mathrm{GUTI}}_i,\mathrm{NCC}),$

$K_{\mathrm{eNBi}}^{*}=\mathrm{KDF}({\mathrm{NH}}_{{\mathrm{NGG}}_i},{\mathrm{GUTI}}_i^{*},I{D}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}});$ Wherein ID _teNBit is the identity information of object base station.

Then, SeNB performs following operation according to different handoff scenario to S2.3:

(1) based on the switching of X2: when switching to occur between eNBs and there is an X2 interface, process jumps to step S3.

(2) MME inside switches: there is not X2 interface when switching occurs between eNBs, and when being managed by same MME, process jumps to step S4..

(3) switch between MME: when switching occurs between eNBs, and when being managed by different MMEs, process jumps to step S5..

Step S3: see Fig. 2, based on the handoff procedure of X2.

S3.1SeNB → TeNB: handover request information

SeNB to TeNB send one comprise whole MTC switch group own with with the handover request information of other call parameters, come for prepare in the switching of object base station.

S3.2TeNB → SeNB: Handover Request Acknowledge information

After TeNB receives handover request message, Handover Request Acknowledge symbol message will be sent to SeNB and come for each MTCD _iconfirm switch and calculate new session key computing formula is as follows:

$K_{\mathrm{eNBi}}^{**}=\mathrm{KDF}(K_{\mathrm{eNBi}}^{*},{\mathrm{GUTI}}_i^{*},I{D}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}}),$ FRQ _teNBfor the relevant frequency spectrum parameter of target BS; KDF is key-function.

S3.3SeNB → MTCD ₁: switching command information

After SeNB receives switching request acknowledgement message, will to MTCD ₁send a switching command and perform switching.Then process forwards step S6 to.

The inner handoff procedure of step S4: see Fig. 3, MME.

S4.1SeNB → SMME: handover request information

SeNB to source MME (SMME) send one comprise whole MTC switch group own with with the handover request information of other call parameters.

S4.2SMME → TeNB: handover request

After SMME receives handover request information, will utilize for MTC switches each MTCD of group _icalculate new intermediate key respectively with wherein with to calculate new session key secret parameter, its computing formula is as follows:

$K_{\mathrm{eNBi}}^{*+}=\mathrm{KDF}(K_{\mathrm{ASMEi}},K_{\mathrm{eNBi}}^{*}),$

${\mathrm{NH}}_{\mathrm{NCCi}}^{*}=\mathrm{KDF}(K_{\mathrm{ASMEi}},K_{\mathrm{eNBi}}^{*+}),$

Then, SMME prepares sending to the switching of base station for the purpose of the new handover request message of TeNB mono-.This handoff request message switches all of group containing whole MTC with and other call parameters.

S4.3TeNB → SMME: Handover Request Acknowledge information

After TeNB receives handover request message, switching request acknowledgement message will be sent confirm to SMME and switch and be each MTCD _icalculate new session key.Computing formula is as follows:

$K_{\mathrm{eNBi}}^{**}=\mathrm{KDF}(K_{\mathrm{eNBi}}^{*+},{\mathrm{GUTI}}_i^{*},I{D}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}}).$

S4.4SMME → SeNB, SeNB → MTCD ₁: switching command information

After SMME receives switching request acknowledgement message, will by SeNB to MTCD ₁send a switching command message and perform switching.Then, process jumps to step S6.

Step S5: see Fig. 4, handoff procedure between MME.

S5.1SeNB → SMME: handover request information to source MME (SMME) send one comprise whole MTC switch group own with with the handover request information of other call parameters.

S5.2SMME → TMME: forward transition request

Source mobile management entity SMME is by switching the K of all MTCD in group by MTC _aSMEibe added to handover request message construction forward transition request message, and this message is issued object source mobile management entity TMME.

S5.3TMME → TeNB: handover request

TMME performs the process identical with SMME in S4.2.

S5.4TeNB → TMME: Handover Request Acknowledge information

With the similar process in S4.3, TeNB sends a switching request acknowledgement message to TMME and calculates

S5.5SMME → SeNB, SeNB → MTCD ₁: switching command

After SMME receives switching request acknowledgement message, will by SeNB to MTCD ₁send a switching command message and perform switching, then jump to step S6.

Step S6: send and switch confirmation

S6.1MTCD ₁→ TeNB: switch confirmation

After receiving switching command message, MTCD ₁calculate with and send a switch acknowledgment message to complete switching to TeNB.

Step S7: see Fig. 5, all the other MTCD equipment handoff procedures in group.

When same MTC switches all the other MTCD in group _swhen entering the coverage of TeNB, handoff procedure is as follows, below with MTCD ₂for example is further described.

(1) first, MTCD ₂send a measurement report message to SeNB to ask to perform switching.Then, SeNB is directly to MTCD ₂send switching command message and do not need other processes, because or at MTCD ₁teNB is transferred in handoff procedure.

(2) last, MTCD ₂set up with TeNB and contact and send switch acknowledgment message to complete switching.

The present invention, owing to being the design carrying out scheme according to 3GPP standard, thus without the need to the communication equipment in change standard, can be applied to the network of all LTE-A mobile contexts.And the present invention is owing to utilizing new switchover policy, utilizes equipment that in group, first is switched to TeNB to locate affiliated group, and equipment in group is classified, utilize obstructed switchover policy to deal with different equipment and switch.And eliminate the signaling traffic of all devices and MME, thus greatly reduce the communications cost of switching, what reduce between service network and home network on link is congested.This is when running into number of devices and being huge, and advantage is more outstanding.And verify data mutual between SeNB and TeNB, undertaken by a kind of safe mode, and in first time verification process, complete information interaction, subsequently in group equipment can directly and TeNB carry out mutual certification, thus network congestion is greatly reduced when in the face of large number quipments, there is advantage safely and fast.

Claims (4)

1. in machine type communication based on an anonymous switching authentication method for group, it comprises the following steps:

In the S1 initial authentication stage, it comprises:

S1.1, when machine type communication MTC switching group accesses long-term evolving network LTE-A, switches each the machine type communication device MTCD in group to machine type communication MTC _i(i=1 ~ n) application standard evolved packet system certifiede-mail protocol EPS AKA process carries out initial authentication;

After the success of S1.2 initial authentication, each machine type communication device MTCD _ia shared key K is generated with home subscriber server HSS _aSMEi, then HSS is by shared key K _aSMEibe transferred to mobile management entity MME;

S1.3 mobile management entity MME receives shared key K _aSMEimachine type communication device MTCD is obtained afterwards according to existing handover key administrative mechanism _iand the session key between source base station SeNB with down hop parameter , then calculate temporary identifier information GUTI _i;

S1.4 mobile management entity MME is by session key with down hop parameter send to source base station SeNB, by temporary identifier information GUTI _imachine type communication device MTCD is issued by source base station SeNB _i;

S2 switches authentication phase based on the anonymity of group, and it comprises,

If S2.1 MTC switches first machine type communication device MTCD in group ₁move to the coverage of object base station TeNB for the first time, MTCD ₁send one to source base station SeNB and comprise TeNB physical location ID, the measurement report message of E-UTRAN unit comprehensive identification code and tracking area identification symbol; MTCD ₁refer to that MTC switches the machine type communication device moving to object base station TeNB in group at first;

Described in S2.2, source base station SeNB is from MTCD ₁after receiving message, group is used to switch grouping algorithm to the MTCD within the scope of current SeNB _sclassify, then source base station SeNB searches for MTCD ₁the MTC at place switches all members of group, and according to Search Results, source base station SeNB switches each MTCD in group by calculating MTC respectively _inew temporary identifier information and intermediate key wherein be used to calculate new session key or new intermediate key with down hop parameter

S2.3 source base station SeNB performs following operation according to different handoff scenario:

(1) when switching occurs between source base station and object base station and there is an X2 interface, process jumps to S3;

(2) there is not X2 interface when switching occurs between source base station and object base station, and when being managed by same MME, redirect S4;

(3) when switching occurs between source base station and object base station, and when source base station and object base station are managed by different MMEs, redirect S5;

S3 comprises it:

S3.1SeNB to TeNB send one comprise whole MTC switch group own with

After S3.2TeNB receives handover request message, Handover Request Acknowledge symbol message will be sent to SeNB and come for each MTCD _iconfirm switch and calculate new session key its computing formula is as follows:

$K_{\mathrm{eNBi}}^{**}=\mathrm{KDF}(K_{\mathrm{eNBi}}^{*},{\mathrm{GUTI}}_i^{*},{\mathrm{ID}}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}});$ Wherein KDF is key-function, FRQ _teNBfor the relevant frequency spectrum parameter of target BS;

S3.3, will to MTCD after SeNB receives switching request acknowledgement message ₁send a switching command and perform switching, then jump procedure S6;

S4 comprises it,

S4.1SeNB to source mobile management entity SMME send one comprise whole MTC switch group own with with the handover request information of other call parameters;

S4.2, after SMME receives handover request information, will utilize for MTC switches each MTCD of group _icalculate new intermediate key respectively with down hop parameter meanwhile, SMME prepares sending to the switching of base station for the purpose of the new handover request message of TeNB mono-, and described handoff request message switches all of group containing whole MTC with and other call parameters; Wherein with for calculating new session key secret parameter;

S4.3, after TeNB receives handover request message, will send switching request acknowledgement message to confirm to SMME and switches and be each MTCD _icalculate new session key its computing formula is as follows:

$K_{\mathrm{eNBi}}^{**}=\mathrm{KDF}(K_{\mathrm{eNBi}}^{*+},{\mathrm{GUTI}}_i^{*},{\mathrm{ID}}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}});$

S4.4, will by SeNB to MTCD after SMME receives switching request acknowledgement message ₁send a switching command message and perform switching, then, jump to S6;

S5 comprises it,

S5.1SeNB to source MME send one comprise whole MTC switch group own with with the handover request information of other call parameters;

S5.2 is after receiving handover request message, and source mobile management entity SMME is by switching the K of all MTCD in group by MTC _aSMEibe added to handover request message construction forward transition request message, and this message is issued object mobile management entity TMME;

S5.3TMME performs the process identical with SMME in S4.2;

S5.4TeNB sends a switching request acknowledgement message to TMME and calculates

S5.5, will by SeNB to MTCD after SMME receives switching request acknowledgement message ₁send a switching command message and perform switching, then jump to S6;

S6, it comprises;

S6.1 after receiving switching command message, MTCD ₁calculate with and send a switch acknowledgment message to complete switching to TeNB;

S7 comprises it,

When same MTC switches all the other MTCD in group _iwhen entering the coverage of TeNB, handoff procedure is as follows;

(1) first, MTCD _isend a measurement report message to SeNB to ask to perform switching, then, SeNB is directly to MTCD _isend switching command message and do not need other processes;

(2) last, MTCD _iset up with TeNB and contact and send switch acknowledgment message to complete switching.

2. in a kind of machine type communication as claimed in claim 1 based on the anonymous switching authentication method of group, it is characterized in that: in described step S1.3, calculate MTCD _itemporary identifier information GUTI _iformula is as follows:

GUTI _i＝(GUMMEI，F _GUTI(IMSI _i，P _MME))；

Wherein GUMMEI is globally unique MME identity information, P _mMEthe MME parameter uniquely set by MME, F _gUTIit is an one-way Hash function.

3. in a kind of machine type communication as claimed in claim 1 based on the anonymous switching authentication method of group, it is characterized in that: calculate MTC in described step S2.2 and switch each MTCD in group _inew temporary identifier information and intermediate key computing formula is as follows:

${\mathrm{GUTI}}_i^{*}=F_{\mathrm{GUTI}}({\mathrm{NH}}_{{\mathrm{NCC}}_i},{\mathrm{GUTI}}_i,\mathrm{NCC}),$

$K_{\mathrm{eNBi}}^{*}=\mathrm{KDF}({\mathrm{NH}}_{{\mathrm{NCC}}_i},{\mathrm{GUTI}}_i^{*},{\mathrm{ID}}_{\mathrm{TeNB}},{\mathrm{FRQ}}_{\mathrm{TeNB}});$ Wherein ID _teNBit is the identity information of object base station.

4. in a kind of machine type communication as claimed in claim 1 based on the anonymous switching authentication method of group, it is characterized in that: calculate new in described step S4.2 with its computing formula is as follows:

$K_{\mathrm{eNBi}}^{*+}=\mathrm{KDF}(K_{\mathrm{ASMEi}},K_{\mathrm{eNBi}}^{*}),$

${\mathrm{NH}}_{\mathrm{NCCi}}^{*}=\mathrm{KDF}(K_{\mathrm{ASMEi}},K_{{\mathrm{eNB}}_i}^{*+}).$