CN109788474A - A kind of method and device of message protection - Google Patents

A kind of method and device of message protection Download PDF

Info

Publication number
CN109788474A
CN109788474A CN201711125181.0A CN201711125181A CN109788474A CN 109788474 A CN109788474 A CN 109788474A CN 201711125181 A CN201711125181 A CN 201711125181A CN 109788474 A CN109788474 A CN 109788474A
Authority
CN
China
Prior art keywords
key
nas message
terminal device
network equipment
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711125181.0A
Other languages
Chinese (zh)
Inventor
胡力
陈璟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201711125181.0A priority Critical patent/CN109788474A/en
Priority to PCT/CN2018/114908 priority patent/WO2019096075A1/en
Publication of CN109788474A publication Critical patent/CN109788474A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A kind of method and device of message protection, is related to field of communication technology, wherein this method comprises: terminal device according to symmetric key and the first security algorithm, obtains protected Initial NAS message, and protected Initial NAS message is sent to first network equipment;And key relevant parameter is sent to second network equipment, wherein key relevant parameter is for obtaining symmetric key.Since terminal device can carry out safeguard protection to Initial NAS message by symmetric key and the first security algorithm; while improving Initial NAS message transmission security; compared with prior art; help to reduce the complexity for carrying out Initial NAS message safeguard protection, and helps to improve the access efficiency of terminal device.

Description

A kind of method and device of message protection
Technical field
This application involves field of communication technology, in particular to a kind of method and device of message protection.
Background technique
In long term evolution (long term evolution, LTE), Non-Access Stratum (non-access stratum, NAS) The safeguard protection of message is to send NAS safe mode command (security mode to terminal device in the network equipment Command, SMC) activate after message, for terminal device before receiving the NAS SMC message that the network equipment is sent, terminal The NAS message transmitted between equipment and the network equipment such as Initial NAS message is the message not Jing Guo safeguard protection, therefore this A little message, which exist, to be tampered or by the risk of attacker's sniff.
In the prior art, in order to improve safety of the Initial NAS message in communication process, terminal device is to the network equipment In the Initial NAS message of transmission only comprising user's permanent identification (subscriber permanent identifier, SUPI) and The security capabilities of terminal device, after terminal device receives NAS SMC message, to the other parameters in Initial NAS message into After row safeguard protection, it is being sent to the network equipment, this implementation makes the network equipment for the processing phase of Initial NAS message To lag, the access efficiency of terminal device is affected, and complex.
Summary of the invention
The embodiment of the present application provides a kind of method and device of message protection, helps to reduce carrying out to Initial NAS message The complexity of safeguard protection, and improve the access efficiency of terminal device.
In a first aspect, the message protection method of the embodiment of the present application, comprising:
Terminal device obtains protected Initial NAS message according to symmetric key and the first security algorithm, and to the first net Network equipment sends protected Initial NAS message;And key relevant parameter is sent to second network equipment, wherein key is related Parameter is for obtaining symmetric key.
Since terminal device can be by symmetric key and the first security algorithm to Initial NAS message in the embodiment of the present application Carry out safeguard protection compared with prior art, helps to reduce while improving Initial NAS message transmission security The complexity of safeguard protection is carried out to Initial NAS message, and helps to improve the access efficiency of terminal device.
In a kind of possible design, key relevant parameter includes the public key of terminal device, and terminal device can be under Column mode obtains symmetric key:
Terminal device generates symmetric key according to the public key of second network equipment and the private key of terminal device.
Terminal device generates symmetric key according to the public key of second network equipment and the private key of terminal device, specific real Now, a kind of possible design are as follows:
Terminal device generates intermediate key, then basis according to the public key of second network equipment and the private key of terminal device Intermediate key and fixed character string generate symmetric key.Optionally, fixed character string can be pre-configured in terminal device.
In a kind of possible design, key relevant parameter includes the ciphertext of symmetric key, wherein the ciphertext of symmetric key It is to be obtained according to the public key of second network equipment, terminal device can obtain symmetric key according to following manner:
Optionally, terminal device generates symmetric key according to random key generating algorithm;Alternatively, optional, terminal device According to random number, permanent key and cipher key derivative function (key derivation function, KDF), symmetric key is generated.
In a kind of possible design, key relevant parameter includes the ciphertext of the first security algorithm, wherein the first safety is calculated The ciphertext of method is obtained according to the public key of second network equipment.
The safety of the first security algorithm of transmission is helped to improve through the above technical solution.
In a kind of possible design, the first security algorithm is that terminal device is determined according to the strategy of pre-configuration.
In a kind of possible design, Initial NAS message is login request message.
In a kind of possible design, terminal device is receiving the protected downlink NAS from first network equipment After message, protected downlink NAS message is decrypted according to symmetric key and the first security algorithm, downlink NAS is obtained and disappears Breath, wherein downlink NAS message can be registration received message or NAS SMC message.
The safety of transmission registration received message or NAS SMC message is helped to improve through the above technical solution.
In a kind of possible design, terminal device receives the protected downlink NAS message from first network equipment, It include wherein the second security algorithm in downlink NAS message, then terminal device can be according to symmetric key and the first security algorithm pair Protected downlink NAS message is decrypted, and obtains downlink NAS message, and the second safety is then obtained from downlink NAS message and is calculated Method, if last first network equipment is the integrity protection carried out to the ciphertext of downlink NAS message, terminal device is according to second Security algorithm verifies the integrality of protected downlink NAS message, if first network equipment is to the complete of downlink NAS message progress Whole property protection, then terminal device verifies the integrality of downlink NAS message according to the second security algorithm.Wherein downlink NAS message is Register received message.
Since first network equipment can be sent the second security algorithm by registration received message in above-mentioned technical proposal Facilitate the expense for saving signaling to terminal device so as to not have to transmit NAS SMC message to terminal device again.Wherein Second security algorithm is the security algorithm of first network equipment selection.
In a kind of possible design, terminal device receives the protected downlink NAS message from first network equipment, And according to symmetric key and the first security algorithm, the integrality of downlink NAS message is verified, under wherein downlink NAS message can be Row refuse information.
The integrality that downlink refuse information can be verified through the above technical solution facilitates terminal device determination and receives Whether downlink refuse information is forged, distorts, reduce terminal device enter Denial of Service attack (Deny of Service, DoS) a possibility that state.
In a kind of possible design, first network equipment is access and mobile management function (authentication Management function, AMF), second network equipment be independent data management (unified data management, UDM) entity or authentication service function (authentication server function, AUSF) entity.
Second aspect, the method for the message protection of the embodiment of the present application, comprising:
Second network equipment receives the key relevant parameter from terminal device, and according to key relevant parameter, acquisition pair Claim key, then send symmetric key to first network equipment, wherein key relevant parameter is symmetrical close for obtaining symmetric key Key is used to carry out safeguard protection to Initial NAS message.
Since symmetric key can be sent to first network equipment by second network equipment in the embodiment of the present application, to make Initial NAS message can be obtained according to symmetric key by obtaining first network equipment.
In a kind of possible design, key relevant parameter includes the public key of terminal device;Second network equipment is under Column mode obtains symmetric key:
Second network equipment generates symmetric key according to the public key of terminal device and the private key of second network equipment.
Wherein, second network equipment generates symmetric key according to the public key of terminal device and the private key of second network equipment, In specific implementation, a kind of possible design are as follows:
Second network equipment generates intermediate key, then according to the public key of terminal device and the private key of second network equipment According to intermediate key and fixed character string, symmetric key is generated.Optionally, fixed character string can be pre-configured in the second network In equipment.
In a kind of possible design, key relevant parameter includes the ciphertext of symmetric key;Second network equipment is under Column mode obtains symmetric key:
Second network equipment is decrypted the ciphertext of symmetric key according to the private key of second network equipment, obtains symmetrical close Key.
In a kind of possible design, key relevant parameter includes the ciphertext of the first security algorithm;Second network equipment root The ciphertext of the first security algorithm is decrypted according to the public key of second network equipment, obtains the first security algorithm, and to the first net Network equipment sends the first security algorithm.
The safety of the first security algorithm transmission is helped to improve through the above technical solution.
In a kind of possible design, first network equipment is AMF entity;Second network equipment be UDM entity or AUSF entity.
The third aspect, the method for the message protection of the embodiment of the present application, comprising:
First network equipment receives the protected Initial NAS message from terminal device;And it receives and comes from the second net The symmetric key of network equipment;Then according to symmetric key and the first security algorithm, Initial NAS message is obtained.
Due to having carried out safe guarantor to Initial NAS message by symmetric key and the first security algorithm in the embodiment of the present application Shield, thus while improving Initial NAS message transmission security, compared with prior art, help to reduce to initial NAS message carries out the complexity of safeguard protection, and helps to improve the access efficiency of terminal device.
In a kind of possible design, first network equipment receives the first security algorithm from second network equipment.
The safety of the first security algorithm transmission is helped to improve through the above technical solution.
In a kind of possible design, Initial NAS message is login request message.
In a kind of possible design, first network equipment is protected according to symmetric key and the first security algorithm, acquisition Downlink NAS message;And protected downlink NAS message is sent to terminal device.
The safety of transmission downlink NAS message is helped to improve through the above technical solution.
In a kind of possible design, downlink NAS message is registration received message or NAS SMC message.
In a kind of possible design, first network equipment obtains downlink NAS according to symmetric key and the first security algorithm The ciphertext of message, wherein downlink NAS message is registration received message, and registration received message includes the second security algorithm;Then One network equipment carries out integrity protection according to the second security algorithm, to the ciphertext of downlink NAS message, obtains protected downlink NAS message, and protected downlink NAS message is sent to terminal device.Since first network equipment in above-mentioned technical proposal can The second security algorithm is sent to terminal device by registering received message, so as to not have to transmit to terminal device again NAS SMC message facilitates the expense for saving signaling.Wherein the second security algorithm is that the safety of first network equipment selection is calculated Method.
In a kind of possible design, first network equipment carries out downlink NAS message complete according to the second security algorithm Property protection, wherein downlink NAS message be registration received message, registration received message include the second security algorithm;Then the first net Network equipment obtains protected downlink NAS message, protected downlink NAS message according to symmetric key and the first security algorithm For the ciphertext of the downlink NAS message after integrity protection;Finally, first network equipment sends protected downlink to terminal device NAS message.Since first network equipment can be sent the second security algorithm by registration received message in above-mentioned technical proposal Facilitate the expense for saving signaling to terminal device so as to not have to transmit NAS SMC message to terminal device again.Wherein Second security algorithm is the security algorithm of first network equipment selection.
In a kind of possible design, first network equipment disappears to downlink NAS according to symmetric key and the first security algorithm Breath carries out integrity protection, obtains protected downlink NAS message, then, sends protected downlink NAS to terminal device and disappears Breath, wherein downlink NAS message can be registration reject message.
Integrity protection can be carried out to downlink refuse information through the above technical solution, facilitate terminal device determination and connect It receives whether downlink refuse information is forged, distorts, reduces a possibility that terminal device enters DoS state.
In a kind of possible design, first network equipment is AMF entity;Second network equipment be UDM entity or AUSF entity.
Fourth aspect, the device of the message protection of the embodiment of the present application, the device can be terminal device, be also possible to end Chip in end equipment.The device has the technical solution for each possible design for realizing above-mentioned first aspect and first aspect Function.The function can also execute corresponding software realization by hardware realization by hardware.The hardware or software package Include one or more modules corresponding with above-mentioned function.
In a kind of possible design, which includes processing unit and communication unit, and processing unit for example can be place Device is managed, communication unit for example can be transceiver, and transceiver may include radio circuit.Wherein processing unit is used for according to symmetrical Key and the first security algorithm obtain protected Initial NAS message, and communication unit is used to be protected to the transmission of first network equipment The Initial NAS message of shield, and key relevant parameter is sent to second network equipment, wherein key relevant parameter is for obtaining Symmetric key.
In alternatively possible design, which includes processor and memory, and wherein memory is used to store program, Processor is for calling the program stored in memory, to realize first aspect and the possible design of first aspect any one The method of middle message protection.It should be noted that processor can by input/output interface, pin or circuit etc. send or Person receives data.Memory can be register, the caching etc. in chip.In addition, memory can also be in terminal device Positioned at the storage unit of chip exterior, such as read-only memory (read-only memory, ROM) can store static information and refer to Other kinds of static storage device, random access memory (random access memory, RAM) for enabling etc..
Wherein, the processor that any of the above-described place mentions can be a general central processing unit (central Processing unit, CPU), microprocessor, application-specific integrated circuit (application-specific Integrated circuit, ASIC), or it is one or more any for controlling the above-mentioned first aspect of execution or first aspect The integrated circuit of the program of the method for one message protection that may be designed.
5th aspect, the device of the message protection of the embodiment of the present application, the device can be the network equipment, be also possible to net Chip in network equipment.The device has the technical solution for each possible design for realizing above-mentioned second aspect and second aspect Function.The function can also execute corresponding software realization by hardware realization by hardware.The hardware or software package Include one or more modules corresponding with above-mentioned function.
In a kind of possible design, which includes processing unit and communication unit, and processing unit for example can be place Device is managed, communication unit for example can be communication interface, and optionally, processor and communication interface can pass through optical fiber, twisted pair etc. Wired mode connection, communication unit are also possible to transceiver, and transceiver may include radio circuit, optionally, processor and receipts Hair device can be connected by wireless modes such as Wireless Fidelitys (WIFI, wireless fidelity).
Specifically, communication unit is for receiving the key relevant parameter from terminal device, key relevant parameter is for obtaining Symmetric key is obtained, symmetric key is used to carry out safeguard protection to Initial NAS message;Processing unit is used for according to key relevant parameter Symmetric key is obtained, communication unit is also used to send symmetric key to first network equipment.
In alternatively possible design, which includes processor and memory, and wherein memory is used to store program, Processor is for calling the program stored in memory, to realize second aspect and the possible design of second aspect any one The method of middle message protection.It should be noted that processor can by input/output interface, pin or circuit etc. send or Receive data.Memory can be register, the caching etc. in chip.In addition, memory can also be the position in the network equipment In the storage unit of chip exterior, such as ROM, other kinds of static storage device, the RAM that static information and instruction can be stored Deng.
Wherein, the processor that any of the above-described place mentions, can be a general CPU, microprocessor, specific ASIC, or One or more executes the side for the message protection that above-mentioned second aspect or second aspect any one may design for controlling The integrated circuit of the program of method.
6th aspect, the device of the message protection of the embodiment of the present application, the device can be the network equipment, be also possible to net Chip in network equipment.The device has the technical solution for each possible design for realizing the above-mentioned third aspect and the third aspect Function.The function can also execute corresponding software realization by hardware realization by hardware.The hardware or software package Include one or more modules corresponding with above-mentioned function.
In a kind of possible design, which includes processing unit and communication unit, and processing unit for example can be place Device is managed, communication unit for example can be communication interface, and optionally, processor and communication interface can pass through optical fiber, twisted pair etc. Wired mode connection, communication unit are also possible to transceiver, and transceiver may include radio circuit, optionally, processor and receipts Hair device can be connected by wireless modes such as WIFI.
Specifically, communication unit is used to receive the protected Initial NAS message from terminal device, and receives and come from The symmetric key of second network equipment, processing unit are used to obtain initial NAS according to symmetric key and the first security algorithm and disappear Breath.
In alternatively possible design, which includes processor and memory, wherein memory is for storing journey Sequence, processor is for calling the program stored in memory, to realize that the third aspect and third aspect any one are possible The guard method of message in design.It should be noted that processor can be sent out by input/output interface, pin or circuit etc. Send or receive data.Memory can be register, the caching etc. in chip.In addition, memory can also be in the network equipment The storage unit positioned at chip exterior, such as ROM, the other kinds of static storage device that static information and instruction can be stored, RAM etc..
Wherein, the processor that any of the above-described place mentions, can be a general CPU, microprocessor, specific ASIC, or One or more executes the side for the message protection that the above-mentioned third aspect or third aspect any one may design for controlling The integrated circuit of the program of method.
7th aspect, the embodiment of the present application also provide a kind of computer readable storage medium, the computer-readable storage medium Matter is stored with program, when the program is running on computers, so that computer executes method described in above-mentioned various aspects.
Eighth aspect, the application also provide a kind of computer program product comprising program, when it runs on computers When, so that computer executes method described in above-mentioned various aspects.
9th aspect, the embodiment of the present application also provides a kind of communication systems, including fourth aspect or fourth aspect to appoint The device and the 6th of any one possible design in terms of a kind of device for possible design of anticipating, the 5th aspect or the 5th The device of any one possible design in terms of aspect or the 6th.
In addition, fourth aspect technical effect brought by any possible design method into the 9th aspect can be found in first Technical effect brought by different designs mode in aspect, details are not described herein again.
Detailed description of the invention
Fig. 1 is a kind of possible network architecture schematic diagram that the embodiment of the present application is applicable in;
Fig. 2 is the alternatively possible network architecture schematic diagram that the embodiment of the present application is applicable in;
Fig. 3 is a kind of flow diagram of the method for message protection provided by the embodiments of the present application;
Fig. 4 is the flow diagram of the method for another message protection provided by the embodiments of the present application;
Fig. 5 is the flow diagram of the method for another message protection provided by the embodiments of the present application;
Fig. 6 is a kind of flow diagram of the method for message protection provided by the embodiments of the present application;
Fig. 7 is the schematic device of another message protection provided by the embodiments of the present application;
Fig. 8 is the schematic device of another message protection provided by the embodiments of the present application;
Fig. 9 is the schematic device of another message protection provided by the embodiments of the present application;
Figure 10 is the schematic device of another message protection provided by the embodiments of the present application;
Figure 11 is the schematic device of another message protection provided by the embodiments of the present application;
Figure 12 is the schematic device of another message protection provided by the embodiments of the present application;
Figure 13 a and Figure 13 b are respectively the schematic diagram of communication system provided by the embodiments of the present application.
Specific embodiment
As shown in Figure 1, a kind of possible network architecture schematic diagram being applicable in for the embodiment of the present application.The network architecture is the Four third-generation mobile communication technologies (the 4th Generation mobile communication technology, 4G) network rack Structure.Network element in the 4G framework include terminal device, mobile management entity (mobility management entity, MME), Serving GPRS Support Node (serving GPRS support node, SGSN), home signature user server (home Subscriber server, HSS), gateway (serving gateway, S-GW), grouped data network gateway (packet Data network gateway, PDN gateway, P-GW), strategy with charging rule functions (policy and charging Rules function, PCRF) entity, evolution universal land radio access web (evolved universal Terrestrial radio access network, E-TURAN) etc..
E-UTRAN is made of the base station (evolved nodeB, eNodeB) of multiple evolution, is connect between eNodeB by X2 Mouth mutual connection, passes through S1 interface inter-link between eNodeB and evolution block core net (evolved packet core, EPC), And eNodeB and terminal device are interconnected by LTE-Uu.
The major function of MME be support NAS message and its safety, tracing area (track area, TA) list management, The selection of MME when the selection of P-GW and S-GW, across MME switching, in the choosing for carrying out SGSN into 2G/3G access system handoff procedure It selects, the authentication of terminal device, Roaming control and bearer management, third generation partner program (3rd generation Partnership project, 3GPP) different access networks core network node between mobile management.
S-GW is the gateway for terminating at E-UTRAN interface, and major function includes: when switching between carrying out base station, as this Ground anchor point, and assist to complete the reordering function of base station;When switching between 3GPP different access systems, as mobility anchor Point;Execute Lawful intercept function;Carry out the routing and forward of data packet;Label is grouped in uplink and downlink transport layer;With Charging etc. between operator.
P-GW is the gateway that SGi interface is ended in towards PDN, if terminal device accesses multiple PDN, terminal device will be right Answer one or more P-GW.The major function of P-GW includes packet filtering function based on terminal device, Lawful intercept function, terminal Agreement (internet protocol, IP) address allocation function for interconnecting between the network of equipment is counted in the uplink According to packet transport level label, the progress charging of the uplink and downlink grade of service and the control of service level thresholding, carry out based on the upper of business The control etc. of downstream rate.
HSS is the database for storage terminal device signing information, may include one or more in home network HSS.HSS is responsible for saving relevant to terminal device information, for example, Terminal Equipment Identifier, number and routing iinformation, security information, Location information, summary (profile) information etc..
When SGSN can be used between 2G/3G and E-UTRAN 3GPP access is netted moving, Signalling exchange is carried out, including to P-GW With the selection of S-GW, while for be switched to E-UTRAN 3GPP access net terminal device carry out MME selection.
PCRF entity ends in Rx interface and Gx interface, when non-roaming scene, in home public land mobile network network (home Public land mobile network, HPLMN) in only one PCRF with terminal device an IP-Connectivity Access Network Network (IP-connectivity access network), IP-CAN session are related;In roaming scence and Business Stream is local It, may that there are two PCRF be related with the IP-CAN session of terminal device when dredging.
Terminal device is a kind of equipment with radio transmission-receiving function, can be deployed in land, including indoor or room Outside, hand-held or vehicle-mounted;(such as steamer) can also be deployed on the water surface;It can also dispose and (such as aircraft, balloon and defend in the sky On star etc.).Specifically, terminal device can be user equipment (user equipment, UE), mobile phone (mobile phone), Tablet computer (pad), the computer with radio transmission-receiving function, virtual reality (virtual reality, VR) terminal, augmented reality It is (augmented reality, AR) terminal, the wireless terminal in Industry Control (industrial control), unmanned The wireless terminal in wireless terminal, tele-medicine (remote medical) in (self driving), smart grid The wireless terminal in wireless terminal, transportation safety (transportation safety) in (smart grid), smart city The wireless terminal etc. in wireless terminal, wisdom family (smart home) in (smart city).
As shown in Fig. 2, the alternatively possible network architecture schematic diagram being applicable in for the embodiment of the present application.The network architecture is 5th third-generation mobile communication technology (the 5th Generation mobile communication technology, 5G) network Framework.The 5G framework may include terminal device, wireless access network (radio access network, RAN), AMF entity, meeting Talk about management function (session management function, SMF) entity, user plane functions (user plane Function, UPF) entity, UDM entity, authentication service function (authentication server function, AUSF) reality Body, data network (datanetwork, DN).In addition, the 5G network architecture is other than including network element as shown in Figure 2, it is also possible to Function (Authentication Credential Repository and is stored and processed including Service Ticket Processing Function, ARPF) entity, safe anchor point function (security anchor function, SEAF) reality Body, signing identity resolution function (subscription identifier de-concealing function, SIDF) entity Deng.
The major function of RAN is that controlling terminal equipment passes through wireless access to mobile communications network.RAN is mobile communication system A part of system.It realizes a kind of wireless access technology.In concept, it be resident between some equipment (such as mobile phone, One computer or any long-range control machine), and the connection with its core net is provided.RAN equipment includes but is not limited to: in 5G (g nodeB, gNB), evolved node B (evolved node B, eNB), radio network controller (radio network Controller, RNC), node B (node B, NB), base station controller (base station controller, BSC), base station Sending and receiving stations (base transceiver station, BTS), Home eNodeB are (for example, home evolved nodeB or home Node B, HNB), Base Band Unit (base band unit, BBU), transfer point (transmitting and receiving Point, TRP), launch point (transmitting point, TP), mobile switching centre etc., in addition, it can include wireless protect Very (wireless fidelity, wifi) access point (access point, AP) etc..
AMF entity is responsible for access-in management and the mobile management of terminal device, in practical applications comprising 4G network The mobile management function to ps domain of MME in frame, and joined access management function.
SMF entity is responsible for session management, such as the session establishment of user.
UPF entity is the functional network element in user face, be mainly responsible for connection external network comprising in the 4G network architecture The correlation function of SGW and P-GW.
DN is responsible for terminal device and provides the network of service, and such as some DN provide function of surfing the Net for terminal device, other DN provides SMS function etc. for terminal device.
AUSF entity has the function of authentication service, the authentication function for the SEAF request that terminates.
UDM entity can storage terminal device signing information, realize be similar to 4G in HSS rear end.
ARPF entity has the function of Service Ticket storage and processing, such as permanent close for storing the long-term authentication voucher of UE Key K etc..In 5G, the function of ARPF can be merged into UDM entity.
SEAF entity is used to complete the verification process to terminal device, and in 5G, the function of SEAF can be merged into AMF reality In body.
SIDF entity can parse the identity information of contracted user, for example, hiding identity (subscription according to contracting Concealed identifier, SUCI) acquisition signing permanent identity (subscription permanent identifier, SUPI)。
Terminal device may refer to the terminal device in the network architecture shown in Fig. 1.
The embodiment of the present application is not only suitable for the 4G network architecture shown in FIG. 1, is also applied for the 5G network architecture shown in Fig. 2.
In the embodiment of the present application, first network equipment can be the mobility mobile management function for management terminal device Energy entity, or the chip in mobile management functional entity or mobile management functional entity, for example, in the MME in 4G, 5G AMF entity or SEAF entity;Second network equipment can be the private key for storage networking device, or decryption according to net The store function entity or store function of the message of the public key encryption of network equipment intracorporal chip in fact, for example, the HSS in 4G, 5G In APRF entity or AUSF entity or SIDF entity or UDM entity.For convenience of description, each embodiment of the application Using first network equipment as mobile management functional entity, second network equipment is is illustrated for store function entity, not Limitation.
Disappear it should be noted that not only can protect complete initial NAS using the method that each embodiment of the application provides Breath, can also protect the part field of Initial NAS message.For convenience of description, each embodiment of the application is disappeared with complete initial NAS It is illustrated for breath, when protecting the part field of Initial NAS message, the ciphertext of Initial NAS message, Initial NAS message MAC, the MAC of the ciphertext of Initial NAS message can replace with the ciphertext of Initial NAS message part field, Initial NAS message respectively The MAC of part field, the MAC of the ciphertext of Initial NAS message part field, not limits.
The method of the message protection of the embodiment of the present application is described in detail with reference to the accompanying drawing.
As shown in figure 3, being a kind of flow diagram of the method for message protection provided by the embodiments of the present application, including following Step:
Step 301, terminal device obtain protected Initial NAS message according to symmetric key and the first security algorithm.
Wherein, Initial NAS message can be during terminal device is linked into mobile management functional entity, be sent to shifting First NAS message of dynamic management function entity.Exemplary, Initial NAS message can be registration request (registration Request, RR) message, attach request (attach request) message or tracking area (tracking area update, TAU request (TAU request) message etc.) is updated.
Wherein, symmetric key can be encryption key or tegrity protection key, also may include encryption key and complete Whole property protects key.
Illustratively, symmetric key is encryption key, and the first security algorithm is Encryption Algorithm;Alternatively, symmetric key has been Whole property protects key, and the first security algorithm is protection algorithm integrallty;Alternatively, symmetric key includes that encryption key and integrality are protected Key is protected, the first security algorithm includes Encryption Algorithm and protection algorithm integrallty.
Wherein, message content of the encryption being related in the application for sending in sending direction intended recipient is not known After the third party of the relevant parameters such as road encryption key obtains, it can not know the real content to be expressed of the message, be related in the application And to integrity protection for ensuring that the message content that intended recipient receives is not distorted by third party, sent out with sender It is consistent to the message of intended recipient.
It should be noted that when symmetric key is encryption key, the first security algorithm is Encryption Algorithm, it is protected first Beginning NAS message can be the ciphertext of Initial NAS message;When symmetric key is tegrity protection key, the first security algorithm has been When whole property protection algorism, protected Initial NAS message can be the Message Authentication Code of Initial NAS message and Initial NAS message (message authentication code, MAC);When symmetric key includes encryption key and tegrity protection key, quilt The Initial NAS message of protection can be the ciphertext and MAC of Initial NAS message, and wherein MAC can be the ciphertext of Initial NAS message MAC or MAC be Initial NAS message MAC, in addition, when symmetric key includes encryption key and tegrity protection key When, protected Initial NAS message can also be the ciphertext of the Initial NAS message after integrity protection, wherein integrity protection The content encrypted in the ciphertext of Initial NAS message afterwards includes the MAC of Initial NAS message and Initial NAS message, is specifically protected MAC in the Initial NAS message of shield is the MAC of ciphertext or the MAC of Initial NAS message and terminal device of Initial NAS message It is that integrity protection or related, the Yi Ji to the ciphertext progress integrity protection of Initial NAS message are carried out to Initial NAS message Initial NAS message is first carried out integrity protection in the case where encrypting whether to MAC encrypt, be in specific implementation by What the internal implementation of terminal device determined.
When specific implementation, symmetric key can be pre-configured on the terminal device, can also be generated by terminal device symmetrical Key.Three kinds of terminal devices provided herein generate the mode of symmetric key, can be applied on the terminal device in advance In the case where the generating algorithm for configuring symmetric key, it can also apply the case where symmetric key is pre-configured in terminal device Under.
The mode one of terminal device generation symmetric key are as follows:
Terminal device generates symmetric key according to the public key of store function entity and the private key of terminal device.It needs to illustrate , terminal device can be according to the public key and private key of preconfigured asymmetry parameter generation terminal device, optionally, generation The public key of terminal device and the algorithm of private key can be the complete encryption method of elliptic curve (elliptic curve Integrated encryption scheme, ECIES).
The mode one for generating symmetric key to terminal device below is illustrated.
Example one: terminal device directly generates symmetrical close according to the public key of store function entity and the private key of terminal device Key.Optionally, the algorithm for generating symmetric key can be the key agreement function (key for being pre-configured in terminal device Agreement function, KAF).Optionally, the symmetric key generated in example one can be encryption key or integrality Key is protected, in the case where can be applied to symmetric key as encryption key or tegrity protection key;Alternatively, it is optional, show The symmetric key generated in example one not only can be used as encryption key, but also can be used as tegrity protection key, can be applied to Symmetric key includes under encryption key and tegrity protection key and encryption key and the identical situation of tegrity protection key; Alternatively, optional, terminal device can be directed to different private keys, set respectively according to according to the public key and terminal of store function entity Standby private key directly generates symmetric key 1 and symmetric key 2, and wherein terminal device can be close as encrypting by symmetric key 1 Key can regard symmetric key 2 as tegrity protection key, and wherein terminal device includes two or more private key, Can be applied to symmetric key include encryption key and tegrity protection key and encryption key and tegrity protection key not With in the case where.
Example two: terminal device generates intermediate key, so according to the public key of store function entity and the private key of terminal device Afterwards according to intermediate key and fixed character string, symmetric key is generated.Wherein, fixed character string can be pre-configured in terminal device With network side (such as store function entity), it is either pre-configured in terminal device or network side.Specifically, terminal device and net Network side can be pre-configured with one or more fixed character string, in the case where being pre-configured with multiple fixed character strings, terminal Equipment can select at least one fixed character string according to preset algorithm or rule, such as randomly choose at least one and consolidate Determine character string or selects one or more fixed character strings according to certain priority orders.Specifically, fixed character string can be with It is " NAS ", " INITIAL " " INITIAL NAS ", " SUPI ", " INITIAL ENC ", " INITIAL NAS ENC ", " INITIAL INT ", " INITIAL NAS INT " etc., furthermore it should be noted that generating the mode of intermediate key in example two It is similar with a kind of generation mode of symmetric key of example, for example, the algorithm for generating intermediate key can be to be pre-configured in terminal The KAF of equipment.
For example, optional, the symmetric key generated in example two can be encryption key or tegrity protection key, can In the case where being applied to symmetric key as encryption key or tegrity protection key;Alternatively, it is optional, it is raw in example two At symmetric key may act as encryption key, and can be used as tegrity protection key, can be applied to symmetric key packet Include encryption key and tegrity protection key and under encryption key and the identical situation of tegrity protection key;Alternatively, optional , terminal device can be directed to different private keys, respectively according to the private key of the public key of store function entity and terminal device, directly Symmetric key 1 and symmetric key 2 are generated, symmetric key 1 is then concatenated into, according to centre according to intermediate key 1 and fixed character Key 2 and fixed character concatenate into symmetric key 2, directly regard symmetric key 1 as encryption key, symmetric key 2 is as complete Property protection key, wherein terminal device exist two or more private keys, can be applied to symmetric key include encryption it is close Key is with tegrity protection key and in the case that encryption key is different with tegrity protection key;Alternatively, optional, terminal is set It is standby that an intermediate key is generated according to the public key of store function entity and the private key of terminal device, it is then close in order to obtain encryption Key and tegrity protection key, terminal device can choose two different fixed character strings, such as fixed character string 1 and fixed word Symbol string 2, specifically, fixed character string 1 can be " ENC ", " KEY ENC ", " INIITIAL ENC " etc., fixed character string 2 can To be " INT ", " KEY INT ", " INIITIAL INT " etc., and according to fixed character string 1 and intermediate key, symmetric key is generated 1, and according to fixed character string 2 and intermediate key, symmetric key 2 is generated, it regard symmetric key 1 as encryption key, it is symmetrical close Key 2 is used as tegrity protection key, and wherein terminal device may exist one or more than one private key, can be applied to pair Claiming key includes encryption key with tegrity protection key and in the case that encryption key is different with tegrity protection key.
It should be noted that in example two, a kind of optional mode are as follows: terminal device is directly by the public key of terminal device It is sent to store function entity, in this case, store function entity is according to the public key and store function entity of terminal device Private key generate intermediate key, symmetric key is then concatenated into according to intermediate key and symmetrical character;Another optional mode Are as follows: the intermediate key of generation is sent to store function entity by terminal device, by store function entity according to intermediate key and admittedly Determine character string and directly generate symmetric key, reduces the step of store function entity generates symmetric key, help to improve Communication efficiency.There are also a kind of optional modes are as follows: terminal device adds symmetric key according to the public key of store function entity It is close, the ciphertext of symmetric key is then sent to store function entity, in this case, store function entity only need to be by depositing The private key for storing up functional entity is decrypted the ciphertext of symmetric key, to obtain symmetric key.Specific terminal device is real to store function The parameter that body is sent is by algorithm preconfigured in terminal device or strategy decision.
Example three: terminal device generates temporary key 1 according to the public key of store function entity and the private key of terminal device, Then according to temporary key 1, further cipher key derivative is made based on preconfigured KDF, generates temporary key 2.Optionally, eventually End equipment directly regard temporary key 2 as symmetric key;Alternatively, terminal device is according to preconfigured truncation (truncted) letter The truncation of the length of temporary key 1 or temporary key 2 is met preconfigured length by number, obtains symmetric key.
For example, optional, the symmetric key generated in example three can be encryption key or tegrity protection key, can In the case where being applied to symmetric key as encryption key or tegrity protection key;Alternatively, optional, terminal device root Concatenate into encryption key or tegrity protection key according to the symmetric key and fixed character that generate in example three, specifically, solid Determining character string can be " NAS ", " INITIAL ", " INITIAL NAS " etc.;Alternatively, optional, what is generated in example three is symmetrical Key may act as encryption key, and can be used as tegrity protection key, and can be applied to symmetric key includes that encryption is close Under key and tegrity protection key and encryption key and the identical situation of tegrity protection key;Alternatively, optional, terminal is set It is standby private key 1 to can be used and private key 2 generates symmetric key 1 and symmetric key 2 in the way of in example three respectively, then directly By symmetric key 1 be used as encryption key, symmetric key 2 be used as tegrity protection key, wherein terminal device there are two or More than two private keys, it includes encryption key and tegrity protection key and encryption key and complete for can be applied to symmetric key Property protection key it is different in the case where;Alternatively, optional, terminal device is according to the public key of store function entity and terminal device Private key generates a temporary key 1, and then in order to obtain encryption key and tegrity protection key, terminal device be can choose Two different fixed character strings, such as fixed character string 1 and fixed character string 2, specifically, fixed character string 1 can be " ENC ", " KEY ENC ", " INIITIAL ENC " etc., fixed character string 2 can be " INT ", " KEY INT ", " INIITIALINT " etc., and according to fixed character string 1 and temporary key 1, further key is made based on pre-set KDF It is derivative, symmetric key 1 is generated, and according to fixed character string 2 and intermediate key, make based on pre-set KDF further Cipher key derivative generates symmetric key 2, regard symmetric key 1 as encryption key, and symmetric key 2 is used as tegrity protection key, In, there are one or more than one private keys for terminal device, and can be applied to symmetric key includes that encryption key and integrality are protected Protect key and encryption key it is different with tegrity protection key in the case where.
The mode two of terminal device generation symmetric key are as follows:
Terminal device generates symmetric key according to random key generating algorithm.Optionally, random key generating algorithm is preparatory Configuration is on the terminal device.Specifically, terminal device generates and meets with secret according to preconfigured random key generating algorithm Key generating algorithm requires the key of length, using the key as symmetric key.
For example, optional, the symmetric key generated in mode two can be encryption key or tegrity protection key, can In the case where being applied to symmetric key as encryption key or tegrity protection key;Alternatively, it is optional, it is generated in mode two Symmetric key not only can be used as encryption key, but also can be used as tegrity protection key, can be applied to symmetric key includes Under encryption key and tegrity protection key and encryption key and the identical situation of tegrity protection key;Alternatively, it is optional, Terminal device according to the symmetric key that preconfigured random key generating algorithm generates may include symmetric key 1 and symmetrical close Key 2, wherein terminal device can regard symmetric key 1 as tegrity protection key as encryption key, symmetric key 2, can be with In the case where including encryption key and tegrity protection key applied to symmetric key;Alternatively, optional, terminal device can root According to preconfigured random key generating algorithm, a temporary key 4 is generated, then according to temporary key 4 and preconfigured First fixed character string generates encryption key based on KDF, according to temporary key 4 and preconfigured second fixed character string, base Tegrity protection key is generated in KDF, symmetric key is can be applied to and includes the case where encryption key and tegrity protection key Under.
The mode three of terminal device generation symmetric key are as follows:
Terminal device generates symmetric key, optionally, permanent key, KDF are pre- according to random number, permanent key and KDF It first configures in terminal device, random number is that terminal device generates at random.
For example, optional, the symmetric key generated in mode three can be encryption key or tegrity protection key, can In the case where being applied to symmetric key as encryption key or tegrity protection key;Alternatively, it is optional, it is generated in mode three Symmetric key not only can be used as encryption key, but also can be used as tegrity protection key, can be applied to symmetric key includes Under encryption key and tegrity protection key and encryption key and the identical situation of tegrity protection key;Alternatively, it is optional, Terminal device can generate respectively encryption key and integrity protection based on identical mode respectively according to different random numbers Key can be applied in the case that symmetric key includes encryption key and tegrity protection key;Alternatively, optional, terminal Equipment can generate encryption key based on KDF according to permanent key, random number and preconfigured first fixed character string, with And according to permanent key, random number and preconfigured second fixed character string, tegrity protection key is generated based on KDF, it can In the case where including encryption key and tegrity protection key applied to symmetric key.
In addition, the first security algorithm can be pre-configured in terminal device in the embodiment of the present application, by terminal device root It is determined according to the strategy of pre-configuration, wherein the strategy being optionally pre-configured is that network side equipment is sent to terminal device, wherein net The mobile management functional entity that network side apparatus can need to access for terminal device in the embodiment of the present application, or in network Other mobile management functional entitys for once accessing of terminal device, such as when terminal device accesses mobile management reality for the first time When body, what other mobile management functional entitys that the strategy of pre-configuration can once access for terminal device in network were sent. In addition, the strategy being pre-configured may be artificial configuration in terminal device.The strategy that exemplary one kind is optionally pre-configured Mode are as follows: if terminal device accesses the mobile management functional entity for the first time, the first security algorithm can be to be pre-configured to be in terminal The security algorithm of equipment, optionally, if terminal device has been pre-configured multiple security algorithms, the first security algorithm can be pre- How a security algorithm in multiple security algorithms of configuration, specific terminal device select from multiple security algorithms of pre-configuration The mode for selecting the first security algorithm is determined by the internal implementation of terminal device.If terminal device is n-th, access should Mobile management functional entity, wherein N is the integer more than or equal to 2, then the first security algorithm can be terminal device at (N-1) Used security algorithm when secondary access mobile management entity.Optionally, it is preparatory when the strategy of pre-configuration can also be to dispatch from the factory Configuration is in terminal device, such as the strategy of pre-configuration can be the security algorithm of highest priority in selection security algorithm.
Step 302, terminal device sends protected Initial NAS message to mobile management functional entity, and to storage Functional entity sends key relevant parameter, and key relevant parameter is for obtaining symmetric key.
A kind of possible implementation, terminal device directly send key relevant parameter to store function entity;It is another Key relevant parameter is passed through store function entity by mobile management functional entity by possible implementation, terminal device, For example, key relevant parameter and protected Initial NAS message can be sent jointly to mobile management function reality by terminal device Body.
It is exemplary, it is close if symmetric key is generated according to the public key of store function entity and the private key of terminal device Key relevant parameter includes the public key of terminal device;If symmetric key is generated according to random key generating algorithm, or symmetrical Key is generated according to random number, permanent key and KDF, then key relevant parameter includes the ciphertext of symmetric key, wherein right The ciphertext for claiming key is obtained according to the public key of store function entity, specifically, terminal device is according to store function entity Public key obtains the ciphertext of symmetric key to symmetric key encryption.
Optionally, it for the ease of mobile management functional entity after receiving protected Initial NAS message, obtains initial NAS message, key relevant parameter further include the ciphertext of the first security algorithm or the first security algorithm, wherein the first safety is calculated The ciphertext of method is obtained according to the public key of store function entity, specifically, public key of the terminal device according to store function entity, First security algorithm is encrypted, the ciphertext of the first security algorithm is obtained.
In the case where key relevant parameter does not include the ciphertext of the first security algorithm or the first security algorithm, moving tube Managing functional entity can be according to symmetric key and the security algorithm itself being pre-configured, to obtain Initial NAS message, under normal conditions The security algorithm being pre-configured in mobile management functional entity includes the security algorithm being pre-configured in terminal device.
Step 303, store function entity, according to key relevant parameter, obtains symmetrical after receiving key relevant parameter Key.
It include the public key of terminal device under a kind of example, in key relevant parameter, store function entity can be according to terminal The public key of equipment and the private key of store function entity generate symmetric key.Specifically, store function entity is according to terminal device The private key of public key and store function entity generate symmetric key mode and terminal device according to the public key of store function entity and The mode that the private key of terminal device generates symmetric key is similar, and details are not described herein.
Under another example, in private key generation of the store function entity according to the public key and store function entity of terminal device Between key, then according to intermediate key and fixed character concatenate into symmetric key mode and terminal device according to store function reality The public key of body and the private key of terminal device generate intermediate key, then concatenate into symmetric key according to intermediate key and fixed character Mode it is similar, details are not described herein.
It include the ciphertext of symmetric key under another example, in key relevant parameter, store function entity is according to storage function The private key of energy entity, is decrypted the ciphertext of symmetric key, obtains symmetric key.
In addition, in key relevant parameter include the first security algorithm ciphertext in the case where, the above method further include: deposit Functional entity is stored up according to the private key of store function entity, the ciphertext of the first security algorithm is decrypted, the first safety is obtained and calculates Method.
Step 304, store function entity sends symmetric key to mobile management functional entity.
It should be noted that being generated in store function entity according to the public key of terminal device and the private key of store function entity In the case where intermediate key, store function entity can also be intermediate close to the symmetric key that mobile management functional entity is sent Then key can be concatenated into according to intermediate key and fixed character for obtaining Initial NAS message by mobile management functional entity Symmetric key.
For example, in the case where symmetric key includes encryption key and tegrity protection key, mobile management functional entity Encryption key can be generated based on KDF according to intermediate key and preconfigured first fixed character string;And according to intermediate close Key and preconfigured second fixed character string generate tegrity protection key based on KDF.In addition, mobile management functional entity Symmetric key can also be concatenated into according to intermediate key and fixed character otherwise, it is real specifically to can be found in store function Body generates the mode of symmetric key, and details are not described herein.
In the case where including the ciphertext of the first security algorithm or the first security algorithm in key relevant parameter, the above method Further include: store function entity sends the first security algorithm to mobile management functional entity.
Step 305, mobile management functional entity is receiving the protected Initial NAS message from terminal device and is coming From after the symmetric key of store function entity, according to symmetric key and the first security algorithm, Initial NAS message is obtained.
First security algorithm, which can be, to be pre-configured to be on mobile management functional entity.
Optionally, mobile in the case where store function entity sends the first security algorithm to mobile management functional entity Management function entity also receives the first security algorithm from store function entity.
Specifically, mobile management functional entity can obtain Initial NAS message based on following manner:
Mode 1: mobile management functional entity disappears to protected initial NAS according to symmetric key and the first security algorithm Breath is decrypted, and to obtain Initial NAS message, can be applied to the ciphertext that protected Initial NAS message is Initial NAS message In the case where, wherein symmetric key is encryption key, the first security algorithm is Encryption Algorithm, and the ciphertext of Initial NAS message is root It is obtained according to encryption key and the first security algorithm,.
Mode 2: mobile management functional entity verifies the complete of Initial NAS message according to symmetric key and the first security algorithm Whole property, can be applied to symmetric key is in the case that tegrity protection key, the first security algorithm are protection algorithm integrallty. Specifically, mobile management functional entity can verify the integrality of Initial NAS message based on following manner: due to protected initial NAS message is the MAC of Initial NAS message and Initial NAS message, then mobile management functional entity can be according to symmetric key, the One security algorithm and the Initial NAS message received generate new MAC, if the MAC in new MAC and protected Initial NAS message It is identical, then the integrality success of mobile management functional entity verification Initial NAS message;If new MAC and protected initial NAS disappears MAC in breath is different, then the integrality failure of mobile management functional entity verification Initial NAS message.
Mode 3: for mobile management functional entity according to tegrity protection key and tegrity protection key's algorithm, verification is initial The integrality of the ciphertext of NAS message, wherein mobile management functional entity verifies the integrality and mode of the ciphertext of Initial NAS message The integrality of mobile management functional entity verification Initial NAS message is similar in 2, and this will not be repeated here.Optionally, in movement In the successful situation of integrality of the ciphertext of management function entity checks Initial NAS message, mobile management functional entity further according to The ciphertext of Initial NAS message is decrypted in encryption key and Encryption Algorithm, obtains Initial NAS message;Alternatively, it is optional, it moves Management function entity is moved regardless of the check results of integrity protection, all directly the ciphertext of Initial NAS message is decrypted, Aforesaid way can be applied to the ciphertext of the ciphertext that protected Initial NAS message is Initial NAS message and Initial NAS message In the case where MAC, wherein symmetric key includes encryption key and tegrity protection key, and the first security algorithm includes Encryption Algorithm And protection algorithm integrallty, the ciphertext of Initial NAS message are obtained according to encryption key and Encryption Algorithm, Initial NAS message The MAC of ciphertext be to be obtained according to tegrity protection key and tegrity protection key's algorithm.
Mode 4: mobile management functional entity first has to according to encryption key and Encryption Algorithm, to protected initial NAS Message is decrypted, and obtains Initial NAS message, and then according to tegrity protection key and protection algorithm integrallty, verification is obtained Initial NAS message integrality, the integrality and mode of the Initial NAS message that wherein mobile management functional entity verifies The integrality of mobile management functional entity verification Initial NAS message is similar in 2, and this will not be repeated here.Aforesaid way can be with It is that ciphertext that protected Initial NAS message is Initial NAS message and initial NAS disappear applied to protected Initial NAS message The MAC of breath or the ciphertext of the Initial NAS message after integrity protection, Initial NAS message after integrity protection it is encrypted Content in include Initial NAS message and Initial NAS message MAC in the case where, wherein symmetric key include encryption key and Tegrity protection key, the first security algorithm include Encryption Algorithm and protection algorithm integrallty, the ciphertext of Initial NAS message or The ciphertext of Initial NAS message after integrity protection is obtained according to encryption key and Encryption Algorithm, Initial NAS message MAC is obtained according to tegrity protection key and tegrity protection key's algorithm.
In the present embodiment, terminal device according to symmetric key and the first security algorithm in Initial NAS message whole or Partial content has carried out safeguard protection, not by receive the network equipment send NAS SMC message after could to NAS message into The limitation of row safeguard protection not only increases the reliability of Initial NAS message transmission, also improves the access efficiency of terminal device.
It should be noted that a kind of alternative as embodiment shown in Fig. 3, step 302 could alternatively be: eventually End equipment sends protected Initial NAS message and key relevant parameter to store function entity.In specific implementation, optional , terminal device sends protected Initial NAS message and key relevant parameter, mobile management function to mobile management functional entity Energy entity, will be protected first after receiving the protected Initial NAS message and key relevant parameter from terminal device Beginning NAS message and key relevant parameter pass through store function entity.Alternatively, optional, terminal device directly will be protected Initial NAS message and key relevant parameter are sent to store function entity.Then step 303 is executed, and is executing the step 303 Afterwards, step 304 and step 305 are replaced are as follows: store function entity obtains initial according to symmetric key and the first security algorithm Then NAS message sends Initial NAS message to mobile management functional entity, wherein store function entity according to symmetric key and First security algorithm obtains in the mode and step 305 of Initial NAS message mobile management functional entity according to symmetric key and the The mode that one security algorithm obtains Initial NAS message is similar, and details are not described herein.
Further, since mobile management functional entity obtains the true content for needing to transmit in protected Initial NAS message It is to be obtained under the premise of getting symmetric key and the first security algorithm, therefore work as mobile management entity and getting initially After NAS message, when needing to send downlink NAS message to terminal device, in order to improve the reliability of downlink NAS message transmission, After can carrying out safeguard protection to downlink NAS message according to symmetric key and the first security algorithm, it is sent to terminal device.
Specifically, a, a kind of optional implementation are as follows:
Mobile management functional entity obtains protected downlink NAS message, so according to symmetric key and the first security algorithm Protected downlink NAS message is sent to terminal device afterwards, terminal device is receiving the quilt from mobile management functional entity After the downlink NAS message of protection, downlink NAS message is obtained according to symmetric key and the first security algorithm.Wherein, it needs to illustrate It is that mobile management entity can join according to the mode that symmetric key and the first security algorithm obtain protected downlink NAS message See that terminal device obtains the mode of protected Initial NAS message according to symmetric key and the first security algorithm.Terminal device root According to the mode of symmetric key and the first security algorithm acquisition downlink NAS message referring to mobile management functional entity according to symmetric key The mode of Initial NAS message is obtained with the first security algorithm.
Exemplary, when Initial NAS message is login request message, downlink NAS message can receive for registration (registration accept) message, registration reject (registration reject) message or NAS SMC message etc..
For example, downlink NAS message is NAS SMC message or registration received message, in order to improve the transmission of downlink NAS message Reliability, optionally, mobile management functional entity obtains protected downlink according to symmetric key and the first security algorithm Then NAS message is sent protected wherein protected downlink NAS message is the ciphertext of downlink NAS message to terminal device Downlink NAS message, terminal device is after receiving protected downlink NAS message, according to symmetric key and the first security algorithm, Protected downlink NAS message is decrypted, downlink NAS message is obtained.Aforesaid way can be applied to symmetric key In the case that encryption key, the first Complete Algorithm include Encryption Algorithm.In addition, it is optional, it include encryption key in symmetric key And tegrity protection key, in the case that the first security algorithm includes Encryption Algorithm and protection algorithm integrallty, under protected Row NAS message may include the ciphertext of downlink NAS message and the ciphertext of downlink NAS message MAC or protected downlink NAS message includes the ciphertext of downlink NAS message and the MAC of downlink NAS message or the downlink NAS message after integrity protection Ciphertext, wherein in the encrypted content of the ciphertext of the downlink NAS message after integrity protection include downlink NAS message and downlink The MAC of NAS message.Optionally, symmetric key include tegrity protection key, the first security algorithm be protection algorithm integrallty In the case where, protected downlink NAS message is the MAC of downlink NAS message and downlink NAS message.
For another example downlink NAS message is registration reject message, mobile management functional entity is pacified according to symmetric key and first Full algorithm carries out integrity protection to downlink NAS message, obtains protected downlink NAS message;And quilt is sent to terminal device The downlink NAS message of protection.Terminal device is after receiving downlink NAS message, according to symmetric key and the first security algorithm, school Test the integrality of downlink NAS message.It includes tegrity protection key, the first safety calculation that aforesaid way, which can be applied to symmetric key, In the case that method includes protection algorithm integrallty.
Specifically, since mobile management functional entity is possible to the registration request of refusal terminal device, as SUPI can not be looked for Arrive, terminal device is illegal etc., the reason of specifically leading to the registration request of mobile management functional entity refusal terminal device, can join See the table 9.9.3.9.1 of 3GPP TS 24.301.And registration reject message can not be protected under normal conditions in the prior art, lead The registration reject message for causing mobile management functional entity to send to terminal device may be tampered, be forged, by sniff etc., cause Terminal device enters DoS state.And in the embodiment of the present application, in the case where downlink NAS message is registration reject message, pass through Implementation a mobile management functional entity can carry out registration reject message according to symmetric key and the first security algorithm The protection of whole property and/or encryption, thus help to reduce registration reject message be tampered, be forged, by sniff etc. a possibility that.
B, another optional implementation are as follows:
Mobile management functional entity obtains the ciphertext of downlink NAS message according to symmetric key and the first security algorithm, wherein Downlink NAS message includes the second security algorithm, and then mobile management functional entity is according to the second security algorithm to downlink NAS message Ciphertext carry out integrity protection, obtain protected downlink NAS message, then send protected downlink NAS to terminal device Message.Terminal device is after receiving the protected downlink NAS message from mobile management functional entity, according to symmetric key It is decrypted with ciphertext of first security algorithm to downlink NAS message, obtains downlink NAS message, then terminal device is from downlink The second security algorithm obtained in NAS message verifies the integrality of the ciphertext of downlink NAS message then according to the second security algorithm. Exemplary, in this kind of implementation, downlink NAS message can be registration received message.
Specifically, in the case where symmetric key includes encryption key, the first security algorithm includes Encryption Algorithm, in network Side, mobile management functional entity encrypt downlink NAS message according to encryption key and Encryption Algorithm, obtain downlink NAS and disappear The ciphertext of breath;In terminal side, terminal device is decrypted the ciphertext of downlink NAS message according to encryption key and Encryption Algorithm, Obtain downlink NAS message.
C, another possible implementation are as follows:
Mobile management functional entity is according to the second security algorithm, to downlink NAS message progress integrity protection, and according to Symmetric key and the first security algorithm obtain protected downlink NAS message, wherein protected downlink NAS message is complete Property protection after downlink NAS message ciphertext, then send protected downlink NAS message to terminal device.Terminal device exists After receiving the protected downlink NAS message from mobile management functional entity, according to symmetric key and the first security algorithm Protected downlink NAS message is decrypted, downlink NAS message is obtained, the second safety is then obtained from downlink NAS message Algorithm, and according to the second security algorithm, verify the integrality of downlink NAS message.Specifically, the downlink NAS after integrity protection It include the MAC of downlink NAS message and downlink NAS message in the encrypted content of the ciphertext of message.
It should be noted that the embodiment of the present application mobile management functional entity can also be according to the second security algorithm, under Row NAS message carries out integrity protection, obtains the MAC of downlink NAS message, and according to symmetric key and the first security algorithm, Downlink NAS message is encrypted, the ciphertext of downlink NAS message is obtained, protected downlink NAS disappears in this implementation Breath is the ciphertext of downlink NAS message and the MAC of downlink NAS message.Then protected downlink NAS is sent to terminal device to disappear Breath.Terminal device is after receiving the protected downlink NAS message from mobile management functional entity, first according to symmetric key It is decrypted to obtain downlink NAS message with ciphertext of first security algorithm to downlink NAS message, then from downlink NAS message The second security algorithm is obtained, further according to the integrality of the second security algorithm verification downlink NAS message.
Exemplary, in above-mentioned implementation, downlink NAS message can be registration received message or NAS SMC message Deng.
Wherein in implementation b, c, the second security algorithm includes protection algorithm integrallty, and optionally, the second safety is calculated It can also include Encryption Algorithm in method, specifically, the second security algorithm is peace of the mobile management functional entity according to terminal device The algorithm list selection of all-round power and pre-configuration.It should be noted that the first security algorithm can phase with the second security algorithm Together, it can also be different, for example, the Encryption Algorithm phase that Encryption Algorithm and the second security algorithm that the first security algorithm includes include The protection algorithm integrallty that the protection algorithm integrallty and the second security algorithm that same, the first security algorithm includes include is different;Or Encryption Algorithm that person, the Encryption Algorithm that the first security algorithm includes and the second security algorithm include is different, the first security algorithm packet The protection algorithm integrallty that the protection algorithm integrallty and the second security algorithm included includes is identical;Alternatively, the first security algorithm packet The protection algorithm integrallty that the Encryption Algorithm included is identical with the Encryption Algorithm that the second security algorithm includes, the first security algorithm includes It is identical with the protection algorithm integrallty that the second security algorithm includes;Alternatively, the Encryption Algorithm and second that the first security algorithm includes The protection algorithm integrallty and the second security algorithm that Encryption Algorithm that security algorithm includes is different, the first security algorithm includes include Protection algorithm integrallty it is different.It optionally, can not be under the first security algorithm and the identical situation of the second security algorithm The second security algorithm is carried in downlink NAS message, alternatively, the Encryption Algorithm for including in the first security algorithm and the second security algorithm Including the protection algorithm integrallty that Encryption Algorithm is identical, the first security algorithm includes and the integrality that the second security algorithm includes In the case that protection algorism is different, the second security algorithm is carried in downlink NAS message, the second peace carried in downlink NAS message It include protection algorithm integrallty and Encryption Algorithm not to be covered in full algorithm.Terminal device is after obtaining downlink NAS message, then It is subsequent based on the security algorithm carried in downlink NAS message, communicated between mobile management functional entity.
When downlink NAS message is NAS SMC message, facilitate while improving Initial NAS message transmission reliability Preferably it is compatible with the negotiation process of existing security algorithm.Optionally, when mobile management functional entity determine security algorithm with In the case that the security algorithm that terminal device determines is inconsistent, mobile management functional entity can be by NAS SMC message to end End equipment sends the security algorithm of itself determination, determines when the security algorithm that mobile management functional entity determines with terminal device Under security algorithm unanimous circumstances, NAS SMC message can not can be sent to terminal device with mobile management functional entity, helped In the interaction for reducing signaling to a certain extent, the efficiency of communication is provided;When downlink NAS message is registration received message, then Mobile management functional entity directly can negotiate the security algorithm used by registration received message and terminal device, omit NAS The transmission of SMC message facilitates the interaction for reducing signaling, improves the efficiency of communication.
Below based on the different implementation of symmetric key, the method for the embodiment of the present application message protection is carried out specific It introduces.
Shown in Figure 4, a kind of method of message protection provided by the embodiments of the present application, this method includes with symmetric key It is illustrated, specifically comprises the following steps: for encryption key and tegrity protection key
Step 401, it is symmetrical close to generate first according to the public key of store function entity and the private key of terminal device for terminal device Key, wherein the first symmetric key includes the first encryption key and the first tegrity protection key.
Specifically, the mode that terminal device generates the first symmetric key may refer to terminal device in embodiment illustrated in fig. 3 The mode of symmetric key is generated according to the private key of the public key of store function entity and terminal device, details are not described herein.
Step 402, terminal device encrypts Initial NAS message according to the first encryption key and the first Encryption Algorithm, Obtain the ciphertext of Initial NAS message.
Wherein, the first Encryption Algorithm can be pre-configured in terminal device and mobile management functional entity.
Step 403, terminal device is according to the first tegrity protection key and the first protection algorithm integrallty, to initial NAS The ciphertext of message carries out integrity protection, obtains the MAC of the ciphertext of Initial NAS message.
Wherein, the first protection algorithm integrallty can be pre-configured in terminal device and mobile management functional entity.
Step 404, terminal device sends protected Initial NAS message and terminal device to mobile management functional entity Public key.
Wherein, protected Initial NAS message may include the ciphertext of Initial NAS message and the ciphertext of Initial NAS message MAC.
Step 405, mobile management functional entity is in the public key for receiving protected Initial NAS message and terminal device Afterwards, the public key of terminal device is sent to store function entity.
Step 406, store function entity receive mobile management functional entity transmission terminal device public key after, according to The public key of terminal device and the private key of store function entity generate the second symmetric key.
Wherein, the second symmetric key may include the second encryption key and the second tegrity protection key, specifically, second Encryption key and the first encryption key can be identical, and the second tegrity protection key and the first tegrity protection key can phases Together.
Wherein, the mode that store function entity generates the second symmetric key may refer to store function in embodiment illustrated in fig. 3 Energy entity generates the mode of symmetric key according to the public key of terminal device and the private key of store function entity, is not repeated herein It is bright.
Step 407, store function entity sends the second symmetric key to mobile management functional entity.
Step 408, after mobile management functional entity receives the second symmetric key of store function entity transmission, according to the Two tegrity protection keys and the first protection algorithm integrallty, verify the integrality of the ciphertext of Initial NAS message.
Wherein, mobile management functional entity verifies message in the mode and Fig. 3 of the integrality of the ciphertext of Initial NAS message and protects The mode that the integrality of Initial NAS message is verified in the method for shield is similar, and this will not be repeated here.
Step 409, mobile management functional entity is in the completeness check success of the ciphertext of Initial NAS message, according to the Two encryption keys and the first Encryption Algorithm, are decrypted the ciphertext of Initial NAS message, obtain Initial NAS message.
Wherein, mobile management functional entity can send downlink NAS to terminal device and disappear after obtaining Initial NAS message Step 410~step 412 can also be performed in order to improve the reliability of transmission downlink NAS message in breath.
Step 410, mobile management functional entity is according to the second symmetric key and the first security algorithm, under acquisition is protected Row NAS message.
It should be noted that mobile management functional entity obtains the specific implementation side of protected downlink NAS in step 410 Mobile management functional entity obtains the specific implementation of protected downlink NAS message in formula and embodiment shown in Figure 3 Similar, this will not be repeated here.
Step 411, mobile management functional entity sends protected downlink NAS message to terminal device.
Step 412, terminal device is after receiving protected downlink NAS message, according to the second symmetric key and first Security algorithm obtains downlink NAS message.
It should be noted that in step 412 terminal device obtain downlink NAS specific implementation with it is shown in Figure 3 The specific implementation of terminal device acquisition downlink NAS message is similar in embodiment, and this will not be repeated here.
Wherein, Initial NAS message be registration request in the case where, downlink NAS message can for registration received message, NASSMC message or registration reject message, specific downlink NAS message are which message can be by mobile management functional entity root It is determined according to actual conditions or the strategy of pre-configuration.
Illustratively, in the embodiment shown in fig. 4, the second symmetric key includes the second encryption key and the second integrality Key is protected, the first security algorithm includes the first Encryption Algorithm and the first protection algorithm integrallty, and mobile management functional entity can To carry out safeguard protection to downlink NAS message as follows:
Safeguard protection mode one: mobile management functional entity uses the part of key and the first safety in the second symmetric key Corresponding portion algorithm in algorithm carries out safeguard protection to downlink NAS message, such as only uses the first Encryption Algorithm and second and add Close key pair downlink NAS message carries out safeguard protection;Or only use the first protection algorithm integrallty and the second integrity protection Key pair downlink NAS message carries out safeguard protection etc..
Safeguard protection mode two: mobile management functional entity is using the first security algorithm and the second symmetric key both to downlink NAS message carries out integrity protection and encryption.
Safeguard protection mode three: mobile management functional entity is according to the first Encryption Algorithm and the second encryption key to downlink NAS message is encrypted, and carries out integrality according to ciphertext of second security algorithm to downlink NAS message or downlink NAS message Protection, wherein the second security algorithm is the algorithm column of security capabilities and pre-configuration of the mobile management functional entity based on terminal device Table selection;Second security algorithm includes the second protection algorithm integrallty, and optional second security algorithm can also include second Encryption Algorithm, wherein including the second security algorithm in downlink NAS message in safeguard protection mode three.
It should be noted that mobile management functional entity which kind of safeguard protection mode be specifically chosen can be by the calculation that is pre-configured Method determines.
In the present embodiment, terminal device is in initial access network, according to the first symmetric key and the first security algorithm pair Initial NAS message carries out encryption and integrity protection, not only increases Initial NAS message transmission security, also improves terminal The efficiency of equipment access network.In addition, mobile management functional entity, after obtaining Initial NAS message, opposite terminal device is sent Downlink NAS message also carried out safeguard protection, improve downlink NAS message transmission safety.
It should also be noted that, a kind of alternative as embodiment illustrated in fig. 4, step 402 and step 403 can be with Replacement are as follows: if protected Initial NAS message includes the ciphertext of Initial NAS message and the MAC of Initial NAS message, terminal is set It is standby that integrity protection, and root are carried out to Initial NAS message according to the first tegrity protection key and the first protection algorithm integrallty Initial NAS message is encrypted according to the first encryption key and the first Encryption Algorithm.There is no inevitable elder generation between the two step Sequence is executed afterwards, for example, the encrypting step of Initial NAS message can be first carried out, then executes the integrity protection of Initial NAS message Step, the integrity protection step that can also first carry out Initial NAS message execute the encrypting step of Initial NAS message again.
Further, step 408 and step 409 could alternatively be: mobile management functional entity receive it is protected After Initial NAS message, which includes the ciphertext of Initial NAS message and the MAC of Initial NAS message, is moved Dynamic management function entity can first be decrypted after obtaining Initial NAS message the ciphertext of Initial NAS message, then verify initial The integrality of NAS message.Other steps can be found in the step in embodiment illustrated in fig. 4, repeat no more.
Certainly, embodiment illustrated in fig. 4 is intended only as a kind of example and is illustrated, for example, only providing in embodiment illustrated in fig. 4 A kind of mode generating symmetric key, furthermore symmetric key can also be pre-configured in terminal device in the embodiment of the present application In, alternatively, symmetric key can also be generated according to random key generating algorithm or random number etc..
Shown in Figure 5, a kind of method of message protection provided by the embodiments of the present application, this method is to add with symmetric key It is illustrated for key, it is specific as follows.
Step 501, terminal device generates encryption key.
It is generated specifically, the mode that terminal device generates encryption key may refer to terminal device in embodiment illustrated in fig. 3 The mode of symmetric key, details are not described herein.
Step 502, terminal device encrypts encryption key according to the public key of store function entity, obtains encrypting close The ciphertext of key.
Step 503, terminal device encrypts Initial NAS message according to encryption key and the first Encryption Algorithm, obtains The ciphertext of Initial NAS message.
Wherein, the first Encryption Algorithm can be pre-configured in terminal device and mobile management functional entity.
Step 504, terminal device to mobile management functional entity send Initial NAS message ciphertext and encryption key it is close Text.
Step 505, mobile management functional entity is after the ciphertext of the ciphertext and encryption key that receive Initial NAS message, The ciphertext of encryption key is sent to store function entity.
Step 506, store function entity receive mobile management functional entity transmission encryption key ciphertext after, according to The private key of store function entity is decrypted the ciphertext of encryption key, obtains encryption key.
Step 507, store function entity sends encryption key to mobile management functional entity.
Step 508, it is close according to encrypting after mobile management functional entity receives the encryption key that store function entity is sent Key and the first Encryption Algorithm, decrypt the ciphertext of Initial NAS message, obtain Initial NAS message.
Specifically, mobile management functional entity can send downlink NAS to terminal device after obtaining Initial NAS message Message can execute step 509~step 511 to improve the reliability of transmission downlink NAS message.
Step 509, mobile management functional entity encrypts downlink NAS message, obtains downlink according to encryption key The ciphertext of NAS message.
Step 510, mobile management functional entity sends the ciphertext of downlink NAS message to terminal device.
Step 511, terminal device is calculated after the ciphertext for receiving downlink NAS message according to encryption key and the first encryption The ciphertext of downlink NAS message is decrypted in method, obtains downlink NAS message.
Wherein, Initial NAS message be registration request in the case where, downlink NAS message can for registration received message, NASSMC message or registration reject message, in addition, specific downlink NAS message is which message can be real by mobile management function Body is according to the actual situation or the strategy of pre-configuration is determined.
In addition, mobile management functional entity can be set based on terminal in the method for the message protection of embodiment shown in Fig. 5 The algorithm list of standby security capabilities and pre-configuration selects new Encryption Algorithm and/or protection algorithm integrallty, and passes through downlink NAS message is sent to terminal device, can be in addition, mobile management functional entity has been after having selected new protection algorithm integrallty After first the new protection algorithm integrallty based on selection carries out integrity protection to downlink NAS message, then execute step 509.
In the present embodiment, terminal device, can be according to encryption key and the first Encryption Algorithm pair in initial access network Initial NAS message is encrypted, and is not only improved Initial NAS message transmission security, is also improved terminal equipment access network Efficiency, in addition, mobile management functional entity is after obtaining Initial NAS message, the downlink NAS message that opposite terminal device is sent Safeguard protection has been carried out, the safety of downlink NAS message transmission is improved.
Certainly, embodiment illustrated in fig. 5 is intended only as a kind of example and is illustrated, for example, only providing in embodiment illustrated in fig. 5 A kind of mode generating encryption key, furthermore encryption key can also be pre-configured in terminal device in the embodiment of the present application In, alternatively, can also be encrypted according to generations such as the public key generation of the private key and store function entity of terminal device or random numbers Key.For another example a kind of configuration mode of security algorithm is only gived in embodiment illustrated in fig. 5, further, it is also possible in storage function It can be pre-configured with security algorithm in entity, then mobile management functional entity etc. is sent to by store function entity.
Shown in Figure 6, the embodiment of the present application provides a kind of method of message protection, and this method has been with symmetric key It is illustrated for whole property protection key, it is specific as follows.
Step 601, terminal device generates tegrity protection key.
Specifically, the mode for the tegrity protection key that terminal device generates may refer to terminal in embodiment illustrated in fig. 3 Equipment generates the mode of symmetric key, and details are not described herein.
Step 602, terminal device protects tegrity protection key and the first integrality according to the public key of store function entity Shield algorithm is encrypted, and the first ciphertext is obtained.
Wherein, the encrypted content of the first ciphertext may include tegrity protection key and the first protection algorithm integrallty.
Wherein, the first protection algorithm integrallty can be what terminal device was determined according to the strategy of pre-configuration, wherein prewired The configuration mode for the strategy set is similar with the associated description in embodiment illustrated in fig. 3, and it is no longer repeated herein.
Step 603, terminal device is according to tegrity protection key and the first protection algorithm integrallty, to Initial NAS message Integrity protection is carried out, the MAC of Initial NAS message is obtained.
Step 604, terminal device to mobile management functional entity send the MAC of Initial NAS message, Initial NAS message and First ciphertext.
Optionally, the first protection algorithm integrallty is pre-configured in terminal device and mobile management functional entity, at this In the case of kind, terminal device is not necessarily to carry out encrypting to the first protection algorithm integrallty to be sent to store function entity.
Step 605, mobile management functional entity is in MAC, the Initial NAS message and first close for receiving Initial NAS message Wen Hou sends the first ciphertext to store function entity.
Step 606, after store function entity receives the first ciphertext that mobile management functional entity is sent, according to storage function The private key of energy entity, is decrypted key to the first ciphertext, obtains tegrity protection key and the first protection algorithm integrallty.
Step 607, store function entity sends tegrity protection key and the first integrality to mobile management functional entity Protection algorism.
Step 608, mobile management functional entity receives the tegrity protection key and first of store function entity transmission After protection algorithm integrallty, according to tegrity protection key and the first protection algorithm integrallty, the complete of Initial NAS message is verified Property.
Wherein, it is verified in the mode and embodiment illustrated in fig. 3 of mobile management functional entity verification Initial NAS message integrality The mode of the integrality of Initial NAS message is similar, and this will not be repeated here.
Mobile management functional entity, can be to terminal in the completeness check success to the Initial NAS message received Equipment sends downlink NAS message, and in order to improve the reliability of transmission downlink NAS message, step 609~step can also be performed 611。
Step 609, mobile management functional entity is according to tegrity protection key and the first protection algorithm integrallty, to downlink NAS message carries out integrity protection, obtains the MAC of downlink NAS message.
Step 610, mobile management functional entity sends the MAC and downlink NAS message of downlink NAS message to terminal device.
Step 611, terminal device is protected after the MAC for receiving downlink NAS message and downlink NAS message according to integrality Key and the first protection algorithm integrallty are protected, the integrality of downlink NAS message is verified.
Wherein, Initial NAS message be registration request in the case where, downlink NAS message can for registration received message, NASSMC message or registration reject message, specifically, downlink NAS message are which message can be by mobile management functional entity According to the actual situation or the strategy of pre-configuration is determined.
In addition, in the method for message protection shown in Fig. 6, if safety of the mobile management functional entity based on terminal device Ability and the algorithm list of pre-configuration have selected new protection algorithm integrallty, can be sent to terminal by downlink NAS message Equipment, in addition, mobile management functional entity can be first after having selected new protection algorithm integrallty in mobile management functional entity New protection algorithm integrallty based on selection carries out integrity protection to downlink NAS message, specifically, terminal device is receiving After to the MAC of downlink NAS message and downlink NAS message, new protection algorithm integrallty is first obtained from downlink NAS message, so Carry out the completeness check of downlink NAS message again afterwards.
In the present embodiment, terminal device is in initial access network, according to Integrity Key and the first integral algorithm pair Initial NAS message carries out integrity protection, to improve to Initial NAS message integrity protection, in addition, mobile management function is real Body can receive protected Initial NAS message, and in the successful situation of completeness check of Initial NAS message, opposite The downlink NAS message that terminal device is sent also carries out integrity protection, improves the safety of downlink NAS message transmission.
Certainly, Fig. 6 is intended only as a kind of example and is illustrated, for example, only giving a kind of generation integrity protection in Fig. 6 The mode of key, furthermore tegrity protection key can also be according to the private key and store function of terminal device in the embodiment of the present application The public key of entity generates or the generation tegrity protection keys such as random key generating algorithm.For another example being only gived in Fig. 6 A kind of configuration mode of security algorithm, further, it is also possible to be pre-configured with security algorithm in store function entity, then by storage function Energy entity is sent to mobile management functional entity etc..
It is above-mentioned that mainly scheme provided by the present application is described from the angle of interaction between each network element.It is understood that , in order to realize the above functions, it comprises execute the corresponding hardware configuration of each function and/or soft for above-mentioned each network element of realization Part module.Those skilled in the art should be readily appreciated that, in conjunction with each example of embodiment description disclosed herein Unit and algorithm steps, the application can realize with the combining form of hardware or hardware and computer software.Some function It is executed in a manner of hardware or computer software driving hardware actually, the specific application and design depending on technical solution are about Beam condition.Professional technician can use different methods to achieve the described function each specific application, still It is this to realize it is not considered that exceeding scope of the present application.
Based on identical design, as shown in fig. 7, being a kind of schematic device of message protection provided by the present application, the dress Setting can be terminal device and can also be can be performed above-mentioned such as Fig. 3, Fig. 4, Fig. 5 and Fig. 6 with the chip or system on chip in terminal device Shown in the method that is executed by terminal device in any embodiment.
The device 700 includes at least one processor 710, memory 730.
Wherein, memory 730 can be ROM or can store the other types of static information and instruction for storing program Static storage device such as RAM or the other kinds of dynamic memory of information and instruction can be stored, being also possible to electricity can Erasable programmable read-only memory (Electrically erasable programmabler-only memory, EEPROM), only Read CD (compact disc read-only memory, CD-ROM) or other optical disc storages, optical disc storage (including compression Optical disc, laser disc, optical disc, Digital Versatile Disc, Blu-ray Disc etc.), magnetic disk storage medium or other magnetic storage apparatus or Can be used in carry or store have instruction or data structure form desired program and can be by any of computer access Other media, but not limited to this.Memory 730, which can be, to be individually present, and is connected with processor 710.Memory 730 can also be with It is integrated with processor 710.
Processor 710 is used to execute program in memory 730, in the scheme to realize the embodiment of the present application message protection Step performed by terminal device, correlated characteristic are referred to above, and details are not described herein again.For example, processor 710 can be one A universal cpu, microprocessor, specific ASIC or one or more are for controlling the integrated of technical scheme program execution Circuit.
In the concrete realization, as one embodiment, processor 710 may include one or more CPU, such as in Fig. 7 CPU0 and CPU1.
In the concrete realization, as one embodiment, device 700 may include multiple processors, such as the processing in Fig. 7 Device 710 and processor 711.Each of these processors can be monokaryon (single-CPU) processor, can also be with It is multicore (multi-CPU) processor, processor here can refer to one or more equipment, circuit, and/or for locating Manage the processing core of data (such as computer program instructions).
Optionally, when device 700 be terminal device when can also include transceiver 720 as shown in Figure 7, be used for and other Equipment or communication, transceiver 720 include radio circuit.Wherein in terminal device processor 710, transceiver 720, Memory 730 can be connected by communication bus.Communication bus may include an access, and information is transmitted between said units.When Device 700 is chip in terminal device or when system on the upper side, processor 710 can by input/output interface, pin or Circuit etc. sends or receives data.
As shown in figure 8, the schematic diagram of the device of the embodiment of the present application another kind message protection, the device can be terminal and set It is standby to be can be performed above-mentioned such as Fig. 3, Fig. 4, Fig. 5 and any implementation shown in fig. 6 with the chip or system on chip in terminal device The method executed in example by terminal device.
The device includes processing unit 801 and communication unit 802.
Wherein, processing unit 801, for obtaining protected initial NAS and disappearing according to symmetric key and the first security algorithm Breath, communication unit 802, for sending protected Initial NAS message to first network equipment;And it is sent out to second network equipment Key relevant parameter is sent, wherein key relevant parameter is for obtaining symmetric key.
Optionally, key relevant parameter includes the public key of terminal device, and processing unit 801 is specifically used for according to the second network The public key of equipment and the private key of terminal device generate symmetric key.
Optionally, processing unit 801 is specifically used for being generated according to the public key of second network equipment and the private key of terminal device Intermediate key;Then according to intermediate key and fixed character string, symmetric key is generated.
Optionally, key relevant parameter includes the ciphertext of symmetric key, and wherein the ciphertext of symmetric key is according to the second net What the public key of network equipment obtained, processing unit 801 is specifically used for according to random key generating algorithm, and generation piles key;Alternatively, Optionally, processing unit 801 is specifically used for according to random number, permanent key and cipher key derivative function (key derivation Function, KDF), generate symmetric key.
Optionally, key relevant parameter includes the ciphertext of the first security algorithm, wherein the ciphertext of the first security algorithm is root It is obtained according to the public key of second network equipment.
Optionally, the first security algorithm is that terminal device is determined according to the strategy of pre-configuration.
Optionally, Initial NAS message is login request message.
Optionally, processing unit 801 is also used to receive in communication unit 802 from the protected of first network equipment After downlink NAS message, protected downlink NAS message is decrypted according to symmetric key and the first security algorithm, under acquisition Row NAS message, wherein downlink NAS message can be registration received message or NAS SMC message.
Optionally, communication unit 802 is also used to receive the protected downlink NAS message from first network equipment, It include the second security algorithm in middle downlink NAS message, then processing unit 801 is also used to according to symmetric key and the first security algorithm Protected downlink NAS message is decrypted, downlink NAS message is obtained, the second safety is then obtained from downlink NAS message Algorithm is calculated if last first network equipment is the integrity protection carried out to the ciphertext of downlink NAS message according to the second safety Method verifies the integrality of protected downlink NAS message, if first network equipment is protected to the integrality that downlink NAS message carries out Shield then verifies the integrality of downlink NAS message according to the second security algorithm.Wherein downlink NAS message is registration received message.
Optionally, communication unit 802 is also used to receive the protected downlink NAS message from first network equipment, place Reason unit 801 is also used to verify the integrality of downlink NAS message, wherein downlink NAS according to symmetric key and the first security algorithm Message can be downlink refuse information.
Optionally, first network equipment is AMF, and second network equipment is UDM or AUSF.
It is executed in the method for the message protection of the embodiment of the present application by terminal device it should be understood that the device can be used to implement The step of, correlated characteristic is referred to above, and details are not described herein again.
Based on identical design, as shown in figure 9, being a kind of schematic device of message protection provided by the present application, the dress Set and for example can be second network equipment or chip or system on chip in second network equipment, can be performed it is above-mentioned as Fig. 3, Fig. 4, The method executed in Fig. 5 and any embodiment shown in fig. 6 by store function entity.
The device 900 includes at least one processor 910, memory 930.
Wherein, memory 930 can be ROM or can store the other types of static information and instruction for storing program Static storage device such as RAM or the other kinds of dynamic memory of information and instruction can be stored, be also possible to EEPROM, CD-ROM or other optical disc storages, optical disc storage (including compression optical disc, laser disc, optical disc, Digital Versatile Disc, indigo plant Light optical disc etc.), magnetic disk storage medium or other magnetic storage apparatus or can be used in carrying or storing that there are instruction or data The desired program of structure type and can by any other medium of computer access, but not limited to this.Memory 930 can be with It is to be individually present, is connected with processor 910.Memory 930 can also be integrated with processor 910.
Processor 910 is used to execute program in memory 930, in the scheme to realize the embodiment of the present application message protection Step performed by second network equipment, correlated characteristic are referred to above, and details are not described herein again.For example, processor 910 can be with It is that a universal cpu, microprocessor, specific ASIC or one or more are executed for controlling technical scheme program Integrated circuit.
In the concrete realization, as one embodiment, processor 910 may include one or more CPU, such as in Fig. 9 CPU0 and CPU1.
In the concrete realization, as one embodiment, device 900 may include multiple processors, such as the processing in Fig. 9 Device 910 and processor 911.Each of these processors can be monokaryon (single-CPU) processor, can also be with It is multicore (multi-CPU) processor, processor here can refer to one or more equipment, circuit, and/or for locating Manage the processing core of data (such as computer program instructions).
Optionally, when device 900 be first network equipment when can also include transceiver 920 as shown in Figure 9, for Other equipment or communication, transceiver 920 include radio circuit.Wherein processor 910, receipts in second network equipment Hair device 920, memory 930 can be connected by communication bus.Communication bus may include an access, transmit between said units Information.When device 900 is chip or system on the upper side in second network equipment, processor 910 can pass through input/output Interface, pin or circuit etc. send or receive data.
As shown in Figure 10, the schematic diagram of the device of the embodiment of the present application another kind message protection, the device can be second The network equipment can also be can be performed above-mentioned as shown in Fig. 3, Fig. 4, Fig. 5 and Fig. 6 with the chip or system on chip in second network equipment Any embodiment in the method that is executed by store function entity.
The device includes processing unit 1001 and communication unit 1002.
Wherein, communication unit 1002, for receiving the key relevant parameter from terminal device, processing unit 1001 is used According to key relevant parameter, symmetric key is obtained, then communication unit 1002, is also used to send to first network equipment symmetrical Key, wherein key relevant parameter is used to carry out safeguard protection to Initial NAS message for obtaining symmetric key, symmetric key.
Optionally, key relevant parameter includes the public key of terminal device;Processing unit 1001 is specifically used for being set according to terminal The private key of standby public key and second network equipment generates symmetric key.
Optionally, processing unit 1001 is specifically used for according to the public key of terminal device and the private key of second network equipment, raw At intermediate key, then according to intermediate key and fixed character string, symmetric key is generated.
Optionally, key relevant parameter includes the ciphertext of symmetric key;Processing unit 1001 is specifically used for according to the second net The ciphertext of symmetric key is decrypted in the private key of network equipment, obtains symmetric key.
Optionally, key relevant parameter includes the ciphertext of the first security algorithm;Processing unit 1001 is also used to according to second The ciphertext of the first security algorithm is decrypted in the public key of the network equipment, obtains the first security algorithm, and communication unit 1002 is also used In to first network equipment send the first security algorithm.
Optionally, first network equipment is AMF entity;The device 1000 is UDM entity or AUSF entity.
It should be understood that the device can be used to implement in the method for the message protection of the embodiment of the present application by second network equipment The step of execution, correlated characteristic are referred to above, and details are not described herein again.
It is a kind of schematic device of message protection provided by the present application, the dress as shown in figure 11 based on identical design Set the chip that can be first network equipment or first network equipment or system on the upper side, can be performed it is above-mentioned as Fig. 3, Fig. 4, The method executed in Fig. 5 and any embodiment shown in fig. 6 by mobile management functional entity.
The first network equipment 1100 includes at least one processor 1110, memory 1130.
Wherein, memory 1130 can be ROM or can store the other types of static information and instruction for storing program Static storage device such as RAM or the other kinds of dynamic memory of information and instruction can be stored, be also possible to EEPROM, CD-ROM or other optical disc storages, optical disc storage (including compression optical disc, laser disc, optical disc, Digital Versatile Disc, indigo plant Light optical disc etc.), magnetic disk storage medium or other magnetic storage apparatus or can be used in carrying or storing that there are instruction or data The desired program of structure type and can by any other medium of computer access, but not limited to this.Memory 1130 can To be to be individually present, it is connected with processor 1110.Memory 1130 can also be integrated with processor 1110.
Processor 1110 is used to execute the program in memory 1130, to realize the scheme of the embodiment of the present application message protection Step performed by middle first network equipment, correlated characteristic are referred to above, and details are not described herein again.For example, processor 1110 It can be a universal cpu, microprocessor, specific ASIC or one or more to hold for controlling technical scheme program Capable integrated circuit.
In the concrete realization, as one embodiment, processor 1110 may include one or more CPU, such as Figure 11 In CPU0 and CPU1.
In the concrete realization, as one embodiment, device 1100 may include multiple processors, such as the place in Figure 11 Manage device 1110 and processor 1111.Each of these processors can be monokaryon (single-CPU) processor, It can be multicore (multi-CPU) processor, processor here can refer to one or more equipment, circuit, and/or use In the processing core of processing data (such as computer program instructions).
Optionally, it can also include transceiver 1120 as shown in figure 11 when device 1100 is first network equipment, use In with other equipment or communication, transceiver 1120 include radio circuit.The wherein processor in first network equipment 1110, transceiver 1120, memory 1130 can be connected by communication bus.Communication bus may include an access, in above-mentioned list Information is transmitted between member.When device 1100 is chip in first network equipment or when system on the upper side, processor 1110 can be with Data are sent or received by input/output interface, pin or circuit etc..
As shown in figure 12, the schematic diagram of the device of the embodiment of the present application another kind message protection, the device can be first The network equipment can also be can be performed above-mentioned as shown in Fig. 3, Fig. 4, Fig. 5 and Fig. 6 with the chip or system on chip in first network equipment Any embodiment in the method that is executed by mobile management functional entity.
The device includes processing unit 1201 and communication unit 1202.
Wherein, communication unit 1202 is for receiving the protected Initial NAS message from terminal device;And it receives and From the symmetric key of second network equipment;Processing unit 1201 is used to be obtained initial according to symmetric key and the first security algorithm NAS message.
Optionally, communication unit 1202 are also used to receive the first security algorithm from second network equipment.
Optionally, Initial NAS message is login request message.
Optionally, processing unit 1201 are also used to obtain protected downlink according to symmetric key and the first security algorithm NAS message;Communication unit 1202 is also used to send protected downlink NAS message to terminal device.
Optionally, downlink NAS message is registration received message or NAS SMC message.
Optionally, processing unit 1201 are also used to obtain downlink NAS message according to symmetric key and the first security algorithm Ciphertext, wherein downlink NAS message be registration received message, registration received message include the second security algorithm;Communication unit 1202 are also used to according to the second security algorithm, carry out integrity protection to the ciphertext of downlink NAS message, obtain protected downlink NAS message, communication unit 1202 are also used to send protected downlink NAS message to terminal device.
Optionally, processing unit 1201, are also used to according to the second security algorithm, carry out integrality guarantor to downlink NAS message Shield, wherein downlink NAS message is registration received message, and registration received message includes the second security algorithm;Then according to symmetrical close Key and the first security algorithm obtain protected downlink NAS message, and protected downlink NAS message is after integrity protection The ciphertext of downlink NAS message;Communication unit 1202 is also used to send protected downlink NAS message to terminal device.
Optionally, processing unit 1201, are also used to according to symmetric key and the first security algorithm, to downlink NAS message into Row integrity protection obtains protected downlink NAS message, and then, communication unit 1202 is also used to send quilt to terminal device The downlink NAS message of protection, wherein downlink NAS message can be registration reject message.
Optionally, which is AMF entity;Second network equipment is UDM entity or AUSF entity.
It should be understood that the device can be used to implement in the method for the message protection of the embodiment of the present application by first network equipment The step of execution, correlated characteristic are referred to above, and details are not described herein again.
It should be understood that the device of message protection shown in Fig. 8, Figure 10 and Figure 12 be the mode that module divides be it is schematical, Only a kind of logical function partition, there may be another division manner in actual implementation.It is connect for example, communication unit is divided into Receive unit and transmission unit etc..
The embodiment of the present application also provides a kind of communication system, which includes device 700, device 900 and device 1100, connection type can as depicted in fig. 13 a, can also be as illustrated in fig. 13b.
In the above-described embodiments, can come wholly or partly by software, hardware, firmware or any combination thereof real It is existing.When implemented in software, it can entirely or partly realize in the form of a computer program product.The computer program Product includes one or more computer instructions.When loading on computers and executing the computer program instructions, all or It partly generates according to process or function described in the embodiment of the present application.The computer can be general purpose computer, dedicated meter Calculation machine, computer network or other programmable devices.The computer instruction can store in computer readable storage medium In, or from a computer readable storage medium to the transmission of another computer readable storage medium, for example, the computer Instruction can pass through wired (such as coaxial cable, optical fiber, number from a web-site, computer, server or data center User's line (DSL)) or wireless (such as infrared, wireless, microwave etc.) mode to another web-site, computer, server or Data center is transmitted.The computer readable storage medium can be any usable medium that computer can access or It is comprising data storage devices such as one or more usable mediums integrated server, data centers.The usable medium can be with It is magnetic medium, (for example, floppy disk, hard disk, tape), optical medium (for example, DVD) or semiconductor medium (such as solid state hard disk (Solid State Disk, SSD)) etc..
Although the application is described in conjunction with each embodiment herein, however, implementing the application claimed In the process, those skilled in the art are by checking the attached drawing, disclosure and the appended claims, it will be appreciated that and it is real Other variations of the existing open embodiment.In the claims, " comprising " (comprising) word is not excluded for other compositions Part or step, "a" or "an" are not excluded for multiple situations.Claim may be implemented in single processor or other units In several functions enumerating.Mutually different has been recited in mutually different dependent certain measures, it is not intended that these are arranged It applies to combine and generates good effect.
It will be understood by those skilled in the art that embodiments herein can provide as method, apparatus (equipment), computer-readable Storage medium or computer program product.Therefore, complete hardware embodiment, complete software embodiment or knot can be used in the application They, are all referred to as " module " or " system " by the form of the embodiment in terms of conjunction software and hardware here.
The application is the flow chart and/or box referring to the present processes, device (equipment) and computer program product Figure describes.It should be understood that each process and/or the side in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in frame and flowchart and/or the block diagram.These computer program instructions be can provide to logical With the processor of computer, special purpose computer, Embedded Processor or other programmable data processing devices to generate a machine Device, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for realizing in process The device for the function of being specified in figure one process or multiple processes and/or block diagrams one box or multiple boxes.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Although the application is described in conjunction with specific features and embodiment, it is clear that, do not departing from this Shen In the case where spirit and scope please, it can be carry out various modifications and is combined.Correspondingly, the specification and drawings are only institute The exemplary illustration for the application that attached claim is defined, and be considered as covered within the scope of the application any and all and repair Change, change, combining or equivalent.Obviously, those skilled in the art the application can be carried out various modification and variations without It is detached from spirit and scope.If in this way, these modifications and variations of the application belong to the claim of this application and its Within the scope of equivalent technologies, then the application is also intended to include these modifications and variations.

Claims (30)

1. a kind of method of message protection, which is characterized in that the described method includes:
Terminal device obtains protected initial non access stratum NAS message according to symmetric key and the first security algorithm;
The terminal device sends the protected Initial NAS message to first network equipment;
The terminal device sends key relevant parameter to second network equipment, and the key relevant parameter is described right for obtaining Claim key.
2. the method as described in claim 1, which is characterized in that the key relevant parameter includes the public affairs of the terminal device Key;The method also includes:
The terminal device generates described symmetrical close according to the public key of second network equipment and the private key of the terminal device Key.
3. method according to claim 2, which is characterized in that the terminal device is according to the public key of second network equipment With the private key of the terminal device, the symmetric key is generated, comprising:
The terminal device generates intermediate key according to the public key of second network equipment and the private key of the terminal device;
The terminal device generates the symmetric key according to the intermediate key and fixed character string.
4. the method as described in claim 1, which is characterized in that the key relevant parameter includes the close of the symmetric key Text, wherein the ciphertext of the symmetric key is obtained according to the public key of second network equipment;
The method also includes:
The terminal device generates the symmetric key according to random key generating algorithm;Alternatively,
The terminal device generates the symmetric key according to random number, permanent key and cipher key derivative function KDF.
5. the method as described in Claims 1-4 is any, which is characterized in that the key relevant parameter includes first peace The ciphertext of full algorithm, wherein the ciphertext of first security algorithm is obtained according to the public key of second network equipment.
6. method as claimed in claim 5, which is characterized in that first security algorithm is the terminal device according to prewired What the strategy set determined.
7. the method as described in claim 1 to 6 is any, which is characterized in that the Initial NAS message is login request message.
8. the method as described in claim 1 to 7 is any, which is characterized in that the method also includes:
The terminal device receives the protected downlink NAS message from the first network equipment, the downlink NAS message For registration received message or NAS safe mode command SMC message;
The terminal device according to the symmetric key and first security algorithm to the protected downlink NAS message into Row decryption, obtains the downlink NAS message.
9. the method as described in claim 1 to 7 is any, which is characterized in that the method also includes:
The terminal device receives the protected downlink NAS message from the first network equipment, the downlink NAS message To register received message, the registration received message includes the second security algorithm;
The terminal device according to the symmetric key and first security algorithm to the protected downlink NAS message into Row decryption, obtains the downlink NAS message;
The terminal device obtains second security algorithm from the downlink NAS message;
The terminal device verifies the downlink NAS message or the protected downlink according to second security algorithm The integrality of NAS message.
10. the method as described in claim 1 to 7 is any, which is characterized in that the method also includes:
The terminal device receives the protected downlink NAS message from the first network equipment, the downlink NAS message For registration reject message;
The terminal device verifies the complete of the downlink NAS message according to the symmetric key and first security algorithm Property.
11. the method as described in claims 1 to 10 is any, which is characterized in that the first network equipment is access and movement Management function AMF entity;
Second network equipment is that independent data manages UDM entity or authentication service function AUSF entity.
12. a kind of method of message protection, which is characterized in that the described method includes:
Second network equipment receives the key relevant parameter from terminal device, and the key relevant parameter is symmetrical close for obtaining Key, the symmetric key are used to carry out safeguard protection to initial non access stratum NAS message;
Second network equipment obtains the symmetric key according to the key relevant parameter;
Second network equipment sends the symmetric key to first network equipment.
13. method as claimed in claim 12, which is characterized in that the key relevant parameter includes the public affairs of the terminal device Key;
Second network equipment obtains the symmetric key according to the key relevant parameter, comprising:
For second network equipment according to the public key of the terminal device and the private key of second network equipment, it is described right to generate Claim key.
14. method as claimed in claim 13, which is characterized in that second network equipment is according to the public affairs of the terminal device The private key of key and second network equipment, generates the symmetric key, comprising:
Second network equipment generates intermediate close according to the public key of the terminal device and the private key of second network equipment Key;
Second network equipment generates the symmetric key according to the intermediate key and fixed character string.
15. method as claimed in claim 12, which is characterized in that the key relevant parameter includes the close of the symmetric key Text;
Second network equipment obtains the symmetric key according to the key relevant parameter, comprising:
Second network equipment is decrypted the ciphertext of the symmetric key according to the private key of second network equipment, obtains Obtain the symmetric key.
16. the method as described in claim 12 to 15 is any, which is characterized in that the key relevant parameter includes the first safety The ciphertext of algorithm;The method also includes:
Second network equipment solves the ciphertext of first security algorithm according to the public key of second network equipment It is close, obtain first security algorithm;
Second network equipment sends first security algorithm to the first network equipment.
17. the method as described in claim 1 to 16 is any, which is characterized in that the first network equipment is access and movement Management function AMF entity;
Second network equipment is that independent data manages UDM entity or authentication service function AUSF entity.
18. a kind of method of message protection, which is characterized in that the described method includes:
First network equipment receives the protected initial non access stratum NAS message from terminal device;
The first network equipment receives the symmetric key from second network equipment;
The first network equipment obtains the Initial NAS message according to the symmetric key and the first security algorithm.
19. method as claimed in claim 18, which is characterized in that the method also includes:
The first network equipment receives first security algorithm from second network equipment.
20. the method as described in claim 18 or 19, which is characterized in that the Initial NAS message is login request message.
21. the method as described in claim 18 to 20 is any, which is characterized in that the method also includes:
The first network equipment obtains protected downlink NAS and disappears according to the symmetric key and first security algorithm Breath;
The first network equipment sends the protected downlink NAS message to the terminal device.
22. method as claimed in claim 21, which is characterized in that the downlink NAS message is registration received message or NAS Safe mode command SMC message.
23. the method as described in claim 18 to 20 is any, which is characterized in that the method also includes:
The first network equipment obtains the ciphertext of downlink NAS message according to the symmetric key and first security algorithm, The downlink NAS message is registration received message, and the registration received message includes the second security algorithm;
The first network equipment carries out integrality guarantor according to second security algorithm, to the ciphertext of the downlink NAS message Shield, obtains protected downlink NAS message;
The first network equipment sends the protected downlink NAS message to the terminal device.
24. the method as described in claim 18 to 20 is any, which is characterized in that the method also includes:
The first network equipment carries out integrity protection, the downlink NAS according to the second security algorithm, to downlink NAS message Message is registration received message, and the registration received message includes the second security algorithm;
The first network equipment obtains protected downlink NAS and disappears according to the symmetric key and first security algorithm Breath, the protected downlink NAS message are the ciphertext of the downlink NAS message after integrity protection;
The first network equipment sends the protected downlink NAS message to the terminal device.
25. the method as described in claim 18 to 20 is any, which is characterized in that the method also includes:
The first network equipment carries out downlink NAS message complete according to the symmetric key and first security algorithm Property protection, obtain protected downlink NAS message, the downlink NAS message is registration reject message;
The first network equipment sends the protected downlink NAS message to the terminal device.
26. the method as described in claim 18 to 25 is any, which is characterized in that the first network equipment is access and movement Management function AMF entity;Second network equipment is that independent data manages UDM entity or authentication service function AUSF is real Body.
27. a kind of device of message protection, which is characterized in that including processor and memory, in which:
The memory is stored with program;
The processor executes the side as described in claim 1 to 11 is any for calling the program stored in the memory Method.
28. a kind of device of message protection, which is characterized in that including processor and memory, in which:
The memory is stored with program;
The processor executes the side as described in claim 12 to 17 is any for calling the program stored in the memory Method.
29. a kind of device of message protection, which is characterized in that including processor, memory, in which:
The memory is stored with program;
The processor executes the side as described in claim 18 to 26 is any for calling the program stored in the memory Method.
30. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has program, institute When stating program and running on computers, so that the computer executes the method as described in claim 1 to 26 is any.
CN201711125181.0A 2017-11-14 2017-11-14 A kind of method and device of message protection Pending CN109788474A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201711125181.0A CN109788474A (en) 2017-11-14 2017-11-14 A kind of method and device of message protection
PCT/CN2018/114908 WO2019096075A1 (en) 2017-11-14 2018-11-09 Method and apparatus for message protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711125181.0A CN109788474A (en) 2017-11-14 2017-11-14 A kind of method and device of message protection

Publications (1)

Publication Number Publication Date
CN109788474A true CN109788474A (en) 2019-05-21

Family

ID=66494028

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711125181.0A Pending CN109788474A (en) 2017-11-14 2017-11-14 A kind of method and device of message protection

Country Status (2)

Country Link
CN (1) CN109788474A (en)
WO (1) WO2019096075A1 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112087724A (en) * 2019-06-13 2020-12-15 华为技术有限公司 Communication method, network equipment, user equipment and access network equipment
CN112351431A (en) * 2019-08-09 2021-02-09 华为技术有限公司 Method and device for determining safety protection mode
CN112601222A (en) * 2019-09-16 2021-04-02 华为技术有限公司 Safety protection method and device for air interface information
WO2021063298A1 (en) * 2019-09-30 2021-04-08 华为技术有限公司 Method for implementing external authentication, communication device and communication system
CN112771815A (en) * 2020-03-31 2021-05-07 华为技术有限公司 Key processing method and device
CN113141327A (en) * 2020-01-02 2021-07-20 中国移动通信有限公司研究院 Information processing method, device and equipment
CN114040387A (en) * 2020-07-21 2022-02-11 中国移动通信有限公司研究院 Method, device and equipment for determining attack message
CN114285557A (en) * 2021-12-23 2022-04-05 中国电信股份有限公司 Communication encryption method, system and device

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102369596B1 (en) 2018-09-24 2022-03-02 노키아 테크놀로지스 오와이 Systems and methods for secure protection of NAS messages
CN114125834A (en) * 2020-09-01 2022-03-01 大唐移动通信设备有限公司 Method, terminal, network side equipment and device for determining application layer key

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101473668A (en) * 2006-06-19 2009-07-01 交互数字技术公司 Method and apparatus for security protection of an original user identity in an initial signaling message
WO2012035850A1 (en) * 2010-09-13 2012-03-22 Nec Corporation Relay node device authentication mechanism
CN102833739A (en) * 2012-08-24 2012-12-19 大唐移动通信设备有限公司 Method, device and system for transmitting initial non access stratum messages
CN103096302A (en) * 2011-10-27 2013-05-08 华为技术有限公司 Encryption method, deciphering method and related device
US20170318463A1 (en) * 2016-04-27 2017-11-02 Qualcomm Incorporated Enhanced non-access stratum security

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017026114A1 (en) * 2015-08-13 2017-02-16 日本電気株式会社 Communication terminal, base station, network device, data communication method, and security setting method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101473668A (en) * 2006-06-19 2009-07-01 交互数字技术公司 Method and apparatus for security protection of an original user identity in an initial signaling message
WO2012035850A1 (en) * 2010-09-13 2012-03-22 Nec Corporation Relay node device authentication mechanism
CN103096302A (en) * 2011-10-27 2013-05-08 华为技术有限公司 Encryption method, deciphering method and related device
CN102833739A (en) * 2012-08-24 2012-12-19 大唐移动通信设备有限公司 Method, device and system for transmitting initial non access stratum messages
US20170318463A1 (en) * 2016-04-27 2017-11-02 Qualcomm Incorporated Enhanced non-access stratum security

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112087724A (en) * 2019-06-13 2020-12-15 华为技术有限公司 Communication method, network equipment, user equipment and access network equipment
CN112351431A (en) * 2019-08-09 2021-02-09 华为技术有限公司 Method and device for determining safety protection mode
CN112601222A (en) * 2019-09-16 2021-04-02 华为技术有限公司 Safety protection method and device for air interface information
CN112601222B (en) * 2019-09-16 2022-04-22 华为技术有限公司 Safety protection method and device for air interface information
WO2021063298A1 (en) * 2019-09-30 2021-04-08 华为技术有限公司 Method for implementing external authentication, communication device and communication system
CN113141327A (en) * 2020-01-02 2021-07-20 中国移动通信有限公司研究院 Information processing method, device and equipment
CN112771815A (en) * 2020-03-31 2021-05-07 华为技术有限公司 Key processing method and device
CN114040387A (en) * 2020-07-21 2022-02-11 中国移动通信有限公司研究院 Method, device and equipment for determining attack message
CN114040387B (en) * 2020-07-21 2024-06-04 中国移动通信有限公司研究院 Method, device and equipment for determining attack message
CN114285557A (en) * 2021-12-23 2022-04-05 中国电信股份有限公司 Communication encryption method, system and device

Also Published As

Publication number Publication date
WO2019096075A1 (en) 2019-05-23

Similar Documents

Publication Publication Date Title
CN109788474A (en) A kind of method and device of message protection
US11582231B2 (en) Key-derivation verification in telecommunications network
Prasad et al. 3GPP 5G security
KR102304147B1 (en) Unified authentication for integrated small cell and wi-fi networks
EP3340690B1 (en) Access method, device and system for user equipment (ue)
US11627458B2 (en) Key derivation algorithm negotiation method and apparatus
CN108810890B (en) Anchor key generation method, equipment and system
CN102905265B (en) A kind of method and device realizing mobile device attachment
US20200228977A1 (en) Parameter Protection Method And Device, And System
CN107079023A (en) User plane safety for next generation cellular network
EP3700245B1 (en) Communication method and device
CN103430582B (en) Prevention of eavesdropping type of attack in hybrid communication system
CN109587685A (en) Obtain method, equipment and the communication system of key
CN109803262B (en) Network parameter transmission method and device
KR102491403B1 (en) Method for enhancing security of subscriber identification module based on physical unclonable function and apparatus and system therefor
CN106998549A (en) The method for building up and device of ipsec tunnel, terminal and network side equipment
EP2648437B1 (en) Method, apparatus and system for key generation
CN105764052A (en) TD-LTE authentication and protective encryption method
Abdeljebbar et al. Security analysis of LTE/SAE networks over E-UTRAN
CN109428852A (en) Communication tunnel end-point addresses separation method, terminal, ePDG and storage medium
Amgoune et al. 5g: Interconnection of services and security approaches
CN101938743B (en) Generation method and device of safe keys
CN105848249A (en) Access point name (APN) processing method, device and system
CN110536301A (en) A kind of refuse information processing method and processing device
Ouaissa et al. Group access authentication of machine to machine communications in LTE networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190521

RJ01 Rejection of invention patent application after publication