CN104602236B - Anonymous switching authentication method based on group in a kind of machine type communication - Google Patents
Anonymous switching authentication method based on group in a kind of machine type communication Download PDFInfo
- Publication number
- CN104602236B CN104602236B CN201510057961.0A CN201510057961A CN104602236B CN 104602236 B CN104602236 B CN 104602236B CN 201510057961 A CN201510057961 A CN 201510057961A CN 104602236 B CN104602236 B CN 104602236B
- Authority
- CN
- China
- Prior art keywords
- switching
- mtcd
- group
- base station
- senb
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/0005—Control or signalling for completing the hand-off
- H04W36/0055—Transmission or use of information for re-establishing the radio link
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/0215—Traffic management, e.g. flow control or congestion control based on user or device properties, e.g. MTC-capable devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/08—Reselecting an access point
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/70—Services for machine-to-machine communication [M2M] or machine type communication [MTC]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W74/00—Wireless channel access, e.g. scheduled or random access
- H04W74/08—Non-scheduled or contention based access, e.g. random access, ALOHA, CSMA [Carrier Sense Multiple Access]
- H04W74/0833—Non-scheduled or contention based access, e.g. random access, ALOHA, CSMA [Carrier Sense Multiple Access] using a random access procedure
- H04W74/0841—Non-scheduled or contention based access, e.g. random access, ALOHA, CSMA [Carrier Sense Multiple Access] using a random access procedure with collision treatment
- H04W74/085—Non-scheduled or contention based access, e.g. random access, ALOHA, CSMA [Carrier Sense Multiple Access] using a random access procedure with collision treatment collision avoidance
Abstract
The invention discloses the anonymous switching authentication methods based on group in a kind of machine type communication.Mainly solve congestion condition caused by a large amount of machine type equipments switch in existing standard.Its method, process are:When machine type communication device switches first machine type equipment in group from during current base station is switched to target BS, either current MME transmits the secured session information of all switching group members to target BS or MME for current base station;Remaining machine type equipment directly can switch over verification process with target BS in the case where not contacting MME and negotiate to obtain session key with target eNB respectively in switching group, to realize the Fast handoff authentication scheme of equipment in group.This method greatly reduces signaling overheads in the case where ensuring privacy of user, avoids signalling conflicts.
Description
Technical field
The invention belongs to Security Technology for wireless Communications Network fields, and more specifically, it is logical that the present invention relates to a kind of machine types
Anonymous switching authentication method based on group in letter.
Background technology
With the development of communication, machine type communication (MTC) has become mobile operator and develops a large amount of real-time networks
The driving force of application.Machine type communication (MTC), also known as Machine To Machine (M2M), cause equipment vendors and research institution
Huge concern in a mobile network.MTC is a kind of data communication of specific type.It an equipment and another entity it
Between in internet or core network, do not need any type of manual intervention.Reduction lower deployment cost due to MTC and more excellent covering
There are many new services and applications from the concept of MTC, such as defend in our daily life in these features
Raw health care service, remote measurement application, fleet's management, intelligent grid etc..With the extension of potential application range, the forum of many standards
The current technology all developed and enhanced with tissue goes to support MTC application programs.In particular, third generation partner program
(3GPP) becomes more active in this field that MTC is defined, and especially long term evolution version 10 is LTE-A.
It is different from traditional mankind (H2H) communication, mainly there are two challenges for MTC, while handling the machine of enormous amount
Device type equipment (MTCDs) and realization are energy saving.It is estimated that the quantity of MTCDs is bigger than the number of common user equipment (UE)
1000 times.In addition, analysis result shows that be connected to the quantitative range of a base station in the year two thousand twenty MTCDs arrives for 10000
100000.It is increasing with the demand of mobility, it is handled in the application program for the MTC that LTE-A network ensures to move in real time, greatly
Amount MTCDs leaves current eNB and is moved to another new eNB simultaneously, realizes that seamless handover quickly, safe is indispensable
's.The 3GPP committees are it has been specified that the framework of MTC, threat, service and demand for security.In addition, the 3GPP committees also proposed
Mobility scene between the various eNBs that may occur, includes the switching based on X2, mobility management entity (MME's) cuts
It changes, and the flow in relation to switching is described in detail.According to 3GPP standards, each MTCD is required for executing identical and UE switching
Journey.However, under current handover mechanism, due to needing more wheel Signalling exchanges, it may cause to access net and LTE-A core networks are tight
The signaling overload of weight, increases the energy expenditure of MTCDs.Further, since some base stations, such as local eNB (or Home eNodeB
HeNB) can easily be possessed by third party with relay node (RN's), therefore in the process of switching authenticated exchange sensitive information
In, attacker can obtain the privacy information of the MTCD of the movement and position about the equipment.Therefore, how MTC device is realized
It is a critical issue in LTE-A network with ambulant safety and efficient switching.
3GPP TR 33.868 have been proposed avoiding the MTCD group technologies of congestion, by the method, a large amount of MTC devices
A MTC group can be combined into facilitate LTE-A network management.Group technology is suitble to the LTE-A nets for having a large amount of mobile MTC devices
Network, however, this hair method is only applied to the communication between MTCD and MTC server without considering under current 3GPP standards
Handover security.As far as we know, there is presently no the correlations for switching verification process in 3GPP networks for large number of equipment for root
Research, it is existing in the lte networks based on the access authentication method of group still without the moving process or not for considering large number of equipment
It is applicable in LTE-A network.
Invention content
Present invention aims to overcome that the defect of the prior art, hideing based on group in a kind of machine type communication is devised
Name switching authentication method, signalling loads are greatly reduced by new method, are optimized large-scale equipment movement in LTE network and are made
At congestion, realize group in large number of equipment quickly and safety access authentication.
Realize the technical scheme is that:Under the existing LTE-A network systems of 3GPP, new key management machine is used
System realizes quick group's switching certification and ensures privacy of user.When machine type communication device switches first machine in group
For device type equipment from during current base station is switched to target BS, current base station or current MME transmit all switchings
The secured session information of group members is to target BS or MME;(2) switching remaining machine type equipment in group can directly exist
Verification process is directly switched in the case of not contacting MME with target BS and negotiates with target eNB to obtain session respectively close
Key, to realize the Fast handoff authentication scheme of equipment in group.This method greatly reduces signaling in the case where ensuring privacy of user
Expense avoids signalling conflicts.
It specifically includes the anonymous switching authentication method based on group in a kind of machine type communication, it is characterised in that:Packet
Include following steps,
The S1 initial authentication stages comprising:
S1.1 switches MTC every in group when machine type communication MTC switching groups access long term evolution LTE-A network
One machine type communication device MTCDi(i=1~n) applies standard evolved packet system certifiede-mail protocol EPS AKA mistakes
Cheng Jinhang initial authentications;
After the success of S1.2 initial authentications, each machine type communication device MTCDiIt is generated with home subscriber server HSS
One shared key KASMEi, then HSS is by shared key KASMEiIt is transferred to mobile management entity MME;
S1.3 MME receive shared key KASMEiMTCD is obtained according to existing handover key administrative mechanism afterwardsiWith source base
The session key stood between SeNBWith next-hop parameterThen temporary identifier information GUTI is calculatedi;
S1.4 MME willWithIt is sent to source base station SeNB, by GUTIiIt is issued by source base station SeNB
MTCDi;
Anonymous switching authentication phases of the S2 based on group comprising,
If first machine type communication device MTCD in S2.1 MTC switching groups1It is moved to purpose base station for the first time
The coverage area of TeNB, MTCD1An identity information ID for including purpose base station TeNB is sent to source base station SeNBTeNB, E-
The measurement report message of UTRAN unit comprehensives identification code and tracking area identification symbol;MTCD1Refer to being moved at first in MTC switching groups
To the machine type communication device of purpose base station TeNB;
Source base station SeNB described in S2.2 is from MTCD1After receiving message, switch grouping algorithm to current SeNB ranges using group
Interior MTCDsClassify, then source base station SeNB searches for MTCD1All members of the MTC switchings group at place, according to search
As a result, source base station SeNB will calculate separately each MTCD in MTC switching groupsiNew temporary identifier informationAnd intermediate keyWhereinIt is used to calculate new session keyOr new intermediate keyWith next-hop parameter
S2.3 source base stations SeNB executes following operation according to different handoff scenarios:
(1) when switching is happened between source base station and purpose base station and there are when an X2 interface, process jumps to S3;
(2) when X2 interface is not present when switching is happened between source base station and purpose base station, and being managed by the same MME,
Redirect S4;
(3) when switching is happened between source base station and purpose base station, and source base station and purpose base station are managed by different MME
When, redirect S5;
S3 it include:
S3.1 SeNB send one to TeNB to be owned comprising entire MTC switchings groupWithIt must with other
Want the switching request information of parameter;
After S3.2 TeNB receive switching request message, Handover Request Acknowledge symbol message will be sent to SeNB and to be each
MTCDiConfirm and switches and calculate new session keyIts calculation formula is as follows:
Wherein KDF is key-function,
FRQTeNBFor the relevant frequency spectrum parameter of target BS;
S3.3, will be to MTCD after SeNB receives switching request acknowledgement message1A switching command is sent to cut to execute
It changes, then jump procedure S6;
S4 it include,
S4.1 SeNB send one to source mobile management entity SMME to be owned comprising entire MTC switchings groupWithWith the switching request information of other call parameters;
S4.2 will be utilized after SMME receives switching request informationSwitch each MTCD of group for MTCiRespectively
Calculate new intermediate keyWith next-hop parameterMeanwhile SMME will be sent to mono- new switching of TeNB and ask
Message is sought to prepare for the switching of purpose base station, the handoff request message switches all of group containing entire MTCWithAnd other call parameters;WhereinWithIt is for calculating new session
KeySecret parameter;
S4.3 will send switching request acknowledgement message to confirm switching simultaneously after TeNB receives switching request message to SMME
For each MTCDiNew session key is calculated, calculation formula is as follows:
S4.4, will be by SeNB to MTCD after SMME receives switching request acknowledgement message1Send a switching command
Message executes switching, then, jumps to S6;
S5 it include,
S5.1 SeNB send one to source MME (SMME) to be owned comprising entire MTC switchings groupWithWith
The switching request information of other call parameters;
After receiving switching request message, source mobile management entity SMME owns S5.2 by switching MTC in group
The K of MTCDASMEiIt is added to one forward transition request message of switching request message construction, and this message is issued into purpose mobile management
Entity TMME;
S5.3 TMME execute process identical with SMME in S4.2;
S5.4 TeNB send a switching request acknowledgement message to TMME and calculate
S5.5, will be by SeNB to MTCD after SMME receives switching request acknowledgement message1Send a switching command
Message executes switching, then jumps to S6;
S6 comprising;
S6.1 is after receiving switching command message, MTCD1It calculatesWithAnd a switch acknowledgment message is sent to complete to switch to TeNB;
S7 it include,
When same MTC switches remaining MTCD in groupsInto TeNB coverage area when, handoff procedure is as follows;
(1) first, MTCDiA measurement report message is sent to SeNB to ask to execute switching.Then, SeNB directly to
MTCDiSwitching command message is sent without other processes, because OrIn MTCD1TeNB is transferred in handoff procedure;
(2)MTCDiIt is contacted with TeNB foundation and sends switch acknowledgment message to complete to switch.
Based on the above technical solution, the step S1.3 calculates MTCDiTemporary identifier information GUTIiFormula is as follows:
GUTIi=(GUMMEI, FGUTI(IMSIi, PMME))。
Based on the above technical solution, each MTCD in MTC switching groups is calculated in the step S2.2iIt is newWithCalculation formula is as follows:
On the basis of above-mentioned technical proposal
On, new session key in the step S3.2Calculation formula is as follows:
Based on the above technical solution, it is calculated newly in the step S4.2WithIt calculates public
Formula is as follows:
The present invention has the following advantages that compared with prior art:
1) present invention is by the design thus according to 3GPP standards progress scheme, because being set without the communication in change standard
It is standby, it can be applied to the network of all LTE-A mobile contexts;
2) present invention is positioned affiliated due to utilizing new switchover policy using first equipment for being switched to TeNB in group
Group, and classify to equipment in group, different equipment switchings is coped with using different switchover policy.And it eliminates all
The signaling traffic of equipment and MME reduces chain between service network and home network to greatly reduce the communications cost of switching
The signaling congestion of road.This encounter number of devices it is huge in the case of, advantage is more prominent;
3) authentication data finally, interacted between SeNB and TeNB, be carried out by a kind of safe mode, and
The middle completion information exchange of first time verification process, equipment can be directly mutually authenticated with TeNB in subsequent group, to
Network congestion is greatly reduced in face of large number of equipment, is had the advantages that safely and fast.
Description of the drawings
Fig. 1 is that the anonymity based on group switches verification process general flow chart in machine type communication in the present invention;
Fig. 2 is the anonymous switching flow figure based on X2 based on group in machine type communication in the present invention;
Fig. 3 is that the anonymity based on group is directed to switching flow figure inside MME in machine type communication in the present invention;
Fig. 4 is that the anonymity based on group is directed to the flow chart switched between MME in machine type communication in the present invention;
Fig. 5 is remaining MTCD equipment switching flow figure in the present invention.
Specific implementation mode
The present invention proposes that the anonymous switching authentication method based on group in a kind of machine type communication, this method can be applied
To during all LTE-A network mobile handoffs.Technical scheme of the present invention is carried out below in conjunction with accompanying drawings and embodiments
More detailed description.
In order to clearly illustrate technical scheme of the present invention, technical term meaning in this patent is defined first:
eNB:Base station;EPS AKA:The packet switch authenticated key agreement of evolution;
E-UTRAN:The universal land radio access web GUTI of evolution:Globally unique interim ID;
HSS:Home subscriber server;LTE-A:Long Term Evolution;MME:Mobile management entity;
MTC:Machine type communication;MTCD:Machine type communication device;SeNB:Source base station;
SMME:Source mobile management entity;TeNB:Purpose base station.
The anonymous switching authentication method based on group specifically includes following step as shown in Figure 1 in a kind of machine type communication
Suddenly:
The S1 initial authentication stages:
S1.1 switches MTC every in group when machine type communication MTC switching groups access long term evolution LTE-A network
One machine type communication device MTCDi(i=1~n) applies standard evolved packet system certifiede-mail protocol EPSAKA mistakes
Cheng Jinhang initial authentications;
After the success of S1.2 initial authentications, each machine type communication device MICDiIt is generated with home subscriber server HSS
One shared key KASMEi, then HSS is by shared key KASMEiIt is transferred to mobile management entity MME;
S1.3 MME receive shared key KASMEiMTCD is obtained according to existing handover key administrative mechanism afterwardsiWith source base
The session key stood between SeNBWith next-hop parameterThen temporary identifier information GUTI is calculatedi;It calculates public
Formula is as follows:
GUTIi=(GUMMEI, FGUTI(IMSIi, PMME)).Wherein GUMMEI is globally unique MME identity informations, PMME
It is the MME parameters uniquely set by MME, FGUTIIt is an one-way Hash function.
S1.4 is last, willIt is sent to SeNB, by GUTIiMTCD is issued by SeNBi。
Anonymous switching authentication phases of the S2 based on group:
If S2.1 MTCD1It is moved to the coverage area of purpose base station TeNB, MTCD for the first time1A packet is sent to SeNB
The ID of physical unit containing TeNB (IDTeNB), the measurement of E-UTRAN unit comprehensives identification code (ECGI) and tracking area identification symbol (TAI)
Report message.
Source base station SeNB described in S2.2 is from MTCD1After receiving message, switch grouping algorithm to current SeNB ranges using group
Interior MTCDsClassify, then source base station SeNB searches for MTCD1All members of the MTC switchings group at place, according to search
As a result, source base station SeNB will calculate separately each MTCD in MTC switching groupsiNew temporary identifier informationAnd intermediate keyWhereinIt is used to calculate new session keyOr new intermediate keyWith WithCalculation formula is as follows:
Wherein IDTeNBIt is the body of purpose base station
Part information.
Then, SeNB executes following operation to S2.3 according to different handoff scenarios:
(1) switching based on X2:Between switching is happened at eNBs and there are when an X2 interface, process jumps to step
S3。
(2) switching inside MME:When X2 interface being not present between switching is happened at eNBs, and being managed by the same MME,
Process jumps to step S4.
(3) switch between MME:Between switching is happened at eNBs, and when being managed by different MME, process jumps to step
S5。
Step S3:See Fig. 2, the handoff procedure based on X2.
S3.1 SeNB→TeNB:Switching request information
SeNB sends one to TeNB to be owned comprising entire MTC switchings groupWithWith other call parameters
Switching request information, to prepare for the switching in purpose base station.
S3.2 TeNB→SeNB:Handover Request Acknowledge information
After TeNB receives switching request message, Handover Request Acknowledge symbol message will be sent to SeNB and will be come for each MTCDi
Confirm and switches and calculate new session keyCalculation formula is as follows:
FRQTeNBFor the related frequency of target BS
Compose parameter;KDF is key-function.
S3.3 SeNB→MTCD1:Switching command information
It, will be to MTCD after SeNB receives switching request acknowledgement message1A switching command is sent to execute switching.So
Process goes to step S6 afterwards.
Step S4:See Fig. 3, the inside MME handoff procedure.
S4.1 SeNB→SMME:Switching request information
SeNB sends one to source MME (SMME) to be owned comprising entire MTC switchings groupWithIt must with other
Want the switching request information of parameter.
S4.2 SMME→TeNB:Switching request
After SMME receives switching request information, it will utilizeSwitch each MTCD of group for MTCiIt calculates separately
New intermediate keyWithWhereinWithIt is to calculate new session keyIt is secret
Close parameter, calculation formula are as follows:
Then, SMME will be sent to the new switching request message of TeNB mono- to prepare for the switching of purpose base station.This
A handoff request message switches all of group containing entire MTCWithAnd other call parameters.
S4.3 TeNB→SMME:Handover Request Acknowledge information
After TeNB receives switching request message, switching request acknowledgement message will be sent to SMME to confirm switching and be every
A MTCDiCalculate new session key.Calculation formula is as follows:
S4.4 SMME→SeNB,SeNB→MTCD1:Switching command information
It, will be by SeNB to MTCD after SMME receives switching request acknowledgement message1Send a switching command message
To execute switching.Then, process gos to step S6.
Step S5:See Fig. 4, handoff procedure between MME.
S5.1 SeNB→SMME:Switching request informationSeNB is sent out to source MME (SMME)
One is sent to own comprising entire MTC switchings groupWithWith the switching request information of other call parameters.
S5.2 SMME→TMME:Forward transition is asked
Source mobile management entity SMME by by MTC switch group in all MTCD KASMEiIt is added to switching request message construction
One forward transition request message, and this message is issued into purpose source mobile management entity TMME.
S5.3 TMME→TeNB:Switching request
TMME executes process identical with SMME in S4.2.
S5.4 TeNB→TMME:Handover Request Acknowledge information
Similar to the process in S4.3, TeNB sends a switching request acknowledgement message to TMME and calculates
S5.5 SMME→SeNB,SeNB→MTCD1:Switching command
It, will be by SeNB to MTCD after SMME receives switching request acknowledgement message1Send a switching command message
Switching is executed, then go to step S6.
Step S6:Send switching confirmation message
S6.1 MTCD1→TeNB:Switch confirmation message
After receiving switching command message, MTCD1It calculatesWithAnd to
TeNB sends a switch acknowledgment message to complete to switch.
Step S7:See Fig. 5, remaining MTCD equipment handoff procedure in group.
When same MTC switches remaining MTCD in groupsInto TeNB coverage area when, handoff procedure is as follows, below with
MTCD2For be further described.
(1) first, MTCD2A measurement report message is sent to SeNB to ask to execute switching.Then, SeNB directly to
MTCD2Switching command message is sent without other processes, because OrIn MTCD1TeNB is transferred in handoff procedure.
(2) finally, MTCD2It is contacted with TeNB foundation and sends switch acknowledgment message to complete to switch.
The present invention is by carrying out the design of scheme thus according to 3GPP standards, because without the communication equipment in change standard,
It can be applied to the network of all LTE-A mobile contexts.And the present invention utilizes in group first due to utilizing new switchover policy
A equipment for being switched to TeNB classifies to equipment in group to position affiliated group, is coped with using obstructed switchover policy
Different equipment switchings.And eliminate all devices and the signaling traffic of MME, to greatly reduce the communication of switching at
This, reduces the congestion of chain road between service network and home network.This encounter number of devices it is huge in the case of, advantage is more
Add protrusion.And the authentication data interacted between SeNB and TeNB is to be carried out by a kind of safe mode, and first
The middle completion information exchange of secondary verification process, equipment can be directly mutually authenticated with TeNB in subsequent group, in face
Network congestion is greatly reduced in the case of to large number of equipment, is had the advantages that safely and fast.
Claims (4)
1. the anonymous switching authentication method based on group in a kind of machine type communication comprising following steps:
The S1 initial authentication stages comprising:
S1.1 switches machine type communication MTC when machine type communication MTC switching groups access long-term evolving network LTE-A
Each machine type communication device MTCD in groupi(i=1~n) applies standard evolved packet system certifiede-mail protocol
EPSAKA processes carry out initial authentication;
After the success of S1.2 initial authentications, each machine type communication device MTCDiOne is generated with home subscriber server HSS
Shared key KASMEi, then HSS is by shared key KASMEiIt is transferred to mobile management entity MME;
S1.3 mobile management entity MMEs receive shared key KASMEiMachine is obtained according to existing handover key administrative mechanism afterwards
Device type of communicating device MTCDiSession key between source base station SeNBWith next-hop parameterThen it counts
Calculate temporary identifier information GUTIi;
S1.4 mobile management entity MMEs are by session keyWith next-hop parameterIt is sent to source base station SeNB, it will
Temporary identifier information GUTIiMachine type communication device MTCD is issued by source base station SeNBi;
Anonymous switching authentication phases of the S2 based on group comprising,
If first machine type communication device MTCD in S2.1 MTC switching groups1It is moved to purpose base station TeNB for the first time
Coverage area, MTCD1An identity information ID for including purpose base station TeNB is sent to source base station SeNBTeNB, E-UTRAN is mono-
The measurement report message of metasynthesis identification code and tracking area identification symbol;MTCD1Refer to being moved to purpose base at first in MTC switching groups
It stands the machine type communication device of TeNB;
Source base station SeNB described in S2.2 is from MTCD1After receiving message, switch grouping algorithm within the scope of current SeNB using group
MTCDsClassify, then source base station SeNB searches for MTCD1All members of the MTC switchings group at place, according to search result,
Source base station SeNB will calculate separately each MTCD in MTC switching groupsiNew temporary identifier informationAnd intermediate keyWhereinIt is used to calculate new session keyOr new intermediate keyWith next-hop parameter
S2.3 source base stations SeNB executes following operation according to different handoff scenarios:
(1) when switching is happened between source base station and purpose base station and there are when an X2 interface, process jumps to S3;
(2) it when X2 interface is not present when switching is happened between source base station and purpose base station, and being managed by the same MME, redirects
S4;
(3) when switching is happened between source base station and purpose base station, and source base station and purpose base station are managed by different MME,
Redirect S5;
S3 it include:
S3.1 SeNB send one to TeNB to be owned comprising entire MTC switchings groupWithWith other call parameters
Switching request information;
After S3.2 TeNB receive switching request message, Handover Request Acknowledge symbol message will be sent to SeNB and will be come for each MTCDi
Confirm and switches and calculate new session keyIts calculation formula is as follows:
Wherein KDF is key-function, FRQTeNB
For the relevant frequency spectrum parameter of target BS;
S3.3, will be to MTCD after SeNB receives switching request acknowledgement message1Send a switching command to execute switching, so
Jump procedure S6 afterwards;
S4 it include,
S4.1 SeNB send one to source mobile management entity SMME to be owned comprising entire MTC switchings groupWith
With the switching request information of other call parameters;
S4.2 will be utilized after SMME receives switching request informationSwitch each MTCD of group for MTCiIt calculates separately
New intermediate keyWith next-hop parameterMeanwhile SMME will be sent to mono- new switching request of TeNB and disappear
It ceases to prepare for the switching of purpose base station, the handoff request message switches all of group containing entire MTCWithAnd other call parameters;WhereinWithIt is for calculating new session
KeySecret parameter;
S4.3 will send switching request acknowledgement message to confirm switching and be after TeNB receives switching request message to SMME
Each MTCDiCalculate new session keyIts calculation formula is as follows:
S4.4, will be by SeNB to MTCD after SMME receives switching request acknowledgement message1Send a switching command message
Switching is executed, then, jumps to S6;
S5 it include,
S5.1 SeNB send one to source MME to be owned comprising entire MTC switchings groupWithWith other necessity ginsengs
Several switching request information;
For S5.2 after receiving switching request message, source mobile management entity SMME by MTC by switching all MTCD in group
KASMEiIt is added to one forward transition request message of switching request message construction, and this message is issued into purpose mobile management entity
TMME;
S5.3 TMME execute process identical with SMME in S4.2;
S5.4 TeNB send a switching request acknowledgement message to TMME and calculate
S5.5, will be by SeNB to MTCD after SMME receives switching request acknowledgement message1Send a switching command message
It executes switching, then jumps to S6;
S6 comprising;
S6.1 is after receiving switching command message, MTCD1It calculatesWithAnd to
TeNB sends a switch acknowledgment message to complete to switch;
S7 it include,
When same MTC switches remaining MTCD in groupiInto TeNB coverage area when, handoff procedure is as follows;
(1) first, MTCDiA measurement report message is sent to ask to execute switching to SeNB, and then, SeNB is directly to MTCDi
Switching command message is sent without other processes;
(2) finally, MTCDiIt is contacted with TeNB foundation and sends switch acknowledgment message to complete to switch.
2. the anonymous switching authentication method based on group in a kind of machine type communication as described in claim 1, feature exist
In:MTCD is calculated in the step S1.3iTemporary identifier information GUTIiFormula is as follows:
GUTIi=(GUMMEI, FGUTI(IMSIi, PMME));
Wherein GUMMEI is globally unique MME identity informations, PMMEIt is the MME parameters uniquely set by MME, FGUTIIt is a list
To hash function.
3. the anonymous switching authentication method based on group in a kind of machine type communication as described in claim 1, feature exist
In:Each MTCD in MTC switching groups is calculated in the step S2.2iNew temporary identifier informationAnd intermediate keyCalculation formula is as follows:
Wherein FGUTIIt is an one-way Hash function.
4. the anonymous switching authentication method based on group in a kind of machine type communication as described in claim 1, feature exist
In:New intermediate key is calculated in the step S4.2With next-hop parameterIts calculation formula is as follows:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510057961.0A CN104602236B (en) | 2015-02-04 | 2015-02-04 | Anonymous switching authentication method based on group in a kind of machine type communication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510057961.0A CN104602236B (en) | 2015-02-04 | 2015-02-04 | Anonymous switching authentication method based on group in a kind of machine type communication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104602236A CN104602236A (en) | 2015-05-06 |
CN104602236B true CN104602236B (en) | 2018-08-07 |
Family
ID=53127652
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510057961.0A Active CN104602236B (en) | 2015-02-04 | 2015-02-04 | Anonymous switching authentication method based on group in a kind of machine type communication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104602236B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP6522803B2 (en) * | 2015-06-23 | 2019-05-29 | 華為技術有限公司Huawei Technologies Co.,Ltd. | Handover method for grant free transmission, terminal device and network device |
CN106972917B (en) * | 2017-03-15 | 2020-08-04 | 西安电子科技大学 | Safety verification method for user running track |
CN106961682B (en) * | 2017-03-28 | 2019-10-22 | 西安电子科技大学 | It is a kind of based on the group of mobile relay to path mobile handoff authentication method |
CN111343675A (en) * | 2018-12-19 | 2020-06-26 | 中兴通讯股份有限公司 | Method, system, equipment and storage medium for terminal synchronous mobility management |
CN112118569B (en) * | 2019-12-17 | 2022-07-22 | 兰州大学 | Group authentication method and system in asynchronous group communication of LTE network machine type communication equipment |
CN114286334A (en) * | 2021-12-29 | 2022-04-05 | 西安邮电大学 | Multi-user authentication method and system for mobile communication scene and information processing terminal |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102843233A (en) * | 2011-06-21 | 2012-12-26 | 中兴通讯股份有限公司 | Method and system of group certification in machine-to-machine communication |
CN103596167A (en) * | 2013-10-25 | 2014-02-19 | 西安电子科技大学 | Machine-type communication authentication and key agreement method based on proxy |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9095000B2 (en) * | 2011-10-19 | 2015-07-28 | Electronics And Telecommunications Research Institute | Machine type communication gateway user equipment and machine type communication data relay method of the same |
-
2015
- 2015-02-04 CN CN201510057961.0A patent/CN104602236B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102843233A (en) * | 2011-06-21 | 2012-12-26 | 中兴通讯股份有限公司 | Method and system of group certification in machine-to-machine communication |
CN103596167A (en) * | 2013-10-25 | 2014-02-19 | 西安电子科技大学 | Machine-type communication authentication and key agreement method based on proxy |
Non-Patent Citations (2)
Title |
---|
A group-based security protocol for Machine Type Communications in LTE-Advanced;Daesung Choi,et.al.;《Computer Communications Workshops (INFOCOM WKSHPS), 2014 IEEE Conference on》;20140502;全文 * |
LTE网络中基于代理的MTC群组认证和密钥协商;张敏芳;《中国优秀硕士学位论文全文数据库 (信息科技辑)》;20141115;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN104602236A (en) | 2015-05-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104602236B (en) | Anonymous switching authentication method based on group in a kind of machine type communication | |
KR101813602B1 (en) | Method and system for positioning mobile station in handover procedure | |
EP2663107B1 (en) | Key generating method and apparatus | |
CN105557006B (en) | User equipment in communication system and method for communication by same | |
US10582522B2 (en) | Data transmission and reception method and device of terminal in wireless communication system | |
US11240718B2 (en) | Method and apparatus for inter-radio access network mobility | |
AU2009233486B2 (en) | Methods, apparatuses, and computer program products for providing multi-hop cryptographic separation for handovers | |
JPWO2018029931A1 (en) | Radio access network node, wireless terminal, core network node, and methods thereof | |
EP2966902B1 (en) | Method and device for releasing context-related resource of user equipment | |
CN110730454B (en) | Method for solving safety problem by NH, NCC pair in mobile communication system | |
CN101931953B (en) | Generate the method and system with the safe key of apparatus bound | |
US10736012B2 (en) | Method and device for providing circuit switching service in wireless communication system | |
Cao et al. | GAHAP: A group-based anonymity handover authentication protocol for MTC in LTE-A networks | |
CN106851750B (en) | Communication method, base station and system | |
CN108476217A (en) | Configurable access stratum safety | |
WO2011054286A1 (en) | Key generation method, device and system | |
CN104604271A (en) | Communication method, network side device, and user equipment | |
CN102291805B (en) | A kind of method and system of optional m igration management entity | |
CN102958094B (en) | A kind of method and system for realizing that Home eNodeB Radio Access Network is shared | |
CN101867931A (en) | Device and method for realizing non access stratum in wireless communication system | |
CN105101154B (en) | A kind of device-to-device authorization message configuration method, device and network element device | |
CN105101312B (en) | A kind of method and device of upstream data processing | |
CN104980894A (en) | Access control method, device and system of closed subscriber group | |
Modiri et al. | GSLHA: Group-based secure lightweight handover authentication protocol for M2M communication | |
CN101917717B (en) | The method and system of key are set up when interconnecting between a kind of GERAN and enhancing UTRAN |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |