CN104602236A - Group-based anonymous switching authentication method during machine-type communication - Google Patents
Group-based anonymous switching authentication method during machine-type communication Download PDFInfo
- Publication number
- CN104602236A CN104602236A CN201510057961.0A CN201510057961A CN104602236A CN 104602236 A CN104602236 A CN 104602236A CN 201510057961 A CN201510057961 A CN 201510057961A CN 104602236 A CN104602236 A CN 104602236A
- Authority
- CN
- China
- Prior art keywords
- mtcd
- group
- base station
- switching
- tenb
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 67
- 238000004891 communication Methods 0.000 title claims abstract description 47
- 230000008569 process Effects 0.000 claims description 29
- 238000005259 measurement Methods 0.000 claims description 7
- 230000007774 longterm Effects 0.000 claims description 5
- 230000007246 mechanism Effects 0.000 claims description 5
- 230000007704 transition Effects 0.000 claims description 4
- 238000010276 construction Methods 0.000 claims description 3
- 238000001228 spectrum Methods 0.000 claims description 3
- 230000011664 signaling Effects 0.000 abstract description 10
- 230000008901 benefit Effects 0.000 abstract description 6
- 238000005516 engineering process Methods 0.000 description 5
- 238000012795 verification Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000033001 locomotion Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000004134 energy conservation Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/0005—Control or signalling for completing the hand-off
- H04W36/0055—Transmission or use of information for re-establishing the radio link
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/0215—Traffic management, e.g. flow control or congestion control based on user or device properties, e.g. MTC-capable devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/08—Reselecting an access point
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/70—Services for machine-to-machine communication [M2M] or machine type communication [MTC]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W74/00—Wireless channel access
- H04W74/08—Non-scheduled access, e.g. ALOHA
- H04W74/0833—Random access procedures, e.g. with 4-step access
- H04W74/0841—Random access procedures, e.g. with 4-step access with collision treatment
- H04W74/085—Random access procedures, e.g. with 4-step access with collision treatment collision avoidance
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a group-based anonymous switching authentication method during machine-type communication. By the aid of the group-based anonymous switching authentication method, the problem of congestion conditions due to the fact that large quantities of machine-type devices are switched over in existing standards mainly can be solved. The group-based anonymous switching authentication method includes procedures of enabling a current base station or current MME (mobile management entity) to transmit secure session information of all switched group members to a target base station or MME when first machine-type devices in machine-type communication device switched groups are about to be switched to the target base station from the current base station; allowing switching authentication procedures to be carried out between other machine-type devices in the switched groups and the target base station without MME contact, allowing the other machine-type devices to negotiate with the target base station eNB to obtain session keys so as to implement quick switching authentication of the devices in the groups. The group-based anonymous switching authentication method has the advantages that the signaling overhead can be greatly reduced under the condition that the privacy of users is guaranteed, and signaling conflict can be prevented.
Description
Technical field
The invention belongs to Security Technology for wireless Communications Network field, more specifically, the present invention relates to the anonymous switching authentication method based on group in a kind of machine type communication.
Background technology
Along with the development of communication, machine type communication (MTC) has become the actuating force that mobile operator develops the application of a large amount of real-time network.Machine type communication (MTC), is also called Machine To Machine (M2M), causes the huge in a mobile network concern of equipment vendors and research institution.MTC is a kind of data communication of specific type.It between an equipment and another entity at the Internet or core network, without any need for the manual intervention of form.Due to reduction lower deployment cost and these features of more excellent covering of MTC, in our daily life, there is a lot of new services and applications from the concept of MTC, as health care service, remote measurement application, fleet's management, intelligent grid etc.Along with the expansion of potential range of application, the forum of many standards and organize the current technology all developed and strengthen to go to support MTC application program.Particularly, it is more active that third generation partner program (3GPP) becomes in this field that MTC defines, especially Long Term Evolution version 10 i.e. LTE-A.
Be different from the traditional mankind (H2H) communication, two challenges mainly contained for MTC, processes the Machine Type equipment (MTCDs) of enormous amount simultaneously and realize energy-conservation.According to estimates, large 1000 times of the number of the subscriber equipment (UE) that the number ratio of MTCDs is common.In addition, analysis result shows, the quantitative range being connected to a base station at the year two thousand twenty MTCDs is 10000 to 100000.Along with the demand of mobility is increasing, guarantee the application program process of the MTC of movement in real time in LTE-A network, a large amount of MTCDs leaves current eNB simultaneously and moves to another new eNB, and it is indispensable for realizing quick, safe seamless handover.The 3GPP committee has defined the framework of MTC, threat, service and demand for security.In addition, the 3GPP committee it is also proposed the mobility scene between various contingent eNBs, comprises the switching based on X2, the switching of Mobility Management Entity (MME), and describes the flow process about switching in detail.According to 3GPP standard, each MTCD needs to perform handoff procedure that is identical and UE.But under current handover mechanism, because Signalling exchange taken turns by needs more, it may cause Access Network and the serious signaling overload of LTE-A core network, increases the energy ezpenditure of MTCDs.In addition, due to some base stations, such as local eNB (or Home eNodeB HeNB) and via node (RN's) can easily be had by third party, therefore, in the process switching authenticated exchange sensitive information, assailant can obtain the privacy information about the motion of this equipment and the MTCD of position.Therefore, how realizing switching that MTC device has an ambulant safety and efficiently is a key issue in LTE-A network.
3GPP TR 33.868 has proposed and has avoided congested MTCD group technology, and by the method, a large amount of MTC device can be combined into a MTC group and manage to facilitate LTE-A network.Group technology is applicable to the LTE-A network having a large amount of mobile MTC device, but this method is just applied to the communication between MTCD and MTC server and does not consider at the substandard handover security of current 3GPP.Root as far as we know, does not also not switch the correlative study of verification process at present in 3GPP network for large number quipments, existingly still do not consider the moving process of large number quipments or inapplicable LTE-A network based on the access authentication method of group in the lte networks.
Summary of the invention
The object of the invention is the defect overcoming prior art, devise the anonymous switching authentication method based on group in a kind of machine type communication, significantly signalling loads is reduced by new method, optimize large-scale equipment in LTE network and move cause congested, realize the access authentication that large number quipments in group is quick and safe.
Realizing technical scheme of the present invention is: under the existing LTE-A network system of 3GPP, use new key management mechanism, realizes group fast and switches certification and guarantee privacy of user.First the Machine Type equipment switched in group when machine type communication device is switched to the process of target BS from current base station, and current base station or current MME transmit the secured session information of all switching group members to target BS or MME; (2) switch remaining Machine Type equipment in group can directly carry out switching verification process and consult to obtain session key with target eNB respectively by and target BS direct when not contacting MME, thus realize the Fast handoff authentication scheme of equipment in group.The method greatly reduces signaling consumption when guaranteeing privacy of user, avoids signalling conflicts.
It specifically comprises the anonymous switching authentication method based on group in a kind of machine type communication, it is characterized in that: comprise the following steps,
In the S1 initial authentication stage, it comprises:
S1.1, when machine type communication MTC switching group accesses Long Term Evolution LTE-A network, switches each the machine type communication device MTCD in group to MTC
i(i=1 ~ n) application standard evolved packet system certifiede-mail protocol EPS AKA process carries out initial authentication;
After the success of S1.2 initial authentication, each machine type communication device MTCD
ia shared key K is generated with home subscriber server HSS
aSMEi, then HSS is by shared key K
aSMEibe transferred to mobile management entity MME;
S1.3MME receives shared key K
aSMEimTCD is obtained afterwards according to existing handover key administrative mechanism
iand the session key between source base station SeNB
with down hop parameter
then temporary identifier information GUTI is calculated
i;
S1.4MME will
with
send to source base station SeNB, by GUTI
imTCD is issued by source base station SeNB
i;
S2 switches authentication phase based on the anonymity of group, and it comprises,
If S2.1 MTC switches first machine type communication device MTCD in group
1move to the coverage of object base station TeNB for the first time, MTCD
1send one to source base station SeNB and comprise TeNB physical location ID, the measurement report message of E-UTRAN unit comprehensive identification code and tracking area identification symbol; MTCD
1refer to that MTC switches the machine type communication device moving to object base station TeNB in group at first;
Described in S2.2, source base station SeNB is from MTCD
