CN106714151A - Information transmission method - Google Patents
Information transmission method Download PDFInfo
- Publication number
- CN106714151A CN106714151A CN201710131682.3A CN201710131682A CN106714151A CN 106714151 A CN106714151 A CN 106714151A CN 201710131682 A CN201710131682 A CN 201710131682A CN 106714151 A CN106714151 A CN 106714151A
- Authority
- CN
- China
- Prior art keywords
- base station
- terminal
- information
- source base
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides an information transmission method which may comprise the following steps: a terminal encrypts a user identifier of the terminal by using a preset encryption key; the terminal sends the identifier of a source base station, the encrypted user identifier of the terminal and the information of the encryption key to a current base station, wherein the identifier of the source base station is used for determining the source base station by the current base station, and sending the information of the encryption key to the source base station; the information of the encryption key is used for allowing the source base station to determine a decryption key corresponding to the encryption key, and sending the decryption key to the current base station; and the decryption key is used for allowing the current base station to decrypt the encrypted user identifier of the terminal to acquire the user identifier of the terminal. According to the method provided by the invention, the user identifier transmitted by the terminal can be effectively prevented from being maliciously stolen, and communication security is ensured.
Description
Technical field
The present invention relates to the communication technology, more particularly to a kind of information transferring method.
Background technology
After terminal accessing mobile communication network, mobile management entity (Mobility Management Entity, MME) is needed
Authentication is carried out with the terminal consult (Authentication and Key Agreement, AKA) with key.
MME needs first to carry out authentication to the terminal during the AKA, and this needs terminal to send out the ID of terminal
The MME is delivered to, is used to so that the MME carries out authentication according to the ID of the terminal.At present, terminal can generally use bright
Literary mode sends to base station the ID of the terminal, then is sent to the MME by the base station.
However, clear-text way transmits the ID of the terminal, easily cause that the stolen hearer's malice of mark is stolen, so as to influence
Communication security.
The content of the invention
The present invention provides a kind of information transferring method, is maliciously stolen with the mark for being prevented effectively from terminal transmission, improves logical
Letter safety.
The present invention provides a kind of information transferring method, including:
Terminal is encrypted using default encryption key to the ID of the terminal;
The terminal to current base station send source base station mark, encryption after the terminal ID and it is described plus
The information of key;The mark of the source base station is used to cause that the current base station determines the source base station, and the encryption is close
The information of key is sent to the source base station;The information of the encryption key is used to cause that the source base station determines the encryption key
Corresponding decruption key, then sends to the current base station decruption key;The decruption key is used for so that described
Current base station to the encryption after the ID of the terminal be decrypted, obtain the ID of the terminal.
The present invention also provides a kind of information transferring method, including:
The ID of the terminal after mark, the encryption of the source base station that current base station receiving terminal sends and encryption are close
The information of key;
The current base station determines the source base station according to the mark of the source base station;
The current base station sends the information of the encryption key to the source base station;The information of the encryption key is used for
So that the source base station determines the corresponding decruption key of the encryption key;
The current base station receives the decruption key that the source base station sends;
The current base station according to the decruption key to the encryption after the ID of the terminal be decrypted,
Obtain the ID of the terminal.
The present invention also provides a kind of information transferring method, including:
Source base station receives the information of the encryption key that current base station sends;
The source base station determines the corresponding decruption key of the encryption key according to the information of the encryption key;
The source base station sends the decruption key to the current base station, and the decruption key is used for so that described current
Base station to encryption after the ID of the terminal be decrypted, obtain the ID of the terminal.
The information transferring method that the present invention is provided, can be marked using default encryption key by terminal to the user of the terminal
Knowledge is encrypted, and the ID and the encryption key of the terminal after mark, the encryption of source base station are sent to current base station
Information so that the current base station can determine the source base station according to the mark of the source base station, and the information of the encryption key is sent
To the source base station, the source base station can determine the corresponding decruption key of the encryption key according to the information of the encryption key, then will
The decruption key is sent to the current base station;The current base station can also be according to decruption key to the user of the terminal after the encryption
Mark is decrypted, and obtains the ID of the terminal.The method can be prevented effectively from the ID of the terminal transmission by malice
Steal, it is ensured that communication security.
Brief description of the drawings
Fig. 1 is the network architecture diagram of the applicable cordless communication network of the present invention;
A kind of flow chart of information transferring method that Fig. 2 is provided for the present invention;
The flow chart of another information transferring method that Fig. 3 is provided for the present invention;
A kind of structural representation of information carrying means that Fig. 4 is provided for the present invention;
The structural representation of another information carrying means that Fig. 5 is provided for the present invention;
The structural representation of another information carrying means that Fig. 6 is provided for the present invention;
A kind of structural representation of terminal that Fig. 7 is provided for the present invention;
A kind of structural representation of base station that Fig. 8 is provided for the present invention;
The structural representation of another base station that Fig. 9 is provided for the present invention.
Specific embodiment
The information transferring method that the following each embodiments of the present invention are provided, is applicable to based on terminal switching cell, that is,
Switch on its connection base station in the case of cordless communication network in.Terminal can be after suspension for some reason, again
In the case of access network, switch connected base station, another city or prominent is roamed into by a certain city such as after terminal closedown
Network signal etc. is detected again after right signal interruption.For example, terminal departs from access network again after network, such as network cannot be recognized
Card user identity, just needs terminal to resend user identity information such as the international mobile subscriber identity of the terminal
In the case of (International Mobile Subscriber Identification number, IMSI), just can perform
The information transferring method that following each embodiments are provided.
Fig. 1 is the network architecture diagram of the applicable cordless communication network of the present invention.As shown in figure 1, the cordless communication network can
Including:Home device 101, MME/ gateways (Serving-GateWay, S-GW) 102, source base station 103, current base station 104
And terminal 105.Wherein, home device 101 be alternatively referred to as attaching position register (Home Location Register, HLR),
Home Environment (Home Environment, HE) or home signature user server (Home Subscriber Server,
HSS) etc..Home device 101 is connected with MME/S-GW 102.MME/S-GW 102 is connected by S1 interfaces with source base station 103, also
It is connected with current base station 104 by S1 interfaces.Source base station 103 is connected by X2 interface with current base station 104.When terminal 105 from
Source base station 103 switches to current base station 104, and terminal 105 is connected between being easy to current base station 104 with communication link.Wherein, the end
The alternatively referred to as user equipment (User Equipment, UE) of end 105.
By performing the method that the following each embodiments of the present invention are provided, can effectively be kept away after terminal switches to current page
The mark for exempting from terminal transmission is maliciously stolen, and improves communication security.
Following combination multiple embodiments are illustrated.
A kind of flow chart of information transferring method that Fig. 2 is provided for the present invention.As shown in Fig. 2 the method may include:
S201, terminal are encrypted using default encryption key to the ID of the terminal.
The encryption key is the encryption key that source base station consults determination with the terminal.The encryption key is source base station and the end
Consult the encryption key nearest apart from current time for determining, that is, newest encryption key in end.This is stored with the terminal
The information such as encryption key, the holding time of the encryption key, the mark of the source base station.
Optionally, if the terminal preserves multiple keys for consulting determination with the source base station, this is nearest apart from current time
Encryption key can be holding time encryption key most long.When the holding time of each encryption key can be distance generation
Between preset time period, such as 24 hours.One holding time of encryption key is reached, then terminal can be carried out to an encryption key
Cleaning, such as deletes.
To save memory space, the terminal can only include an encryption key nearest apart from current time with source base station.
An encryption key is only preserved, original cipher key is deleted after new encryption key generation.Under normal circumstances, as long as updating new
Key can delete original cipher key.
If the time period apart from last time more new key exceedes preset time period, without new more new key, just will can protect
The encryption key deposited is deleted.That is, in the case, the retention time most long of the encryption key can be default for this
Time period, such as 24 hours.
Optionally, the ID of the terminal can include IMSI.
S202, terminal send ID and encryption of the terminal after the mark of source base station, encryption to current base station
The information of key.
The terminal can carry out cell searching under detection (DETECTED) state, where selecting the current base station
Cell is resident, and network connection is set up with the current base station.
Terminal does not directly transmit the user identity information of plaintext to current base station, but sends the use of the terminal after encryption
Family identifies, and to cause that current base station can finally obtain the ID of the terminal by decryption, the terminal is also to the current base station
Send the mark of the source base station and the information of the encryption key.
Corresponding, current base station can receive the ID of the terminal after mark, the encryption of the source base station from terminal
And the information of the encryption key.
Wherein, the information of the encryption key can include:Encryption key in itself, the corresponding index of the encryption key or mark
Knowledge information etc. at least one.
S203, current base station determine the source base station according to the mark of the source base station.
The current base station can be addressed according to the mark of the source base station as address, to determine the source base station.
S204, current base station send the information of the encryption key to source base station.
Corresponding, source base station can receive the information of the encryption key from current base station.
S205, source base station determine the corresponding decruption key of the encryption key according to the information of the encryption key.
The source base station can determine the encryption key according to the information of the encryption key, then determine that the encryption key is corresponding
Decruption key.The encryption key and the decruption key can be the key in rivest, shamir, adelman, the encryption key and the solution
Key two different keys each other.
S206, source base station send the decruption key to current base station.
The source base station can be it is determined that after the decruption key, directly send the decruption key to the current base station, also can be true
Accuracy after the fixed decruption key first to the decruption key verifies that then being sent to current base station after being verified should
Decruption key.
Corresponding, current base station can receive the decruption key from the source base station.
S207, current base station are decrypted according to the decruption key to the ID of the terminal after the encryption, obtain
The ID of the terminal.
The current base station can be it is determined that after the ID of the terminal, can carry out AKA streams according to the ID and MME
Journey, realizes the proof of identity to the terminal user.
In the information transferring method that the present invention is provided, terminal is using default encryption key to the ID of the terminal
It is encrypted, and the ID and the encryption key of the terminal after mark, the encryption of source base station is sent to current base station
Information so that the current base station can determine the source base station according to the mark of the source base station, by the information of the encryption key send to
The source base station, the source base station can determine the corresponding decruption key of the encryption key according to the information of the encryption key, then should
Decruption key is sent to the current base station;The current base station can also be marked according to decruption key to the user of the terminal after the encryption
Knowledge is decrypted, and obtains the ID of the terminal.The ID that the method can be prevented effectively from the terminal transmission is maliciously stolen
Take, it is ensured that communication security.
Also, in the information transfer, terminal is the ID of the terminal after encrypting to what current base station sent, and should add
The ID of the terminal after close only has source base station just with the decruption key decrypted is used to, even if the use of the terminal after encryption
Family identifies and the mark of the source base station is trapped, and listener-in or pseudo-base station cannot also obtain the plaintext user mark of user, it is ensured that
The security of subscriber identity information.The method that the present invention is provided can be realized in base station level, that is, access net side, it is not necessary to
Access Home Environment, it is ensured that the low time delay of accessing terminal to network, and avoid pseudo-base station from inveigling identification information, it is to avoid access pseudo-
Base station, ensure that the security of user profile to greatest extent.
Meanwhile, in the information transferring method, even if current base station is pseudo-base station, because pseudo-base station cannot be with legal source base station
Communicated, thus so as to cannot decruption key so that terminal can't blindly accept the signaling of pseudo-base station transmission, and be an attempt to
Other base stations are accessed, terminal is prevented effectively from and is accessed pseudo-base station, it is ensured that communication security.
Optionally, in method as implied above, terminal is marked using default encryption key to the user of the terminal in S201
Before knowledge is encrypted, the method may also include:
The terminal consults to determine the encryption key in the case where being connected with source base station foundation with the source base station.
The terminal may be in the source base station set up connection in the case of, with the source base station consult determine be used for the terminal with
After the source base station is disconnected, and in the case of being connected with the foundation of other base stations, the ID of the terminal is encrypted
Key.
The encryption key can be generated using physical layer cipher key technique, or using root key (KeNB) generation
's.It is of course also possible to be generated using other modes.The encryption key can be a key in asymmetric key, can
Think public key, or private key.
If the encryption key is to be generated using physical layer cipher key technique, then the method that the present invention is provided also may be such that attacks
The person of hitting is difficult to, or even cannot obtain and decode key.
Optionally, the method may also include:
The terminal according to default temporal information, with the source base station synchronized update encryption key.
After the terminal and the source base station are disconnected, the terminal preserves the nearest encryption after updating with the source base station
Key.In asymmetric key AES, encryption key and decruption key are usually different keys, to ensure ID
Security so that only source base station just have be used to the decruption key decrypted.
Certainly, after the terminal and the source base station are disconnected, the terminal also needs to preserve the information such as the mark of the source base station.
The deadline of the corresponding caching of mark of the source base station can be the connection of terminal disconnection and the current base station, and access it
His base station.That is, the connection with the current base station is disconnected in the terminal, and in the case of accessing other base stations, the terminal
The mark of the source base station of record can be removed, and the mark of the current base station will be recorded.Now, the current base station can be used as new
Source base station.
Also preserve the decruption key corresponding to the nearest encryption key after the renewal in the source base station side.
In the method, the terminal, constantly according to Preset Time information, consults to update the encryption key, effectively with the source base station
Ensure the freshness of key, communication security is then effectively ensured.
Optionally, end after mark, encryption of the terminal to current base station transmission source base station in S202 as implied above
Before the information of the ID at end and the encryption key, the method may also include:
Current base station sends identity request to the terminal.
The identity request can be ID request (UserIDRequest).
Optionally, terminal sends the end after mark, the encryption of source base station to current base station in the S202 as shown in up
The information of the ID at end and the encryption key, it may include:
The identity response that current base station receiving terminal sends, the identity response includes:After the mark of the source base station, the encryption
The terminal ID and the information of encryption key.
The identity response can be ID response (UserIDResponse).
Optionally, current base station may include to the information that source base station sends the encryption key in S204 as implied above:
Current base station to source base station send the encryption key information and the encryption after the terminal ID.
The current base station can send decoding request to source base station, and the decoding request may include the information of the encryption key and be somebody's turn to do
The ID of the terminal after encryption.
It is corresponding, the source base station from current base station receive the encryption key information and the encryption after the terminal user
Mark.
Optionally, before S206 source base stations as implied above send the decruption key to current base station, the method can also be wrapped
Include:
Source base station is decrypted according to decruption key to the ID of the terminal after the encryption.
Optionally, S206 source base stations as implied above send the decruption key to current base station, it may include:
If successful decryption, source base station sends successful decryption information to the current base station;The successful decryption information includes:The solution
Key.
The successful decryption information is properly termed as correct (decryptionCorrect) information of decryption.
Optionally, the method may also include:
If decryption failure, the source base station sends decryption failure information to the current base station.
The decryption failure information can be described as decryption error (decryptionError) information.
And the current base station can send authentification failure after the decryption failure information for receiving source base station return to terminal
(authenticationError) information.
The terminal just can be disconnected after the authentication failure message for receiving current base station transmission with current base station, be selected
Another base station attempts accessing, if the base station number for attempting accessing cannot all succeed more than or equal to preset value (such as 3)
The ID of the terminal after the encryption is decrypted, then can determine that the key that source base station or the end side preserve is lost, and
The multiple base stations accessed were attempted before this for the possibility of pseudo-base station is smaller.To ensure that terminal can normally access network, the terminal
The best base station of signal intensity may be selected and is connected thereto connection, the user identity information of the terminal is then sent in plain text.
The present invention provide the information transferring method, can in source base station according to decruption key to the terminal after the encryption
In the case of ID is decrypted successfully, then decruption key is sent to current base station, the security of information is effectively ensured, carried
Communication security high.
The present invention may also provide a kind of information transferring method.Another information transferring method that Fig. 3 is provided for the present invention
Flow chart.As shown in figure 3, the method may include:
S301, current base station send ID and ask to terminal.
S302, terminal to current base station send ID respond, the ID response may include source base station mark,
The IMSI of the terminal after encryption and the information of the encryption key.
S303, current base station determine source base station according to the mark of the source base station.
S304, current base station send decoding request to source base station, and the decoding request includes the information of the encryption key and is somebody's turn to do
The IMSI of the terminal after encryption.
S305, source base station determine the corresponding decruption key of the encryption key according to the information of the encryption key.
S306, source base station are decrypted according to decruption key to the IMSI of the terminal after the encryption.
If successful decryption, S307-S309 can be continued executing with;If conversely, decryption failure, can continue executing with S310-S312.
If S307, successful decryption, source base station sends successful decryption information to current base station;The successful decryption information includes should
Decruption key.
S308, current base station are decrypted according to the decruption key to the IMSI of the terminal after the encryption, obtain the end
The IMSI at end.
S309, current base station perform AKA flows according to the IMSI of the terminal.
If S310, decryption failure, source base station send decryption failure information to current base station.
S311, current base station send authentication failure message to terminal.
S312, terminal disconnect the connection with current base station.
The information transferring method that the present invention is provided, can be illustrated by specific example to the above method, its
Concrete implementation process and beneficial effect can be found in above-mentioned, will not be repeated here.
The present invention also provides a kind of information carrying means.A kind of structure of information carrying means that Fig. 4 is provided for the present invention
Schematic diagram.The information carrying means can be integrated in terminal by way of software and/or hardware.As shown in figure 4, the information is passed
Defeated device 400 may include:
Encrypting module 401, for being encrypted to the ID of terminal using default encryption key.
Sending module 402, for current base station send source base station mark, encryption after the terminal ID and
The information of the encryption key;The mark of the source base station is used to cause that the current base station determines the source base station, by the encryption key
Information is sent to the source base station;The information of the encryption key is used to cause that the source base station determines that the corresponding decryption of the encryption key is close
Key, then sends to the current base station decruption key;After the decruption key is used to cause the current base station to the encryption
The ID of the terminal is decrypted, and obtains the ID of the terminal.
Optionally, the information carrying means 400 may also include:
Negotiation module, for being added to the ID of the terminal using default encryption key in encrypting module 401
Before close, in the case where terminal and the source base station are set up and be connected, consult to determine the encryption key with the source base station.
Optionally, the information carrying means 400 may also include:
Update module, for according to default temporal information, with the source base station synchronized update encryption key.
Optionally, the information carrying means 400 may also include:
Receiver module, the identity request for receiving current base station transmission.
Sending module 402, specifically for sending identity response to the current base station, the identity response includes:The source base station
Mark, the encryption after the terminal ID and the information of the encryption key.
The information carrying means that the present invention is provided, can perform the information transfer side that the terminal in above-mentioned Fig. 2 or Fig. 3 is performed
Method, its concrete implementation process and beneficial effect can be found in above-mentioned, will not be repeated here.
The present invention also provides a kind of information carrying means.The knot of another information carrying means that Fig. 5 is provided for the present invention
Structure schematic diagram.As shown in figure 5, the information carrying means 500 may include:
Receiver module 501, the use of the terminal after mark, the encryption of the source base station sent for current base station receiving terminal
The information of family mark and encryption key.
Determining module 502, for the mark according to the source base station, determines the source base station.
Sending module 503, the information for sending the encryption key to the source base station;The information of the encryption key is used to make
Obtain the source base station and determine the corresponding decruption key of the encryption key.
Receiver module 501, is additionally operable to receive the decruption key that the source base station sends.
Decryption key 504, for being decrypted to the ID of the terminal after the encryption according to the decruption key, obtains
To the ID of the terminal.
Optionally, sending module 503, are additionally operable to send identity request to the terminal.
Receiver module 501, specifically for the identity response that receiving terminal sends, the identity response includes:The source base station
The ID and the information of encryption key of the terminal after mark, the encryption.
The information carrying means that the present invention is provided, can perform the information transfer that the current base station in above-mentioned Fig. 2 or Fig. 3 is performed
Method, its concrete implementation process and beneficial effect can be found in above-mentioned, will not be repeated here.
The present invention also provides a kind of information carrying means.The knot of another information carrying means that Fig. 6 is provided for the present invention
Structure schematic diagram.As shown in fig. 6, the information carrying means 600 may include:
Receiver module 601, the information of the encryption key for receiving current base station transmission.
Determining module 602, for the information according to the encryption key, determines the corresponding decruption key of the encryption key.
Sending module 603, for sending the decruption key to the current base station, the decruption key is used to cause the current base
Is stood and the ID of the terminal after encryption is decrypted, obtain the ID of the terminal.
Optionally, receiver module 601, specifically for receiving the information of the encryption key of current base station transmission and should add
The ID of the terminal after close.
The information carrying means 600 may also include:
Deciphering module, it is close according to the decryption for before sending module 603 sends the decruption key to the current base station
Key is decrypted to the ID of the terminal after the encryption.
Optionally, sending module 603, if specifically for successful decryption, successful decryption information is sent to the current base station;
The successful decryption information includes:The decruption key.
Optionally, sending module 603, if being additionally operable to decryption failure, decryption failure information are sent to the current base station.
The information carrying means that the present invention is provided, can perform the information transfer side that the source base station in above-mentioned Fig. 2 or Fig. 3 is performed
Method, its concrete implementation process and beneficial effect can be found in above-mentioned, will not be repeated here.
The present invention also provides a kind of terminal.A kind of structural representation of terminal that Fig. 7 is provided for the present invention.As shown in fig. 7,
The terminal 700 may include:Processor 701 and transmitter 702.Processor 701 is connected with transmitter 702.
Processor 701, for being encrypted to the ID of terminal using default encryption key.
Transmitter 702, for sending the ID of the terminal after mark, the encryption of source base station to current base station and being somebody's turn to do
The information of encryption key;The mark of the source base station is used to cause that the current base station determines the source base station, by the letter of the encryption key
Breath is sent to the source base station;The information of the encryption key is used to cause that the source base station determines that the corresponding decryption of the encryption key is close
Key, then sends to the current base station decruption key;After the decruption key is used to cause the current base station to the encryption
The ID of the terminal is decrypted, and obtains the ID of the terminal.
Optionally, processor 701, are additionally operable to be encrypted the ID of the terminal using default encryption key
Before, in the case where terminal and the source base station are set up and be connected, consult to determine the encryption key with the source base station.
Optionally, processor 701, are additionally operable to according to default temporal information, and the encryption is close with the source base station synchronized update
Key.
Optionally, the terminal 700 may also include:
Receiver, the identity request for receiving current base station transmission.Receiver is connected with processor 701.
Transmitter 702, specifically for sending identity response to the current base station, the identity response includes:The source base station
The ID and the information of the encryption key of the terminal after mark, the encryption.
The terminal that the present invention is provided, can perform the information transferring method that the terminal in above-mentioned Fig. 2 or Fig. 3 is performed, and its is specific
Implementation process and beneficial effect can be found in above-mentioned, will not be repeated here.
The present invention also provides a kind of base station.A kind of structural representation of base station that Fig. 8 is provided for the present invention.The base station 800
Can be as current base station.As shown in figure 8, base station 800 may include:Receiver 801, processor 802 and transmitter 803.Receive
Device 801 is connected with processor 802, and processor 802 is connected with transmitter 803.
Receiver 801, the user of the terminal after mark, the encryption of the source base station sent for current base station receiving terminal
The information of mark and encryption key.
Processor 802, for the mark according to the source base station, determines the source base station.
Transmitter 803, the information for sending the encryption key to the source base station;The information of the encryption key is used to cause
The source base station determines the corresponding decruption key of the encryption key.
Receiver 801, is additionally operable to receive the decruption key that the source base station sends.
Processor 802, is additionally operable to be decrypted the ID of the terminal after the encryption according to the decruption key, obtains
To the ID of the terminal.
Optionally, transmitter 803, are additionally operable to send identity request to the terminal.
Receiver 801, specifically for the identity response that receiving terminal sends, the identity response includes:The mark of the source base station
The ID and the information of encryption key of the terminal after knowledge, the encryption.
The base station that the present invention is provided, can perform the information transferring method that the current base station in above-mentioned Fig. 2 or Fig. 3 is performed, its
Concrete implementation process and beneficial effect can be found in above-mentioned, will not be repeated here.
The present invention also provides a kind of base station.The structural representation of another base station that Fig. 9 is provided for the present invention.The base station
900 can be as source base station.As shown in figure 9, the base station 900 may include:Receiver 901, processor 902 and transmitter 903.Connect
Receive device 901 to be connected with processor 902, processor 902 is connected with transmitter 903.
Receiver 901, the information of the encryption key for receiving current base station transmission.
Processor 902, for the information according to the encryption key, determines the corresponding decruption key of the encryption key.
Transmitter 903, for sending the decruption key to the current base station, the decruption key is used to cause the current base station
ID to the terminal after encryption is decrypted, and obtains the ID of the terminal.
Optionally, receiver 901, information and the encryption specifically for receiving the encryption key of current base station transmission
The ID of the terminal afterwards.
Processor 902 was additionally operable to before transmitter 903 sends the decruption key to the current base station, close according to the decryption
Key is decrypted to the ID of the terminal after the encryption.
Optionally, transmitter 903, if specifically for successful decryption, successful decryption information is sent to the current base station;Should
Successful decryption information includes:The decruption key.
Optionally, transmitter 903, if being additionally operable to decryption failure, decryption failure information are sent to the current base station.
The base station that the present invention is provided, can perform the information transferring method that the source base station in above-mentioned Fig. 2 or Fig. 3 is performed, its tool
The implementation process and beneficial effect of body can be found in above-mentioned, will not be repeated here.
Finally it should be noted that:Various embodiments above is merely illustrative of the technical solution of the present invention, rather than its limitations;To the greatest extent
Pipe has been described in detail with reference to foregoing embodiments to the present invention, it will be understood by those within the art that:Its according to
The technical scheme described in foregoing embodiments can so be modified, or which part or all technical characteristic are entered
Row equivalent;And these modifications or replacement, the essence of appropriate technical solution is departed from various embodiments of the present invention technology
The scope of scheme.
Claims (10)
1. a kind of information transferring method, it is characterised in that including:
Terminal is encrypted using default encryption key to the ID of the terminal;
The terminal is close to the ID of the terminal after mark, the encryption of current base station transmission source base station and the encryption
The information of key;The mark of the source base station is used to cause that the current base station determines the source base station, by the encryption key
Information is sent to the source base station;The information of the encryption key is used to cause that the source base station determines the encryption key correspondence
Decruption key, then the decruption key is sent to the current base station;The decruption key is used for so that described current
Base station to the encryption after the ID of the terminal be decrypted, obtain the ID of the terminal.
2. method according to claim 1, it is characterised in that the terminal is using default encryption key to the terminal
ID be encrypted before, methods described also includes:
The terminal consults to determine the encryption key in the case where being connected with source base station foundation with the source base station.
3. method according to claim 2, it is characterised in that methods described also includes:
The terminal according to default temporal information, with encryption key described in the source base station synchronized update.
4. the method according to any one of claim 1-3, it is characterised in that the terminal uses default encryption key
Before being encrypted to the ID of the terminal, methods described also includes:
The terminal receives the identity request that the current base station sends;
The terminal is close to the ID of the terminal after mark, the encryption of current base station transmission source base station and the encryption
The information of key, including:
The terminal sends identity response to the current base station, and the identity response includes:It is the mark of the source base station, described
The ID of the terminal after encryption and the information of the encryption key.
5. a kind of information transferring method, it is characterised in that including:
The ID and encryption key of the terminal after mark, the encryption of the source base station that current base station receiving terminal sends
Information;
The current base station determines the source base station according to the mark of the source base station;
The current base station sends the information of the encryption key to the source base station;The information of the encryption key is used to cause
The source base station determines the corresponding decruption key of the encryption key;
The current base station receives the decruption key that the source base station sends;
The current base station according to the decruption key to the encryption after the ID of the terminal be decrypted, obtain
The ID of the terminal.
6. method according to claim 5, it is characterised in that the mark of the source base station that the current base station receiving terminal sends
Before the ID of the terminal and the information of encryption key after knowledge, encryption, methods described also includes:
The current base station sends identity request to the terminal;
The ID of the terminal after mark, the encryption of the source base station that the current base station receiving terminal sends and encryption are close
The information of key, including:
The current base station receives the identity response that the terminal sends, and the identity response includes:The mark of the source base station,
The ID and the information of encryption key of the terminal after the encryption.
7. a kind of information transferring method, it is characterised in that including:
Source base station receives the information of the encryption key that current base station sends;
The source base station determines the corresponding decruption key of the encryption key according to the information of the encryption key;
The source base station sends the decruption key to the current base station, and the decruption key is used to cause the current base station
The ID of the terminal after to encryption is decrypted, and obtains the ID of the terminal.
8. method according to claim 7, it is characterised in that the source base station receives the encryption key that current base station sends
Information include:
The terminal after the information of the encryption key that the source base station reception current base station sends and the encryption
ID;
Before the source base station sends the decruption key to the current base station, methods described also includes:
The source base station according to the decruption key to the encryption after the ID of the terminal be decrypted.
9. method according to claim 8, it is characterised in that the source base station sends the decryption to the current base station
Key, including:
If successful decryption, the source base station sends successful decryption information to the current base station;The successful decryption information includes:
The decruption key.
10. method according to claim 8, it is characterised in that methods described also includes:
If decryption failure, the source base station sends decryption failure information to the current base station.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710131682.3A CN106714151B (en) | 2017-03-07 | 2017-03-07 | Information transmission method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710131682.3A CN106714151B (en) | 2017-03-07 | 2017-03-07 | Information transmission method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106714151A true CN106714151A (en) | 2017-05-24 |
| CN106714151B CN106714151B (en) | 2020-04-28 |
Family
ID=58917987
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710131682.3A Active CN106714151B (en) | 2017-03-07 | 2017-03-07 | Information transmission method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106714151B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019023825A1 (en) * | 2017-07-30 | 2019-02-07 | 华为技术有限公司 | Method and device for protecting privacy |
| CN110192381A (en) * | 2017-09-15 | 2019-08-30 | 华为技术有限公司 | The transmission method and equipment of key |
| CN110248359A (en) * | 2018-03-07 | 2019-09-17 | 中国移动通信有限公司研究院 | A kind of encipherment scheme, terminal, network element device and computer storage medium |
| CN110418419A (en) * | 2018-04-28 | 2019-11-05 | 中国移动通信有限公司研究院 | A kind of accidental access method, terminal and the network equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034980A (en) * | 2007-04-09 | 2007-09-12 | 中兴通讯股份有限公司 | Method for user identity protection and transfer |
| CN103188665A (en) * | 2011-12-31 | 2013-07-03 | 中国移动通信集团北京有限公司 | System, method and device of improving safety of cell phone receiving advertising |
| EP2765793A1 (en) * | 2011-11-01 | 2014-08-13 | Huawei Technologies Co., Ltd. | Method and related device for generating group key |
| CN104980920A (en) * | 2015-05-20 | 2015-10-14 | 小米科技有限责任公司 | Method and device for establishing communication connection of intelligent terminal |
-
2017
- 2017-03-07 CN CN201710131682.3A patent/CN106714151B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034980A (en) * | 2007-04-09 | 2007-09-12 | 中兴通讯股份有限公司 | Method for user identity protection and transfer |
| EP2765793A1 (en) * | 2011-11-01 | 2014-08-13 | Huawei Technologies Co., Ltd. | Method and related device for generating group key |
| CN103188665A (en) * | 2011-12-31 | 2013-07-03 | 中国移动通信集团北京有限公司 | System, method and device of improving safety of cell phone receiving advertising |
| CN104980920A (en) * | 2015-05-20 | 2015-10-14 | 小米科技有限责任公司 | Method and device for establishing communication connection of intelligent terminal |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019023825A1 (en) * | 2017-07-30 | 2019-02-07 | 华为技术有限公司 | Method and device for protecting privacy |
| CN110169102A (en) * | 2017-07-30 | 2019-08-23 | 华为技术有限公司 | The method and apparatus of secret protection |
| US11395148B2 (en) | 2017-07-30 | 2022-07-19 | Huawei Technologies Co., Ltd. | Method and device for protecting privacy |
| CN110192381A (en) * | 2017-09-15 | 2019-08-30 | 华为技术有限公司 | The transmission method and equipment of key |
| CN110192381B (en) * | 2017-09-15 | 2021-02-09 | 华为技术有限公司 | Key transmission method and device |
| CN110248359A (en) * | 2018-03-07 | 2019-09-17 | 中国移动通信有限公司研究院 | A kind of encipherment scheme, terminal, network element device and computer storage medium |
| CN110418419A (en) * | 2018-04-28 | 2019-11-05 | 中国移动通信有限公司研究院 | A kind of accidental access method, terminal and the network equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106714151B (en) | 2020-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11075749B2 (en) | Method and arrangement in a telecommunication system | |
| CN109314861B (en) | Method, device and communication system for obtaining secret key | |
| EP2109278B1 (en) | Method and apparatus for generating a new key | |
| JP7139420B2 (en) | Method for transmitting an encrypted subscription identifier stored in a security element to a physical or virtual element of a telecommunications network, the corresponding security element, the physical or virtual element and a terminal cooperating with this security element | |
| US20150079941A1 (en) | Secure Paging | |
| CN109922474B (en) | Method for triggering network authentication and related equipment | |
| KR100547855B1 (en) | Secure communication system and method of a composite mobile communication terminal having a local area communication device | |
| CN105142136B (en) | A kind of method of anti-pseudo-base station attack | |
| CN101946535A (en) | System and method for performing handovers, or key management while performing handovers in a wireless communication system | |
| CN106714151A (en) | Information transmission method | |
| CN101309503A (en) | Wireless switching method, base station and terminal | |
| CN101895882A (en) | Data transmission method, system and device in WiMAX system | |
| KR100920409B1 (en) | Authentication of a wireless communication using expiration marker | |
| WO2022127656A1 (en) | Authentication method and related apparatus | |
| JP2007506329A (en) | Method for improving WLAN security | |
| CN105103577B (en) | A kind of device and method of encryption data | |
| WO2008152611A1 (en) | Apparatus, method and computer program product providing transparent container | |
| CN114374550B (en) | Electric power metering platform with high safety | |
| CN1964259B (en) | A method to manage secret key in the course of switch-over | |
| CN110830421A (en) | Data transmission method and device | |
| JP6499315B2 (en) | Mobile communication system and communication network | |
| CN111770488A (en) | EHPLMN updating method, related equipment and storage medium | |
| CN110169128B (en) | Communication method, device and system | |
| CN101588374B (en) | Soft hardware integrality detection method and system for network appliance | |
| WO2014205846A1 (en) | Data transmission method, machine type communication terminal and addressing server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |