CN104661217A - Authentication and key derivation method and system based on TD-LTE (time division-long term evolution) network - Google Patents
Authentication and key derivation method and system based on TD-LTE (time division-long term evolution) network Download PDFInfo
- Publication number
- CN104661217A CN104661217A CN201510066838.5A CN201510066838A CN104661217A CN 104661217 A CN104661217 A CN 104661217A CN 201510066838 A CN201510066838 A CN 201510066838A CN 104661217 A CN104661217 A CN 104661217A
- Authority
- CN
- China
- Prior art keywords
- key
- authentication
- user
- algorithm
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Abstract
The invention provides an authentication and key derivation method and system based on a TD-LTE (time division-long term evolution) network, and concentrates on study on safety of cluster services of a TD-LTE system. The authentication and key derivation method and system have the benefits that a key derivation mechanism provided by the invention realizes support of an initial key on the user safety level, the initial key K is subjected to processing of different derivation times of IK and IV cascading, and support on keys with different safety levels and different complexities can be realized. The key derivation mechanism of the user safety level is introduced, wherein the complexity of the key K represents the user safety level. When the user safety level is relatively high, the system is required to use a higher safety mechanism to guarantee the user safety, a complex key K such as K3 is specially used for a user with a high safety level requirement during key generation, and a user with a low safety level requirement can use K1 as the initial key.
Description
Technical field
The present invention relates to communication technical field, particularly relate to the authentication based on TD-LTE network and cipher key derivative method and system.
Background technology
The fast development of trunking communication, especially more advanced digital cluster communication technology, more powerful systemic-function can be provided for user, digital clustering communication system gathers multi-function in integral whole, can meet the construction requirements of large-scale common network technically with in power system capacity, system can provide the multiple business such as command scheduling, phone are interconnected, transfer of data, sending and receiving short messages, positioning service.Set up shared network, can be conducive to giving full play to these powerful systemic-functions of Digital Clustering and excellent network performance, meet the demand of current each professional user to communication.Along with socioeconomic development, government department, enterprises and institutions are to the demand of mobile dispatch service all the more extensively and urgent.Therefore the fail safe for group system business also has very crucial requirement.TD-LTE public network is rapid in China's development, in the extensive networking of China.Based on the advantage that special cluster network plays group service can be set up when TD-LTE public network, these unit departments can be applied to, meet their particular/special requirement for different business.
TD-LTE public network group system without the need to being the networking of trunking communication independence, but with TD-LTE public network shared network resource.Wherein, TD-LTE wireless access network is the main body component part of TD-LTE public network, accounts for the major part of public mobile network network investment, and the Access Network of public network cluster should be shared with the Access Network of public network, comprise the resource such as site, antenna, can effectively utilize public network resource.
The safe class of cluster and safety requirements generally than the height of public network, so senior cryptographic algorithm and more complicated authentication mechanism will be used to the requirement of the high safety grade ensureing cluster to become the technical problem being badly in need of at present solving.
Summary of the invention
In order to solve the problems of the prior art, the invention provides a kind of authentication based on TD-LTE network and cipher key derivative method.
The invention provides a kind of authentication based on TD-LTE network and cipher key derivative method, comprise LTE method for authenticating, comprise the steps: in LTE method for authenticating
Authentication request initiates step, and user initiates authentication request to Non-Access Stratum mobile management entity;
Ask for authentication vector step, mobile management entity asks for authentication vector to home subscriber server;
Return step, home subscriber server returns one or more sets general packet core evolution authentication vector { random number, authentication-tokens, intended response, root key } to mobile management entity, wherein comprise AMF separator; " 1 " LTE/SAE is represented, " 0 " represent non-LTE/SAE;
Forwarding step, mobile management entity receives the response of rear preservation prospective users, root key, and random number and authentication-tokens are sent to user;
User side authentication step, user carries out authentication by authentication feature vector to network, user calculates Authentication Response & CK/IK according to authentication feature vector & nonce count, calculate root key further, Authentication Response is sent to mobile management entity by user, and Authentication Response and prospective users response contrast by mobile management entity;
Derivation step, user and mobile management entity derive encryption key needed for Non-Access Stratum and Access Layer and tegrity protection key according to root key.
As a further improvement on the present invention, in authentication and cipher key derivative method, IK, IV are the initial input keys of cipher key derivative mechanism, and CK/IK represents encryption and Integrity Key respectively; K
aSMEbeing an intermediate key, is that terminal and home subscriber server generate according to K in AKA process; ASME is a network entity, according to the key that the home subscriber server received sends, is responsible for the security negotiation setting up and maintain home subscriber server and terminal; K
eNBalso being an intermediate key, is that terminal and mobile management entity generate according to root key; K
eNBvalue depend on eNodeB identification code, be RRC business and UP service generation key for eNodeB; Finally, in order to NAS signaling, AS signaling and user plane data carry out integrity protection and Confidentiality protection, following 5 key: K also to be generated
eNB, K
nASint, K
nASenc, K
uPenc, K
rRCintand K
rRCenc., K
eNBevolved base station key, K
nASintaccess Layer Integrity Key, K
nASencaccess Layer security key, K
uPencclient layer safe key, K
rRCintaccess control Integrity Key, K
rRCencit is access control security key.
As a further improvement on the present invention,
User will draw root key K after AS layer and AS layer key will carry out KDF algorithm process by initial key K in authentication process
aSME;
Root key K
aSMEthe security key K deriving the use of NAS layer is carried out at NAS layer
nASencwith tegrity protection key K
nASint, wherein the generation of security key and Integrity Key is the security algorithm supported according to user, by the fail safe Protective Key of selecting different security algorithm combination producings different and tegrity protection key;
Root key K
aSMEintermediate key K is drawn by derivative
eNB, intermediate key K
eNBbe mainly used in the fail safe Protective Key K of AS layer
rRCencwith tegrity protection key K
rRCintgeneration, its generating mode is identical with NAS layer, wherein, then obtains client layer key K by changing in security algorithm the flag bit BEARER inputted
uPenc.
As a further improvement on the present invention, this authentication and cipher key derivative method also comprise key generation method, and this key generation method comprises the steps:
CK and IK performing step: IK and IV is initial key and vector, substitute into KDF algorithm and obtain K, K is the initial key that KDF algorithm obtains, and carrys out the security algorithm of choice for use according to the algorithms selection of user, and K substitutes into respectively in EEA module and EIA module and obtains security key CK and integrality IK;
Key K step based on user security grade: during user security grade height, K is brought in KDF function to carry out deriving and obtains the high K of complexity, when user security grade is low, directly by initial K, the K being obtained different complexity by derivative number of times represents user security grade;
K
aSMEperforming step, is updated to K in KDF algorithm and intercepts latter 32 again and obtain K
aSME;
K
nASint, K
nASencperforming step: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
aSMEbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
nASint, K
nASenc;
K
eNBperforming step: by K
aSMEbe updated in KDF algorithm and intercept latter 32 again and can obtain K
eNB;
K
uPenc, K
rRCintand K
rRCencperforming step: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
eNBbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
rRCencand K
rRCint, K
uPencthe confidentiality key that client layer uses, K
rRCencbe the confidentiality key that key-course uses, difference arranges different flag bits (BEARER=0,1).
Present invention also offers a kind of authentication based on TD-LTE network and cipher key derivative system, comprise LTE authenticating unit, comprise in LTE authenticating unit:
Authentication request initiation module, user initiates authentication request to Non-Access Stratum mobile management entity;
Ask for authentication vector module, mobile management entity asks for authentication vector to home subscriber server;
Return module, home subscriber server returns one or more sets general packet core evolution authentication vector { random number, authentication-tokens, intended response, root key } to mobile management entity, wherein comprise AMF separator; " 1 " LTE/SAE is represented, " 0 " represent non-LTE/SAE;
Sending module, mobile management entity receives the response of rear preservation prospective users, root key, and random number and authentication-tokens are sent to user;
User side authentication module, user carries out authentication by authentication feature vector to network, user calculates Authentication Response & CK/IK according to authentication feature vector & nonce count, calculate root key further, Authentication Response is sent to mobile management entity by user, and Authentication Response and prospective users response contrast by mobile management entity;
Derivation module, user and mobile management entity derive encryption key needed for Non-Access Stratum and Access Layer and tegrity protection key according to root key.
As a further improvement on the present invention, in authentication and cipher key derivative system, IK, IV are the initial input keys of cipher key derivative mechanism, and CK/IK represents encryption and Integrity Key respectively; K
aSMEbeing an intermediate key, is that terminal and home subscriber server generate according to K in AKA process; ASME is a network entity, according to the key that the home subscriber server received sends, is responsible for the security negotiation setting up and maintain home subscriber server and terminal; K
eNBalso being an intermediate key, is that terminal and mobile management entity generate according to root key; K
eNBvalue depend on eNodeB identification code, be RRC business and UP service generation key for eNodeB; Finally, in order to NAS signaling, AS signaling and user plane data carry out integrity protection and Confidentiality protection, following 5 key: K also to be generated
eNB, K
nASint, K
nASenc, K
uPenc, K
rRCintand K
rRCenc., K
eNBevolved base station key, K
nASintaccess Layer Integrity Key, K
nASencaccess Layer security key, K
uPencclient layer safe key, K
rRCintaccess control Integrity Key, K
rRCencit is access control security key.
As a further improvement on the present invention,
User will draw root key K after AS layer and AS layer key will carry out KDF algorithm process by initial key K in authentication process
aSME;
Root key K
aSMEthe security key K deriving the use of NAS layer is carried out at NAS layer
nASencwith tegrity protection key K
nASint, wherein the generation of security key and Integrity Key is the security algorithm supported according to user, by the fail safe Protective Key of selecting different security algorithm combination producings different and tegrity protection key;
Root key K
aSMEintermediate key K is drawn by derivative
eNB, intermediate key K
eNBbe mainly used in the fail safe Protective Key K of AS layer
rRCencwith tegrity protection key K
rRCintgeneration, its generating mode is identical with NAS layer, wherein, then obtains client layer key K by changing in security algorithm the flag bit BEARER inputted
uPenc.
As a further improvement on the present invention, this authentication and cipher key derivative system also comprise Key generating unit, and this Key generating unit comprises:
CK and IK realizes module: IK and IV is initial key and vector, substitute into KDF algorithm and obtain K, K is the initial key that KDF algorithm obtains, and carrys out the security algorithm of choice for use according to the algorithms selection of user, and K substitutes into respectively in EEA module and EIA module and obtains security key CK and integrality IK;
Key K module based on user security grade: during user security grade height, K is brought in KDF function to carry out deriving and obtains the high K of complexity, when user security grade is low, directly by initial K, the K being obtained different complexity by derivative number of times represents user security grade;
K
aSMErealize module, K is updated in KDF algorithm and intercepts latter 32 again and obtain K
aSME;
K
nASint, K
nASencrealize module: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
aSMEbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
nASint, K
nASenc;
K
eNBrealize module: by K
aSMEbe updated in KDF algorithm and intercept latter 32 again and can obtain K
eNB;
K
uPenc, K
rRCintand K
rRCencrealize module: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
eNBbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
rRCencand K
rRCint, K
uPencthe confidentiality key that client layer uses, K
rRCencbe the confidentiality key that key-course uses, difference arranges different flag bits (BEARER=0,1).
The invention has the beneficial effects as follows: the cipher key derivative mechanism that the present invention proposes adds the initial key K of different derivative number of times; the initial key process supporting that different safety class requires user is achieved by the derivative number of times of K; thus achieve the cipher key derivative mechanism supporting safe class; the safe key level of LTE is more complicated, can realize layered security secret key encryption and the integrity protection of AS layer and NAS layer.
Accompanying drawing explanation
Fig. 1 is LTE network authentication schematic diagram of the present invention.
Fig. 2 is key hierarchy Organization Chart of the present invention.
Fig. 3 is that the initial key that the present invention is based on user security grade derives module map.
Fig. 4 is the cipher key derivative mechanism choice in authentication process of the present invention.
Fig. 5 is cipher key derivative flow chart of the present invention.
Fig. 6 is CK, IK simulation result figure of the present invention.
Fig. 7 is K of the present invention
aSME, K
nASenc, K
nASintsimulation result figure.
Fig. 8 is K of the present invention
eNB, K
rRCenc, K
rRCintsimulation result figure.
Embodiment
The invention discloses a kind of authentication based on TD-LTE network and cipher key derivative method, comprise LTE method for authenticating, the object of authentication determines the legitimacy of object, confirmation mutual before foundation communicates and serves between entity in group system network, between user with service, to ensure the fail safe of communication and service.
LTE authentication is an authentication based on four-tuple: root key (Kasme), authentication feature vector (AUTN), random number (RAND) and prospective users response (XRES).
1. comprise the steps: in LTE method for authenticating
Authentication request initiates step, and user (UE) initiates authentication request to Non-Access Stratum (NAS) mobile management entity MME;
Ask for authentication vector step, MME then asks for authentication vector to home subscriber server HSS;
Return step, HSS returns one or more sets general packet core evolution EPS authentication vector { random parameter RAND, authentication-tokens AUTN, intended response XRES, root key Kasme}, to MME, wherein comprises AMF separator, " 1 " represent LTE/SAE; " 0 " non-LTE/SAE is represented, as GSM, UMTS;
Forwarding step, MME receives rear preservation XRES, Kasme and random parameter RAND and authentication-tokens AUTN is sent to UE;
User side authentication step, UE carries out authentication by AUTN to network, this is the authentication of network terminal, UE calculates RES & CK/IK according to AUTN & RAND, calculate Kasme further, Authentication Response RES is sent to MME by UE, RES and XRES contrasts by MME, and this is user side authentication;
Derivation step, UE and MME derives encryption key needed for NAS layer and Access Layer AS layer and tegrity protection key according to Kasme.When UE during state, will delete these keys from Mobile Forms ACTIVE to idle condition IDLE.
Key generation process in 2.TD-LTE system:
In LTE system, in order to carry out introducing key layering in suitable safeguard protection standard to different information flow: in Fig. 1, K is fixing private cipher key, is stored in USIM and authentication center AuC.It is the basis of all key schedules.USIM: user identification module.
IK, IV are in the pair of secret keys (representing encryption and Integrity Key respectively) that AuC and USIM generates when setting up security negotiation.K
aSMEbeing an intermediate key, is that terminal and HSS generate according to CK and IK in AKA process.ASME is a network entity, according to the key that the HSS received sends, is responsible for the security negotiation setting up and maintain HSS and terminal.K
eNBalso being an intermediate key, is that terminal and MME generate according to KASME.K
eNBvalue depend on eNodeB identification code, be RRC business and UP service generation key for eNodeB.Finally, in order to NAS signaling, AS signaling and user plane data carry out integrity protection and Confidentiality protection, following 5 key: K also to be generated
eNB, K
nASint, K
nASenc, K
uPenc, K
rRCintand K
rRCenc.
AKA: certifiede-mail protocol; RRC: access control; UP: client layer; NAS: Non-Access Stratum; AS: Access Layer.
3. key hierarchy and generation
3.1 key hierarchy:
Key in LTE/SAE system should comprise encryption and the tegrity protection key of Access Layer and Non-Access Stratum, and length is 128 bits.For long term growth, network interface also should prepare the key of support 256.The security algorithm that the deriving of the key of protection UP, NAS and AS uses separately with them is for input parameter.Key hierarchy (see Fig. 2) should be used in LTE system, comprise following key: evolved base station key K
eNB, Access Layer Integrity Key K
nASint, Access Layer security key K
nASenc, client layer safe key K
uPenc, access control Integrity Key K
rRCintwith access control security key K
rRCenc.
K
eNBfrom K by ME and MME
aSMEderive the key of generation, or the key produced by ME and target eNB.
Non-Access Stratum communication key:
K
nASintfrom K by ME and MME
aSMEkey Non-Access Stratum signaling being carried out to integrity protection of generation is derived with integral algorithm mark.
K
nASencfrom K by ME and MME
aSMEkey Non-Access Stratum signaling being encrypted to protection of generation is derived with cryptographic algorithm mark.
User plane communication key:
K
uPencfrom K by ME and eNB
eNBkey user plane data being encrypted to protection of generation is derived with cryptographic algorithm mark.
RRC communication key:
K
rRCintfrom K by ME and eNB
eNBkey wireless heterogeneous networks plane signaling being carried out to integrity protection of generation is derived with integral algorithm mark.
K
rRCencfrom K by ME and eNB
eNBkey wireless heterogeneous networks plane signaling being encrypted to protection of generation is derived with cryptographic algorithm mark.
The present invention introduces the cipher key derivative mechanism of user security grade, and wherein the complexity of key K represents the safe class of user.As shown in Figure 3, when user security higher grade, need system to use higher security mechanism to ensure the safety of user, the complicated key K that during secret generating, high safety grade user is special is as K3, and safe class requires that low user can by using K1 as initial key.In the cipher key derivative mechanism of system, higher fail safe is embodied by derivative number of times.
Key carries out the derivative of key from privately owned initial key in authentication process, and as shown in Figure 4, detailed process is as follows:
User will draw root key K after AS layer and AS layer key will carry out KDF algorithm process by initial key K in authentication process
aSME;
Root key K
aSMEthe security key K deriving the use of NAS layer is carried out at NAS layer
nASencwith tegrity protection key K
nASint, wherein the generation of security key and Integrity Key is the security algorithm supported according to user, by the fail safe Protective Key of selecting different security algorithm combination producings different and tegrity protection key's (table 1);
Root key K
aSMEintermediate key K is drawn by derivative
eNB, intermediate key K
eNBbe mainly used in the fail safe Protective Key K of AS layer
rRCencwith tegrity protection key K
rRCintgeneration, its generating mode is identical with NAS layer, wherein, then obtains client layer key K by changing in security algorithm the flag bit BEARER inputted
uPenc.
Table 1 algorithms selection table
The input parameter of the authentication mechanism KDF adopted in research process comprises the ID of algorithm and the identification code (Fig. 4) of algorithm, different algorithm ID can be inputted in the process of carrying out authentication, the KI stream that different algorithms produces can be indicated.
Cipher key derivative mechanism realize main operating process as shown in Figure 5:
CK and IK performing step: IK and IV is initial key and vector, substitute into KDF algorithm and obtain K, K is the initial key that KDF algorithm obtains, carry out the security algorithm (this process is realized by algorithm identified ID) of choice for use according to the algorithms selection of user, K substitutes into respectively in EEA module and EIA module and obtains security key CK and integrality IK;
Key K step based on user security grade: during user security grade height, K is brought in KDF function to carry out deriving and obtains the high K of complexity, when user security grade is low, directly by initial K, the K being obtained different complexity by derivative number of times represents user security grade;
K
aSMEperforming step, is updated to K in KDF algorithm and intercepts latter 32 again and obtain K
aSME;
K
nASint, K
nASencperforming step: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
aSMEbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
nASint, K
nASenc;
K
eNBperforming step: by K
aSMEbe updated in KDF algorithm and intercept latter 32 again and can obtain K
eNB;
K
uPenc, K
rRCintand K
rRCencperforming step: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
eNBbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
rRCencand K
rRCint, K
uPencthe confidentiality key that client layer uses, K
rRCencbe the confidentiality key that key-course uses, difference arranges different flag bits (BEARER=0,1).
Calculation result and analysis:
The cipher key derivative result of many grades and analysis:
Based on the flow process of Fig. 4, arranging initial key vector is:
Key with KDF algorithm obtains:
K={986fe81915b9449e69588a1f55ab8622};
Derivative by what be encrypted with Integrity Key by the algorithmic choosing mechanism key of system, cryptographic algorithm and integral algorithm have done the emulation of following encryption and integrity protection for ZUC algorithm.As
Shown in Fig. 6, K inputs EEA module and EIA module obtains CK and IK.
If when user security class requirement is higher, then K is brought in KDF algorithm repeatedly to derive and obtain more complicated key K.
K1={436da8291659329ebae3211b4d3b2134} (derivative 1 time);
K2={5eacfd986336120465489105264da654} (derivative 2 times);
K3={657454674ba4654f464789e464c4646a} (derivative 3 times);
It should be noted that CK is with expressly corresponding, what draw here is the key consistent with length of the plaintext.
CK={1161004c,aa61f808,b71afdfe,549e2021,220f23e9,8e623ead,ccfd4a71};
IK={003434c0};
K inputs KDF module and obtains:
K
ASME={6aeee61c0cc932e19bea74275b08b8e44};
By K
aSMEbe input in EEA module and EIA module and obtain K
nASenc, K
nASint(Fig. 7)
K
NASenc={68066bf0,3a659991,f3ba4f9b,0829ed9f,07663181,bd1c3e63,26306854};
K NASint ={04161728};
K
aSMEinput KDF obtains:
K eNB ={105213e9f3f399e3516024cee768af89};
Will
k eNB in input EEA and EIA, (Fig. 8) obtains
k rRCenc ,
kRRCint.
K
RRCenc={a8ba3f97,0a6d12b9,31e8c707,59410911,66b8ce60,45402eb6,7ac2b7cd};
K
RRCint={041e1728};
Input in amendment EEA
flagbEARER=0, draws K
uPenc.
K
UPenc={d26c3efa,059c4b36,2265c81a,33647f1c,58c3ef3a,16aec2a3,cc0da4fc};
By above-mentioned expression of results, we can obtain carrying out each key required for authentication and each layer service safety and NAS layer AS infill layer and integrity protection based on user security grade.
The present invention is devoted to study the fail safe based on TD-LTE system group service; the cipher key derivative mechanism that the present invention proposes is no longer directly use key K to carry out cipher key derivative; but wizard's key K of different derivative number of times is produced based on different safe class users; relative to former system; add the support of system of users safe class; the safe key level of LTE is more complicated, can realize layered security secret key encryption and the integrity protection of AS layer and NAS layer.
The present invention is mainly studied for the cipher key derivative mechanism of the user security grade of the group service based on TD-LTE, system of having set forth carries out the derivatization process of the flow process of authentication and the algorithm needed for authentication and key, describe each key in the effect of every aspect and application, and key stream generation algorithm ZUC algorithm is introduced, analytical calculation has been carried out to the key needed for each stage in authorizing procedure simultaneously.
The cipher key derivative mechanism that the present invention proposes will increase initial key to the support of user security grade, initial key K according to, user security grade carries out the process of the derivative number of times of IK, IV cascade difference, can realize the support key to the different complexity key of different safety class.To introduce the cipher key derivative mechanism of user security grade, wherein the complexity of key K represents the safe class of user.As shown in Figure 4, when user security higher grade, need system to use higher security mechanism to ensure the safety of user, the complicated key K that during secret generating, high safety grade user is special is as K3, and safe class requires that low user can by using K1 as initial key.In the cipher key derivative mechanism of system, higher fail safe is embodied by derivative number of times.Can realize at the different disposal number of times by initial key K initial key K different safety class user being produced to different complexity, realize the support of system of users safe class.
Above content is in conjunction with concrete preferred implementation further description made for the present invention, can not assert that specific embodiment of the invention is confined to these explanations.For general technical staff of the technical field of the invention, without departing from the inventive concept of the premise, some simple deduction or replace can also be made, all should be considered as belonging to protection scope of the present invention.
Claims (8)
1., based on authentication and the cipher key derivative method of TD-LTE network, it is characterized in that, comprise LTE method for authenticating, comprise the steps: in LTE method for authenticating
Authentication request initiates step, and user initiates authentication request to Non-Access Stratum mobile management entity;
Ask for authentication vector step, mobile management entity asks for authentication vector to home subscriber server;
Return step, home subscriber server returns one or more sets general packet core evolution authentication vector { random number, authentication-tokens, intended response, root key } to mobile management entity, wherein comprise AMF separator; " 1 " LTE/SAE is represented, " 0 " represent non-LTE/SAE;
Forwarding step, mobile management entity receives the response of rear preservation prospective users, root key, and random number and authentication-tokens are sent to user;
User side authentication step, user carries out authentication by authentication feature vector to network, user calculates Authentication Response & CK/IK according to authentication feature vector & nonce count, calculate root key further, Authentication Response is sent to mobile management entity by user, and Authentication Response and prospective users response contrast by mobile management entity;
Derivation step, user and mobile management entity derive encryption key needed for Non-Access Stratum and Access Layer and tegrity protection key according to root key.
2. authentication according to claim 1 and cipher key derivative method, is characterized in that, in authentication and cipher key derivative method, IK, IV are the initial input keys of cipher key derivative mechanism, and CK/IK represents encryption and Integrity Key respectively; K
aSMEbeing an intermediate key, is that terminal and home subscriber server generate according to K in AKA process; ASME is a network entity, according to the key that the home subscriber server received sends, is responsible for the security negotiation setting up and maintain home subscriber server and terminal; K
eNBalso being an intermediate key, is that terminal and mobile management entity generate according to root key; K
eNBvalue depend on eNodeB identification code, be RRC business and UP service generation key for eNodeB; Finally, in order to NAS signaling, AS signaling and user plane data carry out integrity protection and Confidentiality protection, following 5 key: K also to be generated
eNB, K
nASint, K
nASenc, K
uPenc, K
rRCintand K
rRCenc., K
eNBevolved base station key, K
nASintaccess Layer Integrity Key, K
nASencaccess Layer security key, K
uPencclient layer safe key, K
rRCintaccess control Integrity Key, K
rRCencit is access control security key.
3. authentication according to claim 2 and cipher key derivative method, is characterized in that,
User will draw root key K after AS layer and AS layer key will carry out KDF algorithm process by initial key K in authentication process
aSME;
Root key K
aSMEthe security key K deriving the use of NAS layer is carried out at NAS layer
nASencwith tegrity protection key K
nASint, wherein the generation of security key and Integrity Key is the security algorithm supported according to user, by the fail safe Protective Key of selecting different security algorithm combination producings different and tegrity protection key;
Root key K
aSMEintermediate key K is drawn by derivative
eNB, intermediate key K
eNBbe mainly used in the fail safe Protective Key K of AS layer
rRCencwith tegrity protection key K
rRCintgeneration, its generating mode is identical with NAS layer, wherein, then obtains client layer key K by changing in security algorithm the flag bit BEARER inputted
uPenc.
4. authentication according to claim 1 and cipher key derivative method, is characterized in that, this authentication and cipher key derivative method also comprise key generation method, and this key generation method comprises the steps:
CK and IK performing step: IK and IV is initial key and vector, substitute into KDF algorithm and obtain K, K is the initial key that KDF algorithm obtains, and carrys out the security algorithm of choice for use according to the algorithms selection of user, and K substitutes into respectively in EEA module and EIA module and obtains security key CK and integrality IK;
Key K step based on user security grade: during user security grade height, K is brought in KDF function to carry out deriving and obtains the high K of complexity, when user security grade is low, directly by initial K, the K being obtained different complexity by derivative number of times represents user security grade;
K
aSMEperforming step, is updated to K in KDF algorithm and intercepts latter 32 again and obtain K
aSME;
K
nASint, K
nASencperforming step: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
aSMEbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
nASint, K
nASenc;
K
eNBperforming step: by K
aSMEbe updated in KDF algorithm and intercept latter 32 again and can obtain K
eNB;
K
uPenc, K
rRCintand K
rRCencperforming step: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
eNBbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
rRCencand K
rRCint, K
uPencthe confidentiality key that client layer uses, K
rRCencbe the confidentiality key that key-course uses, difference arranges different flag bits (BEARER=0,1).
5., based on authentication and the cipher key derivative system of TD-LTE network, it is characterized in that, comprise LTE authenticating unit, comprise in LTE authenticating unit:
Authentication request initiation module, user initiates authentication request to Non-Access Stratum mobile management entity;
Ask for authentication vector module, mobile management entity asks for authentication vector to home subscriber server;
Return module, home subscriber server returns one or more sets general packet core evolution authentication vector { random number, authentication-tokens, intended response, root key } to mobile management entity, wherein comprise AMF separator; " 1 " LTE/SAE is represented, " 0 " represent non-LTE/SAE;
Sending module, mobile management entity receives the response of rear preservation prospective users, root key, and random number and authentication-tokens are sent to user;
User side authentication module, user carries out authentication by authentication feature vector to network, user calculates Authentication Response & CK/IK according to authentication feature vector & nonce count, calculate root key further, Authentication Response is sent to mobile management entity by user, and Authentication Response and prospective users response contrast by mobile management entity;
Derivation module, user and mobile management entity derive encryption key needed for Non-Access Stratum and Access Layer and tegrity protection key according to root key.
6. authentication according to claim 5 and cipher key derivative system, is characterized in that, in authentication and cipher key derivative system, IK, IV are the initial input keys of cipher key derivative mechanism, and CK/IK represents encryption and Integrity Key respectively; K
aSMEbeing an intermediate key, is that terminal and home subscriber server generate according to K in AKA process; ASME is a network entity, according to the key that the home subscriber server received sends, is responsible for the security negotiation setting up and maintain home subscriber server and terminal; K
eNBalso being an intermediate key, is that terminal and mobile management entity generate according to root key; K
eNBvalue depend on eNodeB identification code, be RRC business and UP service generation key for eNodeB; Finally, in order to NAS signaling, AS signaling and user plane data carry out integrity protection and Confidentiality protection, following 5 key: K also to be generated
eNB, K
nASint, K
nASenc, K
uPenc, K
rRCintand K
rRCenc., K
eNBevolved base station key, K
nASintaccess Layer Integrity Key, K
nASencaccess Layer security key, K
uPencclient layer safe key, K
rRCintaccess control Integrity Key, K
rRCencit is access control security key.
7. authentication according to claim 6 and cipher key derivative system, is characterized in that,
User will draw root key K after AS layer and AS layer key will carry out KDF algorithm process by initial key K in authentication process
aSME;
Root key K
aSMEthe security key K deriving the use of NAS layer is carried out at NAS layer
nASencwith tegrity protection key K
nASint, wherein the generation of security key and Integrity Key is the security algorithm supported according to user, by the fail safe Protective Key of selecting different security algorithm combination producings different and tegrity protection key;
Root key K
aSMEintermediate key K is drawn by derivative
eNB, intermediate key K
eNBbe mainly used in the fail safe Protective Key K of AS layer
rRCencwith tegrity protection key K
rRCintgeneration, its generating mode is identical with NAS layer, wherein, then obtains client layer key K by changing in security algorithm the flag bit BEARER inputted
uPenc.
8. authentication according to claim 5 and cipher key derivative system, is characterized in that, this authentication and cipher key derivative system also comprise Key generating unit, and this Key generating unit comprises:
CK and IK realizes module: IK and IV is initial key and vector, substitute into KDF algorithm and obtain K, K is the initial key that KDF algorithm obtains, and carrys out the security algorithm of choice for use according to the algorithms selection of user, and K substitutes into respectively in EEA module and EIA module and obtains security key CK and integrality IK;
Key K module based on user security grade: during user security grade height, K is brought in KDF function to carry out deriving and obtains the high K of complexity, when user security grade is low, directly by initial K, the K being obtained different complexity by derivative number of times represents user security grade;
K
aSMErealize module, K is updated in KDF algorithm and intercepts latter 32 again and obtain K
aSME;
K
nASint, K
nASencrealize module: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
aSMEbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
nASint, K
nASenc;
K
eNBrealize module: by K
aSMEbe updated in KDF algorithm and intercept latter 32 again and can obtain K
eNB;
K
uPenc, K
rRCintand K
rRCencrealize module: the security algorithm carrying out choice for use according to the algorithms selection of user, by K
eNBbe updated to respectively in EEA algorithm and EIA algorithm and obtain K
rRCencand K
rRCint, K
uPencthe confidentiality key that client layer uses, K
rRCencbe the confidentiality key that key-course uses, difference arranges different flag bits (BEARER=0,1).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510066838.5A CN104661217A (en) | 2015-02-09 | 2015-02-09 | Authentication and key derivation method and system based on TD-LTE (time division-long term evolution) network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510066838.5A CN104661217A (en) | 2015-02-09 | 2015-02-09 | Authentication and key derivation method and system based on TD-LTE (time division-long term evolution) network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN104661217A true CN104661217A (en) | 2015-05-27 |
Family
ID=53251804
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510066838.5A Pending CN104661217A (en) | 2015-02-09 | 2015-02-09 | Authentication and key derivation method and system based on TD-LTE (time division-long term evolution) network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104661217A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106535182A (en) * | 2015-09-10 | 2017-03-22 | 中兴通讯股份有限公司 | Wireless network authentication method and core network element, access network element, and terminal |
CN108141754A (en) * | 2015-09-15 | 2018-06-08 | 高通股份有限公司 | For being related to the device and method of the mobile process of mobility management entity reorientation |
CN109150835A (en) * | 2018-07-20 | 2019-01-04 | 国科量子通信网络有限公司 | Method, apparatus, equipment and the computer readable storage medium of cloud data access |
CN109511113A (en) * | 2017-07-28 | 2019-03-22 | 华为技术有限公司 | Safety implementation method, relevant apparatus and system |
CN109560919A (en) * | 2017-09-27 | 2019-04-02 | 华为技术有限公司 | A kind of machinery of consultation of cipher key derivative algorithm and device |
CN111264071A (en) * | 2017-10-10 | 2020-06-09 | 株式会社Ntt都科摩 | Security establishing method, terminal device and network device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2663051A1 (en) * | 2012-05-07 | 2013-11-13 | Industrial Technology Research Institute | Authentication system for device-to-device communication and authentication method therefore |
CN102164367B (en) * | 2011-04-14 | 2014-04-16 | 北京理工大学 | Key management method used for wireless sensor network |
-
2015
- 2015-02-09 CN CN201510066838.5A patent/CN104661217A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102164367B (en) * | 2011-04-14 | 2014-04-16 | 北京理工大学 | Key management method used for wireless sensor network |
EP2663051A1 (en) * | 2012-05-07 | 2013-11-13 | Industrial Technology Research Institute | Authentication system for device-to-device communication and authentication method therefore |
Non-Patent Citations (5)
Title |
---|
JIN CAO ETC: "A Survey on Security Aspects for LTE and LTE-A Networks", 《IEEE COMMUNICAITONS SURVEYS & TUTORIALS》 * |
严丽云,陈久雨: "GSM、WCDMA及LTE鉴权机制的比较与分析", 《广东通信技术》 * |
华凯,杨晓非: "LTE安全算法的研究与实现", 《现代电子技术》 * |
张沛,陈婉莹,王鑫: "TD-SCDMA与TD-LTE安全机制的分析和比较", 《移动通信》 * |
张长青: "TD-LTE系统安全机制分析", 《电信网技术》 * |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106535182A (en) * | 2015-09-10 | 2017-03-22 | 中兴通讯股份有限公司 | Wireless network authentication method and core network element, access network element, and terminal |
CN108141754A (en) * | 2015-09-15 | 2018-06-08 | 高通股份有限公司 | For being related to the device and method of the mobile process of mobility management entity reorientation |
US11178543B2 (en) | 2015-09-15 | 2021-11-16 | Qualcomm Incorporated | Apparatus and method for mobility procedure involving mobility management entity relocation |
CN109511113A (en) * | 2017-07-28 | 2019-03-22 | 华为技术有限公司 | Safety implementation method, relevant apparatus and system |
CN109511113B (en) * | 2017-07-28 | 2020-04-14 | 华为技术有限公司 | Security implementation method, related device and system |
US10728757B2 (en) | 2017-07-28 | 2020-07-28 | Huawei Technologies Co., Ltd. | Security implementation method, related apparatus, and system |
US11228905B2 (en) | 2017-07-28 | 2022-01-18 | Huawei Technologies Co., Ltd. | Security implementation method, related apparatus, and system |
CN109560919A (en) * | 2017-09-27 | 2019-04-02 | 华为技术有限公司 | A kind of machinery of consultation of cipher key derivative algorithm and device |
US11627458B2 (en) | 2017-09-27 | 2023-04-11 | Huawei Technologies Co., Ltd. | Key derivation algorithm negotiation method and apparatus |
CN111264071A (en) * | 2017-10-10 | 2020-06-09 | 株式会社Ntt都科摩 | Security establishing method, terminal device and network device |
CN109150835A (en) * | 2018-07-20 | 2019-01-04 | 国科量子通信网络有限公司 | Method, apparatus, equipment and the computer readable storage medium of cloud data access |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103096309B (en) | Generate method and the relevant device of group key | |
CN108966220B (en) | A kind of method and the network equipment of secret key deduction | |
CN103096308B (en) | The method of group cipher key generating and relevant device | |
CN106134231B (en) | Key generation method, equipment and system | |
CN103179558B (en) | Group system group exhales encryption implementation method and system | |
CN102625300B (en) | Generation method and device for key | |
CN104661217A (en) | Authentication and key derivation method and system based on TD-LTE (time division-long term evolution) network | |
CN103369523B (en) | A kind of method improving cluster downlink safety | |
KR102245688B1 (en) | Key generation method, user equipment, apparatus, computer readable storage medium, and communication system | |
CN104247328B (en) | Data transmission method and device | |
CN102823280B (en) | Authenticate key generates to be disposed | |
CN102238484B (en) | Based on the authentication method of group and system in the communication system of Machine To Machine | |
US8666078B2 (en) | Method and system for generating cipher key during switching | |
EP2034658B1 (en) | Method and system for distributing key in wireless network | |
EP2854329B1 (en) | Method, system, and device for securely establishing wireless local area network | |
WO2019096075A1 (en) | Method and apparatus for message protection | |
CN104010276B (en) | A kind of group key tiered management approach, system and the terminal of broadband cluster system | |
EP2648437B1 (en) | Method, apparatus and system for key generation | |
CN103167492A (en) | Method and device for generating access layer secret key in communication system | |
US10320917B2 (en) | Key negotiation processing method and apparatus | |
CN103813272A (en) | Cluster group calling downlink transmission method | |
CN102892114A (en) | Method and device for checking equipment validity | |
CN101938743B (en) | Generation method and device of safe keys | |
CN101741551A (en) | Method, network equipment, user equipment and communication system for ensuring forward security | |
CN112995993A (en) | Wireless network switching method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150527 |