1after receiving message, group is used to switch grouping algorithm to the MTCD within the scope of current SeNB
sclassify, then source base station SeNB searches for MTCD
1the MTC at place switches all members of group, and according to Search Results, source base station SeNB switches each MTCD in group by calculating MTC respectively
inew temporary identifier information
and intermediate key
wherein
be used to calculate new session key
or new intermediate key
with down hop parameter
S2.3 source base station SeNB performs following operation according to different handoff scenario:
(1) when switching occurs between source base station and object base station and there is an X2 interface, process jumps to S3;
(2) there is not X2 interface when switching occurs between source base station and object base station, and when being managed by same MME, redirect S4;
(3) when switching occurs between source base station and object base station, and when source base station and object base station are managed by different MMEs, redirect S5;
S3 comprises it:
S3.1SeNB to TeNB send one comprise whole MTC switch group own
with
After S3.2TeNB receives handover request message, Handover Request Acknowledge symbol message will be sent to SeNB and come for each MTCD
iconfirm switch and calculate new session key
its computing formula is as follows:
S3.3, will to MTCD after SeNB receives switching request acknowledgement message
1send a switching command and perform switching, then jump procedure S6;
S4 comprises it,
S4.1SeNB to source mobile management entity SMME send one comprise whole MTC switch group own
with
with the handover request information of other call parameters;
S4.2, after SMME receives handover request information, will utilize
for MTC switches each MTCD of group
icalculate new intermediate key respectively
with down hop parameter
meanwhile, SMME prepares sending to the switching of base station for the purpose of the new handover request message of TeNB mono-, and described handoff request message switches all of group containing whole MTC
with
and other call parameters; Wherein
with
for calculating new session key
secret parameter;
S4.3, after TeNB receives handover request message, will send switching request acknowledgement message to confirm to SMME and switches and be each MTCD
icalculate new session key, its computing formula is as follows:
S4.4, will by SeNB to MTCD after SMME receives switching request acknowledgement message
1send a switching command message and perform switching, then, jump to S6;
S5 comprises it,
S5.1SeNB to source MME (SMME) send one comprise whole MTC switch group own
with
with the handover request information of other call parameters;
S5.2 is after receiving handover request message, and source mobile management entity SMME is by switching the K of all MTCD in group by MTC
aSMEibe added to handover request message construction forward transition request message, and this message is issued object mobile management entity TMME;
S5.3TMME performs the process identical with SMME in S4.2;
S5.4TeNB sends a switching request acknowledgement message to TMME and calculates
S5.5, will by SeNB to MTCD after SMME receives switching request acknowledgement message
1send a switching command message and perform switching, then jump to S6;
S6, it comprises;
S6.1 after receiving switching command message, MTCD
1calculate
with
and send a switch acknowledgment message to complete switching to TeNB;
S7 comprises it,
When same MTC switches all the other MTCD in group
swhen entering the coverage of TeNB, handoff procedure is as follows;
(1) first, MTCD
isend a measurement report message to SeNB to ask to perform switching.Then, SeNB is directly to MTCD
isend switching command message and do not need other processes, because
or
at MTCD
1teNB is transferred in handoff procedure;
(2) MTCD
iset up with TeNB and contact and send switch acknowledgment message to complete switching.
On the basis of technique scheme, described step S1.3 calculates MTCD
itemporary identifier information GUTI
iformula is as follows:
GUTI
i=(GUMMEI, F
gUTI(IMSI
i, P
mME); Wherein GUMMEI is globally unique MME identity information, P
mMEthe MME parameter uniquely set by MME, F
gUTIit is an one-way Hash function.
On the basis of technique scheme, calculate MTC in described step S2.2 and switch each MTCD in group
inew
with
computing formula is as follows:
On the basis of technique scheme, session key new in described step S3.2
computing formula is as follows:
On the basis of technique scheme, calculate new in described step S4.2
with
its computing formula is as follows:
The present invention compared with prior art tool has the following advantages:
1) the present invention is owing to being the design carrying out scheme according to 3GPP standard, thus without the need to the communication equipment in change standard, can be applied to the network of all LTE-A mobile contexts;
2) the present invention is owing to utilizing new switchover policy, utilizes equipment that in group, first is switched to TeNB to locate affiliated group, and classifies to equipment in group, utilizes different switchover policy to deal with different equipment and switches.And eliminate the signaling traffic of all devices and MME, thus greatly reduce the communications cost of switching, reduce the signaling congestion on link between service network and home network.This is when running into number of devices and being huge, and advantage is more outstanding;
3) last, verify data mutual between SeNB and TeNB, undertaken by a kind of safe mode, and in first time verification process, complete information interaction, subsequently in group equipment can directly and TeNB carry out mutual certification, thus network congestion is greatly reduced when in the face of large number quipments, there is advantage safely and fast.
Accompanying drawing explanation
Fig. 1 switches verification process general flow chart based on the anonymity of group in machine type communication in the present invention;
Fig. 2 be in the present invention in machine type communication based on the switching flow figure of the anonymity of group based on X2;
Fig. 3 be in the present invention in machine type communication based on the anonymity of group for MME inside switching flow figure;
Fig. 4 be in the present invention in machine type communication based on the anonymity of group for the flow chart switched between MME;
Fig. 5 is all the other MTCD equipment switching flows figure in the present invention.
Embodiment
The present invention proposes the anonymous switching authentication method based on group in a kind of machine type communication, and the method can be applied in all LTE-A network mobile handoff processes.Below in conjunction with drawings and Examples, technical scheme of the present invention is described in detail.
In order to technical scheme of the present invention is clearly described, first define technical term implication in this patent:
ENB: base station; EPS AKA: the packet switching authenticated key agreement of evolution;
E-UTRAN: the universal land radio access web GUTI of evolution: the unique interim ID of the overall situation;
HSS: home subscriber server; LTE-A: Long Term Evolution; MME: mobile management entity;
MTC: machine type communication; MTCD: machine type communication device; SeNB: source base station;
SMME: source mobile management entity; TeNB: object base station.
Based on an anonymous switching authentication method for group in machine type communication, as shown in Figure 1, specifically comprise the following steps:
The S1 initial authentication stage:
S1.1, when machine type communication MTC switching group accesses Long Term Evolution LTE-A network, switches each the machine type communication device MTCD in group to MTC
i(i=1 ~ n) application standard evolved packet system certifiede-mail protocol EPS AKA process carries out initial authentication;
After the success of S1.2 initial authentication, each machine type communication device MTCD
ia shared key K is generated with home subscriber server HSS
aSMEi, then HSS is by shared key K
aSMEibe transferred to mobile management entity MME;
S1.3MME receives shared key K
aSMEimTCD is obtained afterwards according to existing handover key administrative mechanism
iand the session key between source base station SeNB
with down hop parameter
then temporary identifier information GUTI is calculated
i; Computing formula is as follows:
GUTI
i=(GUMMEI,F
GUTI(IMSI
i,P
MME)。Wherein GUMMEI is globally unique MME identity information, P
mMEthe MME parameter uniquely set by MME, F
gUTIit is an one-way Hash function.
S1.4 is last, will
send to SeNB, by GUTI
imTCD is issued by SeNB
i.
S2 switches authentication phase based on the anonymity of group:
If S2.1 is MTCD
1move to the coverage of object base station TeNB for the first time, MTCD
1send one to SeNB and comprise TeNB physical location ID (ID
teNB), the measurement report message of E-UTRAN unit comprehensive identification code (ECGI) and tracking area identification symbol (TAI).
Described in S2.2, source base station SeNB is from MTCD
1after receiving message, group is used to switch grouping algorithm to the MTCD within the scope of current SeNB
sclassify, then source base station SeNB searches for MTCD
1the MTC at place switches all members of group, and according to Search Results, source base station SeNB switches each MTCD in group by calculating MTC respectively
inew temporary identifier information
and intermediate key
wherein
be used to calculate new session key
or new intermediate key
with
with
computing formula is as follows:
Then, SeNB performs following operation according to different handoff scenario to S2.3:
(1) based on the switching of X2: when switching to occur between eNBs and there is an X2 interface, process jumps to step S3.
(2) MME inside switches: there is not X2 interface when switching occurs between eNBs, and when being managed by same MME, process jumps to step S4..
(3) switch between MME: when switching occurs between eNBs, and when being managed by different MMEs, process jumps to step S5..
Step S3: see Fig. 2, based on the handoff procedure of X2.
S3.1SeNB → TeNB: handover request information
SeNB to TeNB send one comprise whole MTC switch group own
with
with the handover request information of other call parameters, come for prepare in the switching of object base station.
S3.2TeNB → SeNB: Handover Request Acknowledge information
After TeNB receives handover request message, Handover Request Acknowledge symbol message will be sent to SeNB and come for each MTCD
iconfirm switch and calculate new session key
computing formula is as follows:
S3.3SeNB → MTCD
1: switching command information
After SeNB receives switching request acknowledgement message, will to MTCD
1send a switching command and perform switching.Then process forwards step S6 to.
The inner handoff procedure of step S4: see Fig. 3, MME.
S4.1SeNB → SMME: handover request information
SeNB to source MME (SMME) send one comprise whole MTC switch group own
with
with the handover request information of other call parameters.
S4.2SMME → TeNB: handover request
After SMME receives handover request information, will utilize
for MTC switches each MTCD of group
icalculate new intermediate key respectively
with
wherein
with
to calculate new session key
secret parameter, its computing formula is as follows:
Then, SMME prepares sending to the switching of base station for the purpose of the new handover request message of TeNB mono-.This handoff request message switches all of group containing whole MTC
with
and other call parameters.
S4.3TeNB → SMME: Handover Request Acknowledge information
After TeNB receives handover request message, switching request acknowledgement message will be sent confirm to SMME and switch and be each MTCD
icalculate new session key.Computing formula is as follows:
S4.4SMME → SeNB, SeNB → MTCD
1: switching command information
After SMME receives switching request acknowledgement message, will by SeNB to MTCD
1send a switching command message and perform switching.Then, process jumps to step S6.
Step S5: see Fig. 4, handoff procedure between MME.
S5.1SeNB → SMME: handover request information
to source MME (SMME) send one comprise whole MTC switch group own
with
with the handover request information of other call parameters.
S5.2SMME → TMME: forward transition request
Source mobile management entity SMME is by switching the K of all MTCD in group by MTC
aSMEibe added to handover request message construction forward transition request message, and this message is issued object source mobile management entity TMME.
S5.3TMME → TeNB: handover request
TMME performs the process identical with SMME in S4.2.
S5.4TeNB → TMME: Handover Request Acknowledge information
With the similar process in S4.3, TeNB sends a switching request acknowledgement message to TMME and calculates
S5.5SMME → SeNB, SeNB → MTCD
1: switching command
After SMME receives switching request acknowledgement message, will by SeNB to MTCD
1send a switching command message and perform switching, then jump to step S6.
Step S6: send and switch confirmation
S6.1MTCD
1→ TeNB: switch confirmation
After receiving switching command message, MTCD
1calculate
with
and send a switch acknowledgment message to complete switching to TeNB.
Step S7: see Fig. 5, all the other MTCD equipment handoff procedures in group.
When same MTC switches all the other MTCD in group
swhen entering the coverage of TeNB, handoff procedure is as follows, below with MTCD
2for example is further described.
(1) first, MTCD
2send a measurement report message to SeNB to ask to perform switching.Then, SeNB is directly to MTCD
2send switching command message and do not need other processes, because
or
at MTCD
1teNB is transferred in handoff procedure.
(2) last, MTCD
2set up with TeNB and contact and send switch acknowledgment message to complete switching.
The present invention, owing to being the design carrying out scheme according to 3GPP standard, thus without the need to the communication equipment in change standard, can be applied to the network of all LTE-A mobile contexts.And the present invention is owing to utilizing new switchover policy, utilizes equipment that in group, first is switched to TeNB to locate affiliated group, and equipment in group is classified, utilize obstructed switchover policy to deal with different equipment and switch.And eliminate the signaling traffic of all devices and MME, thus greatly reduce the communications cost of switching, what reduce between service network and home network on link is congested.This is when running into number of devices and being huge, and advantage is more outstanding.And verify data mutual between SeNB and TeNB, undertaken by a kind of safe mode, and in first time verification process, complete information interaction, subsequently in group equipment can directly and TeNB carry out mutual certification, thus network congestion is greatly reduced when in the face of large number quipments, there is advantage safely and fast.
Claims (4)
1. in machine type communication based on an anonymous switching authentication method for group, it comprises the following steps:
In the S1 initial authentication stage, it comprises:
S1.1, when machine type communication MTC switching group accesses long-term evolving network LTE-A, switches each the machine type communication device MTCD in group to machine type communication MTC
i(i=1 ~ n) application standard evolved packet system certifiede-mail protocol EPS AKA process carries out initial authentication;
After the success of S1.2 initial authentication, each machine type communication device MTCD
ia shared key K is generated with home subscriber server HSS
aSMEi, then HSS is by shared key K
aSMEibe transferred to mobile management entity MME;
S1.3 mobile management entity MME receives shared key K
aSMEimachine type communication device MTCD is obtained afterwards according to existing handover key administrative mechanism
iand the session key between source base station SeNB
with down hop parameter
, then calculate temporary identifier information GUTI
i;
S1.4 mobile management entity MME is by session key
with down hop parameter
send to source base station SeNB, by temporary identifier information GUTI
imachine type communication device MTCD is issued by source base station SeNB
i;
S2 switches authentication phase based on the anonymity of group, and it comprises,
If S2.1 MTC switches first machine type communication device MTCD in group
1move to the coverage of object base station TeNB for the first time, MTCD
1send one to source base station SeNB and comprise TeNB physical location ID, the measurement report message of E-UTRAN unit comprehensive identification code and tracking area identification symbol; MTCD
1refer to that MTC switches the machine type communication device moving to object base station TeNB in group at first;
Described in S2.2, source base station SeNB is from MTCD
1after receiving message, group is used to switch grouping algorithm to the MTCD within the scope of current SeNB
sclassify, then source base station SeNB searches for MTCD
1the MTC at place switches all members of group, and according to Search Results, source base station SeNB switches each MTCD in group by calculating MTC respectively
inew temporary identifier information
and intermediate key
wherein
be used to calculate new session key
or new intermediate key
with down hop parameter
S2.3 source base station SeNB performs following operation according to different handoff scenario:
(1) when switching occurs between source base station and object base station and there is an X2 interface, process jumps to S3;
(2) there is not X2 interface when switching occurs between source base station and object base station, and when being managed by same MME, redirect S4;
(3) when switching occurs between source base station and object base station, and when source base station and object base station are managed by different MMEs, redirect S5;
S3 comprises it:
S3.1SeNB to TeNB send one comprise whole MTC switch group own
with
After S3.2TeNB receives handover request message, Handover Request Acknowledge symbol message will be sent to SeNB and come for each MTCD
iconfirm switch and calculate new session key
its computing formula is as follows:
S3.3, will to MTCD after SeNB receives switching request acknowledgement message
1send a switching command and perform switching, then jump procedure S6;
S4 comprises it,
S4.1SeNB to source mobile management entity SMME send one comprise whole MTC switch group own
with
with the handover request information of other call parameters;
S4.2, after SMME receives handover request information, will utilize
for MTC switches each MTCD of group
icalculate new intermediate key respectively
with down hop parameter
meanwhile, SMME prepares sending to the switching of base station for the purpose of the new handover request message of TeNB mono-, and described handoff request message switches all of group containing whole MTC
with
and other call parameters; Wherein
with
for calculating new session key
secret parameter;
S4.3, after TeNB receives handover request message, will send switching request acknowledgement message to confirm to SMME and switches and be each MTCD
icalculate new session key
its computing formula is as follows:
S4.4, will by SeNB to MTCD after SMME receives switching request acknowledgement message
1send a switching command message and perform switching, then, jump to S6;
S5 comprises it,
S5.1SeNB to source MME send one comprise whole MTC switch group own
with
with the handover request information of other call parameters;
S5.2 is after receiving handover request message, and source mobile management entity SMME is by switching the K of all MTCD in group by MTC
aSMEibe added to handover request message construction forward transition request message, and this message is issued object mobile management entity TMME;
S5.3TMME performs the process identical with SMME in S4.2;
S5.4TeNB sends a switching request acknowledgement message to TMME and calculates
S5.5, will by SeNB to MTCD after SMME receives switching request acknowledgement message
1send a switching command message and perform switching, then jump to S6;
S6, it comprises;
S6.1 after receiving switching command message, MTCD
1calculate
with
and send a switch acknowledgment message to complete switching to TeNB;
S7 comprises it,
When same MTC switches all the other MTCD in group
iwhen entering the coverage of TeNB, handoff procedure is as follows;
(1) first, MTCD
isend a measurement report message to SeNB to ask to perform switching, then, SeNB is directly to MTCD
isend switching command message and do not need other processes;
(2) last, MTCD
iset up with TeNB and contact and send switch acknowledgment message to complete switching.
2. in a kind of machine type communication as claimed in claim 1 based on the anonymous switching authentication method of group, it is characterized in that: in described step S1.3, calculate MTCD
itemporary identifier information GUTI
iformula is as follows:
GUTI
i=(GUMMEI,F
GUTI(IMSI
i,P
MME));
Wherein GUMMEI is globally unique MME identity information, P
mMEthe MME parameter uniquely set by MME, F
gUTIit is an one-way Hash function.
3. in a kind of machine type communication as claimed in claim 1 based on the anonymous switching authentication method of group, it is characterized in that: calculate MTC in described step S2.2 and switch each MTCD in group
inew temporary identifier information
and intermediate key
computing formula is as follows:
4. in a kind of machine type communication as claimed in claim 1 based on the anonymous switching authentication method of group, it is characterized in that: calculate new in described step S4.2
with
its computing formula is as follows:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510057961.0A CN104602236B (en) | 2015-02-04 | 2015-02-04 | Anonymous switching authentication method based on group in a kind of machine type communication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510057961.0A CN104602236B (en) | 2015-02-04 | 2015-02-04 | Anonymous switching authentication method based on group in a kind of machine type communication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104602236A true CN104602236A (en) | 2015-05-06 |
CN104602236B CN104602236B (en) | 2018-08-07 |
Family
ID=53127652
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510057961.0A Active CN104602236B (en) | 2015-02-04 | 2015-02-04 | Anonymous switching authentication method based on group in a kind of machine type communication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104602236B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016205992A1 (en) * | 2015-06-23 | 2016-12-29 | 华为技术有限公司 | Handover method for unlicensed transmission, terminal apparatus, and network equipment |
CN106961682A (en) * | 2017-03-28 | 2017-07-18 | 西安电子科技大学 | A kind of group based on mobile relay is to path mobile handoff authentication method |
CN106972917A (en) * | 2017-03-15 | 2017-07-21 | 西安电子科技大学 | The safe verification method of user's running orbit |
WO2020125717A1 (en) * | 2018-12-19 | 2020-06-25 | 中兴通讯股份有限公司 | Method, system, and device for synchronous terminal mobility management, and storage medium |
CN112118569A (en) * | 2019-12-17 | 2020-12-22 | 兰州大学 | Group authentication method and system in asynchronous group communication of LTE network machine type communication equipment |
CN114286334A (en) * | 2021-12-29 | 2022-04-05 | 西安邮电大学 | Multi-user authentication method and system for mobile communication scene and information processing terminal |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102843233A (en) * | 2011-06-21 | 2012-12-26 | 中兴通讯股份有限公司 | Method and system of group certification in machine-to-machine communication |
US20130102244A1 (en) * | 2011-10-19 | 2013-04-25 | Electronics And Telecommunications Research Institute | Machine type communication gateway user equipment and machine type communication data relay method of the same |
CN103596167A (en) * | 2013-10-25 | 2014-02-19 | 西安电子科技大学 | Machine-type communication authentication and key agreement method based on proxy |
-
2015
- 2015-02-04 CN CN201510057961.0A patent/CN104602236B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102843233A (en) * | 2011-06-21 | 2012-12-26 | 中兴通讯股份有限公司 | Method and system of group certification in machine-to-machine communication |
US20130102244A1 (en) * | 2011-10-19 | 2013-04-25 | Electronics And Telecommunications Research Institute | Machine type communication gateway user equipment and machine type communication data relay method of the same |
CN103596167A (en) * | 2013-10-25 | 2014-02-19 | 西安电子科技大学 | Machine-type communication authentication and key agreement method based on proxy |
Non-Patent Citations (2)
Title |
---|
DAESUNG CHOI,ET.AL.: "A group-based security protocol for Machine Type Communications in LTE-Advanced", 《COMPUTER COMMUNICATIONS WORKSHOPS (INFOCOM WKSHPS), 2014 IEEE CONFERENCE ON》 * |
张敏芳: "LTE网络中基于代理的MTC群组认证和密钥协商", 《中国优秀硕士学位论文全文数据库 (信息科技辑)》 * |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016205992A1 (en) * | 2015-06-23 | 2016-12-29 | 华为技术有限公司 | Handover method for unlicensed transmission, terminal apparatus, and network equipment |
US10412637B2 (en) | 2015-06-23 | 2019-09-10 | Huawei Technologies Co., Ltd. | Handover method for grant-free transmission, terminal device, and network device |
CN106972917A (en) * | 2017-03-15 | 2017-07-21 | 西安电子科技大学 | The safe verification method of user's running orbit |
CN106972917B (en) * | 2017-03-15 | 2020-08-04 | 西安电子科技大学 | Safety verification method for user running track |
CN106961682A (en) * | 2017-03-28 | 2017-07-18 | 西安电子科技大学 | A kind of group based on mobile relay is to path mobile handoff authentication method |
CN106961682B (en) * | 2017-03-28 | 2019-10-22 | 西安电子科技大学 | It is a kind of based on the group of mobile relay to path mobile handoff authentication method |
WO2020125717A1 (en) * | 2018-12-19 | 2020-06-25 | 中兴通讯股份有限公司 | Method, system, and device for synchronous terminal mobility management, and storage medium |
CN112118569A (en) * | 2019-12-17 | 2020-12-22 | 兰州大学 | Group authentication method and system in asynchronous group communication of LTE network machine type communication equipment |
CN112118569B (en) * | 2019-12-17 | 2022-07-22 | 兰州大学 | Group authentication method and system in asynchronous group communication of LTE network machine type communication equipment |
CN114286334A (en) * | 2021-12-29 | 2022-04-05 | 西安邮电大学 | Multi-user authentication method and system for mobile communication scene and information processing terminal |
Also Published As
Publication number | Publication date |
---|---|
CN104602236B (en) | 2018-08-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6844679B2 (en) | Radio access network nodes, wireless terminals, and methods | |
CN109511113B (en) | Security implementation method, related device and system | |
KR101813602B1 (en) | Method and system for positioning mobile station in handover procedure | |
CN104602236B (en) | Anonymous switching authentication method based on group in a kind of machine type communication | |
JP6972023B2 (en) | Wireless communication terminal method, wireless communication base station method, terminal, and base station | |
CN105557006B (en) | User equipment in communication system and method for communication by same | |
EP2663107B1 (en) | Key generating method and apparatus | |
Lai et al. | Secure group communications in vehicular networks: A software-defined network-enabled architecture and solution | |
US20180249479A1 (en) | Data transmission and reception method and device of terminal in wireless communication system | |
CN110730454B (en) | Method for solving safety problem by NH, NCC pair in mobile communication system | |
CN101931953B (en) | Generate the method and system with the safe key of apparatus bound | |
EP3941119B1 (en) | Handover control method and apparatus | |
CN102238484B (en) | Based on the authentication method of group and system in the communication system of Machine To Machine | |
Cao et al. | GAHAP: A group-based anonymity handover authentication protocol for MTC in LTE-A networks | |
TW201637498A (en) | LTE base station, UE and pre-association and pre-authentication methods thereof in WWAN-WLAN aggregation | |
US20150327143A1 (en) | Method and apparatus for inter-radio access network mobility | |
CN108476217A (en) | Configurable access stratum safety | |
CN102158871B (en) | A kind of communication means, system, control station and terminal adapting to terminal differentiation | |
CN104349315A (en) | Method and system for assuring information security for base station and user equipment | |
KR102416366B1 (en) | Method for configuring and transmitting key | |
CN104604271A (en) | Communication method, network side device, and user equipment | |
CN103781067A (en) | Authentication switching method with privacy protection in LTE (long term evolution)/LTE-A (LTE-advanced) network | |
EP2713674A1 (en) | Data transmission method, device and system | |
CN104980894A (en) | Access control method, device and system of closed subscriber group | |
Modiri et al. | GSLHA: Group-based secure lightweight handover authentication protocol for M2M communication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |