CN108293223B

CN108293223B - Data transmission method, user equipment and network side equipment

Info

Publication number: CN108293223B
Application number: CN201580084940.6A
Authority: CN
Inventors: 刘菁; 黄敏; 舒兵
Original assignee: Huawei Technologies Co Ltd
Current assignee: XFusion Digital Technologies Co Ltd
Priority date: 2015-11-30
Filing date: 2015-11-30
Publication date: 2020-11-17
Anticipated expiration: 2035-11-30
Also published as: CN108293223A; WO2017091959A1

Abstract

The invention provides a data transmission method, user equipment and network side equipment, wherein the method comprises the following steps: user Equipment (UE) encrypts and integrity-protects a data packet by using an encryption key and an integrity protection key, wherein the encryption key and the integrity protection key are generated by the UE according to a first random number generated by the UE or a second random number received from network side equipment, and the data packet comprises an identifier of the UE and user data; and when the UE does not establish Radio Resource Control (RRC) connection with the base station, the encrypted and integrity-protected data packet is sent to network side equipment. By implementing the invention, the safe transmission of data can be realized when RRC connection is not established between the UE and the base station, and the signaling overhead is reduced.

Description

Data transmission method, user equipment and network side equipment

Technical Field

The present invention relates to the field of communications technologies, and in particular, to a data transmission method, a user equipment, and a network side device.

Background

For the third Generation mobile communication System (3rd Generation, 3G) and the Long Term Evolution (LTE) System thereof, in order to ensure the security of data transmission, before a User Equipment (UE) transmits data to a network side, a security Authentication and Key Agreement process between the UE and the network side must be performed, and currently, an Evolved Packet System (EPS) Authentication and Key Agreement (AKA) protocol is adopted in the LTE System to complete the security Authentication and Key Agreement process between the UE and the network side. Before the security authentication and key agreement process between the UE and the network side, a connection establishment process of Radio Resource Control (RRC) between the UE and the base station needs to be performed, that is, a Control plane connection/bearer between the UE and the base station needs to be established, and after the RRC connection process is established, a Control plane connection and a user plane bearer between the base station and the core network and a user plane bearer between the UE and the base station need to be established.

In recent years, Machine-to-Machine (M2M) has been widely used in daily life as a new communication concept, and M2M technology is an integration of wireless communication and information technology, is used for two-way communication, and is suitable for fields such as security monitoring, vending machines, tracking of goods, payment systems (automatic teller machines, support terminals, parking meter, etc.), and remote control of vehicles (such as fleet management, toll collection, vehicle recovery, and payment of a premium according to driving conditions). M2M can be divided into three communication modes, i.e. machine-to-machine, machine-to-mobile (such as user remote monitoring) and mobile-to-machine (such as user remote control), according to the communication objects. In M2M Communication, an M2M device accessing a network is also called a Machine Type Communication (MTC) device. The MTC can directly communicate between machines without manual intervention. In recent years, MTC is used as a novel communication concept, and is increasingly applied, and meanwhile, MTC is a trend of future intelligent development, so that MTC functions need to be supported in an LTE system. For MTC services, data sent by the MTC device to the network side at a time is usually packet data (usually tens to hundreds of bytes). If the data transmission method in the prior art is adopted, before the UE sends the packet data to the network side, it needs to establish a control plane connection between the UE and the eNB, a control plane connection and a user plane bearer between the eNB and the core network, and a user plane bearer process between the UE and the eNB.

Disclosure of Invention

Embodiments of the present invention provide a data transmission method, a user equipment, and a network side device, so that signaling resources required for establishing a control plane connection and a user plane bearer can be reduced, and system efficiency is improved.

In a first aspect, an embodiment of the present invention provides a user equipment, including a processor, a receiver, and a transmitter; wherein the processor is configured to call the data transmission program code stored in the memory to perform the following operations: encrypting and integrity protecting a data packet by using an encryption key and an integrity protection key, wherein the encryption key and the integrity protection key are generated by User Equipment (UE) according to a first random number generated by the UE or a second random number received from network side equipment, and the data packet comprises an identifier of the UE and user data; and when the UE does not establish Radio Resource Control (RRC) connection with a base station, sending the encrypted and integrity-protected data packet to network side equipment through the transmitter. Under the condition that the UE does not establish RRC connection with the base station, the UE can generate an encryption key and an integrity protection key according to a first random number generated by the UE or a second random number received from network side equipment, further perform security processing on a data packet to be transmitted, and send the data packet after the security processing to the network side equipment, so that the security of data transmission is ensured, signaling resources required for establishing control plane connection and user plane bearing can be reduced, and the system efficiency is improved.

With reference to the first aspect, in a first possible implementation manner of the first aspect, the data packet further includes the first random number, where the first random number is used by the network side device to determine a decryption key and an integrity verification key used for decrypting and verifying integrity of the data packet. When user data needs to be sent, the UE generates a random number of a derived key without depending on a Home Subscriber Server (HSS), generates a first random number of the derived key by the UE, and generates an encryption key and an integrity protection key for encrypting and protecting the integrity of a data packet to be transmitted through the first random number, so that the data packet is safely processed, the security of data transmission is guaranteed, and the data transmission efficiency is improved.

With reference to the first aspect or the first possible implementation manner of the first aspect, in a second possible implementation manner of the first aspect, the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and verifying integrity of the data packet. When user data needs to be sent, the UE does not rely on a security algorithm (including an encryption algorithm and an integrity protection algorithm) selected and issued by network side equipment, but selects a security algorithm for performing security processing on a data packet to be transmitted instead, so that the data packet is safely processed, the security of data transmission is guaranteed, and the data transmission efficiency is improved.

With reference to the first aspect, in a third possible implementation manner of the first aspect, before the encrypting and integrity protecting the data packet by using the encryption key and the integrity protection key, the processor is further configured to perform the following operations: when the UE is not in RRC connection with the base station, an authentication request is sent to a Home Subscriber Server (HSS) through the network side equipment by the transmitter, the authentication request comprises the identity of the UE, and the authentication request is used for triggering the HSS to generate the second random number and determining a decryption key and an integrity verification key used by the network side equipment for decrypting and verifying the integrity of the data packet according to the identity of the UE and the second random number; receiving, by the receiver, a response message sent by the HSS through the network side device, where the response message includes the second random number; and performing integrity verification on the response message by using the integrity protection key. The UE requests authentication to the network side equipment when the RRC connection is not established, an encryption key and an integrity protection key for carrying out security processing on a data packet to be transmitted are generated through the second random number received from the network side equipment, the security of data transmission when no RRC connection exists is guaranteed, signaling overhead for establishing control plane connection and user plane bearing is reduced, the system efficiency is improved, the UE can realize the security authentication on the network side equipment through carrying out integrity verification on a response message sent by the network side equipment, the HSS is not relied on to generate and send authentication vectors, and the security authentication process of the UE on the network side equipment is simplified.

With reference to the first aspect, or any one of possible implementation manners of the first aspect, in a fourth possible implementation manner of the first aspect, the processor is further configured to perform: receiving, by the receiver, a confirmation message sent by the network-side device after the integrity of the data packet is successfully verified; and performing integrity verification on the confirmation message by using the integrity protection key. The UE can realize the safety authentication of the network side equipment by carrying out integrity verification on the confirmation message sent by the network side equipment, does not rely on the HSS to generate and issue an authentication vector any more, and simplifies the safety authentication process of the UE on the network side equipment.

With reference to the fourth possible implementation manner of the first aspect, in a fifth possible implementation manner of the first aspect, the data packet further includes a third random number generated by the UE, where the third random number is used by the network side device to update the identifier of the UE after the integrity verification of the data packet is successful; the processor is further configured to perform: and after the integrity verification of the confirmation message is successful, updating the identity of the UE according to the third random number. The UE and the network side equipment synchronously update the identity of the UE, so that the secrecy of the UE can be enhanced, the phenomenon that the whereabouts of the UE are exposed in the data transmission process is avoided, and the safety of data transmission is further improved.

With reference to the first aspect or any one of the possible implementation manners of the first aspect, in a sixth possible implementation manner of the first aspect, the network side device includes a base station or a serving gateway.

With reference to the sixth possible implementation manner of the first aspect, in a seventh possible implementation manner of the first aspect, the data packet further includes an identifier of a destination server, where the identifier of the destination server is used to establish a TCP (transmission control protocol) connection between the serving gateway and the destination server, and send the user data to the destination server through the TCP connection.

With reference to the sixth possible implementation manner of the first aspect or the seventh possible implementation manner of the first aspect, in an eighth possible implementation manner of the first aspect, when the network side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used for the base station to send the data packet to the serving gateway.

With reference to the sixth possible implementation manner of the first aspect, or the seventh possible implementation manner of the first aspect, or the eighth possible implementation manner of the first aspect, in a ninth possible implementation manner of the first aspect, the sending, by the transmitter, the encrypted and integrity-protected data packet to a network side device includes: and sending the encrypted and integrity-protected data packet to a base station through a random access preamble message or an RRC connection establishment request message by the transmitter. The UE carries the data packet in the random access preamble message or the RRC connection establishment request message or other resources allocated to the UE by the base station, and then sends the data packet to the network side equipment, so that signaling resources required for establishing control plane connection and user plane bearing are reduced, and the system efficiency is improved.

In a second aspect, an embodiment of the present invention provides a network-side device, including a processor, a receiver, and a transmitter; wherein the processor is configured to call the data transmission program code stored in the memory to perform the following operations: receiving, by the receiver, a data packet sent by a User Equipment (UE) when a Radio Resource Control (RRC) connection with a base station is not established, where the data packet includes an identifier of the UE and user data, and the data packet is obtained after the UE is encrypted and integrity-protected; determining a decryption key and an integrity verification key corresponding to the UE according to the identity of the UE; decrypting and integrity verifying the data packet using the decryption key and the integrity verification key; and after the integrity verification of the data packet is successful, the transmitter transmits the user data to a destination server. The network side equipment receives a data packet sent by the UE when the RRC connection with the base station is not established, determines a decryption key and an integrity verification key for decrypting and verifying the integrity of the data packet according to the identification of the UE, realizes the safety certification of the UE by verifying the integrity of the data packet, simplifies the safety certification process of the network side equipment for the UE, reduces the signaling overhead for establishing the control plane connection and the user plane bearing, and improves the system efficiency.

With reference to the second aspect, in a first possible implementation manner of the second aspect, the data packet further includes a first random number generated by the UE; the determining a decryption key and an integrity verification key corresponding to the UE according to the identifier of the UE includes: and sending the identifier of the UE and the first random number to a Home Subscriber Server (HSS), generating an intermediate key of the UE through the HSS, generating a decryption key and an integrity verification key corresponding to the UE according to the intermediate key generated by the HSS, and storing the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key.

With reference to the second aspect or the first possible implementation manner of the second aspect, in a second possible implementation manner of the second aspect, the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and integrity verifying the data packet.

With reference to the second aspect, in a third possible implementation manner of the second aspect, before the receiving, by the receiver, a data packet sent by a user equipment UE when a radio resource control RRC connection with a base station is not established, the processor is further configured to: receiving, by the receiver, an authentication request sent by the UE when the RRC connection is not established with the base station, the authentication request including an identity of the UE; the authentication request is sent to a Home Subscriber Server (HSS) through the transmitter, the authentication request is used for triggering the HSS to generate a second random number and generating an intermediate key of the UE according to the identifier of the UE and the second random number, the network side equipment generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and stores the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key; sending, by the transmitter, a response message to the UE, the response message including the second random number, the second random number being used by the UE to generate a ciphering key and an integrity protection key used to cipher and integrity protect the data packet. The network side equipment receives an authentication request sent by the UE when the RRC connection with the base station is not established, a second random number of a derived key is generated through the HSS, a decryption key and an integrity verification key for decrypting and verifying the integrity of a data packet are determined according to a middle key of the UE generated by the HSS, the safety authentication of the UE is realized through the integrity verification of the data packet, the safety authentication process of the network side equipment to the UE is simplified, meanwhile, the signaling overhead of establishing control plane connection and user plane bearing is reduced, and the system efficiency is improved.

With reference to the second aspect, or any one of possible implementation manners of the second aspect, in a fourth possible implementation manner of the second aspect, the processor is further configured to: after the integrity verification of the data packet is successful, sending a confirmation message to the UE through the transmitter, wherein the confirmation message is used for the UE to carry out integrity verification on the confirmation message by using an integrity protection key of the UE.

With reference to the fourth possible implementation manner of the second aspect, in a fifth possible implementation manner of the second aspect, the data packet further includes a third random number generated by the UE, where the third random number is used to update the identifier of the UE after the UE successfully verifies the integrity of the acknowledgment message; the processor is further configured to perform: and after the integrity verification of the data packet is successful, updating the identifier of the UE according to the third random number, and storing the updated identifier of the UE and the corresponding relation between the decryption key and the integrity verification key. The network side equipment and the UE synchronously update the UE identification, so that the privacy of the UE can be enhanced, the UE track is prevented from being exposed in the data transmission process, and the data transmission safety is further improved.

With reference to the second aspect, or any one of possible implementation manners of the second aspect, in a sixth possible implementation manner of the second aspect, the network side device includes a base station or a serving gateway.

With reference to the sixth possible implementation manner of the second aspect, in a seventh possible implementation manner of the second aspect, the data packet further includes an identifier of the destination server; the sending the user data to a destination server by the transmitter includes: and establishing a Transmission Control Protocol (TCP) connection with the destination server according to the identification of the destination server, and sending the user data to the destination server through the TCP connection. Therefore, the DNS domain name resolution process is not triggered by the UE, namely the UE does not need to establish a TCP connection process with a target server by occupying a large amount of air interface resources, but the DNS process is triggered by the serving gateway instead of the UE, the serving gateway establishes TCP connection with the target server, and the decrypted user data is sent to the target server through the TCP connection, so that signaling resources for establishing the TCP connection are reduced.

With reference to the sixth possible implementation manner of the second aspect or the seventh possible implementation manner of the second aspect, in an eighth possible implementation manner of the second aspect, when the network side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used by the base station to send the data packet to the serving gateway.

With reference to the sixth possible implementation manner of the second aspect, or the seventh possible implementation manner of the second aspect, or the eighth possible implementation manner of the second aspect, in a ninth possible implementation manner of the second aspect, the receiving, by the receiver, a data packet sent by a user equipment UE when a radio resource control RRC connection with a base station is not established includes: and receiving a data packet sent by the UE through a random access preamble message or an RRC connection establishment request message when the UE does not establish the RRC connection with the base station through the receiver.

In a third aspect, an embodiment of the present invention provides a data transmission method, where the method is used for a user equipment UE to implement secure data transmission when a radio resource control RRC connection with a base station is not established, where the method includes: the method comprises the steps that UE uses an encryption key and an integrity protection key to encrypt and protect the integrity of a data packet, wherein the encryption key and the integrity protection key are generated by the UE according to a first random number generated by the UE or a second random number received from network side equipment, and the data packet comprises an identifier of the UE and user data; and when the RRC connection with the base station is not established, the UE sends the encrypted and integrity-protected data packet to network side equipment.

With reference to the third aspect, in a first possible implementation manner of the third aspect, the data packet further includes the first random number, where the first random number is used by the network side device to determine a decryption key and an integrity verification key used for decrypting and verifying integrity of the data packet.

With reference to the third aspect or the first possible implementation manner of the third aspect, in a second possible implementation manner of the third aspect, the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and integrity verifying the data packet.

With reference to the third aspect, in a third possible implementation manner of the third aspect, before the UE encrypts and integrity-protects a data packet by using an encryption key and an integrity protection key, the method further includes: when the UE does not establish the RRC connection with the base station, an authentication request is sent to a Home Subscriber Server (HSS) through the network side equipment, the authentication request comprises an identifier of the UE, and the authentication request is used for triggering the HSS to generate a second random number and determining a decryption key and an integrity verification key used by the network side equipment for decrypting and verifying the integrity of the data packet according to the identifier of the UE and the second random number; the UE receives a response message sent by the HSS through the network side equipment, wherein the response message comprises the second random number; and the UE uses the integrity protection key to carry out integrity verification on the response message.

With reference to the third aspect, or any one of the foregoing possible implementation manners of the third aspect, in a fourth possible implementation manner of the third aspect, the method further includes: the UE receives a confirmation message sent by the network side equipment after the integrity verification of the data packet is successful; and the UE uses the integrity protection key to carry out integrity verification on the confirmation message.

With reference to the fourth possible implementation manner of the third aspect, in a fifth possible implementation manner of the third aspect, the data packet further includes a third random number generated by the UE, where the third random number is used by the network side device to update the identifier of the UE after the integrity verification of the data packet is successful; the method further comprises the following steps: and after the UE successfully verifies the integrity of the confirmation message, updating the identity of the UE according to the third random number.

With reference to the third aspect, or any one of the foregoing possible implementation manners of the third aspect, in a sixth possible implementation manner of the third aspect, the network side device includes a base station or a serving gateway.

With reference to the sixth possible implementation manner of the third aspect, in a seventh possible implementation manner of the third aspect, the data packet further includes an identifier of a destination server, where the identifier of the destination server is used for a service gateway to establish a TCP (transmission control protocol) connection with the destination server, and send the user data to the destination server through the TCP connection.

With reference to the sixth possible implementation manner of the third aspect or the seventh possible implementation manner of the third aspect, in an eighth possible implementation manner of the third aspect, when the network side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used by the base station to send the data packet to the serving gateway.

With reference to the sixth possible implementation manner of the third aspect, or the seventh possible implementation manner of the third aspect, or the eighth possible implementation manner of the third aspect, in a ninth possible implementation manner of the third aspect, the sending the encrypted and integrity-protected data packet to a network side device includes: and sending the encrypted and integrity-protected data packet to a base station through a random access preamble message or an RRC connection establishment request message.

In a fourth aspect, an embodiment of the present invention provides a data transmission method, including: the method comprises the steps that network side equipment receives a data packet sent by User Equipment (UE) when Radio Resource Control (RRC) connection with a base station is not established, wherein the data packet comprises an identifier of the UE and user data, and is obtained after the UE is encrypted and subjected to integrity protection; the network side equipment determines a decryption key and an integrity verification key corresponding to the UE according to the identity of the UE; the network side equipment decrypts and verifies the integrity of the data packet by using the decryption key and the integrity verification key; and after the network side equipment successfully verifies the integrity of the data packet, the network side equipment sends the user data to a destination server.

With reference to the fourth aspect, in a first possible implementation manner of the fourth aspect, the data packet further includes a first random number generated by the UE; the network side equipment determines a decryption key and an integrity verification key corresponding to the UE according to the identity of the UE, and the method comprises the following steps: and the network side equipment sends the identifier of the UE and the first random number to a Home Subscriber Server (HSS), generates an intermediate key of the UE through the HSS, generates a decryption key and an integrity verification key corresponding to the UE according to the intermediate key generated by the HSS, and stores the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key.

With reference to the fourth aspect or the first possible implementation manner of the fourth aspect, in a second possible implementation manner of the fourth aspect, the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and integrity verifying the data packet.

With reference to the fourth aspect, in a third possible implementation manner of the fourth aspect, before the receiving, by the network side device, a data packet sent by the user equipment UE when the radio resource control RRC connection with the base station is not established, the method further includes: the network side equipment receives an authentication request sent by the UE when the RRC connection is not established with the base station, wherein the authentication request comprises the identity of the UE; the network side equipment sends the authentication request to a Home Subscriber Server (HSS), the authentication request is used for triggering the HSS to generate a second random number and generating an intermediate key of the UE according to the identifier of the UE and the second random number, the network side equipment generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and stores the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key; and the network side equipment sends a response message to the UE, wherein the response message comprises the second random number, and the second random number is used for the UE to generate an encryption key and an integrity protection key used for encrypting and integrity protecting the data packet.

With reference to the fourth aspect, or any one of the foregoing possible implementation manners of the fourth aspect, in a fourth possible implementation manner of the fourth aspect, the method further includes: and after the network side equipment successfully verifies the integrity of the data packet, sending a confirmation message to the UE, wherein the confirmation message is used for the UE to carry out integrity verification on the confirmation message by using an integrity protection key of the UE.

With reference to the fourth possible implementation manner of the fourth aspect, in a fifth possible implementation manner of the fourth aspect, the data packet further includes a third random number generated by the UE, where the third random number is used to update the identifier of the UE after the UE successfully verifies the integrity of the acknowledgment message; the method further comprises the following steps: and after the network side equipment successfully verifies the integrity of the data packet, updating the identifier of the UE according to the third random number, and storing the updated identifier of the UE and the corresponding relation between the decryption key and the integrity verification key.

With reference to the fourth aspect, or any one of the foregoing possible implementation manners of the fourth aspect, in a sixth possible implementation manner of the fourth aspect, the network side device includes a base station or a serving gateway.

With reference to the sixth possible implementation manner of the fourth aspect, in a seventh possible implementation manner of the fourth aspect, the data packet further includes an identifier of the destination server; the sending the user data to the destination server includes: and the service gateway establishes a Transmission Control Protocol (TCP) connection with the destination server according to the identification of the destination server and sends the user data to the destination server through the TCP connection.

With reference to the sixth possible implementation manner of the fourth aspect or the seventh possible implementation manner of the fourth aspect, in an eighth possible implementation manner of the fourth aspect, when the network side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used by the base station to send the data packet to the serving gateway.

With reference to the sixth possible implementation manner of the fourth aspect, or the seventh possible implementation manner of the fourth aspect, or the eighth possible implementation manner of the fourth aspect, in a ninth possible implementation manner of the fourth aspect, the receiving, by the network side device, a data packet sent by the user equipment UE when the radio resource control RRC connection with the base station is not established includes: the base station receives a data packet sent by a random access preamble message or an RRC connection establishment request message when user equipment UE does not establish RRC connection with the base station.

In a fifth aspect, an embodiment of the present invention provides a user equipment, where the user equipment is configured to execute the third aspect or a data transmission method in any possible implementation manner of the third aspect, and the user equipment includes a module or a unit configured to execute the third aspect or any data transmission method of the third aspect.

In a sixth aspect, an embodiment of the present invention provides a network side device, where the network side device is configured to execute the fourth aspect or a data transmission method in any possible implementation manner of the fourth aspect, and the network side device includes a module or a unit configured to execute the fourth aspect or any data transmission method of the fourth aspect.

In a seventh aspect, an embodiment of the present invention provides a data transmission system, including a user equipment and a network side device, where the user equipment is the user equipment in the first aspect or any one of the possible implementation manners of the first aspect;

the network side device is the network side device in the second aspect or any one of the possible implementation manners of the second aspect.

In an eighth aspect, an embodiment of the present invention provides a computer program, where the computer program includes a program code, and when the user equipment UE runs the computer program, the program code performs the third aspect or any one of the data transmission methods in the third aspect.

In a ninth aspect, an embodiment of the present invention provides a computer program, where the computer program includes a program code, and when a network-side device runs the computer program, the program code executes the fourth aspect or any one of the data transmission methods in the fourth aspect.

The foregoing aspects of the present invention will become more readily apparent from the following description of the various embodiments.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed in the description of the embodiments or the prior art will be briefly introduced below, and it is apparent that the drawings in the following description are some embodiments of the present invention.

Fig. 1A is a schematic diagram of a network architecture of an LTE system;

FIG. 1B is a signaling flow diagram of an AKA security authentication and key agreement procedure;

fig. 2 is a signaling flow diagram of a connection/bearer setup procedure before data transmission;

fig. 3 is a schematic network architecture diagram of an LTE system according to an embodiment of the present invention;

fig. 4A is a schematic flowchart of a data transmission method according to an embodiment of the present invention;

fig. 4B is a flowchart illustrating another data transmission method according to an embodiment of the present invention;

fig. 4C is a schematic flow chart of another data transmission method according to an embodiment of the present invention;

fig. 4D is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

fig. 4E is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

fig. 4F is a schematic flow chart of another data transmission method according to an embodiment of the present invention;

fig. 4G is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of a user equipment according to an embodiment of the present invention;

fig. 6 is a schematic structural diagram of a network-side device according to an embodiment of the present invention;

fig. 7A is a schematic structural diagram of another ue according to an embodiment of the present invention;

fig. 7B is a schematic structural diagram of another ue according to an embodiment of the present invention;

fig. 7C is a schematic structural diagram of another ue according to an embodiment of the present invention;

fig. 7D is a schematic structural diagram of another ue according to an embodiment of the present invention;

fig. 8A is a schematic structural diagram of another network-side device according to an embodiment of the present invention;

fig. 8B is a schematic structural diagram of another network-side device according to an embodiment of the present invention;

fig. 8C is a schematic structural diagram of another network-side device according to an embodiment of the present invention;

fig. 8D is a schematic structural diagram of another network-side device according to an embodiment of the present invention;

fig. 8E is a schematic structural diagram of another network-side device according to an embodiment of the present invention.

Detailed Description

In order to better understand the data transmission method, the user equipment and the network side equipment provided by the embodiment of the present invention, a network architecture of the LTE system, an AKA security authentication and key agreement procedure, and a connection/bearer establishment procedure before data transmission are described below.

Referring to fig. 1A, fig. 1A is a schematic diagram of a network architecture of an LTE system. The LTE system Network architecture mainly includes UE, Evolved base station (EUTRAN Node B, eNB), Mobility Management Entity (MME), Serving Gateway (S-GW), Packet Data Gateway (P-GW), and Home Subscriber Server (HSS), where the eNB is a Network element in an Evolved Universal Radio Access Network (Evolved Universal Radio Access Network, EUTRAN), and the MME, the S-GW, the P-GW, and the HSS are Network elements in an Evolved Packet Core Network (EPC). The UE and the eNB realize wireless communication through a Uu interface, the communication interface between the eNB and the MME is S1-MME, and the communication interface between the eNB and the S-GW is S1-U. In order to facilitate the development of new services, a design mode of separating a user plane and a control plane is adopted in the LTE system. The control plane signaling and the user plane bearer in the core network corresponding to the LTE system are respectively responsible for independent network elements MME and S-GW.

Specifically, the main functions of the MME include Non Access Stratum (NAS) signaling establishment, NAS signaling security, signaling establishment across a core network, tracking service (when the UE is in IDLE mode), roaming service, authorization, bearer management, and the like.

The S-GW is a gateway point when the eNB switches, a gateway point for forwarding 2G/3G and other system services, and completes buffering of downlink packets, some initialization work, specified interception and interception, packet routing, forwarding and the like. In addition, the P-GW is used for policy enforcement, packet filtering, prescribed interception, allocation of an IP address of the UE, a charging function, packet reproduction, and the like.

It should be noted that, control signaling between the UE, the eNB, and the core network is processed through the MME; user Data is transmitted to the P-GW through the S-GW, and then transmitted to various Access Point Name (APN) nodes outside (with respect to the operator) by the P-GW, such as Public Data Network (PDN) and the like.

Referring to fig. 1B, fig. 1B is a schematic signaling flow diagram of the AKA security authentication and key agreement procedure. Entities participating in the security authentication and key agreement process in the LTE system include: UE, MME and HSS. The security authentication and key agreement process is completed based on symmetric keys, i.e. a root key K is shared between the UE and the HSS in advance, specifically, a permanent symmetric root key K is shared on a Universal Subscriber Identity Module (USIM)/Subscriber Identity Module (SIM) of the UE and the HSS maintained by the operator, and this K is written once when the USIM/SIM is manufactured and protected by the security mechanism of the USIM/SIM and cannot be read. The secure authentication and key agreement process includes the following steps.

S101, UE sends an authentication request to MME, wherein the message carries information such as an International Mobile Subscriber Identity (IMSI) of the UE, the capability of the UE (an encryption algorithm and an integrity protection algorithm supported by the UE) and an IDHSS (Identity server) of the HSS.

S102, the MME forwards the authentication request of the UE to the HSS, and the message carries the contents such as the IMSI, the Network identification (Serving Network ID, SNID) of the service Network, the Type (Network Type) of the service Network and the like. After HSS receives the authentication request, the IMSI and the SNID are searched in the local database, and the validity of the two entities is verified. If the verification is passed, finding out the root key K corresponding to the UE according to the IMSI, randomly generating a random number RAND, and then generating an Authentication vector (Authentication vector) corresponding to the UE according to the RAND, the Authentication sequence number SQN currently stored by the UE, the key K and other informationor, AV), wherein the AV includes the RAND, the Authentication Token (AUTN), the Expected response number (XRES), and the shared key K_ASME(the base key used to generate the non-access stratum and access stratum keys).

S103, the HSS returns an authentication response to the MME, the message carries the authentication vector AV of the UE, and the MME stores the received authentication vector of the UE.

S104, MME sends authentication request to UE, the message carries corresponding RAND and AUTN in the authentication vector of UE, and MME is secret key K_ASMEAssigned a key identification KSI_ASME。

S105, after receiving the authentication request, the UE checks according to the received RAND and AUTN, and the checking comprises the following steps: and jointly calculating an AUTN 'according to the SQN in the RAND and the AUTN and a root key K shared by the network side, comparing whether the AUTN' is consistent with the received AUTN, if so, passing the security authentication of the network side by the UE, and jointly calculating a Response (RES) by using the RAND and the root key K and sending the Response (RES) to the MME. UE according to K_ASMEFurther generating an air interface key K_eNB。

S106, the MME compares the received RES with XRES in the authentication vector AV, if the RES and the XRES are the same, the MME passes the security authentication of the UE, and K is used for determining whether the UE passes the security authentication_ASMEFurther generating an air interface key K for the basic key_eNBAnd is combined with K_eNBAnd the capability of the UE to the eNB.

S107, the eNB determines an encryption algorithm and an integrity protection algorithm of air interface user plane data and control plane signaling according to the capability of the UE and the encryption algorithm and the integrity protection algorithm supported by the eNB, and sends the selected encryption algorithm and the selected integrity protection algorithm to the UE through a Security Mode Command (SMC) message, and at this time, the UE and the eNB can respectively utilize an air interface key K_eNBAnd the appointed key algorithm further generates a key KUP for air interface encryption and integrity protection_enc、KRRC_encAnd KRRC_intWherein, KUP_encCiphering keys for user data for guaranteeing privacy of uplink data between UE and eNB, KRRC_encIs an access layerRRC signalling ciphering key for ensuring the privacy of RRC signalling between UE and eNB, KRRC_intAnd the key is used for protecting the integrity of the RRC signaling of the access layer and is used for ensuring the integrity of the RRC signaling between the UE and the eNB.

In the existing LTE system, before the UE and the network side perform the above-mentioned security authentication and key agreement procedure, a connection establishment procedure of Radio Resource Control (RRC) between the UE and the eNB needs to be performed, that is, a Control plane connection/bearer between the UE and the eNB needs to be established, and after the RRC connection is established, a Control plane connection and a user plane bearer between the eNB and the core network and a user plane bearer between the UE and the eNB need to be established.

Referring to fig. 2, fig. 2 is a signaling flow diagram of a connection/bearer establishment procedure before data transmission. In the LTE system, there is no signaling connection between the UE in IDLE (IDLE) state and the network side, no radio resource is allocated to the UE in the network and no UE context is established on the network side, and the RRC connection between the UE and the network side and the S1 connection between the eNB and the core network are released, so if there is data to be sent by the UE in IDLE state, the signaling flow in the connection/bearer establishment procedure before data transmission is as follows.

S201, when the UE has data to send, according to the Random Access resource information configured by the system, waiting for a Physical Random Access Channel (PRACH) scheduling period, and sending a Random Access Preamble (Preamble) message to the eNB, where the Preamble message includes a Random Access Preamble sequence Preamble selected by the UE.

S202, after receiving the preamble sent by the UE, the eNB sends a random access response to the UE in a random access response window. Wherein, one random access response message may respond to random access requests (preambles) of a plurality of UEs.

The random access response is scheduled by Downlink Control Information (DCI) carried in a Physical Downlink Control Channel (PDCCH) scrambled by a Radio Network Temporary Identity (RA-RNTI), and the RA-RNTI is determined by a PRACH time-frequency resource position for transmitting a preamble. The contents in the random access response include: a backoff (backoff) parameter, a Preamble identifier corresponding to the Preamble message, an uplink transmission Time Advance (TA), an uplink resource allocated for the UE to send the third message, a Cell Radio Network Temporary Identity (C-RNTI), and the like. The backoff parameter is used for indicating the time delay average value of the next random access initiated by the UE if the current random access fails.

Further, the UE may determine, through the RA-RNTI and the preamble identifier in the random access response, the random access response sent to the UE by the eNB, and if the preamble corresponding to the preamble identifier in the random access response includes the preamble when the UE initiates random access, the UE considers that the UE successfully receives the random access response message, and then sends a third message to the network side. And if the UE does not correctly receive the random access response, determining the time delay for initiating the next random access according to the time delay limit of the backoff parameter, and additionally selecting the random access resource to initiate the next random access. When the maximum random Access times are reached, a Media Access Control (MAC) layer of the UE reports a random Access problem to an RRC layer, and a radio link failure process is triggered.

And S203, after receiving the random access response, the UE sends a third message on the uplink resource allocated by the eNB. Wherein, for different scenes, the third message contains different contents. For example, when the UE initially accesses, the third message carries an RRC connection establishment request message generated by the RRC layer.

And S204, the eNB and the UE finish final contention resolution through the fourth message.

Wherein the content of the fourth message corresponds to the content of the third message. When the UE initially accesses, the fourth message carries a UE Contention Resolution Identity MAC layer control unit (Contention Resolution Identity MAC CE), and after receiving the MAC CE, the UE compares the user Identity carried by the MAC CE with the user Identity carried by the third message, and if the user Identity is completely consistent, the UE can know that the UE successfully contends.

In addition, the fourth message may further include an RRC connection setup message, which is used to set up the signaling radio bearer 1 of the UE (SRB 1).

S205, after completing the contention resolution, the UE establishes a signaling radio bearer 1(SRB1) according to the information in the RRC connection establishment message, and sends an RRC connection establishment complete message to the network.

The NAS service request (service request) message may be piggybacked to the network side when the RRC connection setup complete message is sent.

S206, after receiving the RRC connection setup complete message, the eNB sends a piggybacked NAS service request message to the MME, for requesting the MME to set up a relevant connection between the eNB corresponding to the UE and a core network element (i.e., a control plane connection with the MME and an S1 bearer with the S-GW).

S207, the MME informs the eNB of the information of the corresponding connection of the UE.

S208, the eNB sends a Security Mode Command (SMC) and an RRC connection reconfiguration message to the UE for activating the security of the UE and establishing a Data Radio Bearer (DRB) and other signaling radio bearers (SRBs 2) for the UE.

It should be noted that the Security Mode Command (SMC) needs to be integrity protected before it is sent, and the RRC connection reconfiguration message needs to be ciphered and integrity protected before it is sent.

S209, after the security activation and the configuration of the DRB and the SRB2 are completed, the UE sends a security mode completion message and an RRC connection reconfiguration completion message to the network side.

S210, after the above process, the user plane data of the UE is sent to the PGW through the DRB between the UE and the eNB and the S1 between the eNB and the SGW; the control signaling between the UE and the core network is sent to the MME through the SRB between the UE and the eNB, and S1AP between the eNB and the MME.

In many application scenarios of MTC services, MTC devices only send small amount of data to the network side, and the period of data transmission is usually long, and may be in units of seconds, days, months, or the like. For example: data reporting Of intelligent metering devices (such as an intelligent ammeter, an intelligent water meter, an intelligent gas meter and the like), sending Of consumption information by a wireless Point Of sale information management system (POS) machine and the like. If the existing data transmission mode is adopted, a large signaling overhead (for example, the related signaling overhead in the signaling flow before the data transmission) will be generated, thereby resulting in low system efficiency.

In view of the foregoing problems, embodiments of the present invention provide a data transmission method, user equipment, and network side equipment, so as to implement that, when a UE does not establish an RRC connection with a base station (i.e., a control plane connection and a user plane bearer are not established), the UE can transmit data to the network side, and can ensure security of data transmission, thereby reducing signaling required for establishing a control plane and a user plane connection, reducing signaling overhead, and improving system efficiency.

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. It is to be understood that the terminology used in the embodiments of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.

The user equipment UE in the following embodiments of the present invention includes, but is not limited to, an MTC Device and a Mobile Broadband (MBB) Device, where a terminal for MTC services (packet data transmission services, where user data to be transmitted usually does not exceed one kilobyte) is called an MTC Device, and the MTC Device may be a UE with MTC characteristics, such as a meter reading terminal, a Mobile phone, a tablet computer, a laptop computer, a palmtop computer, a Mobile Internet Device (MID), a wearable Device (e.g., a smart watch, a smart bracelet, smart glasses, etc.), or other terminal devices or communication modules installed and deployed with a USIM/SIM card. The MTC devices may Access networks such as Global System for Mobile communications (GSM), General Packet Radio Service (GPRS), Universal Mobile Telecommunications System (UMTS), evolved Universal Terrestrial Radio Access Network (UTRAN), and EUTRAN, and communicate with MTC servers or other MTC devices to implement MTC applications. A terminal for MBB services (e.g. transmission services of packet data such as wechat) is called an MBB device, such as a mobile phone, a tablet computer, a notebook computer, a palm computer, an MID, a wearable device (e.g. a smart watch, a smart bracelet, smart glasses, etc.), or other terminal devices or communication modules where a USIM/SIM card is installed and deployed.

Referring to fig. 3, fig. 3 is a schematic diagram of a network architecture of an LTE system according to an embodiment of the present invention. The LTE system network architecture mainly comprises UE, a base station eNB and a core network, wherein the core network mainly comprises the following network elements: the present invention relates to an S-GW (for example, MTC-GW in MTC service), an HSS and a P-GW, wherein the P-GW can exist independently, or the function of the P-GW can be integrated into the S-GW for realization, all functions of the existing S-GW and P-GW are realized through the independent S-GW, wireless communication is realized between the UE and the eNB through a Uu interface, data transmission is realized between the eNB and the S-GW through an S1-U interface, data transmission is realized between the S-GW and the HSS through a newly added S-HSS interface, the S-HSS is an interface name newly added between the S-GW and the HSS, and the interface name newly added between the S-GW and the HSS can also be other names. The user data is transmitted to the P-GW through the S-GW and then transmitted to the target Server by the P-GW, or the S-GW directly transmits the user data to the Server.

Referring to fig. 4A, fig. 4A is a schematic flowchart of a data transmission method according to an embodiment of the present invention, which includes, but is not limited to, the following steps.

S401, the user equipment UE encrypts and integrity-protects the data packet by using the encryption key and the integrity protection key.

Specifically, when user data of the user equipment UE in the IDEL state needs to be sent to the network side equipment, the UE performs security processing (including encryption processing and integrity protection processing) on a data packet to be transmitted according to an encryption key and an integrity protection key of the UE. The UE includes, but is not limited to, an MTC device or an MBB device, and the data packet includes, but is not limited to, an identifier of the UE and user data to be transmitted by the UE. For example, for an intelligent meter reading service, the UE may report the information of the electric meter/water meter to the network side device every month periodically, and upload the information of the electric meter/water meter to a destination server (for example, a cell meter reading server) through the network side device for statistical processing, where the reported information of the electric meter/water meter corresponds to a small data amount, which is usually tens of bytes. For another example, for a wechat service in the MBB service, the number of bits of wechat user data transmitted by the MBB device to the network side device at a time is usually not more than one kilobyte.

As an optional implementation manner, the UE generates a first random number for deriving a key, and generates key information (including an encryption key and an integrity protection key used for encrypting and integrity protecting a transmitted data packet) of the UE step by step according to the first random number; as another optional implementation manner, the HSS generates a second random number for deriving a key, and issues the second random number to the UE through the network side device, so that the UE generates key information of the UE in a step-by-step manner according to the second random number issued by the network side device. The UE may specifically generate the key information as follows: and the UE takes the first random number (or the second random number) and a root key K of the UE as the access parameters, and processes according to a key algorithm negotiated by the UE and the network side equipment to generate the key information step by step. Therefore, it can be understood that the network side device may also use the first random number (or the second random number) and the root key of the UE as the entry parameters, and perform processing according to the key algorithm to generate the key information corresponding to the UE step by step (including a decryption key and an integrity verification key used for decrypting and verifying the integrity of the transmitted data packet). The encryption key generated by the UE is the same as the decryption key generated by the network side device, the integrity protection key generated by the UE is the same as the integrity verification key generated by the network side device, and the network side device includes but is not limited to a base station (e.g., eNB) and a serving gateway (e.g., S-GW, for MTC traffic, the serving gateway is MTC-GW). It should be noted that, a key algorithm may be negotiated in advance between the UE and the network side device, for example, the UE may select a key algorithm and then send the key algorithm to the network side device, or the network side device selects a key algorithm and then sends the key algorithm to the UE. In the process of generating the key information of the UE, the UE and the network side device may further add other key generation parameters to generate the key information of the UE, for example, an identifier of the UE.

Specifically, the UE encrypts user data in the data packet according to the encryption key to obtain encrypted user data, and performs integrity protection on parameter information (including but not limited to an identifier of the UE) in the data packet according to the integrity protection key to obtain integrity protection information, i.e., a complete Message Authentication Code for interference (MAC-I). And the UE sends the encrypted user data, the parameter information and the MAC-I obtained after encryption and integrity protection processing as a data packet to be transmitted. For example, the UE may obtain the encrypted user data by using the user data and the encryption key as entries and then performing a process using an encryption algorithm (which may be regarded as a hash function), and the UE may obtain the complete message authentication code MAC-I by using the UE identifier and the integrity protection key as entries and then performing a process using an integrity protection algorithm (a hash function).

For example, if the identifier of the UE is a, the user data is B, the encrypted user data obtained by encrypting the user data B by using the encryption key by the UE is B', and the MAC-I obtained by integrity protecting the user data a by using the integrity protection key by the UE is a, the content carried in the data packet includes: A. b' and a.

Optionally, the user data may also participate in the integrity protection process, that is, the UE performs integrity protection on the parameter information and the user data according to an integrity protection key corresponding to the UE, so as to obtain MAC-I. Similarly, other part of parameters (for example, parameters that the network side device does not need to directly use before decrypting the received data packet) in the parameter information except the UE identifier may also participate in the encryption process to obtain the encrypted parameters, so that the data packet includes encrypted user data, encrypted parameters, unencrypted parameters, and the MAC-I.

It should be noted that, if the user data in the data packet only participates in the encryption process and not participates in the integrity protection process, and the parameter information only participates in the integrity protection process and not participates in the encryption process, the two processes of encrypting the user data and performing integrity protection on the parameter information by the UE may be performed simultaneously or in a time-sharing manner, and when the time-sharing is performed, the sequence is not limited in the embodiment of the present invention. If the user data in the data packet participates in both an encryption process and an integrity protection process, the parameter information participates in both an integrity protection process and part of parameters in the parameter information also participates in an encryption process, the UE first performs integrity protection processing on the user data and the parameter information to obtain the MAC-I, then performs encryption processing on the user data and performs encryption processing on the part of parameters, wherein the two encryption processes of encrypting the user data and encrypting the part of parameters can be performed simultaneously or in a time-sharing manner, and when the two encryption processes are performed in a time-sharing manner, the sequence is not limited in the embodiment of the invention.

Optionally, for the embodiment that the UE generates the first random number, the parameter information in the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information includes an Encryption algorithm identifier corresponding to an Encryption algorithm used by the UE (e.g., EEA0 (null algorithm) in EPS Encryption Algorithm (EEA), EEA1 (standard algorithm based on 3G network), EEA2 (enhanced Encryption algorithm) or EEA3 (grand rush algorithm), etc.) and an Integrity protection algorithm identifier corresponding to an Integrity protection algorithm used by the UE (e.g., EIA0 (null algorithm) in EPS Integrity Algorithm (EIA), EIA1 (standard algorithm based on 3G network), EIA2 (enhanced Encryption algorithm) or EIA3 (grand rush algorithm), etc.), where the Encryption algorithm is used by the UE to encrypt the data packet, the integrity protection algorithm is used for the UE to carry out integrity protection on the data packet, and the safety algorithm indication information participates in an integrity protection process and does not participate in an encryption process. Specifically, the ciphering algorithm is an algorithm used when the UE ciphers the user data and ciphers a part of parameters in the parameter information, and the integrity protection algorithm is an algorithm used when the UE performs integrity protection processing on the parameter information. It should be noted that the security algorithm indication information is only carried in a first data packet sent by the UE to the network side device, and once the network side device obtains the security algorithm indication information by receiving a data packet, the subsequent UE may or may not carry the security algorithm indication information when sending a data packet to the network side device, which is not limited in the embodiment of the present invention.

Optionally, the parameter information in the data packet further includes an identifier of the destination server.

Specifically, the identifier of the destination server includes, but is not limited to, a Uniform Resource Locator (URL). The identification of the destination server participates in the integrity protection process, and the identification of the destination server also participates in the encryption process.

Optionally, if the network side device is a service gateway, the parameter information in the data packet further includes an identifier of the service gateway.

Specifically, after the UE sends a data packet to the serving gateway once, the serving gateway sends its identifier to the UE, and then when the UE sends the data packet to the serving gateway again next time, the parameter information in the data packet further includes the identifier of the serving gateway. The identification of the service gateway participates in the integrity protection process and does not participate in the encryption process.

Specifically, if the network side device is a base station, the UE encrypts the Data Packet and performs integrity protection on the Data Packet in a Packet Data Convergence Protocol (PDCP) layer in a second layer (Data link layer) of the radio interface; if the network side device is a serving gateway, a peer-to-peer protocol sublayer is required between the UE and the serving gateway, and therefore the process of encrypting and integrity protecting the data packet by the UE is implemented in the peer-to-peer protocol sublayer. The protocol sublayer may be a newly added protocol sublayer or an extension of the function of some existing protocol sublayer.

S403, when the UE does not establish RRC connection with the base station, the encrypted and integrity-protected data packet is sent to a network side device.

Specifically, the UE sends the data packet obtained after encryption and integrity protection processing to the network side device when the RRC connection with the base station is not established, and the network side device receives the encrypted and integrity protected data packet sent by the UE when the RRC connection with the base station is not established. The network side device includes, but is not limited to, a base station and a serving gateway, that is, the network side device may be a base station, a serving gateway, or a base station and a serving gateway. If the network side device is a base station, the UE sends the data packet to the base station, the base station receives the data packet and performs step S405, and the message or data transmitted between the base station and the service gateway is subjected to Security protection through Internet Protocol Security (IPsec) or other protocols; if the network side device is a serving gateway, the UE sends the data packet to a base station, the base station receives the data packet and transparently transmits the data packet to the serving gateway, and the serving gateway receives the data packet sent by the base station and executes step S405.

Optionally, the sending, by the UE, the encrypted and integrity-protected data packet to a network side device includes:

and the UE sends the encrypted and integrity-protected data packet to the base station through a random access Preamble message (i.e. Preamble message) or an RRC connection establishment request message or other resources allocated to the UE by the base station.

Specifically, if the network side device is the base station, the UE sends the data packet to the base station by carrying the data packet in a Preamble sequence in a Preamble message or resources in an RRC connection establishment request message or resources allocated to the UE by other base stations, and the base station receives the data packet sent by the user equipment UE through the Preamble sequence in the Preamble message or resources in the RRC connection establishment request message or resources allocated to the UE by other base stations when the RRC connection is not established; if the network side equipment is a serving gateway, the UE sends the data packet to the base station by carrying the data packet in a Preamble sequence in a Preamble message or resources in an RRC connection establishment request message or other resources allocated to the UE by the base station, and the base station receives the data packet and transparently transmits the data packet to the serving gateway. Because the Preamble message and the RRC connection establishment request message are sent to the base station before the UE establishes the RRC connection, the UE does not establish a control plane connection and a user plane bearer with the network side device at this time, and thus signaling resources required for establishing these bearers can be reduced.

S405, the network side equipment determines a decryption key and an integrity verification key corresponding to the UE according to the identity of the UE.

Specifically, after receiving the data packet sent by the UE, the network side device determines a decryption key and an integrity verification key corresponding to the UE according to the UE identifier carried in the data packet. The decryption key generated by the network side device is the same as the encryption key generated by the UE, and the integrity verification key generated by the network side device is the same as the integrity protection key generated by the UE. For the embodiment that the UE generates the first random number, the determining, by the network side device according to the UE identifier, a decryption key and an integrity verification key corresponding to the UE specifically includes: the network side equipment searches whether key information corresponding to the UE identification is stored at the local terminal according to the UE identification, if so, the network side equipment indicates that the network side equipment has previously received a data packet sent by the UE and also acquires the key information corresponding to the UE in the process, so that the network side equipment can directly acquire the key information of the UE at the local terminal after receiving the data packet; if not, it indicates that the network side device receives the data packet sent by the UE for the first time, so that the data packet carries a first random number generated by the UE, the network side device needs to further send the received UE identifier and the first random number to the HSS, the HSS generates an intermediate key of the UE according to the UE identifier and the first random number, the HSS further sends the intermediate key to the network side device, the network side device further generates key information of the UE, and stores a corresponding relationship between the UE identifier and the key information. It should be noted that after the UE sends the data packet to the network side device once, the network side device may store the key information of the UE, so that when the UE sends the data packet to the network side device subsequently, the network side device may directly search the key information of the UE at the local end.

For the embodiment that the HSS generates the second random number and issues the second random number to the UE through the network side device, the determining, by the network side device according to the identifier of the UE, the decryption key and the integrity verification key corresponding to the UE specifically include: the HSS generates a second random number in advance, generates an intermediate key of the UE according to the identifier of the UE and the second random number, then sends the intermediate key to the network side equipment, the network side equipment further generates key information of the UE, and stores the corresponding relation between the identifier of the UE and the key information, so that the network side equipment can directly find the key information of the UE at a local terminal according to the identifier of the UE after receiving the data packet sent by the UE.

S407, the network side device decrypts and verifies the integrity of the data packet by using the decryption key and the integrity verification key.

Specifically, the network side device decrypts and verifies the integrity of the received data packet by using the key information of the UE. In a specific implementation, the network side device decrypts the encrypted user data by using the obtained decryption key, and performs integrity verification on integrity protection information (i.e., the MAC-I) carried in the data packet by using the obtained integrity verification key and parameter information carried in the data packet, so as to implement security authentication on the UE. For example, the network side device takes the encrypted user data and the decryption key in the data packet as the entry references, then, the encrypted user data can be decrypted by processing the encrypted user data through a decryption algorithm (a hash function, which is an inverse algorithm of the encryption algorithm used by the UE) to obtain plaintext user data, the network side device takes the identity of the UE and the integrity verification key as access parameters, then, a complete message authentication code MAC-I' can be obtained after the processing of an integrity verification algorithm (a hash function, which is the same as the integrity protection algorithm used by the UE), and finishing the integrity verification of the data packet by judging whether the MAC-I' is consistent with the MAC-I carried in the data packet, and if so, successfully verifying the integrity of the data packet by the network side equipment. If the integrity of the MAC-I is successfully verified by the network side device, it indicates that the data and/or parameters in the data packet are complete, that is, the data packet is not tampered or inserted by a third party during transmission, and also indicates that the network side device can successfully obtain the key information of the UE according to the identifier of the UE, so that the UE is authenticated as a valid user.

For example, the data packet sent by the UE includes the following contents: A. b 'and a, the network side equipment decrypts the encrypted user data B' according to the obtained decryption key to obtain user data B, and the network side equipment verifies the integrity of a according to the obtained integrity verification key and the identifier A of the UE.

It should be noted that, if the UE performs only encryption processing on the user data and does not perform integrity protection processing, and performs only integrity protection processing on the parameter information and does not perform encryption processing, the two processes of decrypting the encrypted user data by the network side device and performing integrity verification on the parameter information by the network side device may be performed simultaneously or in a time-sharing manner, and when the two processes are performed in a time-sharing manner, the order is not limited in the embodiment of the present invention. If the UE encrypts and integrity-protects the user data, and the UE encrypts and processes part of the parameters in the parameter information, the network side device needs to decrypt the encrypted user data and the encrypted parameters by using the decryption key, and then perform integrity verification on the MAC-I according to the integrity verification key, the decrypted user data, and the decrypted parameters. It should be noted that, negotiation may be performed between the UE and the network side device on data or parameters participating in an encryption process and data or parameters participating in an integrity protection process in advance, so as to ensure that an encryption object of the UE corresponds to a decryption object of the network side device one to one, and ensure that an integrity protection object of the UE corresponds to an integrity verification object of the network side device one to one.

Optionally, for the embodiment that the UE generates the first random number by itself, the parameter information in the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and verifying the integrity of the data packet, and the security algorithm indication information includes an encryption algorithm identifier corresponding to an encryption algorithm used by the UE and an integrity protection algorithm identifier corresponding to an integrity protection algorithm, and generally, the security algorithm supported by the network side device covers the security algorithm supported by each UE, so that the network side device may determine which encryption algorithm the UE uses according to the encryption algorithm identifier, and further perform inverse operation on the encryption algorithm used by the UE to obtain a decryption algorithm for decrypting the data packet, and simultaneously, determining an integrity verification algorithm according to the integrity protection algorithm used by the UE, wherein the integrity verification algorithm is the same as the integrity protection algorithm used by the UE. The decryption algorithm is used for decrypting a data packet by the network side equipment, the integrity verification algorithm is used for verifying the integrity of the data packet by the network side equipment, the network side equipment decrypts the data packet according to the obtained decryption key of the UE and the decryption algorithm after receiving the data packet, and the integrity verification is carried out on the data packet according to the obtained integrity verification key of the UE and the integrity verification algorithm.

Specifically, if the network side device is a base station, the base station performs decryption and integrity verification on the data packet in a PDCP layer of a second layer of the radio interface; if the network side device is a serving gateway, the UE and the serving gateway need to have a peer-to-peer protocol sublayer, and the decryption and integrity verification process of the data packet performed by the serving gateway is implemented in the peer-to-peer protocol sublayer. The peer-to-peer protocol sublayer may be a newly added protocol sublayer or an extension of the function of some existing protocol sublayer.

And S409, after the network side equipment successfully verifies the integrity of the data packet, sending the user data to a destination server.

Optionally, please refer to fig. 4B, and fig. 4B is a schematic flow chart of another data transmission method according to an embodiment of the present invention, where in fig. 4B, the network side device according to the embodiment of the present invention is described by taking a base station as an example, and steps S401 to S407 in fig. 4B refer to the relevant description in the embodiment shown in fig. 4A, and are not repeated here. Compared with fig. 4A, in step S409, the sending, by the network side device, the user data to the destination server specifically includes:

the base station sends the decrypted user data and the identification of the target server to the service gateway after the integrity verification of the data packet is successful, and the service gateway establishes Transmission Control Protocol (TCP) connection with the target server according to the identification of the target server and sends the user data to the target server through the TCP connection.

Specifically, after the integrity verification of the data packet is successful, the base station sends the decrypted user data and an identifier (e.g., URL) of the destination server to a service gateway, the service gateway receives the user data and the URL, the service gateway triggers a DNS (Domain Name System) resolution process, acquires an IP address corresponding to the URL of the destination server from a DNS server (Domain Name server) which stores Domain names of all hosts in the network and corresponding Internet Protocol (IP) addresses and has a function of converting Domain names into IP addresses, and establishes TCP connection with the destination server according to the IP address of the destination server.

Optionally, please refer to fig. 4C, where fig. 4C is a schematic flowchart of another data transmission method provided in the embodiment of the present invention, and in fig. 4C, the network side device in the embodiment of the present invention is described by taking a service gateway as an example, and steps S401 to S407 in fig. 4C refer to the relevant description in the embodiment shown in fig. 4A, which is not repeated here. Fig. 4C is compared with fig. 4A, where the sending, by the network side device, the user data to the destination server described in step S409 specifically includes:

and after the service gateway successfully verifies the integrity of the data packet, establishing TCP connection with the target server according to the identification of the target server, and sending the decrypted user data to the target server through the TCP connection.

Specifically, after the integrity of the data packet is successfully verified, the service gateway triggers a domain name resolution (DNS) process, acquires an IP address corresponding to the URL of the destination server from the DNS server, and establishes a TCP connection with the destination server according to the IP address of the destination server.

In the embodiment of the invention, the DNS domain name resolution process is not triggered by the UE, namely the process that the UE establishes TCP connection with a target server by occupying a large amount of air interface resources is not needed, but the DNS process is triggered by the serving gateway instead of the UE, the serving gateway establishes TCP connection with the target server, and further the decrypted user data is sent to the target server through the TCP connection, so the signaling resources for establishing the TCP connection are reduced.

By executing the steps S401 to S409, the UE encrypts and integrity-protects the data packet to be transmitted according to the key information of the UE without establishing RRC connection with the base station, and then sends the encrypted and integrity-protected data packet to the network side device, and the network side device can decrypt and integrity-verify the data packet according to the obtained key information of the UE, thereby ensuring the security of data transmission, reducing signaling overhead for establishing control plane connection and user plane bearer, and improving system efficiency.

Further, referring to fig. 4D, fig. 4D is a flowchart of another data transmission method according to an embodiment of the present invention, and before step S401 in the embodiment shown in fig. 4A, 4B, or 4C is executed, step S4001 may be further executed to enable the UE to generate a first random number of a derived key, and further generate an encryption key and an integrity protection key of the UE according to the first random number. The embodiment of the present invention is described by taking an example in which step S4001 is executed before step S401 in fig. 4A, and steps S401 to S409 in fig. 4D refer to the related description in the embodiment shown in fig. 4A, which is not described herein again. Here, step S4001 in fig. 4D is described in detail as follows.

S4001, the UE generates the first random number, and generates the ciphering key and the integrity protection key according to the first random number.

Specifically, the UE generates a first random number itself, and generates key information of the UE step by step according to the first random number and a root key of the UE, and when the UE in the IDEL state has data to send, the UE can encrypt and integrity-protect a data packet to be transmitted according to the key information. And the parameter information in the data packet also comprises the first random number, and the first random number participates in the integrity protection process and does not participate in the encryption process.

It should be noted that, when the UE sends the data packet to the network side device for the first time, the UE needs to carry the first random number, and when the UE sends the data packet to the network side device again after sending the data packet to the network side device for the first time, the UE may or may not carry the first random number, specifically depending on the key situation, once the UE randomly generates a new first random number, and uses the newly generated first random number to derive key information, and then uses the key information to perform security processing on the sent data, at this time, the UE needs to carry the newly generated first random number when sending the data packet, and in other cases, the embodiment of the present invention is not particularly limited.

Fig. 4D is compared with fig. 4A, 4B, or 4C, where the determining, by the network side device according to the UE identifier, a decryption key and an integrity verification key corresponding to the UE in step S405 specifically includes:

and the network side equipment sends the identifier of the UE and the first random number to a Home Subscriber Server (HSS), generates an intermediate key of the UE through the HSS, generates a decryption key and an integrity verification key corresponding to the UE according to the intermediate key generated by the HSS, and stores the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key.

Specifically, the HSS stores a root key of the UE, after receiving the UE identifier and the first random number sent by the network side device, the HSS searches for the root key of the UE according to the UE identifier, generates an intermediate key corresponding to the UE according to the UE root key and the first random number, sends the intermediate key of the UE to the network side device, and the network side device receives the intermediate key of the UE and further generates a decryption key and an integrity verification key corresponding to the UE.

Optionally, after the UE transmits a preset number of data packets to the network side device, the key information of the UE may be updated once, and the key update may be triggered by the UE or the network side device, and after the key update is triggered by one party, a key update instruction needs to be sent to the other party, so that the two parties complete the key update. For the implementation mode that the UE generates the first random number by itself, when key updating is needed, the UE regenerates the first random number, generates key information of the UE step by step according to the newly generated first random number, sends the newly generated first random number to the network side equipment, after the network side equipment receives the newly generated first random number, sends an identifier of the UE and the newly generated first random number to the HSS, the HSS searches for a root key of the UE according to the identifier of the UE, regenerates an intermediate key of the UE according to the root key of the UE and the newly generated first random number of the UE, and sends the intermediate key of the UE to the network side equipment, and the network side equipment regenerates the key information of the UE according to the intermediate key of the UE to update the key information of the UE, and storing a correspondence between the identity of the UE and the updated key information. For the embodiment that the HSS generates the second random number and sends the second random number to the UE through the network side device, when key update is required, the HSS regenerates the second random number, generates an intermediate key of the UE according to the newly generated second random number, sends the newly generated second random number and the newly generated intermediate key to the network side device, the network side device further generates key information of the UE according to the newly generated intermediate key, stores a correspondence between an identifier of the UE and the updated key information, and sends the second random number to the UE, and the UE generates the key information of the UE step by step according to the newly generated second random number. Wherein, the preset number can be 2, 5, 10, etc. And the key updating can avoid that a third party cracks the key negotiated between the UE and the network side equipment, thereby further improving the security of data transmission and ensuring the information security of both communication parties.

By executing the step S4001, when the UE has data to send, the UE does not rely on the HSS to generate and issue a random number for deriving the key, but instead generates a random number by the UE, and derives key information of the UE according to the generated random number, so as to perform security processing on a data packet to be transmitted, thereby ensuring security of data transmission, improving data transmission efficiency, and the network side device can implement security authentication on the UE according to the data packet transmitted by the UE, and does not rely on the HSS to generate and issue an authentication vector, thereby simplifying a security authentication process of the network side device on the UE.

Further, referring to fig. 4E, fig. 4E is a flowchart of another data transmission method provided in the embodiment of the present invention, and before step S401 in the embodiment shown in fig. 4A, fig. 4B, or fig. 4C is executed, step S4003-S4009 may be further executed to implement that the UE requests authentication from a network side device, so as to obtain a second random number of a derived key sent by the network side device, and further generate an encryption key and an integrity protection key of the UE according to the second random number. The embodiment of the present invention is described by taking an example where step S4001 is executed before step S401 in fig. 4A, and steps S401 to S409 in fig. 4E refer to the related description in the embodiment shown in fig. 4A, which is not described herein again. Among them, steps S4003 to S4009 in fig. 4E are described in detail as follows.

S4003, when the UE does not establish the RRC connection with the base station, sending an authentication request to a Home Subscriber Server (HSS) through the network side equipment.

Specifically, when data needs to be sent by the UE in the IDLE state, the UE sends an authentication request to a home subscriber server HSS through the network side device without establishing an RRC connection, the network side device receives the authentication request sent by the UE without establishing the RRC connection with the base station, the authentication request includes an identifier of the UE, and the authentication request may further include a capability of the UE.

Optionally, if the network side device is a base station, the UE may carry the authentication request in a Preamble sequence in a Preamble message or a resource in an RRC connection establishment request message or in a resource allocated to the UE by another base station, and then send the authentication request to the base station; if the network side device is a serving gateway, the UE may carry the authentication request in a Preamble sequence in a Preamble message or a resource in an RRC connection establishment request message or a resource allocated to the UE by the other base station, and then send the authentication request to the base station, where the base station sends the authentication request to the serving gateway.

S4005, the network side device sends the authentication request to a Home Subscriber Server (HSS), the authentication request is used for triggering the HSS to generate a second random number and generating an intermediate key of the UE according to the identifier of the UE and the second random number, the network side device generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and stores the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key.

Specifically, the network side device sends the authentication request to an HSS, the HSS receives the authentication request, generates a second random number according to the authentication request, searches for a root key of the UE according to the identity of the UE, generates an intermediate key of the UE according to the root key of the UE and the second random number, the HSS sends the second random number and the intermediate key of the UE to the network side device, and the network side device receives the second random number and the intermediate key of the UE, and further generates the decryption key and the integrity verification key.

It should be noted that, if the network side device receives the intermediate key of the UE sent by the HSS, it indicates that the HSS stores the root key corresponding to the identifier of the UE, so that the UE is a valid user, and the network side device performs secure authentication on the UE.

It should be noted that the UE sends the authentication request to the network side device only when sending data for the first time, and once the network side device generates and stores the key information of the UE according to the authentication request, the subsequent UE can directly send the data after security processing to the network side device.

S4007, the network side device sends a response message to the UE.

Specifically, after generating the key information of the UE according to the identifier of the UE, the network side device sends a response message to the UE, where the response message includes the second random number, and the response message is obtained after the network side device performs integrity protection according to the integrity verification key. And the UE receives a response message sent by the HSS through the network side equipment.

Optionally, the network side device is a serving gateway, the response message may include an identifier of the serving gateway, then the UE receives the identifier of the serving gateway and stores the identifier of the serving gateway, when sending a data packet to the serving gateway next time, the parameter information in the data packet further includes the identifier of the serving gateway, the UE sends the data packet to a base station, the base station receives the data packet, and sends the data packet to the serving gateway corresponding to the identifier of the serving gateway according to the identifier of the serving gateway carried in the data packet (that is, when the UE sends the data packet last time, the base station is the serving gateway allocated to the UE, and after receiving the data packet sent by the UE for the first time, the serving gateway may generate and store key information of the UE), so that the base station does not change to the serving gateway for providing service to the UE, namely, the base station does not select a new serving gateway for the UE and continues to use the old serving gateway, thereby reducing resources occupied by the serving gateway during handover and reducing delay.

Optionally, the response message may include security algorithm indication information selected by the network side device, and specifically, the network side device selects an intersection of the encryption algorithm priority list of the network side device and the capability of the UE, selects an encryption algorithm with the highest priority, selects an intersection of the integrity protection algorithm priority list of the network side device and the capability of the UE, and selects an integrity protection algorithm with the highest priority. The security algorithm indication information includes a cryptographic algorithm identification (e.g., EEA0, EEA1, EEA2, EEA3, etc.) and an integrity protection algorithm identification (e.g., EIA0, EIA1, EIA2, EIA3, etc.). After the network side equipment determines the decryption key and the integrity verification key according to the authentication request, the network side equipment determines a security algorithm shared between the UE and the network side equipment according to the capability of the UE and a security algorithm supported by the network side equipment, further sends selected security algorithm indication information to the UE through the response message, the UE encrypts the data packet by adopting an encryption key of the UE and an encryption algorithm corresponding to the security algorithm sent by the network side equipment, and the UE performs integrity protection on the data packet by adopting an integrity protection key of the UE and an integrity protection algorithm corresponding to the security algorithm sent by the network side equipment. And after receiving the data packet, the network side equipment decrypts the data packet according to the decryption key and the decryption algorithm corresponding to the security algorithm, and performs integrity verification on the data packet according to the integrity verification key of the UE and the integrity verification algorithm corresponding to the security algorithm.

S4009, the UE generates the ciphering key and the integrity protection key according to the second random number, and performs integrity verification on the response message by using the integrity protection key.

Specifically, the UE generates the encryption key and the integrity protection key according to the second random number carried in the response message, and verifies the integrity of the response message according to the integrity protection key to implement the secure authentication of the UE on the network side device, and if the integrity verification of the response message by the UE is successful, it indicates that the response message is complete, that is, the response message is not tampered or inserted by a third party, and indicates that the network side device correctly receives the authentication request, so that the network side device is authenticated to be legitimate. Thus, mutual authentication is completed between the UE and the network side equipment. And after the integrity verification of the response message sent by the network side equipment by the UE is successful, the data packet can be sent to the network side equipment.

By executing the above steps S4003 to S4009, the UE requests authentication from the network side device when RRC connection is not established, acquires a random number of a derived key generated and issued by the HSS, derives key information of the UE according to the random number, and performs integrity verification on a response message sent by the network side device to implement security authentication on the network side device, without depending on an authentication vector generated and issued by the HSS, thereby reducing signaling overhead for establishing control plane connection and user plane bearer, and improving system efficiency.

Further, referring to fig. 4F, fig. 4F is a flowchart illustrating another data transmission method according to an embodiment of the present invention, and after the data transmission method described in steps S401 to S409 in fig. 4A, fig. 4B, fig. 4C, fig. 4D, or fig. 4E is executed, the security authentication of the UE to the network side device may be further implemented by executing steps S411 and S413. In the embodiment of the present invention, steps S411 and S413 are performed after step S409 in fig. 4A for example, and steps S411 and S413 in fig. 4F refer to the related description in the embodiment shown in fig. 4A, and are not described again here. Here, the steps S411 and S413 are described in detail as follows.

S411, the UE receives a confirmation message sent by the network side equipment after the integrity verification of the data packet is successful.

Specifically, the Acknowledgement message includes, but is not limited to, an Acknowledgement Character (ACK) message, where the Acknowledgement message is obtained after the network side device performs integrity protection according to the integrity protection key.

Optionally, the network side device is a serving gateway, and the acknowledgement message sent by the serving gateway to the UE includes an identifier of the serving gateway, the UE stores the identifier of the serving gateway after receiving the identifier of the serving gateway, and when sending a data packet to the serving gateway next time, and also needs to carry the identification of the serving gateway, the UE sends the data packet to a base station, the base station receives the data packet, according to the identification of the service gateway carried in the data packet, sending the data packet to the service gateway corresponding to the identification of the service gateway so as to enable the base station not to change into the service gateway providing the service for the UE, namely, the base station does not select a new serving gateway for the UE and continues to use the old serving gateway, thereby reducing resources occupied by the serving gateway during handover and reducing delay.

It should be noted that, after the network side device successfully verifies the integrity of the data packet, the two processes of sending the user data to the destination server and sending the acknowledgement message to the UE may be performed simultaneously or in a time-sharing manner, and when the time-sharing is performed, the order is not limited in the embodiment of the present invention.

S413, the UE performs integrity verification on the acknowledgement message by using the integrity protection key.

Specifically, after the integrity of the data packet is successfully verified by the network side device according to the integrity verification key, sending a confirmation message to the UE, receiving, by the UE, the confirmation message sent after the integrity of the data packet is successfully verified by the network side device, and performing integrity verification on the confirmation message by using the integrity protection key to realize security authentication of the UE on the network side device, where if the integrity verification of the confirmation message by the UE is successful, the confirmation message is complete, that is, the confirmation message is not tampered or inserted by a third party, and the network side device correctly receives the data packet, so that the network side device is legal.

By executing the steps S411 and S413, the UE can perform security authentication on the network side device according to the confirmation message sent by the network side device, and does not rely on the HSS to generate and issue an authentication vector, thereby simplifying the security authentication process of the UE on the network side device.

Further, referring to fig. 4G, fig. 4G is a flowchart illustrating another data transmission method according to an embodiment of the present invention, and after step S413 in fig. 4F is executed, step S415 and step S417 may be executed to update the UE identifier. Steps S401 to S409 in fig. 4G refer to the related description in the embodiment shown in fig. 4A, and steps S411 and S413 in fig. 4G refer to the related description in the embodiment shown in fig. 4F, which are not repeated herein. The steps S415 and S417 are described in detail as follows.

S415, after the UE successfully verifies the integrity of the acknowledgment message, updating the identifier of the UE according to a third random number generated by the UE.

Specifically, when the UE sends the data packet to the network side device for the first time, the identifier of the UE is the IMSI of the UE, and the IMSI is a unique identifier of the UE, which is called a permanent identifier. A third party who is not good will can track the same IMSI, namely the same UE, by intercepting data of an air interface, and further track the action of the UE. In order to avoid exposing the user's whereabouts, the permanent identity of the user needs to be hidden, i.e. the identity of the UE needs to be updated, and the UE does not need to send the permanent identity each time, but instead uses an updated temporary identity (Temp ID) instead. The Temp ID plays a role in hiding the UE track, the Temp ID is only effective for network side equipment providing service for the UE, and the network side equipment maintains the mapping from the Temp ID to the permanent identifier. And after the UE receives a confirmation message sent by the network side equipment after the integrity of the data packet is successfully verified, and after the integrity of the confirmation message is successfully verified, the UE updates the identifier of the UE according to the identifier of the UE and the third random number, so that when the UE sends user data to the network side equipment next time, the identifier of the UE carried in the data packet is the updated identifier of the UE. The updating, by the UE, the identifier of the UE according to the identifier of the UE and the third random number specifically includes: the UE generates a new identifier of the UE according to the old identifier of the UE, the third random number, and a preset identifier update algorithm, where the preset identifier update algorithm is pre-negotiated between the UE and the network side device, and therefore, it can be understood that the network side device may also generate the new identifier of the UE according to the old identifier of the UE, the third random number, and the preset identifier update algorithm. Specifically, the third random number participates in an integrity protection process, and the third random number may also participate in an encryption process.

And S417, after the network side device successfully verifies the integrity of the data packet, updating the identifier of the UE according to the third random number, and storing the updated identifier of the UE and the corresponding relationship between the decryption key and the integrity verification key.

Specifically, the network side device updates the identifier of the UE according to the identifier of the UE and the third random number, the network side device stores a corresponding relationship between the updated identifier of the UE and the decryption key and the integrity verification key of the UE, and the network side device also stores a mapping relationship between the IMSI of the UE and the updated identifier. And both the UE and the network side equipment finish updating the UE identification.

It should be noted that the update of the UE identifier may be performed once after the UE sends a data packet each time, or may be performed once after the UE sends a data packet for a preset number of times, where the preset number of times is not specifically limited in the embodiment of the present invention, and the preset number of times may be 1 time, 2 times, 5 times, and the like. When the UE needs to update the identifier, the UE sends the current identifier of the UE and a third random number generated by the UE to the network side device, and once the network side device receives the third random number sent by the UE, the network side device updates the identifier of the UE after successfully verifying the integrity of the data packet, and simultaneously sends a confirmation message to the UE, and after successfully verifying the integrity of the confirmation message, the UE updates the identifier of the UE, wherein the sequence of updating the identifier of the UE and sending the confirmation message to the UE by the network side device is not limited.

By executing the steps S415 and S417, the UE and the network side device perform synchronous update on the identifier of the UE, so that the privacy of the UE can be enhanced, the trace of the UE is prevented from being exposed in the data transmission process, and the security of data transmission is further improved.

Referring to fig. 5, fig. 5 is a schematic structural diagram of a user equipment 50 according to an embodiment of the present invention. The user equipment 50 includes a Modem 501. The modem 501 includes a processor 5011 (which may be a Digital Signal Processing (DSP) chip including a PDCP entity for performing encryption and integrity protection on a transmitted data packet and performing integrity verification on a received message or an entity corresponding to another newly added protocol sublayer), a memory 5012, a receiver 5013, and a transmitter 5014, where the receiver 5013 is a receiving circuit, and the transmitter 5014 is a transmitting circuit. The receiver 5013 may be an antenna, and may receive a radio frequency signal through the antenna, and the transmitter 5014 may be an antenna, and transmit the radio frequency signal through the antenna. In some embodiments of the invention, the processor 5011, memory 5012, receiver 5013, transmitter 5014 may be connected by a bus or other means, with the connection by bus 5015 being exemplified in fig. 5. Those skilled in the art will appreciate that the configuration of the user equipment 50 shown in fig. 5 does not constitute a limitation of the user equipment and may include more or fewer components than shown, or some components may be combined, or a different arrangement of components, and although not shown, the user equipment 50 may also include: at least one amplifier, a tuner, one or more oscillators, a SIM card, etc., which are not described in detail herein.

The memory 5012 is configured to store data transmission program code, and the processor 5011 is configured to call the data transmission program code stored in the memory 5012 to enable secure transmission of data by the user equipment UE without establishing an RRC connection with the base station.

The processor 5011 encrypts and integrity-protects a data packet by using an encryption key and an integrity protection key, wherein the encryption key and the integrity protection key are generated by a user equipment UE according to a first random number generated by the UE or a second random number received from a network side device, and the data packet includes an identifier of the UE and user data; the ciphering key and the integrity protection password may be stored in the memory 5012, and the processor 5011 ciphers and integrity protects the data packet by using the ciphering key and the integrity protection key through the PDCP entity or an entity corresponding to another newly added protocol sublayer.

When the UE does not establish an RRC connection with a base station, the encrypted and integrity-protected data packet is sent to a network side device through the transmitter 5014. Optionally, the data packet further includes the first random number, where the first random number is used by the network side device to determine a decryption key and an integrity verification key used for decrypting and verifying integrity of the data packet.

Optionally, the data packet further includes the first random number, where the first random number is used by the network side device to determine a decryption key and an integrity verification key used for decrypting and verifying integrity of the data packet.

Optionally, the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and verifying integrity of the data packet.

Optionally, before the processor 5011 encrypts and integrity-protects the data packet by using the encryption key and the integrity protection key, the processor 5011 is further configured to:

when the UE does not establish the RRC connection with the base station, the transmitter 5014 sends, by the network-side device, an authentication request to a home subscriber server HSS, where the authentication request includes an identifier of the UE, and the authentication request is used to trigger the HSS to generate the second random number and determine, according to the identifier of the UE and the second random number, a decryption key and an integrity verification key used by the network-side device to decrypt and verify integrity of the data packet;

receiving, by the receiver 5013, a response message sent by the HSS through the network side device, where the response message includes the second random number;

and performing integrity verification on the response message by using the integrity protection key. Specifically, the processor 5011 performs integrity verification on the response message by using the integrity protection key through the PDCP entity or an entity corresponding to the other newly added protocol sublayer.

Optionally, the processor 5011 is further configured to perform:

receiving, by the receiver 5013, a confirmation message sent by the network side device after the integrity verification of the data packet is successful;

and performing integrity verification on the confirmation message by using the integrity protection key. Specifically, the processor 5011 performs integrity verification on the confirmation message by using the integrity protection key through the PDCP entity or an entity corresponding to another newly added protocol sublayer.

Optionally, the data packet further includes a third random number generated by the UE, where the third random number is used for updating, by the network side device, the identifier of the UE after the integrity verification of the data packet is successful; the processor 5011 is further configured to perform:

and after the integrity verification of the confirmation message is successful, updating the identity of the UE according to the third random number.

Optionally, the network side device includes a base station or a serving gateway.

Optionally, the data packet further includes an identifier of a destination server, where the identifier of the destination server is used for a service gateway to establish a TCP connection with the destination server, and send the user data to the destination server through the TCP connection.

Optionally, when the network side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, where the identifier of the serving gateway is used for the base station to send the data packet to the serving gateway.

Optionally, the sending, by the transmitter 5014, the encrypted and integrity-protected data packet to a network side device includes:

the encrypted and integrity-protected data packet is transmitted to a base station through a random access preamble message or an RRC connection setup request message through the transmitter 5014. Specifically, the processor 5011 adds the encrypted and integrity-protected data packet to a random access preamble message or an RRC connection establishment request message, and sends the random access preamble message to a base station through a physical random access channel by using the transmitter 5014, or sends the RRC connection establishment request message to the base station through uplink resources allocated to the UE by the base station by using the transmitter 5014.

It should be noted that the functions of the functional modules in the UE 50 described in the embodiment of the present invention may be specifically implemented according to the method corresponding to the UE in the foregoing method embodiment, and are not described herein again.

Referring to fig. 6, fig. 6 is a schematic structural diagram of a network-side device 60 according to an embodiment of the present invention. The network-side device 60 includes a Modem (Modem) 601. The modem 601 includes a processor 6011 (the processor may be a Digital Signal Processing (DSP) chip, for a base station, the DSP chip includes a PDCP entity that decrypts and verifies integrity of a received data packet and performs integrity protection on a sent message, and for a serving gateway, the DSP chip includes an entity corresponding to a new protocol sublayer that decrypts and verifies integrity of the received data packet and performs integrity protection on the sent message), a memory 6012, a receiver 6013, and a transmitter 6014, where the receiver 6013 is a receiving circuit and the transmitter 6014 is a sending circuit. The receiver 6013 may be specifically an antenna, and receive the radio frequency signal through the antenna, and the transmitter 6014 may be specifically an antenna, and transmit the radio frequency signal through the antenna. In some embodiments of the present invention, the processor 6011, the memory 6012, the receiver 6013, the transmitter 6014 may be connected through a bus or other means, wherein fig. 6 illustrates an example of connection through the bus 6015. Those skilled in the art will appreciate that the configuration of the user device 60 shown in fig. 6 does not constitute a limitation of the user device and may include more or fewer components than shown, or some components may be combined, or a different arrangement of components.

The memory 6012 is configured to store a data transmission program code, and the processor 6011 is configured to call the data transmission program code stored in the memory 6012 to enable a network side device to receive user data transmitted by a user equipment UE without establishing an RRC connection with a base station.

The processor 6011 receives, through the receiver 6013, a data packet sent by a UE when a radio resource control RRC connection with a base station is not established, where the data packet includes an identifier of the UE and user data, and the data packet is obtained after the UE is encrypted and integrity protected;

determining a decryption key and an integrity verification key corresponding to the UE according to the identity of the UE;

decrypting and integrity verifying the data packet using the decryption key and the integrity verification key; specifically, the processor 6011 decrypts and verifies the integrity of the data packet by using the decryption key and the integrity verification key through the PDCP entity or an entity corresponding to another newly added protocol sublayer.

And after the integrity verification of the data packet is successful, the user data is sent to a target server.

Optionally, the data packet further includes a first random number generated by the UE;

the determining a decryption key and an integrity verification key corresponding to the UE according to the identifier of the UE includes:

and sending the identifier of the UE and the first random number to a Home Subscriber Server (HSS), generating an intermediate key of the UE through the HSS, generating a decryption key and an integrity verification key corresponding to the UE according to the intermediate key generated by the HSS, and storing the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key.

Optionally, before receiving, by the receiver 6013, a data packet sent by the UE when the RRC connection with the base station is not established, the processor is further configured to:

receiving, by the receiver 6013, an authentication request sent by the UE when the RRC connection with the base station is not established, where the authentication request includes an identifier of the UE;

sending the authentication request to a Home Subscriber Server (HSS), wherein the authentication request is used for triggering the HSS to generate a second random number and generating an intermediate key of the UE according to the identifier of the UE and the second random number, and the network side equipment generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS and stores the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key;

sending, by the transmitter 6014, a response message to the UE, where the response message includes the second random number, and the second random number is used for the UE to generate a ciphering key and an integrity protection key used for ciphering and integrity protecting the data packet.

Optionally, the processor 6011 is further configured to:

after the integrity verification of the data packet is successful, an acknowledgement message is sent to the UE through the transmitter 6014, where the acknowledgement message is used for the UE to perform integrity verification on the acknowledgement message by using an integrity protection key of the UE.

Optionally, the data packet further includes a third random number generated by the UE, where the third random number is used to update the identifier of the UE after the integrity verification of the acknowledgment message by the UE is successful; the processor is further configured to perform:

and after the integrity verification of the data packet is successful, updating the identifier of the UE according to the third random number, and storing the updated identifier of the UE and the corresponding relation between the decryption key and the integrity verification key.

Optionally, the data packet further includes an identifier of the destination server;

the sending the user data to the destination server includes:

and establishing a Transmission Control Protocol (TCP) connection with the destination server according to the identification of the destination server, and sending the user data to the destination server through the TCP connection.

Optionally, the receiving, by the receiver 6013, the data packet sent by the UE when the RRC connection with the base station is not established includes:

and receiving, by the receiver 6013, a data packet sent by the UE through a random access preamble message or an RRC connection establishment request message when the UE does not establish an RRC connection with the base station.

It should be noted that the functions of the functional modules in the network-side device 60 described in the embodiment of the present invention may be specifically implemented according to the method of the corresponding network-side device in the foregoing method embodiment, and are not described herein again.

Referring to fig. 7A, fig. 7A is a schematic structural diagram of a user equipment according to an embodiment of the present invention. As shown in fig. 7A, the user equipment 70 may include a security processing unit 701 and a transmitting unit 703, wherein the details of each unit are described below.

A security processing unit 701, configured to encrypt and integrity-protect a data packet using an encryption key and an integrity protection key of a user equipment UE, where the encryption key and the integrity protection key are generated by the UE according to a first random number generated by the UE or a second random number received from a network side device, and the data packet includes an identifier of the UE and user data;

a sending unit 703, configured to send the encrypted and integrity-protected data packet to a network side device when the UE does not establish an RRC connection with a base station.

Referring to fig. 7B, fig. 7B is a schematic structural diagram of another ue according to an embodiment of the present invention. The user equipment 70 shown in fig. 7B is optimized by the user equipment 70 shown in fig. 7A. Compared with fig. 7A, the user equipment 70 shown in fig. 7B may further include a first receiving unit 705 and a first verifying unit 707, in addition to the above-mentioned security processing unit 701 and the sending unit 703, wherein,

a sending unit 703, configured to send, by the network-side device, an authentication request to a home subscriber server HSS before the security processing unit 701 encrypts and integrity-protects a data packet using an encryption key and an integrity-protection key of a user equipment UE, and when the UE does not establish the RRC connection with the base station, where the authentication request includes an identifier of the UE, and the authentication request is used to trigger the HSS to generate the second random number and determine, according to the identifier of the UE and the second random number, a decryption key and an integrity-verification key used by the network-side device to decrypt and verify the integrity of the data packet;

a first receiving unit 705, configured to receive a response message sent by the HSS through the network side device, where the response message includes the second random number;

a first verifying unit 707 configured to perform integrity verification on the response message using the integrity protection key.

Referring to fig. 7C, fig. 7C is a schematic structural diagram of another ue according to an embodiment of the present invention. The user equipment 70 shown in fig. 7C is optimized by the user equipment 70 shown in fig. 7A. Compared with fig. 7A, the user equipment 70 shown in fig. 7C may further include a second receiving unit 709 and a second verifying unit 711, in addition to the above-mentioned security processing unit 701 and the sending unit 703, wherein,

a second receiving unit 709, configured to receive a confirmation message sent by the network side device after the integrity verification of the data packet is successful;

a second verifying unit 711, configured to perform integrity verification on the confirmation message by using the integrity protection key.

Optionally, the user equipment 70 may further include a security processing unit 701, a sending unit 703, a first receiving unit 705, a first verifying unit 707, a second receiving unit 709, and a second verifying unit 711, and specific implementation of each unit may refer to descriptions of the same units in the foregoing solution, which is not described herein again.

Referring to fig. 7D, fig. 7D is a schematic structural diagram of another ue according to an embodiment of the present invention. The user equipment 70 shown in fig. 7D is optimized by the user equipment 70 shown in fig. 7C. Compared with fig. 7C, the user equipment 70 shown in fig. 7D may further include an updating unit 713 in addition to the above-mentioned security processing unit 701, the sending unit 703, the second receiving unit 709, and the second verifying unit 711, wherein,

an updating unit 713, configured to update the identifier of the UE according to the third random number after the integrity verification of the acknowledgment message is successful.

Optionally, the user equipment 70 may further include a security processing unit 701, a sending unit 703, a first receiving unit 705, a first verifying unit 707, a second receiving unit 709, a second verifying unit 711, and an updating unit 713 at the same time, and specific implementations of the respective units may refer to descriptions of the same units in the foregoing solutions, which is not described herein again.

It should be noted that the functions of the functional units in the user equipment 70 described in the foregoing embodiments may be specifically implemented according to the method corresponding to the user equipment UE in the foregoing method embodiments, and are not described herein again.

Referring to fig. 8A, fig. 8A is a schematic structural diagram of a network-side device according to an embodiment of the present invention. As shown in fig. 8A, the network-side device 80 may include a receiving unit 801, a key determining unit 803, a security processing unit 805, and a first transmitting unit 807, where details of each unit are described below.

A receiving unit 801, configured to receive a data packet sent by a user equipment UE when a radio resource control RRC connection with a base station is not established, where the data packet includes an identifier of the UE and user data, and the data packet is obtained after encryption and integrity protection are performed on the UE;

a key determining unit 803, configured to determine, according to the identity of the UE, a decryption key and an integrity verification key corresponding to the UE;

a security processing unit 805 configured to decrypt and integrity-verify the data packet using the decryption key and the integrity verification key;

a first sending unit 807, configured to send the user data to a destination server after the security processing unit successfully verifies the integrity of the data packet.

Referring to fig. 8B, fig. 8B is a schematic structural diagram of another network-side device according to an embodiment of the present invention. The network-side device 80 shown in fig. 8B is optimized by the network-side device 80 shown in fig. 8A. In contrast to fig. 8A, the key determination unit 803 shown in fig. 8B includes: a second transmission unit 8031, and a first key generation unit 8033, wherein,

a second sending unit 8031, configured to send the identifier of the UE and the first random number to a home subscriber server HSS, and generate an intermediate key of the UE through the HSS;

a first key generating unit 8033, configured to generate a decryption key and an integrity verification key corresponding to the UE according to the intermediate key generated by the HSS, and store a correspondence between an identifier of the UE and the decryption key and the integrity verification key.

Referring to fig. 8C, fig. 8C is a schematic structural diagram of another network-side device according to an embodiment of the present invention. The network-side device 80 shown in fig. 8C is optimized by the network-side device 80 shown in fig. 8A. Compared with fig. 8A, the network-side device 80 shown in fig. 8C may include, in addition to the above-described receiving unit 801, key determining unit 803, security processing unit 805, and first transmitting unit 807, a third transmitting unit 809, a second key generating unit 811, and a fourth transmitting unit 813, wherein,

a receiving unit 801, configured to receive, before receiving a data packet sent by a user equipment UE, an authentication request sent by the UE when the UE does not establish the RRC connection with the base station, where the authentication request includes an identifier of the UE;

a third sending unit 809, configured to send the authentication request to a home subscriber server HSS, where the authentication request is used to trigger the HSS to generate a second random number and generate an intermediate key of the UE according to the identifier of the UE and the second random number;

a second key generation unit 811, configured to generate a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and store a correspondence between the identifier of the UE and the decryption key and the integrity verification key;

a fourth sending unit 813, configured to send a response message to the UE, where the response message includes the second random number, and the second random number is used for the UE to generate a ciphering key and an integrity protection key used for ciphering and integrity protecting the data packet.

Referring to fig. 8D, fig. 8D is a schematic structural diagram of another network-side device according to an embodiment of the present invention. The network-side device 80 shown in fig. 8D is optimized by the network-side device 80 shown in fig. 8A. Compared with fig. 8A, the network side device 80 packet shown in fig. 8D may further include a fifth transmitting unit 815 in addition to the receiving unit 801, the key determining unit 803, the security processing unit 805, and the first transmitting unit 807 described above, wherein,

a fifth sending unit 815, configured to send, after the security processing unit 805 successfully verifies the integrity of the data packet, an acknowledgement message to the UE, where the acknowledgement message is used for the UE to perform integrity verification on the acknowledgement message by using an integrity protection key of the UE.

Optionally, the network-side device 80 may further include a receiving unit 801, a second sending unit 8031, a first key generating unit 8033, a security processing unit 805, a first sending unit 807, and a fifth sending unit 815 at the same time, and specific implementations of the units may refer to descriptions of the same units in the foregoing solutions, which is not described herein again.

Optionally, the network side device 80 may further include a receiving unit 801, a key determining unit 803, a security processing unit 805, a first sending unit 807, a third sending unit 809, a second key generating unit 811, a fourth sending unit 813, and a fifth sending unit 815 at the same time, and specific implementation of each unit may refer to description of the same unit in the foregoing scheme, which is not described herein again.

Referring to fig. 8E, fig. 8E is a schematic structural diagram of another network-side device according to an embodiment of the present invention. The network-side device 80 shown in fig. 8E is optimized by the network-side device 80 shown in fig. 8D. Compared with fig. 8D, the network side device 80 shown in fig. 8E may further include an updating unit 817 in addition to the receiving unit 801, the key determining unit 803, the security processing unit 805, the first transmitting unit 807 and the fifth transmitting unit 815, wherein,

an updating unit 817, configured to update the identifier of the UE according to the third random number after the security processing unit 805 successfully performs integrity verification on the data packet, and store the updated identifier of the UE and the corresponding relationship between the decryption key and the integrity verification key.

Optionally, the network-side device 80 may further include a receiving unit 801, a second sending unit 8031, a first key generating unit 8033, a security processing unit 805, a first sending unit 807, a fifth sending unit 815, and an updating unit 817 at the same time, and specific implementations of the respective units may refer to descriptions of the same units in the foregoing solutions, which are not described herein again.

Optionally, the network side device 80 may further include a receiving unit 801, a key determining unit 803, a security processing unit 805, a first sending unit 807, a third sending unit 809, a second key generating unit 811, a fourth sending unit 813, a fifth sending unit 815 and an updating unit 817 at the same time, and specific implementations of the units may refer to descriptions of the same units in the above schemes, which is not described herein again.

It should be noted that the functions of the functional modules in the network-side device 80 described in the embodiment of the present invention may be specifically implemented according to the method of the corresponding network-side device in the foregoing method embodiment, and are not described herein again.

In summary, by implementing the embodiments of the present invention, the UE can transmit data to the network side without establishing RRC connection with the base station, and can ensure the security of data transmission, thereby reducing signaling resources required for establishing control plane connection and user plane bearer, and improving system efficiency. Furthermore, the safety authentication process of the opposite terminal is realized between the UE and the network side equipment through the transmitted data packet or message, the authentication vector generated and issued by the HSS is not relied on, and the safety authentication process between the UE and the network side equipment is simplified.

In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by controlling the hardware related to the terminal device through a program, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program code, such as magnetic disks, optical disks, flash Memory disks, Read-Only memories (ROMs), Random Access Memories (RAMs), etc.

The data transmission method, the user equipment and the network side device provided by the embodiment of the present invention are described in detail above, a specific example is applied in the text to explain the principle and the implementation of the present invention, and the description of the above embodiment is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims

1. A user equipment comprising a processor, a receiver, and a transmitter;

the processor is used for calling the data transmission program code stored in the memory to execute the following operations:

encrypting and integrity protecting a data packet by using an encryption key and an integrity protection key, wherein the encryption key and the integrity protection key are generated by User Equipment (UE) according to a first random number generated by the UE or a second random number received from network side equipment, and the data packet comprises an identifier of the UE and user data;

when the UE does not establish Radio Resource Control (RRC) connection with a base station, the encrypted and integrity-protected data packet is sent to network side equipment through the transmitter;

the data packet further comprises the first random number, and the first random number is used for determining a decryption key and an integrity verification key used for decrypting and verifying the integrity of the data packet by the network side equipment;

the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and verifying integrity of the data packet.

2. The user equipment of claim 1, wherein prior to encrypting and integrity protecting the data packet using the encryption key and the integrity protection key, the processor is further configured to:

when the UE is not in RRC connection with the base station, an authentication request is sent to a Home Subscriber Server (HSS) through the network side equipment by the transmitter, the authentication request comprises the identity of the UE, and the authentication request is used for triggering the HSS to generate the second random number and determining a decryption key and an integrity verification key used by the network side equipment for decrypting and verifying the integrity of the data packet according to the identity of the UE and the second random number;

receiving, by the receiver, a response message sent by the HSS through the network side device, where the response message includes the second random number;

and performing integrity verification on the response message by using the integrity protection key.

3. The UE of claim 1, wherein the processor is further configured to perform:

receiving, by the receiver, a confirmation message sent by the network-side device after the integrity of the data packet is successfully verified;

and performing integrity verification on the confirmation message by using the integrity protection key.

4. The UE of claim 3, wherein the data packet further includes a third random number generated by the UE, and the third random number is used by the network side device to update the identity of the UE after the integrity verification of the data packet is successful; the processor is further configured to perform:

5. The UE of any one of claims 1 to 4, wherein the network side device comprises a base station or a serving gateway.

6. The UE of claim 5, wherein the data packet further comprises an identifier of a destination server, and wherein the identifier of the destination server is used by the serving gateway to establish a TCP connection with the destination server and send the user data to the destination server via the TCP connection.

7. The UE of claim 6, wherein when the network-side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used for the base station to send the data packet to the serving gateway.

8. The UE of claim 6 or 7, wherein the sending, by the transmitter, the encrypted and integrity-protected data packet to a network side device includes:

and sending the encrypted and integrity-protected data packet to a base station through a random access preamble message or an RRC connection establishment request message by the transmitter.

9. A network side device, comprising a processor, a receiver and a transmitter;

receiving, by the receiver, a data packet sent by a User Equipment (UE) when a Radio Resource Control (RRC) connection with a base station is not established, where the data packet includes an identifier of the UE and user data, and the data packet is obtained after the UE is encrypted and integrity-protected;

decrypting and integrity verifying the data packet using the decryption key and the integrity verification key;

after the integrity verification of the data packet is successful, the user data is sent to a target server;

the data packet further comprises a first random number generated by the UE;

sending the identifier of the UE and the first random number to a Home Subscriber Server (HSS), generating an intermediate key of the UE through the HSS, generating a decryption key and an integrity verification key corresponding to the UE according to the intermediate key generated by the HSS, and storing the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key;

10. The network-side device of claim 9, wherein before receiving, by the receiver, a data packet sent by a user equipment UE when a radio resource control RRC connection with a base station is not established, the processor is further configured to:

receiving, by the receiver, an authentication request sent by the UE when the RRC connection is not established with the base station, the authentication request including an identity of the UE;

sending, by the transmitter, a response message to the UE, the response message including the second random number, the second random number being used by the UE to generate a ciphering key and an integrity protection key used to cipher and integrity protect the data packet.

11. The network-side device of claim 9, wherein the processor is further configured to perform:

after the integrity verification of the data packet is successful, sending a confirmation message to the UE through the transmitter, wherein the confirmation message is used for the UE to carry out integrity verification on the confirmation message by using an integrity protection key of the UE.

12. The network-side device of claim 11, wherein the data packet further includes a third random number generated by the UE, and the third random number is used for updating the identity of the UE after the integrity verification of the acknowledgment message by the UE is successful; the processor is further configured to perform:

13. The network-side device according to any of claims 9-12, wherein the network-side device comprises a base station or a serving gateway.

14. The network-side device of claim 13, wherein the data packet further comprises an identification of a destination server;

the sending the user data to the destination server includes:

15. The network-side device of claim 14, wherein when the network-side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used for the base station to send the data packet to the serving gateway.

16. The network-side device according to claim 14 or 15, wherein the receiving, by the receiver, the data packet sent by the UE when the RRC connection with the base station is not established comprises:

and receiving a data packet sent by the UE through a random access preamble message or an RRC connection establishment request message when the UE does not establish the RRC connection with the base station through the receiver.

17. A method of data transmission, comprising:

user Equipment (UE) encrypts and integrity-protects a data packet by using an encryption key and an integrity protection key, wherein the encryption key and the integrity protection key are generated by the UE according to a first random number generated by the UE or a second random number received from network side equipment, and the data packet comprises an identifier of the UE and user data;

when the UE does not establish Radio Resource Control (RRC) connection with a base station, the encrypted and integrity-protected data packet is sent to network side equipment;

18. The method of claim 17, wherein before the UE encrypts and integrity-protects the data packet using the ciphering key and the integrity protection key, the method further comprises:

when the UE does not establish the RRC connection with the base station, an authentication request is sent to a Home Subscriber Server (HSS) through the network side equipment, the authentication request comprises an identifier of the UE, and the authentication request is used for triggering the HSS to generate a second random number and determining a decryption key and an integrity verification key used by the network side equipment for decrypting and verifying the integrity of the data packet according to the identifier of the UE and the second random number;

the UE receives a response message sent by the HSS through the network side equipment, wherein the response message comprises the second random number;

and the UE uses the integrity protection key to carry out integrity verification on the response message.

19. The method of claim 17, further comprising:

the UE receives a confirmation message sent by the network side equipment after the integrity verification of the data packet is successful;

and the UE uses the integrity protection key to carry out integrity verification on the confirmation message.

20. The method according to claim 19, wherein the data packet further includes a third random number generated by the UE, and the third random number is used by the network side device to update the identity of the UE after the integrity verification of the data packet is successful; the method further comprises the following steps:

and after the UE successfully verifies the integrity of the confirmation message, updating the identity of the UE according to the third random number.

21. The method according to any of claims 17-20, wherein the network side device comprises a base station or a serving gateway.

22. The method of claim 21, wherein the data packet further comprises an identification of a destination server, and wherein the identification of the destination server is used by a serving gateway to establish a TCP connection with the destination server and to send the user data to the destination server via the TCP connection.

23. The method of claim 22, wherein when the network-side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used for the base station to send the data packet to the serving gateway.

24. The method according to claim 22 or 23, wherein the sending the encrypted and integrity-protected data packet to a network side device comprises:

and sending the encrypted and integrity-protected data packet to a base station through a random access preamble message or an RRC connection establishment request message.

25. A method of data transmission, comprising:

the method comprises the steps that network side equipment receives a data packet sent by User Equipment (UE) when Radio Resource Control (RRC) connection with a base station is not established, wherein the data packet comprises an identifier of the UE and user data, and is obtained after the UE is encrypted and subjected to integrity protection;

the network side equipment determines a decryption key and an integrity verification key corresponding to the UE according to the identity of the UE;

the network side equipment decrypts and verifies the integrity of the data packet by using the decryption key and the integrity verification key;

after the network side equipment successfully verifies the integrity of the data packet, the network side equipment sends the user data to a target server;

the data packet further comprises a first random number generated by the UE;

the network side equipment determines a decryption key and an integrity verification key corresponding to the UE according to the identity of the UE, and the method comprises the following steps:

the network side equipment sends the identification of the UE and the first random number to a Home Subscriber Server (HSS), generates an intermediate key of the UE through the HSS, generates a decryption key and an integrity verification key corresponding to the UE according to the intermediate key generated by the HSS, and stores the corresponding relation between the identification of the UE and the decryption key and the integrity verification key;

26. The method of claim 25, wherein before the network side device receives the data packet transmitted by the UE when the RRC connection with the base station is not established, the method further comprises:

the network side equipment receives an authentication request sent by the UE when the RRC connection is not established with the base station, wherein the authentication request comprises the identity of the UE;

the network side equipment sends the authentication request to a Home Subscriber Server (HSS), the authentication request is used for triggering the HSS to generate a second random number and generating an intermediate key of the UE according to the identifier of the UE and the second random number, the network side equipment generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and stores the corresponding relation between the identifier of the UE and the decryption key and the integrity verification key;

and the network side equipment sends a response message to the UE, wherein the response message comprises the second random number, and the second random number is used for the UE to generate an encryption key and an integrity protection key used for encrypting and integrity protecting the data packet.

27. The method of claim 25, further comprising:

and after the network side equipment successfully verifies the integrity of the data packet, sending a confirmation message to the UE, wherein the confirmation message is used for the UE to carry out integrity verification on the confirmation message by using an integrity protection key of the UE.

28. The method of claim 27, wherein the data packet further includes a third random number generated by the UE, and wherein the third random number is used for updating the identity of the UE after the UE successfully verifies the integrity of the acknowledgement message; the method further comprises the following steps:

and after the network side equipment successfully verifies the integrity of the data packet, updating the identifier of the UE according to the third random number, and storing the updated identifier of the UE and the corresponding relation between the decryption key and the integrity verification key.

29. The method according to any of claims 25-28, wherein the network side device comprises a base station or a serving gateway.

30. The method of claim 29, wherein the data packet further comprises an identification of a destination server;

the sending the user data to the destination server includes:

and the service gateway establishes a Transmission Control Protocol (TCP) connection with the destination server according to the identification of the destination server and sends the user data to the destination server through the TCP connection.

31. The method of claim 30, wherein when the network-side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used for the base station to send the data packet to the serving gateway.

32. The method according to claim 30 or 31, wherein the network side device receives the data packet sent by the UE when the RRC connection with the base station is not established, and includes:

the base station receives a data packet sent by a random access preamble message or an RRC connection establishment request message when user equipment UE does not establish RRC connection with the base station.