CN106534050A - Method and device for realizing key agreement of virtual private network (VPN) - Google Patents

Method and device for realizing key agreement of virtual private network (VPN) Download PDF

Info

Publication number
CN106534050A
CN106534050A CN201510579550.8A CN201510579550A CN106534050A CN 106534050 A CN106534050 A CN 106534050A CN 201510579550 A CN201510579550 A CN 201510579550A CN 106534050 A CN106534050 A CN 106534050A
Authority
CN
China
Prior art keywords
key
terminal
tid
vpn
bsf
Prior art date
Application number
CN201510579550.8A
Other languages
Chinese (zh)
Inventor
黄鸣
黄一鸣
郦荣
罗红
路晓明
Original Assignee
中移(杭州)信息技术有限公司
中国移动通信集团公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中移(杭州)信息技术有限公司, 中国移动通信集团公司 filed Critical 中移(杭州)信息技术有限公司
Priority to CN201510579550.8A priority Critical patent/CN106534050A/en
Publication of CN106534050A publication Critical patent/CN106534050A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0847Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes

Abstract

The invention discloses a method and a device for realizing key agreement of a virtual private network (VPN). The method comprises the following steps: if a root key is already stored in a terminal when the terminal needs to initiate a VPN server connection, determining a first shared key according to the root key, a B-TID (Bootstrapping Transaction Identifier) of the terminal and NAF_id of a VPN server, and transmitting the determined first shared key and the B-TID to the VPN server; and if an authentication success response from the VPN server is received, determining that key agreement is finished. In the method, the shared key is taken as a session key between a client and the server, and the first shared key is generated according to the stored root key, the B-TID of the terminal and the NAF_id of the VPN server, so that a repeated flow of re-agreement needed during each authentication in an existing VPN is omitted; an extremely high generation speed is achieved; key agreement delay is lowered; system resource consumption is lowered; and the user experience of the VPN is optimized.

Description

A kind of method and apparatus for realizing VPN (virtual private network) key agreement

Technical field

A kind of the present invention relates to communication technical field, more particularly to side for realizing VPN (virtual private network) key agreement Method and device.

Background technology

VPN (virtual private network) (VPN, Virtual Private Network), its function is built on community network Vertical dedicated network, is encrypted communication.Have a wide range of applications in enterprise network.Vpn gateway passes through Remote access is realized in the conversion of encryption and packet destination address to packet.VPN has various mode classifications, Multiprotocol label conversion Virtual Private Network (MPLS VPN, Multiprotocol Label can be divided into by protocol mode Switching VPN), safe socket layer virtual private network (SSL VPN, Security Socket Layer VPN), IP agreement safeguard construction Virtual Private Network (IPSec VPN, Security Architecture for IP Network VPN), server, hardware, software etc. can be divided into by implementation.VPN has low cost, and is easy to The characteristics of use.In all VPN technologies, SSL VPN are to solve remote user access company sensitive data Most simple safest solution technology.SSL VPN are based on ripe ssl protocol, soft without the need for private client Part is supported, carries out authentication using public key certificate between a client and a server, and then it is double to consult generation The symmetric key of square coded communication, it is ensured that the safety of data transfer.

But SSL VPN there are still certain deficiency in application deployment:

First, enterprise SSL VPN generally require employee and carry out body first by the user name password for having distributed Part certification, certification can carry out the negotiation configuration of VPN after passing through, be finally completed the foundation of escape way, Authentication mode based on user name password just brings inconvenience to employee first, and the employee being lacking in responsibility may In order to easy to use, a simple password can be set, this just reveals for company information and brings greatly peace Full hidden danger;

Secondly, existing SSL VPN certifications carry out the mode of key agreement, client and clothes based on public key certificate Need to consult through repeatedly interaction between business device, ultimately generate the shared key of transmission protection, this process is non- It is often time-consuming, and after the connections of VPN each time, be again coupled to remain a need for renegotiating, expend substantial amounts of system System resource, if preserving a prolonged shared key, can be carried out using the key within a period VPN connects, then be more easy to go wrong, and is that server needs to preserve shared key for each user first, increases Add maintenance cost, while in end side, as key can only be stored in application layer, easily by terminal Rogue program is stolen, and causes Key Exposure, therefore SSL VPN usage history keys to be absolutely unsafe;

Finally, in order to pursue negotiation speed, the key agreement in SSL VPN certifications is often used unidirectionally Authentication, i.e., only server possesses public key certificate, only needs to client certificate server, and service during negotiation Device does not need Authentication Client, and compared to bi-directional authentification, this also brings opportunity to attacker.

In sum, existing SSL VPN certifications are not only made because authenticating using user name pin mode Into in-convenience in use, and be easily caused the leakage of confidential information, be absolutely unsafe;Additionally, consulting shared close Need every time to renegotiate during key and shared key need to can be generated through multiple interaction, also not only take simultaneously Cause the waste of system resource.

The content of the invention

The embodiment of the present invention provides a kind of method and apparatus for realizing VPN (virtual private network) key agreement, to solve Certainly in prior art, SSL VPN authentication securities are low, the time is long and wastes the problem of system resource.

A kind of method for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, including:

Terminal is after needing to initiate the connection of VPN (virtual private network) vpn server, if to have stored root close for the terminal Key, then according to root key, terminal guiding mark (B-TID, Bootstrapping Transaction Identifier) and vpn server network application mark (NAF_id, Network Application Function Identifier) determine the first shared key, and by the first shared key for determining and the B-TID It is sent to vpn server;

If receiving the certification success response from vpn server, it is determined that complete key agreement.

Optionally, terminal also includes after needing to initiate vpn server connection:

If the non-storage root key of the terminal, terminal consults to determine that root is close with authentication service function BSF network element Key and B-TID, and perform the step of determining the first shared key.

Optionally, the terminal consults to determine root key and B-TID with BSF network elements, specifically includes:

The terminal sends ID to BSF network elements;

The terminal verified according to the random number and certification mark from the BSF network elements that receive, and Encryption key, Integrity Key and authorization data response RES is determined after being verified;

The terminal is responded to BSF network elements according to authorization data and asks certification, and after certification passes through, is received From the B-TID of the terminal of the BSF network elements, and determined according to encryption key and Integrity Key Root key.

A kind of method for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, including:

B-TID and the NAF_id of vpn server of the BSF network elements in the terminal for receiving vpn server transmission Afterwards, according to the B-TID and the binding relationship of root key, the corresponding root keys of the B-TID are determined;

The BSF network elements determine second according to the B-TID, the NAF_id and the root key Shared key;

The second shared key for determining is back to vpn server by the BSF network elements, so that VPN services Device is authenticated to the terminal according to second shared key for receiving.

Optionally, the BSF sets up the binding relationship of B-TID and root key according to following manner:

The ID that the BSF network elements are sent according to the terminal for receiving, obtains authentication five-tuple from network side Ciphering Key;

Random number in the authentication five-tuple Ciphering Key is sent to end with certification mark by the BSF network elements End;

The BSF network elements are being received after the authorization data response of the terminal, authenticate five yuan by described Encryption key, Integrity Key and response expected value XRES in group Ciphering Key is recognized to terminal Card, and after certification passes through, the B-TID of root key and terminal is determined according to encryption key and Integrity Key, And set up the binding relationship of B-TID and root key.

Optionally, after the BSF determines root key and B-TID according to encryption key and Integrity Key, Also include:

The B-TID is sent to the terminal by the BSF.

A kind of method for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, including:

The first shared key and B-TID that vpn server receiving terminal sends, and B-TID and VPN is taken The NAF_id of business device is sent to BSF network elements;

The vpn server receives the second shared key that BSF network elements are returned;

First shared key and the second shared key are compared by the vpn server;

If first shared key is identical with the second shared key, to the terminal return authentication success Response.

A kind of terminal for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, including:

First determining module, for after needing to initiate the connection of VPN (virtual private network) vpn server, if deposit Storage root key, then according to root key, terminal guiding mark (B-TID, Bootstrapping Transaction Identifier) and vpn server network application mark (NAF_id, Network Application Function Identifier) determine the first shared key, and by the first shared key for determining and the B-TID It is sent to vpn server;

First receiver module, if for receiving the certification success response from vpn server, it is determined that complete Into key agreement.

Optionally, first determining module is additionally operable to:

After needing to initiate vpn server connection, if non-storage root key, with authentication service function BSF Network element is consulted to determine root key and B-TID, and performs the step of generating the first shared key.

Optionally, first determining module is additionally operable to:

Consult to determine root key and B-TID with BSF network elements, ID is sent to BSF network elements;According to receipts The random number and certification mark from BSF network elements for arriving, is verified, and determines encryption after being verified Key, Integrity Key and authorization data response RES;Responded to BSF network elements according to authorization data and asked Certification, and after certification passes through, receive the B-TID, Yi Jigen of the terminal from the BSF network elements Root key is determined according to encryption key and Integrity Key.

A kind of BSF network elements for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, including:

Enquiry module, in terminal B-TID and vpn server for receiving vpn server transmission After NAF_id, according to the B-TID and the binding relationship of root key, determine that corresponding of the B-TID is close Key;

Second determining module, for according to the B-TID, the NAF_id and the root key, it is determined that Second shared key;

Sending module, for the second shared key for determining is back to vpn server, so that VPN clothes Business device is authenticated to the terminal according to second shared key for receiving.

Optionally, the enquiry module specifically for:

The binding relationship of B-TID and root key is set up according to following manner:According to the use that the terminal for receiving sends Family identifies, and obtains authentication five-tuple Ciphering Key from network side;By in the authentication five-tuple Ciphering Key Random number is sent to terminal with authentication information;Receiving after the authorization data response of the terminal, passing through Encryption key, Integrity Key and response expected value XRES in the authentication five-tuple Ciphering Key Terminal is authenticated, and after certification passes through, according to encryption key and Integrity Key determine root key and The B-TID of terminal, and set up the binding relationship of B-TID and root key.

Optionally, the sending module specifically for:

After determining root key and B-TID according to encryption key and Integrity Key, the B-TID is sent To the terminal.

A kind of vpn server for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, including:

Transceiver module, the first shared key sent for receiving terminal and B-TID, and by B-TID and VPN The NAF_id of server is sent to BSF network elements;

Second receiver module, for receiving the second shared key of BSF network elements return;

Comparison module, for first shared key and the second shared key are compared;

Processing module, if identical with the second shared key for first shared key, to the end End return authentication success response.

In the embodiment of the present invention, terminal need initiate vpn server connection after, if the terminal is stored Root key, then determine according to the NAF_id of root key, the B-TID of the terminal and vpn server One shared key, and the first shared key for determining and the B-TID are sent to into vpn server;If connecing Receive the certification success response from vpn server, it is determined that complete key agreement.Relative to existing SSL VPN certifications are consulted, the method for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, will altogether Key is enjoyed as the session key between client and server, and according to the root key, terminal for having stored The NAF_id of B-TID and vpn server generates the first shared key, eliminates in existing VPN every time Certification is required for the repetition flow process for renegotiating, therefore its formation speed to be exceedingly fast, and reduces key agreement delay, System resources consumption is reduced, the experience of VPN is optimized;

Description of the drawings

For the technical scheme being illustrated more clearly that in the embodiment of the present invention, below will be to institute in embodiment description The accompanying drawing that needs are used is briefly introduced, it should be apparent that, drawings in the following description are only the present invention's Some embodiments, for one of ordinary skill in the art, in the premise for not paying creative labor Under, can be with according to these other accompanying drawings of accompanying drawings acquisition.

Fig. 1 is one of method flow diagram for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention;

Fig. 2 is the two of the method flow diagram for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention;

Fig. 3 is the schematic flow sheet for realizing that VPN (virtual private network) root key is consulted provided in an embodiment of the present invention;

Fig. 4 is the three of the method flow diagram for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention;

Fig. 5 is the schematic flow sheet for realizing that VPN (virtual private network) shared key is consulted provided in an embodiment of the present invention;

Fig. 6 is the exemplary plot for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention;

Fig. 7 is the key agreement frame for realizing single APP and multiple vpn servers provided in an embodiment of the present invention Composition;

Fig. 8 is the terminal flow chart for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention;

Fig. 9 is the BSF network element flow charts for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention;

Figure 10 is the vpn server stream for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention Cheng Tu.

Specific embodiment

In order that the object, technical solutions and advantages of the present invention are clearer, below in conjunction with accompanying drawing to this It is bright to be described in further detail, it is clear that described embodiment is only a part of embodiment of the invention, Rather than the embodiment of whole.Based on the embodiment in the present invention, those of ordinary skill in the art are not doing The all other embodiment obtained under the premise of going out creative work, belongs to the scope of protection of the invention.

The embodiment of the present invention is described in further detail with reference to Figure of description.

The method for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, can apply to terminal, As shown in figure 1, specifically including following steps:

Step 101, terminal after needing to initiate vpn server connection, if terminal storage root key, Then determine that first is shared close according to the NAF_id of root key, the B-TID of the terminal and vpn server Key, and the first shared key for determining and the B-TID are sent to into vpn server;

Step 102, if receive the certification success response from vpn server, it is determined that completes key association Business.

Optionally, in above-mentioned steps 101, the special APP of VPN are installed in terminal, APP can be used to realize eventually Interaction between end and vpn server.Terminal is checked and is worked as when initiating to need the vpn server of connection Whether front storage root key (Ks, Keystore), according to root key Ks, the terminal if storing The NAF_id of B-TID and vpn server determines the first shared key (Ks_NAF1, Keystore _ Network Application Function), and the first shared key Ks_NAF1 and described that will be determined B-TID is sent to vpn server.

Specifically, NAF_id of the terminal according to root key Ks, the B-TID of the terminal and vpn server Determine the first shared key, and specially Ks_NAF1=KDF (Ks, " gba-me ", RAND, IMPI, NAP_ID), wherein, KDF is key bootstrap algorithm (KDF, KeyDerivationFunction), RAND For consulting the random number (RAND, Random Number) that BSF is generated during Ks, IMPI is the IP of terminal The privately owned mark of multimedia (IMPI, IP Multimedia Private Identity), NAF_ID are the networks of business Application identities.

Optionally, terminal is when vpn server is sent to by the first shared key and the B-TID, can be with By being encrypted to the first shared key, and by encryption after the first shared key, the B-TID of the terminal Send jointly to vpn server.Such as terminal generates certification random number rand, and uses the first shared key Random number ciphertext encrand is generated after encryption, and rand, encrand and B-TID are sent to into VPN services Device.

In a step 101, the terminal need initiate vpn server connection after, if the terminal is not deposited Root key Ks is stored up, then terminal and authentication service function (BSF, Bootstrapping Server Function) net Unit consults to determine root key Ks and B-TID, and performs the step of generating the first shared key.

Specifically, the terminal consults to determine root key Ks and B-TID with BSF network elements, including:

Terminal sends ID to BSF network elements;According to the random parameter RAND from BSF network elements for receiving Verified by authentication arithmetic with certification mark (AUTN, Authentication Token), and it is logical in checking Later determine encryption key (CK, Cipher Key), Integrity Key (IK, Integrity Key) and Authorization data responds (RES, Response);RES is responded according to authorization data certification is asked to BSF network elements, And after certification passes through, B-TID of the reception from the terminal of the BSF network elements, and according to encryption Ciphering key K and Integrity Key IK determine root key Ks.Optionally, ID can be IP multimedias Privately owned mark (IMPI, IP Multimedia Private Identity), can also be IMSI International Mobile Subscriber Identity (IMSI, International Mobile Subscriber Identity).

Further, terminal is after consulting to determine root key and B-TID with BSF network elements, performs and generates the The step of one shared key.

Wherein, root key Ks is the shared key that a class can store and can arrange effect duration, before the deadline may be used Reuse, Ks completes initialization after client with the negotiation of BSF network elements, is just stored in SIM afterwards And in BSF, possess very high storage security.

If root key exceeds effect duration, re-start root key and consult flow process, set up new B-TID and root The binding relationship of key.

Further, terminal is determining the first shared key by step 101, and first shares what is determined After key and the B-TID are sent to vpn server, the certification success from vpn server is received Response, it is determined that complete key agreement.

In the method for VPN certifications provided in an embodiment of the present invention and key agreement, by the negotiation of root key And the shared key of generation is extended on root key, realizing needs again every time to traditional SSL VPN The process optimization of negotiating about cipher key shared, and in being stored in terminal and BSF due to root key, possesses very high depositing Storage safety, substantially increases safety and the performance of VPN.

The method for realizing the certification of VPN (virtual private network) VPN and key agreement provided in an embodiment of the present invention, can be with BSF network elements are applied to, as shown in Fig. 2 specifically including following steps:

Step 201, B-TID and VPN service of the BSF network elements in the terminal for receiving vpn server transmission After the NAF_id of device, according to the B-TID and the binding relationship of root key, the B-TID correspondences are determined Root key;

Step 202, the BSF network elements according to the B-TID, the NAF_id and the root key, Determine the second shared key;

The second shared key for determining is back to vpn server by step 203, the BSF network elements, so that Vpn server is authenticated to the terminal according to second shared key for receiving.

Specifically, in execution step 201, BSF network elements set up B-TID and root key according to following manner Binding relationship:

The ID that the BSF network elements are sent according to the terminal for receiving, obtains authentication five-tuple from network side Ciphering Key;

Random number in the authentication five-tuple Ciphering Key is sent to end with authentication information by the BSF network elements End;

The BSF network elements are being received after the authorization data response of the terminal, authenticate five yuan by described Encryption key, Integrity Key and response expected value (XRES, Expected in group Ciphering Key Response) terminal is authenticated, and after certification passes through, is determined according to encryption key and Integrity Key The B-TID of root key and terminal, and set up the binding relationship of B-TID and root key.

Optionally, the ID that the BSF network elements are sent according to the terminal for receiving, obtains from network side and reflects Power five-tuple Ciphering Key, specially:BSF network elements are to home signature user server (HSS, Home Subscriber Server) obtain authentication five-tuple Ciphering Key corresponding to the ID, HSS according to ID returns authentication five-tuple Ciphering Key AV=RAND | | AUTN | | XRES | | CK | | IK, wherein RAND is random number, it is ensured that the Ks for consulting every time is different, and AUTN is certification mark, needs terminal to enter Row checking, XRES are used for the authentication information authentication that terminal is returned, and CK and IK is used for generating Ks.

Optionally, RAND and AUTN is returned after the Ciphering Key AV for receiving HSS by BSF network elements To terminal, it is desirable to which terminal-pair BSF network element is authenticated, it is local that XRES, CK, IK information is stored in BSF.

Optionally, BSF network elements receive from the terminal authorization data response after, by preserve CK, IK, XRES are authenticated to terminal, and after certification passes through, calculate root key Ks=CK | | IK, while producing The value of raw B-TID, B-TID=base64encode (RAND)@BSF_servers_domain_name.

Further, after BSF network elements determine root key Ks and B-TID according to CK and IK, will be described B-TID is sent to the terminal.

After execution step 201, BSF network elements are according to the B-TID, the NAF_id and described Key, determines the second shared key Ks_NAF2.

Specifically, BSF network elements determine according to the B-TID, the NAF_id and the root key Two shared keys Ks_NAF2, specially Ks_NAF2=KDF (Ks, " gba-me ", RAND, IMPI, NAP_ID), wherein, KDF is key bootstrap algorithm (KDF, KeyDerivationFunction), RAND For consulting the random number (RAND, Random Number) that BSF is generated during Ks, IMPI is the IP of terminal The privately owned mark of multimedia (IMPI, IP Multimedia Private Identity), NAF_ID are the networks of business Application identities.

In step 203, the second shared key determined through step 202 is back to VPN by BSF network elements Server, so that vpn server is authenticated to the terminal according to second shared key for receiving.

The above-mentioned method for realizing the certification of VPN (virtual private network) VPN and key agreement provided in an embodiment of the present invention, The authentication mode of five-tuple is authenticated based on terminal SIM and network side, instead of traditional SSL VPN needs to use The certification system authenticated by user name pin mode, causes confidential information to leak password cracking is eliminated, On the basis of lift system safety, participation of the user in verification process is reduced, VPN is greatly optimized Identifying procedure, additionally, in the case where there is root key Ks, authenticating user identification is assisted with shared key Business is completed during once consulting, and is simplified certification and is consulted flow process, big in the case where safety is ensured Improve greatly VPN certification negotiation efficiencies.

A specific embodiment is lifted with reference to Fig. 3, introduces how technical scheme realizes virtual private The negotiation of network root key Ks.

As shown in figure 3, terminal unit (UE, User Equipment) carries user profile IMPI to BSF Initiate initialization requests;After BSF receives the request of UE, the user's letter corresponding to the IMPI is obtained to HSS Breath, HSS return authentication five-tuple Ciphering Key AV=RAND | | AUTH | | XRES | | CK | | IK according to IMPI, Wherein RAND is random number, it is ensured that the Ks for consulting every time is different, and AUTH is authentication information, is needed UE is verified that XRES is used for the authentication information authentication that UE is returned, and CK and IK is used for generating Ks; BSF receives the Ciphering Key AV of HSS, RAND and AUTN is back to UE, it is desirable to which UE is to BSF It is authenticated, it is local that XRES, CK, IK information is stored in BSF;UE receives RAND and AUTH, AUTN is verified by authentication arithmetic, this message is confirmed from the network for authorizing, while calculating CK, IK And RES.Now CK and IK is all saved in BSF and UE;UE is calculated response using RES And it is sent to BSF request certifications;By CK, IK, XRES for preserving, BSF verifies that response's is correct Property, root key Ks=CK is calculated if correct | | IK, while the value of B-TID is produced, B-TID=base64encode (RAND)@BSF_servers_domain_name;BSF sends certification and successfully rings Answer and B-TID is to UE, and inform the effect duration of Ks.After UE receives success message, equally using CK | | IK Ks is calculated, now UE and BSF save root key Ks, Ks initialization completes, consults to terminate.

The method for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, can apply to service Device side, as shown in figure 4, specifically include following steps:

Step 401, the first shared key and B-TID that vpn server receiving terminal sends, and by B-TID BSF network elements are sent to the NAF_id of vpn server;

Step 402, the vpn server receive the second shared key that BSF network elements are returned;

First shared key and the second shared key are compared by step 403, the vpn server;

Step 404, if first shared key is identical with the second shared key, returns to the terminal Certification success response.

Specifically, vpn server receive BSF network elements return the second shared key when, with this second Shared key verifies the first shared key, if the content for decrypting is consistent, certification success.Such as VPN takes Business device receives the rand (terminal generates certification random number) of terminal transmission, and encrand is (shared close using first Generate after key encryption) and B-TID, when BSF network elements return the second shared key, vpn server root Encrand, if the content for decrypting is consistent with rand, certification success are verified according to the second shared key.

A specific embodiment is lifted with reference to Fig. 5, introduces how technical scheme realizes virtual private The negotiation of network share key.

As shown in figure 5, UE selects the vpn server for wanting to connect, APP to send to UE on APP By the NAF_id of election server and apply for shared key;Whether UE checks current storage root key Ks, if Exist and Ks_naf is generated with the NAF_id for receiving according to equipment B-TID then, according to Fig. 5 if not existing In Ks initialization flow process and BSF consult Ks, regenerate the first shared key Ks_naf1;UE will be generated Ks_naf1 and B-TID be sent to APP;APP generates certification random number rand, and uses Ks_naf1 Encrand is generated after encryption, rand, encrand, B-TID is sent jointly to into vpn server request and is recognized Demonstrate,prove and require that server also generates shared key;Vpn server receive request after, by B-TID and its NAF_id is sent to BSF, and BSF similarly generates Ks_naf2 according to Ks, B-TID and NAF_id, and leads to Cross escape way and be back to vpn server;Vpn server is verified according to the Ks_naf2 that BSF is returned Encrand, if the content for decrypting is consistent with rand, certification success returns APP certification success responses; APP receives certification success response, and now APP and vpn server have all possessed shared key Ks_naf, Key agreement success, you can securely communicate.VPN certifications and key agreement flow process terminate.

With reference to the scene of Fig. 6 preferably to discuss the process that implements in the embodiment of the present invention, Fig. 6 It is a scene example, it is clear that technical scheme may apply to any scene of VPN key agreements Under.

As shown in fig. 6, common authentication mechanism (GBA, General Bootstrapping Architecture) is fixed A kind of universal key negotiation mechanism between terminal and server of justice, can be seen that from its framework model Concrete network element includes:

UE is the general name of terminal unit and SIM, refers to the shifting of mobile phone and pluggable SIM in the present invention Dynamic terminal, can be used to consult to determine root key Ks with BSF network elements, and determines the first shared key based on Ks.

Application server (NAF, Network Application Function), realizes the service logic work(of application Can, business service is provided for terminal after the certification of complete paired terminal, refer to enterprise VPN in the present invention Server, the first shared key and the second of the BSF network elements return of reception that the UE for receiving sends Shared key is compared, if first shared key is identical with the second shared key, returns to UE Certification success response, you can securely communicate with terminal.

BSF is core network element, and BSF and UE is by authentication and key agreement (AKA, Authentication and Key Agreement) protocol realization certification, and negotiate the session for being used subsequently to communicate between UE and NAF Key, BSF can set the effect duration of key according to local policy, in the present invention as BSF and UE Consult to determine root key Ks, and the second shared key is determined based on Ks.

HSS stores the authorization data in terminal (U) SIM, in the present invention HSS according to ID to BSF returns authentication five-tuple Ciphering Key, so that BSF is authenticated to UE.

Reference point between each network element includes:

Ub is used for interacting and consulting the interface of root key (Ks, Root Key) between UE and BSF Initialize in common authentication mechanism flow process, subsequent operation depends on Ks to carry out.

Zh is the interface that BSF obtains client authentication information on HSS, for BSF authentication client bodies Part simultaneously generates root key Ks.

Zn is the interface interacted between NAF and BSF, and NAF is by the interface to BSF authentication users Identity simultaneously obtains extension shared key (Ks_naf, Extended Shared Key).In the present invention, VPN Server obtains the shared key consistent with client by the interface at BSF.

Ua consults interface for extension shared key Ks_naf between UE and NAF, is transmitted by the interface The generation parameter of Ks_naf, completes the generation of Ks_naf.

Optionally, as shown in fig. 7, formation characteristic based on shared key, be also capable of achieving single APP with it is many The quick authentication of individual vpn server and shared key are consulted, and are greatly expanded with more effective technique and are System framework, optimizes the using effect of VPN.

Based on identical technology design, the embodiment of the present invention also provides one kind and realizes that VPN (virtual private network) key is assisted The device of business, the executable said method embodiment of the device, due to the device solve problem principle with it is aforementioned A kind of method for realizing VPN (virtual private network) key agreement is similar, therefore the enforcement of the device may refer to method Enforcement, repeat part repeat no more.

A kind of terminal for realizing VPN (virtual private network) key agreement provided in an embodiment of the present invention, as shown in figure 8, Including:

First determining module 801, for after needing to initiate the connection of VPN (virtual private network) vpn server, if Storage root key, then identify the net of B-TID and vpn server according to root key, terminal guiding Network application identities NAF_id determine the first shared key, and by the first shared key for determining and the B-TID It is sent to vpn server;

First receiver module 802, if for receiving the certification success response from vpn server, really Surely complete key agreement.

Optionally, first determining module 801 is additionally operable to:

After needing to initiate vpn server connection, if non-storage root key, with authentication service function BSF Network element is consulted to determine root key and B-TID, and performs the step of generating the first shared key.

Optionally, first determining module 801 is additionally operable to:

Consult to determine root key and B-TID with BSF network elements, ID is sent to BSF network elements;According to receipts The random number and certification mark from BSF network elements for arriving, is verified, and determines encryption after being verified Key, Integrity Key and authorization data response RES;Responded to BSF network elements according to authorization data and asked Certification, and after certification passes through, receive the B-TID, Yi Jigen of the terminal from the BSF network elements Root key is determined according to encryption key and Integrity Key.

The embodiment of the present invention additionally provides a kind of BSF network elements for realizing VPN (virtual private network) key agreement, such as schemes Shown in 9, including:

Enquiry module 901, in terminal B-TID and vpn server for receiving vpn server transmission After NAF_id, according to the B-TID and the binding relationship of root key, determine that corresponding of the B-TID is close Key;

Second determining module 902, for according to the B-TID, the NAF_id and the root key, Determine the second shared key;

Sending module 903, for the second shared key for determining is back to vpn server, so that VPN Server is authenticated to the terminal according to second shared key for receiving.

Optionally, the enquiry module 901 specifically for:

The binding relationship of B-TID and root key is set up according to following manner:According to the use that the terminal for receiving sends Family identifies, and obtains authentication five-tuple Ciphering Key from network side;By in the authentication five-tuple Ciphering Key Random number is sent to terminal with authentication information;Receiving after the authorization data response of the terminal, passing through Encryption key, Integrity Key and response expected value XRES in the authentication five-tuple Ciphering Key Terminal is authenticated, and after certification passes through, according to encryption key and Integrity Key determine root key and The B-TID of terminal, and set up the binding relationship of B-TID and root key.

Optionally, the sending module 903 specifically for:

After determining root key and B-TID according to encryption key and Integrity Key, the B-TID is sent To the terminal.

The embodiment of the present invention additionally provides a kind of vpn server for realizing VPN (virtual private network) key agreement, such as Shown in Figure 10, including:

Transceiver module 1001, the first shared key sent for receiving terminal and B-TID, and by B-TID BSF network elements are sent to the NAF_id of vpn server;

Second receiver module 1002, for receiving the second shared key of BSF network elements return;

Comparison module 1003, for first shared key and the second shared key are compared;

Processing module 1004, if identical with the second shared key for first shared key, to institute State terminal return authentication success response.

Those skilled in the art are it should be appreciated that embodiments herein can be provided as method or computer journey Sequence product.Therefore, the application can adopt complete hardware embodiment, complete software embodiment or combine software With the form of the embodiment of hardware aspect.And, the application can wherein include meter using at one or more Calculation machine usable program code computer-usable storage medium (including but not limited to disk memory, CD-ROM, optical memory etc.) on the form of computer program implemented.

The present invention is with reference to method according to embodiments of the present invention, equipment (system), and computer program Flow chart and/or block diagram describing.It should be understood that can by computer program instructions flowchart and/ Or each flow process in block diagram and/or square frame and flow chart and/or the flow process in block diagram and/or The combination of square frame.These computer program instructions can be provided to general purpose computer, special-purpose computer, embedded The processor of datatron or other programmable data processing devices is producing a machine so that by computer Or the instruction of the computing device of other programmable data processing devices is produced for realizing in one stream of flow chart The device of the function of specifying in journey or one square frame of multiple flow processs and/or block diagram or multiple square frames.

These computer program instructions may be alternatively stored in and can guide computer or other programmable data processing devices In the computer-readable memory for working in a specific way so that be stored in the computer-readable memory Instruction produces the manufacture for including command device, and the command device is realized in one flow process of flow chart or multiple streams The function of specifying in one square frame of journey and/or block diagram or multiple square frames.

These computer program instructions can be also loaded in computer or other programmable data processing devices, made Obtain series of operation steps is performed on computer or other programmable devices to produce computer implemented place Reason, so as to the instruction performed on computer or other programmable devices is provided for realizing in flow chart one The step of function of specifying in flow process or one square frame of multiple flow processs and/or block diagram or multiple square frames.

, but those skilled in the art once know base although preferred embodiments of the present invention have been described This creative concept, then can make other change and modification to these embodiments.So, appended right will Ask and be intended to be construed to include preferred embodiment and fall into the had altered of the scope of the invention and change.

Obviously, those skilled in the art can carry out various changes and modification without deviating from this to the present invention Bright spirit and scope.So, if the present invention these modification and modification belong to the claims in the present invention and Within the scope of its equivalent technologies, then the present invention is also intended to comprising these changes and modification.

Claims (14)

1. a kind of method for realizing VPN (virtual private network) key agreement, it is characterised in that the method includes:
Terminal is after needing to initiate the connection of VPN (virtual private network) vpn server, if to have stored root close for the terminal Key, then identify according to the network application of root key, terminal guiding mark B-TID and vpn server NAF_id determines the first shared key, and the first shared key for determining and the B-TID are sent to VPN Server;
If receiving the certification success response from vpn server, it is determined that complete key agreement.
2. method according to claim 1, it is characterised in that the terminal is needing to initiate VPN After server connection, also include:
If the non-storage root key of the terminal, terminal consults to determine that root is close with authentication service function BSF network element Key and B-TID, and perform the step of generating the first shared key.
3. method according to claim 2, it is characterised in that the terminal consults true with BSF network elements Determine root key and B-TID, specifically include:
The terminal sends ID to BSF network elements;
The terminal verified according to the random number and certification mark from the BSF network elements that receive, and Encryption key, Integrity Key and authorization data response RES is determined after being verified;
The terminal is responded to BSF network elements according to authorization data and asks certification, and after certification passes through, is received From the B-TID of the terminal of the BSF network elements, and determined according to encryption key and Integrity Key Root key.
4. a kind of method for realizing VPN (virtual private network) key agreement, it is characterised in that the method includes:
B-TID and the NAF_id of vpn server of the BSF network elements in the terminal for receiving vpn server transmission Afterwards, according to the B-TID and the binding relationship of root key, the corresponding root keys of the B-TID are determined;
The BSF network elements determine second according to the B-TID, the NAF_id and the root key Shared key;
The second shared key for determining is back to vpn server by the BSF network elements, so that VPN services Device is authenticated to the terminal according to second shared key for receiving.
5. method according to claim 4, it is characterised in that the BSF is set up according to following manner The binding relationship of B-TID and root key:
The ID that the BSF network elements are sent according to the terminal for receiving, obtains authentication five-tuple from network side Ciphering Key;
Random number in the authentication five-tuple Ciphering Key is sent to end with authentication information by the BSF network elements End;
The BSF network elements are being received after the authorization data response of the terminal, authenticate five yuan by described Encryption key, Integrity Key and response expected value XRES in group Ciphering Key is recognized to terminal Card, and after certification passes through, the B-TID of root key and terminal is determined according to encryption key and Integrity Key, And set up the binding relationship of B-TID and root key.
6. method according to claim 5, it is characterised in that the BSF is according to encryption key and complete After whole property key determines root key and B-TID, also include:
The B-TID is sent to the terminal by the BSF.
7. a kind of method for realizing VPN (virtual private network) key agreement, it is characterised in that the method includes:
The first shared key and B-TID that vpn server receiving terminal sends, and B-TID and VPN is taken The NAF_id of business device is sent to BSF network elements;
The vpn server receives the second shared key that BSF network elements are returned;
First shared key and the second shared key are compared by the vpn server;
If first shared key is identical with the second shared key, to the terminal return authentication success Response.
8. a kind of terminal for realizing VPN (virtual private network) key agreement, it is characterised in that include:
First determining module, for after needing to initiate the connection of VPN (virtual private network) vpn server, if deposit Storage root key, then should according to the network of root key, terminal guiding mark B-TID and vpn server The first shared key is determined with mark NAF_id, and the first shared key for determining and the B-TID are sent out Give vpn server;
First receiver module, if for receiving the certification success response from vpn server, it is determined that complete Into key agreement.
9. terminal according to claim 8, it is characterised in that first determining module is additionally operable to:
After needing to initiate vpn server connection, if non-storage root key, with authentication service function BSF Network element is consulted to determine root key and B-TID, and performs the step of generating the first shared key.
10. terminal according to claim 9, it is characterised in that first determining module is additionally operable to:
Consult to determine root key and B-TID with BSF network elements, ID is sent to BSF network elements;According to receipts The random number and certification mark from BSF network elements for arriving, is verified, and determines encryption after being verified Key, Integrity Key and authorization data response RES;Responded to BSF network elements according to authorization data and asked Certification, and after certification passes through, receive the B-TID, Yi Jigen of the terminal from the BSF network elements Root key is determined according to encryption key and Integrity Key.
11. a kind of BSF network elements for realizing VPN (virtual private network) key agreement, it is characterised in that include:
Enquiry module, in terminal B-TID and vpn server for receiving vpn server transmission After NAF_id, according to the B-TID and the binding relationship of root key, determine that corresponding of the B-TID is close Key;
Second determining module, for according to the B-TID, the NAF_id and the root key, it is determined that Second shared key;
Sending module, for the second shared key for determining is back to vpn server, so that VPN clothes Business device is authenticated to the terminal according to second shared key for receiving.
12. BSF network elements according to claim 11, it is characterised in that the enquiry module is specifically used In:
The binding relationship of B-TID and root key is set up according to following manner:According to the use that the terminal for receiving sends Family identifies, and obtains authentication five-tuple Ciphering Key from network side;By in the authentication five-tuple Ciphering Key Random number is sent to terminal with authentication information;Receiving after the authorization data response of the terminal, passing through Encryption key, Integrity Key and response expected value XRES in the authentication five-tuple Ciphering Key Terminal is authenticated, and after certification passes through, according to encryption key and Integrity Key determine root key and The B-TID of terminal, and set up the binding relationship of B-TID and root key.
13. BSF network elements according to claim 12, it is characterised in that the sending module is specifically used In:
After determining root key and B-TID according to encryption key and Integrity Key, the B-TID is sent To the terminal.
14. a kind of vpn servers for realizing VPN (virtual private network) key agreement, it is characterised in that include:
Transceiver module, the first shared key sent for receiving terminal and B-TID, and by B-TID and VPN The NAF_id of server is sent to BSF network elements;
Second receiver module, for receiving the second shared key of BSF network elements return;
Comparison module, for first shared key and the second shared key are compared;
Processing module, if identical with the second shared key for first shared key, to the end End return authentication success response.
CN201510579550.8A 2015-09-11 2015-09-11 Method and device for realizing key agreement of virtual private network (VPN) CN106534050A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510579550.8A CN106534050A (en) 2015-09-11 2015-09-11 Method and device for realizing key agreement of virtual private network (VPN)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510579550.8A CN106534050A (en) 2015-09-11 2015-09-11 Method and device for realizing key agreement of virtual private network (VPN)

Publications (1)

Publication Number Publication Date
CN106534050A true CN106534050A (en) 2017-03-22

Family

ID=58346704

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510579550.8A CN106534050A (en) 2015-09-11 2015-09-11 Method and device for realizing key agreement of virtual private network (VPN)

Country Status (1)

Country Link
CN (1) CN106534050A (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007022731A1 (en) * 2005-08-26 2007-03-01 Huawei Technologies Co., Ltd. Encryption key negotiation method, system and equipment in the enhanced universal verify frame
CN1929371A (en) * 2005-09-05 2007-03-14 华为技术有限公司 Method for negotiating key share between user and peripheral apparatus
CN101426190A (en) * 2007-11-01 2009-05-06 华为技术有限公司 Service access authentication method and system
CN101640607A (en) * 2009-04-13 2010-02-03 山石网科通信技术(北京)有限公司 Collocation method of virtual private network based on internet security protocol and system therefor
CN102065421A (en) * 2009-11-11 2011-05-18 中国移动通信集团公司 Method, device and system for updating key
US20110238972A1 (en) * 2005-02-04 2011-09-29 Qualcomm Incorporated Secure Bootstrapping for Wireless Communications
CN103414556A (en) * 2013-08-16 2013-11-27 成都卫士通信息产业股份有限公司 IKE key agreement strategy searching method
CN104660603A (en) * 2015-02-14 2015-05-27 山东量子科学技术研究院有限公司 Method and system for extended use of quantum keys in IPSec VPN (internet protocol security-virtual private network)

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110238972A1 (en) * 2005-02-04 2011-09-29 Qualcomm Incorporated Secure Bootstrapping for Wireless Communications
WO2007022731A1 (en) * 2005-08-26 2007-03-01 Huawei Technologies Co., Ltd. Encryption key negotiation method, system and equipment in the enhanced universal verify frame
CN1929371A (en) * 2005-09-05 2007-03-14 华为技术有限公司 Method for negotiating key share between user and peripheral apparatus
CN101426190A (en) * 2007-11-01 2009-05-06 华为技术有限公司 Service access authentication method and system
CN101640607A (en) * 2009-04-13 2010-02-03 山石网科通信技术(北京)有限公司 Collocation method of virtual private network based on internet security protocol and system therefor
CN102065421A (en) * 2009-11-11 2011-05-18 中国移动通信集团公司 Method, device and system for updating key
CN103414556A (en) * 2013-08-16 2013-11-27 成都卫士通信息产业股份有限公司 IKE key agreement strategy searching method
CN104660603A (en) * 2015-02-14 2015-05-27 山东量子科学技术研究院有限公司 Method and system for extended use of quantum keys in IPSec VPN (internet protocol security-virtual private network)

Similar Documents

Publication Publication Date Title
US7673146B2 (en) Methods and systems of remote authentication for computer networks
KR101062781B1 (en) Key Generation in Communication Systems
US7587598B2 (en) Interlayer fast authentication or re-authentication for network communication
CA2546553C (en) System and method for provisioning and authenticating via a network
JP5613324B2 (en) Secure registration of a group of clients using a single registration procedure
TWI293844B (en) A system and method for performing application layer service authentication and providing secure access to an application server
EP1540878B1 (en) Linked authentication protocols
DE102006038591B4 (en) Method and device for providing a wireless mesh network
ES2584862T3 (en) Authentication in data communication
ES2367986T3 (en) A procedure for the access of the mobile terminal to the wlan network and for the communication of data through the wireless connection in a safe way.
US8589675B2 (en) WLAN authentication method by a subscriber identifier sent by a WLAN terminal
EP1997292B1 (en) Establishing communications
KR20100103721A (en) Method and system for mutual authentication of nodes in a wireless communication network
US8886935B2 (en) Key management device, system and method having a rekey mechanism
Chen et al. Lightweight and provably secure user authentication with anonymity for the global mobility network
CN103597774B (en) The method and apparatus that machine to machine service is provided
CN101005359B (en) Method and device for realizing safety communication between terminal devices
RU2406251C2 (en) Method and device for establishing security association
CN1124759C (en) Safe access method of mobile terminal to radio local area network
CN1298194C (en) Radio LAN security access method based on roaming key exchange authentication protocol
EP2037621A1 (en) Method and device for deriving local interface key
AU2005204576A1 (en) Enabling stateless server-based pre-shared secrets
JP5144679B2 (en) User access management in communication networks
KR20080047503A (en) Method for distributing certificates in a communication system
ES2710666T3 (en) Procedure and apparatus to join multiple authentication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination