CN110536292A - The method and apparatus and authentication method and device of transmission terminal serial number - Google Patents

The method and apparatus and authentication method and device of transmission terminal serial number Download PDF

Info

Publication number
CN110536292A
CN110536292A CN201910351367.0A CN201910351367A CN110536292A CN 110536292 A CN110536292 A CN 110536292A CN 201910351367 A CN201910351367 A CN 201910351367A CN 110536292 A CN110536292 A CN 110536292A
Authority
CN
China
Prior art keywords
ausf
key
secret key
terminal
response message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910351367.0A
Other languages
Chinese (zh)
Inventor
游世林
谢振华
彭锦
余万涛
林兆骥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201910351367.0A priority Critical patent/CN110536292A/en
Publication of CN110536292A publication Critical patent/CN110536292A/en
Priority to PCT/CN2020/087517 priority patent/WO2020221252A1/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/72Subscriber identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application proposes to send the method and apparatus of terminal serial number and authentication method and device, the method for wherein sending terminal serial number includes: to be authenticated for the user authentication request message received, failure cause in response to the certification is synchronization failure, calculates the terminal side authentication token comprising terminal serial number;The terminal side authentication token is encrypted, the ciphertext of the terminal side authentication token is obtained;Feedback carries the user authentication failure response message of the ciphertext of the terminal side authentication token.The application can reduce the risk that terminal serial number is exposed.

Description

Method and device for transmitting terminal serial number and authentication method and device
Technical Field
The present application relates to the field of communications, and in particular, to a method and an apparatus for transmitting a terminal serial number, and an authentication method and an apparatus.
Background
The third Generation Partnership Project (3 GPP) has established specifications for various mobile networks, including Authentication and Key Agreement procedures (AKA procedures) for mutual Authentication of User Equipment (UE) and a network and establishing a common Key. In the AKA procedure scheme, when the terminal device receives an authentication request message from the network, the AUTN in the message is verified (verify). If the verification fails, the authentication failure message (failure message) is responded, and the message carries a failure reason parameter (CAUSE). If the MAC in the authentication request message is not equal to XMAC, the Failure reason is that the message verification code fails (MAC Failure), which indicates that the terminal authentication network fails; and if the MAC is equal to the XMAC, the terminal authenticates the network successfully, and whether the terminal re-authentication network serial number (SQN) is greater than the terminal serial number (SQNms) or not is judged. If the SQN is less than or equal to the SQNms, synchronization Failure is indicated (Sync Failure), and in this case, the terminal feeds back a user authentication request Failure message to the network side, wherein the message carries the SQNms. By using the mechanism, an attacker can replay (replay) a used legal authentication request message (AUTN, RAND) to cause the terminal authentication result to be synchronization failure, so that SQNms is carried in the user authentication failure response message. By analyzing the received user authentication failure response message, the attacker can identify the SQNms from the message, so that the SQNms is exposed. There is currently no effective solution to the above-mentioned vulnerabilities.
Disclosure of Invention
In order to solve at least one of the above technical problems, embodiments of the present application provide the following solutions.
The embodiment of the application provides a method for sending a terminal serial number, which comprises the following steps:
authenticating the received user authentication request message, and calculating a terminal side authentication token containing a terminal serial number in response to the failure reason of the authentication as synchronization failure;
encrypting the terminal side authentication token to obtain a ciphertext of the terminal side authentication token;
and feeding back a user authentication failure response message carrying the ciphertext of the terminal side authentication token.
The embodiment of the application provides an authentication method, which comprises the following steps:
receiving a user authentication failure response message, wherein the failure reason carried by the user authentication failure response message is synchronization failure, and the user authentication failure response message also carries a ciphertext of a terminal side authentication token;
decrypting the ciphertext of the terminal side authentication token to obtain the terminal side authentication token;
and resetting the network serial number by adopting the terminal serial number contained in the terminal side authentication token.
The embodiment of the application provides a device for sending a terminal serial number, which comprises:
the token calculation module is used for authenticating the received user authentication request message and calculating a terminal side authentication token containing a terminal serial number in response to the failure reason of the authentication because of synchronization failure;
the encryption module is used for encrypting the terminal side authentication token to obtain a ciphertext of the terminal side authentication token;
and the feedback module is used for feeding back a user authentication failure response message carrying the ciphertext of the terminal side authentication token.
An embodiment of the present application provides an authentication apparatus, including:
the receiving module is used for receiving a user authentication failure response message, wherein the failure reason carried by the user authentication failure response message is synchronization failure, and the user authentication failure response message also carries a ciphertext of a terminal side authentication token;
the decryption module is used for decrypting the ciphertext of the terminal side authentication token to obtain the terminal side authentication token;
and the resetting module is used for resetting the network serial number by adopting the terminal serial number contained in the terminal side authentication token.
The embodiment of the application provides a terminal device for sending a terminal serial number, which comprises: a processor and a memory;
the memory is to store instructions;
the processor is configured to read the instructions to perform the method of any of the above described methods of transmitting a terminal sequence number.
An embodiment of the present application further provides a network device for authentication, including: a processor and a memory;
the memory is to store instructions;
the processor is configured to read the instructions to perform any of the authentication methods.
The embodiment of the application provides a communication system, which comprises the terminal equipment and network equipment.
An embodiment of the present application provides a storage medium storing a computer program, and the computer program, when executed by a processor, implements a method of transmitting a terminal serial number or an authentication method.
According to the method for sending the terminal serial number, when the reason of authentication failure is synchronization failure, the terminal side authentication token containing the terminal serial number is calculated, the terminal side authentication token is encrypted, and the encrypted terminal side authentication token is carried in the feedback user authentication failure response message. The method makes it difficult for an attacker to decrypt the terminal serial number, and can effectively reduce the risk of exposing the terminal serial number.
Drawings
Fig. 1 is a flowchart illustrating a method for sending a terminal serial number according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a network architecture according to an embodiment of the present application;
fig. 3 is a first flowchart illustrating an authentication method according to an embodiment of the present application;
fig. 4 is a schematic flowchart illustrating an authentication method according to an embodiment of the present application;
fig. 5 is a schematic view illustrating an interaction flow between a terminal device and a network device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an apparatus for sending a terminal serial number according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an authentication apparatus according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of a terminal device for sending a terminal serial number according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of a network device for authentication according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a communication system according to an embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the present application more apparent, embodiments of the present application will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
An embodiment of the present application provides a method for sending a terminal serial number, and as shown in fig. 1, the method includes:
s11: authenticating the received user authentication request message, and calculating a terminal side authentication token containing a terminal serial number in response to the failure reason of the authentication as synchronization failure;
s12: encrypting the terminal side authentication token to obtain a ciphertext of the terminal side authentication token;
s13: and feeding back a user authentication failure response message carrying the ciphertext of the terminal side authentication token.
The above embodiments may be applied to a terminal device.
The embodiment of the application can be applied to the network architecture shown in fig. 2. As shown in fig. 2, the network architecture includes: the system comprises a terminal device, a base station, an authentication function, an authentication service function and a subscription data management function. The base station provides services provided by various mobile networks such as communication and the like for the terminal equipment, and the base station can be an eNB or a gNB. The authentication function is a software function or a hardware device of a core network of the mobile network, and is used for interacting with the base station through signaling, so that the mobile network and the terminal device can realize mutual authentication. The authentication Function may be a Mobility Management Entity (MME), a Security Anchor Function (SEAF), or an Access and Mobility Management Function (AMF). The authentication service function is used for connecting with the signing data management function through a signaling interface, acquiring the key information related to the user and providing the information to the authentication function through the signaling interface. The authentication service function may be ausf (authentication Server function). The subscription data management function stores and processes user-related data, generates information for authenticating a user and user-related key information based on the user-related data, and provides the information and the key information to the authentication service function through a signaling interface. The subscription data management function may be a Unified data management function (UDM). The authentication service function may be co-located with the subscription data management function.
In one embodiment, the calculating of the terminal-side authentication token including the terminal serial number in step S11 includes:
and calculating the authentication token of the terminal side by adopting a random number (RAND), the terminal serial number and the authentication management domain parameter carried in the user authentication request message.
In one embodiment, the encrypting the terminal-side authentication token includes: obtaining a secret key KAUSFUsing said secret key KAUSFEncrypting the terminal side authentication token;
the acquisition key KAUSFThe method comprises the following steps:
in response to the presence of the key K in user context informationAUSFObtaining the secret key K from the user context informationAUSF
In response to the absence of the secret key K in the user context informationAUSFCalculating said secret key KAUSFOr to use the key KAUSFSetting the value as a preset fixed value;
wherein, K isAUSFThe calculation method is as follows: using F3K and F4KDerivatizing to obtain KAUSFThe F3K and F4K are key derivation functions keyed by a root key K.
In one embodiment, the secret key KAUSFWhen the user authentication failure response message is obtained through calculation, the user authentication failure response message also carries a marker, and the marker is used for marking the secret key KAUSFIs obtained by calculation.
In one embodiment, the encrypting the terminal-side authentication token includes: determining a secret key KAUSFUsing said key KAUSFEncrypting the terminal side authentication token;
said determined key KAUSFThe mode is as follows:
in response to the presence of a secret key K in user context informationAUSFObtaining the secret key K from the user context informationAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the RAND to obtain the secret key KAUSF*;
In response to the absence of the secret key K in the user context informationAUSFCalculating said secret key KAUSFUsing a key generation function to pair said keys KAUSFAnd calculating the RAND to obtain the secret key KAUSF*;
Wherein the secret key KAUSFThe calculation method is as follows: deriving the key K by using F3K and F4KAUSFThe F3K and F4K are key derivation functions keyed by a root key K.
In one embodiment, the secret key KAUSFWhen the user authentication failure response message is obtained through calculation, the user authentication failure response message also carries a marker, and the marker is used for marking the secret key KAUSFIs obtained by calculation.
The above embodiments may be applied to a terminal device.
An authentication method is further provided in the embodiment of the present application, and as shown in fig. 3, a first flowchart of the authentication method provided in the embodiment of the present application includes:
s31: receiving a user authentication failure response message, wherein the failure reason carried by the user authentication failure response message is synchronization failure, and the user authentication failure response message also carries a ciphertext of a terminal side authentication token;
s32: decrypting the ciphertext of the terminal side authentication token to obtain the terminal side authentication token;
s33: and resetting the network serial number by adopting the terminal serial number contained in the terminal side authentication token.
The authentication method provided in the embodiment of the present application may be applied to a network device, for example, a network device in which an authentication service function and a subscription data management function are combined in a network architecture shown in fig. 2. Hereinafter, the network device is simply referred to as an authentication service function/subscription data management function.
In one embodiment, decrypting the ciphertext of the terminal-side authentication token comprises:
responding to the user authentication failure response message and carrying a marker, and acquiring a temporarily stored secret key KAUSFUsing said secret key KAUSFDecrypting the ciphertext of the terminal side authentication token;
responding to the response message of user authentication failure not carrying the marker, and acquiring the fixedly stored secret key KAUSFOr else to key KAUSFSetting the value as a preset fixed value, and adopting the secret key KAUSFAnd decrypting the ciphertext of the terminal side authentication token.
In one embodiment, decrypting the ciphertext of the terminal-side authentication token comprises:
responding to the user authentication failure response message and carrying a marker, and acquiring a temporarily stored secret key KAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the random number RAND to obtain a secret key KAUSFA first step of; using said secret key KAUSFDecrypting the ciphertext of the terminal side authentication token;
responding to the response message of user authentication failure not carrying the marker, and acquiring the fixedly stored secret key KAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the random number RAND to obtain a secret keyKAUSFA first step of; using said secret key KAUSFDecrypting the ciphertext of the terminal-side authentication token.
As shown in fig. 4, which is a schematic flowchart of a second authentication method provided in the embodiment of the present application, in an implementation manner, before the step S31, the method further includes:
s40: attributing a secret key K in an authentication vectorAUSFAnd (5) temporarily storing.
In one embodiment, after step S33, the method further includes:
s44: generating an authentication request response message by adopting the reset network serial number, and sending the authentication request response message;
s45: in response to successful authentication, the temporarily saved secret key K is usedAUSFAnd changing the storage into fixed storage.
Therefore, the authentication method provided by the embodiment of the application can acquire or generate the secret key KAUSFBy using KAUSFDecrypting the ciphertext of the terminal side authentication token from the terminal equipment to obtain the terminal side authentication token, and extracting the terminal serial number from the terminal side authentication token.
The method for sending the terminal serial number and the authentication method are combined in one embodiment and described in detail below with reference to fig. 5. In the following description, the terminal-side authentication token is abbreviated as AUTS, the terminal sequence number is abbreviated as SQNms, and the network sequence number is abbreviated as SQN.
Fig. 5 is a schematic view of an interaction flow between a terminal device and a network device according to an embodiment of the present application, including:
step 501: the terminal equipment initiates a registration request message to the base station, wherein the registration request message carries a cell Identifier, user security capability, and an encrypted user Subscription Identifier (SUCI) or a 5G user Temporary Identifier (5G-GUTI, 5G Global Unique temporal UE Identity).
Step 502: and the base station forwards a registration request message to the authentication function 1, wherein the registration request message carries the cell identifier, the user security capability and SUCI or 5G-GUTI.
Step 503: if the user identifier carried in the registration request message is 5G-GUTI, the authentication function 1 initiates a user context request message to the authentication function 2 according to the AMF identifier in the 5G-GUTI, wherein the user context request message carries the 5G-GUTI. The authentication function 2 returns a user context request response message to the authentication function 1, wherein the user context request message carries the user context. Wherein the user context includes at least a user Permanent identity (SUPI) and a user security context.
Step 504: if the user identifier carried in the registration request message is sui, or step 503 fails, or the authentication function needs to initiate an AKA authentication procedure, the authentication function 1 initiates an authentication request message to the authentication service function/subscription data management function. The authentication request message carries either SUCI or SUPI.
Step 505: the subscription data management function decrypts the SUCI to obtain the SUPI; or directly extract the SUPI carried in the authentication request message. And extracting the root key K from the user signing parameters according to the SUPI inquiry to the user signing parameters.
The subscription data management function generates home authentication vectors (RAND, AUTN, XRES, and K) from the root key KAUSF) (ii) a Wherein,
RAND is a random number.
AUTN ═ (SQN ≦ AK) | | | AMF | | MAC; wherein,
the SQN is a network serial number;
calculating the number of ^ n is XOR calculation;
AK=F5K(RAND);
i is splicing operation;
AMF is Authentication Management Field parameter (AMF);
MAC=F1K(SQN||RAND||AMF)。
XRES*=F2K(RAND);
KAUSFderived from F3K and F4K;
F1K, F2K, F3K, F4K and F5K are key derivation functions with K as key, respectively.
Subscription data management function issuing attribution to authentication service functionThe generic authentication vectors (RAND, AUTN, XRES, and K)AUSF) And SUPI. The authentication service function stores (RAND, AUTN, XRES) and SUPI in the home authentication vector, and stores K in the home authentication vectorAUSFAnd (5) temporarily storing. (if there has been a successful authentication procedure before, the authentication service function keeps a fixed old KAUSF)。
And performing hash calculation on the XRES to obtain HXRES. And adopt KAUSFDerivatizing to obtain KSEAFTo obtain authentication vectors (RAND, AUTN, HXRES, and K)SEAF). And sending an authentication request response message to the authentication function 1, wherein the authentication request response message carries AUTN, RAND and HXRES.
Step 506: the authentication function 1 sends a user authentication request message to the terminal device, wherein the user authentication request message carries AUTN and RAND.
Step 507: after receiving the RAND and AUTN, the terminal device calculates the SQN and XMAC according to the calculation method in step 505. And if the MAC is verified to be equal to XMAC, verifying whether the SQN in the AUTN is less than or equal to SQNms, and if the SQN is less than or equal to SQNms, recording the reason value of the authentication failure as synchronization failure (Sync failure).
When synchronization fails, the terminal calculates AUTS ═ Conc (SQNms) | | MAC-S. Wherein,
is an exclusive or calculation;
and | l is splicing operation.
MAC-S=F1*K(SQNms||RAND||AMF)。
F1 and F5 are key derivation functions with K as the key.
The terminal device checks whether the secret key K is present in the user contextAUSFIf present, then adopt KAUSFThe AUTS is encrypted. E.g. using S-KDF (AUTS, K)AUSF) Encrypting, wherein S is ciphertext of AUTS, KDS is Key generation function (Key)The degradation Function). And sending a user authentication failure response message to the authentication function 1, wherein the user authentication failure response message carries S and can also carry a failure reason value 'Sync failure'.
If K does not exist in the user contextAUSFThen the terminal calculates K using the method in step 505AUSFAnd adopt KAUSFThe AUTS is encrypted. E.g. using S-KDF (AUTS, K)AUSF) And encrypting, wherein S is the ciphertext of AUTS. Sending a user authentication failure response message to the authentication function 1, wherein the user authentication failure response message carries S and can also carry a failure reason value 'Sync failure' and a flag (flag mark), and the flag mark is used for marking KAUSFIs obtained by calculation.
Or, if K does not exist in the user contextAUSFThen the terminal will KAUSFSet to a preset fixed value (e.g., set K toAUSFEach bit of (a) is set to 0), and K is adoptedAUSFThe AUTS is encrypted. E.g. using S-KDF (AUTS, K)AUSF) And encrypting, wherein S is the ciphertext of AUTS. And sending a user authentication failure response message to the authentication function 1, wherein the user authentication failure response message carries S and can also carry a failure reason value 'Sync failure'.
Alternatively, a key generation function may be used for KAUSFAnd calculating RAND to obtain a new secret key KAUSFA first step of; and adopt KAUSFEncrypt the AUTS. E.g. using S-KDF (AUTS, K)AUSFX), where S is the ciphertext of the AUTS. And sending a user authentication failure response message to the authentication function 1, wherein the user authentication failure response message carries S and can also carry a failure reason value 'Sync failure'. If said K isAUSFWhen the user authentication failure response message is obtained through calculation, the user authentication failure response message also carries a flag mark, and the flag mark is used for marking KAUSFIs obtained by calculation.
Step 508: after receiving the user authentication failure response message, the authentication function 1 sends an authentication request message to an authentication service function/subscription data management function according to a failure cause value 'Sync failure', wherein the authentication request message carries the S or carries the S and a flag identifier.
Step 509: if the authentication request message does not carry the flag mark, the authentication service function uses the old K which is fixedly storedAUSFDecrypting S, or using K of fixed valueAUSF(e.g. K)AUSFEach bit of is 0) decrypts S to obtain the AUTS. If the authentication request message carries the flag, the authentication service function uses the temporarily stored KAUSFAnd decrypting the S to obtain the AUTS.
Or, if the authentication request message does not carry the flag mark, the authentication service function extracts the old K which is fixedly storedAUSF(ii) a Using a key generation function to said KAUSFAnd calculating RAND to obtain a new secret key KAUSFA first step of; and adopt KAUSFDecrypt S, resulting in the AUTS. If the authentication request message carries the flag, the authentication service function extracts the temporarily stored KAUSF(ii) a Using a key generation function to said KAUSFAnd calculating RAND to obtain a new secret key KAUSFA first step of; and adopt KAUSFDecrypt S, resulting in the AUTS.
The authentication service function obtains a new authentication vector from the subscription data management function, and the subscription data management function resets the SQN according to the SQNms in the AUTS. The authentication service function/subscription data management function recalculates the authentication vector in the manner in step 505, and sends an authentication request response message to the authentication function 1, where the authentication request response message carries the newly calculated AUTN, RAND, and HXRES. If the authentication is successful, the authentication service function will temporarily store the KAUSFChanging into fixed storage, and storing the old KAUSFThe coverage is lost, and only one K is stored in the authentication service function at the momentAUSF
As can be seen, through the processing procedures of the above steps 507 to 509, the terminal device sends the AUTS including the SQNms to the network side, and encrypts the AUTS when sending the AUTS. This operation makes it difficult for an attacker to decrypt S, and therefore the risk of SQNms being exposed is reduced.
An embodiment of the present application further provides an apparatus for sending a terminal serial number, where as shown in fig. 6, the apparatus includes:
a token calculation module 610, configured to perform authentication on a received user authentication request message, and in response to that the authentication failure reason is synchronization failure, calculate a terminal-side authentication token including a terminal serial number;
an encrypting module 620, configured to encrypt the terminal-side authentication token to obtain a ciphertext of the terminal-side authentication token;
a feedback module 630, configured to feed back a user authentication failure response message carrying the ciphertext of the terminal-side authentication token.
In an embodiment, the token calculating module 610 is configured to calculate the terminal-side authentication token by using the random number RAND, the terminal sequence number, and the authentication management domain parameter carried in the user authentication request message.
In one embodiment, the encryption module 620 includes: a first key obtaining sub-module and an encryption sub-module;
the first key obtaining submodule is used for obtaining the key K in the user context informationAUSFIn case of (2), the key K is obtained from the user context informationAUSF(ii) a Absence of secret key K in user context informationAUSFIn the case of (2), the key K is calculatedAUSFOr to use the key KAUSFSetting the value as a preset fixed value; wherein, K isAUSFThe calculation method is as follows: derivatization with F3K and F4K to give KAUSFThe F3K and F4K are key derivation functions with a root key K as a key;
the encryption submodule is used for adopting the secret key KAUSFAnd encrypting the terminal side authentication token.
In another embodiment, the first key obtaining submodule is configured to obtain the key K in the context information of the userAUSFIn case of (2), the key K is obtained from the user context informationAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the RAND to obtain a secret key KAUSFA first step of; absence of secret key K in user context informationAUSFIn the case ofThen, the key K is calculatedAUSFUsing a key generation function to pair said keys KAUSFAnd calculating the RAND to obtain a secret key KAUSFA first step of; wherein the secret key KAUSFThe calculation method is as follows: deriving the key K by using F3K and F4KAUSFThe F3K and F4K are key derivation functions with a root key K as a key;
the encryption submodule is used for adopting the secret key KAUSFEncrypting the terminal-side authentication token.
In one embodiment, the secret key KAUSFWhen the user authentication failure response message fed back by the feedback module 630 is obtained through calculation, the user authentication failure response message further carries a marker, and the marker is used for marking the key KAUSFIs obtained by calculation.
In an embodiment, the apparatus for sending the terminal serial number may be specifically a terminal device.
An embodiment of the present application further provides an authentication apparatus, as shown in fig. 7, which is a schematic structural diagram of the authentication apparatus, and includes:
a receiving module 710, configured to receive a user authentication failure response message, where a failure reason carried in the user authentication failure response message is synchronization failure, and the user authentication failure response message also carries a ciphertext of a terminal-side authentication token;
a decryption module 720, configured to decrypt the ciphertext of the terminal-side authentication token to obtain the terminal-side authentication token;
a resetting module 730, configured to reset a network serial number by using the terminal serial number included in the terminal-side authentication token.
In one embodiment, the decryption module 720 includes a second key obtaining sub-module and a decryption sub-module;
the second key obtaining submodule is used for obtaining the temporarily stored key K under the condition that the user authentication failure response message also carries a markerAUSF(ii) a Under the condition that the user authentication failure response message does not carry a marker, acquiring a fixedly stored secret key KAUSFOr else to key KAUSFIs arranged asA preset fixed value;
a decryption submodule using said secret key KAUSFAnd decrypting the ciphertext of the terminal side authentication token.
Or, in another embodiment, the second key obtaining sub-module is configured to, in a case that the user authentication failure response message further carries a marker, obtain the temporarily stored key KAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the random number RAND to obtain a secret key KAUSFA first step of; under the condition that the user authentication failure response message does not carry a marker, acquiring a fixedly stored secret key KAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the random number RAND to obtain a secret key KAUSF*;
The decryption submodule is used for adopting the secret key KAUSFDecrypting the ciphertext of the terminal-side authentication token.
In one embodiment, the apparatus further comprises: a saving module 740 for attributing the secret key K in the authentication vectorAUSFAnd (5) temporarily storing.
In one embodiment, the saving module 740 is further configured to, when the authentication is successful, save the temporarily saved secret key KAUSFAnd changing the storage into fixed storage.
The functions of each module in each apparatus in the embodiment of the present application may refer to corresponding descriptions in the above method, and are not described herein again.
Fig. 8 is a schematic structural diagram of a terminal device that sends a terminal serial number according to an embodiment of the present application, and as shown in fig. 8, a terminal device 80 according to an embodiment of the present application includes: a memory 803 and a processor 804. The terminal device 80 may also include an interface 801 and a bus 802. The interface 801 and the memory 803 are connected to the processor 804 via the bus 802. The memory 803 is used to store instructions. The processor 804 is configured to read the instruction to execute the technical solution of the above method embodiment applied to the terminal device, which has similar implementation principle and technical effect, and is not described herein again.
Fig. 9 is a schematic structural diagram of a network device for authentication according to an embodiment of the present application, and as shown in fig. 9, a network device 90 according to an embodiment of the present application includes: a memory 903 and a processor 904. The network device 90 may also include an interface 901 and a bus 902. The interface 901 and the memory 903 are connected to the processor 904 through a bus 902. The memory 903 is used to store instructions. The processor 904 is configured to read the instructions to execute the above-mentioned technical solution applied to the method embodiment of the network device, which achieves similar principles and technical effects, and is not described herein again.
Fig. 10 is a schematic structural diagram of a communication system according to an embodiment of the present application, and as shown in fig. 10, the system includes: as the terminal device 80 of the above-described embodiment and the network device 90 of the above-described embodiment, there may also be an authentication function node between the terminal device 80 and the network device 90.
The present application provides a storage medium storing a computer program that, when executed by a processor, implements the method of transmitting a terminal serial number or the authentication method in the above-described embodiments.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of a hardware embodiment, a software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present application, and is not intended to limit the scope of the present application.

Claims (26)

1. A method for transmitting a terminal sequence number, comprising:
authenticating the received user authentication request message, and calculating a terminal side authentication token containing a terminal serial number in response to the failure reason of the authentication as synchronization failure;
encrypting the terminal side authentication token to obtain a ciphertext of the terminal side authentication token;
and feeding back a user authentication failure response message carrying the ciphertext of the terminal side authentication token.
2. The method of claim 1, wherein computing the terminal-side authentication token containing the terminal sequence number comprises:
and calculating the authentication token of the terminal side by adopting the random number RAND carried in the user authentication request message, the terminal serial number and the authentication management domain parameter.
3. The method according to claim 1 or 2, wherein said encrypting the terminal side authentication token comprises: obtaining a secret key KAUSFUsing said secret key KAUSFEncrypting the terminal side authentication token;
the acquisition key KAUSFThe method comprises the following steps:
in response to the presence of the key K in user context informationAUSFObtaining the secret key K from the user context informationAUSF
In response to the absence of the secret key K in the user context informationAUSFCalculating said secret key KAUSFOr to use the key KAUSFSetting the value as a preset fixed value;
wherein, K isAUSFThe calculation method is as follows: derivatization with F3K and F4K to give KAUSFThe F3K and F4K are key derivation functions keyed by a root key K.
4. Method according to claim 3, characterized in that said secret key KAUSFWhen the user authentication failure response message is obtained through calculation, the user authentication failure response message also carries a marker, and the marker is used for marking the secret key KAUSFIs obtained by calculation.
5. The method of claim 2, wherein said encrypting the terminal-side authentication token comprises: determining a secret key KAUSFUsing said key KAUSFEncrypting the terminal side authentication token;
said determined key KAUSFThe mode is as follows:
in response to the presence of a secret key K in user context informationAUSFObtaining the secret key K from the user context informationAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd saidRAND is calculated to obtain the secret key KAUSF*;
In response to the absence of the secret key K in the user context informationAUSFCalculating said secret key KAUSFUsing a key generation function to pair said keys KAUSFAnd calculating the RAND to obtain the secret key KAUSF*;
Wherein the secret key KAUSFThe calculation method is as follows: deriving the key K by using F3K and F4KAUSFThe F3K and F4K are key derivation functions keyed by a root key K.
6. Method according to claim 5, characterized in that said secret key KAUSFWhen the user authentication failure response message is obtained through calculation, the user authentication failure response message also carries a marker, and the marker is used for marking the secret key KAUSFIs obtained by calculation.
7. An authentication method, comprising:
receiving a user authentication failure response message, wherein the failure reason carried by the user authentication failure response message is synchronization failure, and the user authentication failure response message also carries a ciphertext of a terminal side authentication token;
decrypting the ciphertext of the terminal side authentication token to obtain the terminal side authentication token;
and resetting the network serial number by adopting the terminal serial number contained in the terminal side authentication token.
8. The method of claim 7, wherein decrypting the ciphertext of the terminal-side authentication token comprises:
responding to the user authentication failure response message and carrying a marker, and acquiring a temporarily stored secret key KAUSFUsing said secret key KAUSFDecrypting the ciphertext of the terminal side authentication token;
responding to the response message of user authentication failure not carrying the marker, and acquiring the fixedly stored secret key KAUSFOr else to key KAUSFSetting the value as a preset fixed value, and adopting the secret key KAUSFAnd decrypting the ciphertext of the terminal side authentication token.
9. The method of claim 7, wherein decrypting the ciphertext of the terminal-side authentication token comprises:
responding to the user authentication failure response message and carrying a marker, and acquiring a temporarily stored secret key KAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the random number RAND to obtain a secret key KAUSFA first step of; using said secret key KAUSFDecrypting the ciphertext of the terminal side authentication token;
responding to the response message of user authentication failure not carrying the marker, and acquiring the fixedly stored secret key KAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the random number RAND to obtain a secret key KAUSFA first step of; using said secret key KAUSFDecrypting the ciphertext of the terminal-side authentication token.
10. The method according to claim 7, 8 or 9, wherein before receiving the user authentication failure response message, the method further comprises: attributing a secret key K in an authentication vectorAUSFAnd (5) temporarily storing.
11. The method of claim 10, wherein after resetting a network sequence number using a terminal sequence number contained in the terminal-side authentication token, further comprising:
generating an authentication request response message by adopting the reset network serial number, and sending the authentication request response message;
in response to successful authentication, the temporarily saved secret key K is usedAUSFAnd changing the storage into fixed storage.
12. An apparatus for transmitting a terminal sequence number, comprising:
the token calculation module is used for authenticating the received user authentication request message and calculating a terminal side authentication token containing a terminal serial number in response to the failure reason of the authentication because of synchronization failure;
the encryption module is used for encrypting the terminal side authentication token to obtain a ciphertext of the terminal side authentication token;
and the feedback module is used for feeding back a user authentication failure response message carrying the ciphertext of the terminal side authentication token.
13. The apparatus of claim 12, wherein the token calculating module is configured to calculate the terminal-side authentication token by using a random number RAND, the terminal sequence number, and an authentication management domain parameter carried in the user authentication request message.
14. The apparatus of claim 12 or 13, wherein the encryption module comprises: a first key obtaining sub-module and an encryption sub-module;
the first key obtaining submodule is used for obtaining the key K in the user context informationAUSFIn case of (2), the key K is obtained from the user context informationAUSF(ii) a Absence of secret key K in user context informationAUSFIn the case of (2), the key K is calculatedAUSFOr to use the key KAUSFSetting the value as a preset fixed value; wherein, K isAUSFThe calculation method is as follows: derivatization with F3K and F4K to give KAUSFThe F3K and F4K are key derivation functions with a root key K as a key;
the encryption submodule is used for adopting the secret key KAUSFAnd encrypting the terminal side authentication token.
15. The apparatus of claim 14, wherein the key K is a secret keyAUSFWhen the user authentication failure response message fed back by the feedback module is obtained through calculation, the user authentication failure response message also carries a marker, and the marker is used for marking the secret keyKAUSFIs obtained by calculation.
16. The apparatus of claim 13, wherein the encryption module comprises: a first key obtaining sub-module and an encryption sub-module;
the first key obtaining submodule is used for obtaining the key K in the user context informationAUSFIn case of (2), the key K is obtained from the user context informationAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the RAND to obtain a secret key KAUSFA first step of; absence of secret key K in user context informationAUSFIn the case of (2), the key K is calculatedAUSFUsing a key generation function to pair said keys KAUSFAnd calculating the RAND to obtain a secret key KAUSFA first step of; wherein the secret key KAUSFThe calculation method is as follows: deriving the key K by using F3K and F4KAUSFThe F3K and F4K are key derivation functions with a root key K as a key;
the encryption submodule is used for adopting the secret key KAUSFEncrypting the terminal-side authentication token.
17. The apparatus of claim 16, wherein the key K is a secret keyAUSFWhen the user authentication failure response message fed back by the feedback module is obtained through calculation, the user authentication failure response message also carries a marker, and the marker is used for marking the secret key KAUSFIs obtained by calculation.
18. An authentication apparatus, comprising:
the receiving module is used for receiving a user authentication failure response message, wherein the failure reason carried by the user authentication failure response message is synchronization failure, and the user authentication failure response message also carries a ciphertext of a terminal side authentication token;
the decryption module is used for decrypting the ciphertext of the terminal side authentication token to obtain the terminal side authentication token;
and the resetting module is used for resetting the network serial number by adopting the terminal serial number contained in the terminal side authentication token.
19. The apparatus of claim 18, wherein the decryption module comprises a second key obtaining sub-module and a decryption sub-module;
the second key obtaining submodule is used for obtaining the temporarily stored key K under the condition that the user authentication failure response message also carries a markerAUSF(ii) a Under the condition that the user authentication failure response message does not carry a marker, acquiring a fixedly stored secret key KAUSFOr else to key KAUSFSetting the value as a preset fixed value;
a decryption submodule using said secret key KAUSFAnd decrypting the ciphertext of the terminal side authentication token.
20. The apparatus of claim 18, wherein the decryption module comprises a second key obtaining sub-module and a decryption sub-module;
the second key obtaining submodule is used for obtaining the temporarily stored key K under the condition that the user authentication failure response message also carries a markerAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the random number RAND to obtain a secret key KAUSFA first step of; under the condition that the user authentication failure response message does not carry a marker, acquiring a fixedly stored secret key KAUSF(ii) a Using a key generation function to pair said keys KAUSFAnd calculating the random number RAND to obtain a secret key KAUSF*;
The decryption submodule is used for adopting the secret key KAUSFDecrypting the ciphertext of the terminal-side authentication token.
21. The apparatus of claim 18, 19 or 20, further comprising:
a storage module for storing the key K in the attribution authentication vectorAUSFAnd (5) temporarily storing.
22. The apparatus according to claim 21, wherein the saving module is further configured to save the temporarily saved secret key K when the authentication is successfulAUSFAnd changing the storage into fixed storage.
23. A terminal device for transmitting a terminal serial number, comprising: a processor and a memory;
the memory is to store instructions;
the processor is configured to read the instructions to perform the method of any of claims 1 to 6.
24. A network device for authentication, comprising: a processor and a memory;
the memory is to store instructions;
the processor is configured to read the instructions to perform the method of any of claims 7 to 11.
25. A communication system, characterized in that the system comprises a terminal device according to claim 23 and a network device according to claim 24.
26. A storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the method of any one of claims 1 to 11.
CN201910351367.0A 2019-04-28 2019-04-28 The method and apparatus and authentication method and device of transmission terminal serial number Pending CN110536292A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910351367.0A CN110536292A (en) 2019-04-28 2019-04-28 The method and apparatus and authentication method and device of transmission terminal serial number
PCT/CN2020/087517 WO2020221252A1 (en) 2019-04-28 2020-04-28 Method and apparatus for sending terminal sequence number and authentication method and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910351367.0A CN110536292A (en) 2019-04-28 2019-04-28 The method and apparatus and authentication method and device of transmission terminal serial number

Publications (1)

Publication Number Publication Date
CN110536292A true CN110536292A (en) 2019-12-03

Family

ID=68659648

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910351367.0A Pending CN110536292A (en) 2019-04-28 2019-04-28 The method and apparatus and authentication method and device of transmission terminal serial number

Country Status (2)

Country Link
CN (1) CN110536292A (en)
WO (1) WO2020221252A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111628985A (en) * 2020-05-22 2020-09-04 深圳市有方科技股份有限公司 Security access control method, security access control device, computer equipment and storage medium
WO2020177591A1 (en) * 2019-03-01 2020-09-10 中兴通讯股份有限公司 Determining method and device for key, storage medium and electronic device
WO2020221252A1 (en) * 2019-04-28 2020-11-05 中兴通讯股份有限公司 Method and apparatus for sending terminal sequence number and authentication method and apparatus
CN113596824A (en) * 2021-07-30 2021-11-02 深圳供电局有限公司 Encryption method for authentication failure plaintext information in 5G security protocol
CN114040387A (en) * 2020-07-21 2022-02-11 中国移动通信有限公司研究院 Method, device and equipment for determining attack message
CN114124513A (en) * 2021-11-18 2022-03-01 中国电信股份有限公司 Identity authentication method, system, device, electronic equipment and readable medium
WO2022067627A1 (en) * 2020-09-30 2022-04-07 Zte Corporation A method for preventing leakage of authentication sequence number of a mobile terminal
CN115002750A (en) * 2022-05-25 2022-09-02 中国电信股份有限公司 Communication authentication method and related equipment
CN113556733B (en) * 2020-04-14 2023-09-22 大唐移动通信设备有限公司 Subscription hidden identifier generation and decryption methods and related devices

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114205819B (en) * 2021-12-10 2024-08-27 中国电信股份有限公司 QoS calling method and device based on hybrid networking and electronic equipment

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100389634C (en) * 2005-08-02 2008-05-21 华为技术有限公司 Synchronously attach protecting method and relative power authentifying method
US8265593B2 (en) * 2007-08-27 2012-09-11 Alcatel Lucent Method and system of communication using extended sequence number
CN103560879B (en) * 2013-10-09 2016-12-07 中国科学院信息工程研究所 A kind of light-weight authentication and the implementation method of key agreement
CN108768632B (en) * 2018-05-29 2021-03-02 如般量子科技有限公司 AKA identity authentication system and method based on symmetric key pool and relay communication
CN110536292A (en) * 2019-04-28 2019-12-03 中兴通讯股份有限公司 The method and apparatus and authentication method and device of transmission terminal serial number

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020177591A1 (en) * 2019-03-01 2020-09-10 中兴通讯股份有限公司 Determining method and device for key, storage medium and electronic device
WO2020221252A1 (en) * 2019-04-28 2020-11-05 中兴通讯股份有限公司 Method and apparatus for sending terminal sequence number and authentication method and apparatus
CN113556733B (en) * 2020-04-14 2023-09-22 大唐移动通信设备有限公司 Subscription hidden identifier generation and decryption methods and related devices
CN111628985A (en) * 2020-05-22 2020-09-04 深圳市有方科技股份有限公司 Security access control method, security access control device, computer equipment and storage medium
CN114040387A (en) * 2020-07-21 2022-02-11 中国移动通信有限公司研究院 Method, device and equipment for determining attack message
CN114040387B (en) * 2020-07-21 2024-06-04 中国移动通信有限公司研究院 Method, device and equipment for determining attack message
WO2022067627A1 (en) * 2020-09-30 2022-04-07 Zte Corporation A method for preventing leakage of authentication sequence number of a mobile terminal
CN113596824A (en) * 2021-07-30 2021-11-02 深圳供电局有限公司 Encryption method for authentication failure plaintext information in 5G security protocol
CN114124513A (en) * 2021-11-18 2022-03-01 中国电信股份有限公司 Identity authentication method, system, device, electronic equipment and readable medium
CN114124513B (en) * 2021-11-18 2024-01-30 中国电信股份有限公司 Identity authentication method, system, device, electronic equipment and readable medium
CN115002750A (en) * 2022-05-25 2022-09-02 中国电信股份有限公司 Communication authentication method and related equipment

Also Published As

Publication number Publication date
WO2020221252A1 (en) 2020-11-05

Similar Documents

Publication Publication Date Title
WO2020221252A1 (en) Method and apparatus for sending terminal sequence number and authentication method and apparatus
US11228442B2 (en) Authentication method, authentication apparatus, and authentication system
US11122428B2 (en) Transmission data protection system, method, and apparatus
CN110049492B (en) Communication method, core network element, terminal device and storage medium
WO2017185999A1 (en) Method, apparatus and system for encryption key distribution and authentication
US11044084B2 (en) Method for unified network and service authentication based on ID-based cryptography
EP2296392A1 (en) Authentication method, re-certification method and communication device
US11159940B2 (en) Method for mutual authentication between user equipment and a communication network
CN108353279B (en) Authentication method and authentication system
CN111641498B (en) Key determination method and device
KR20070112260A (en) Network assisted terminal to sim/uicc key establishment
CN108809903B (en) Authentication method, device and system
CN111565169B (en) Cloud edge authentication method under mobile edge computing architecture, electronic equipment and storage medium
CN111050322A (en) GBA-based client registration and key sharing method, device and system
JP7237200B2 (en) Parameter transmission method and device
CN112312393A (en) 5G application access authentication method and 5G application access authentication network architecture
WO2018120217A1 (en) Verification method and apparatus for key requester
CN111836260B (en) Authentication information processing method, terminal and network equipment
CN114762294A (en) Enhancement of authentication
CN111835691B (en) Authentication information processing method, terminal and network equipment
CN108271154B (en) Authentication method and device
CN114760034A (en) Identity authentication method and device
CN118802305A (en) Communication network anonymous authentication method, user equipment, home network and product
WO2018126750A1 (en) Key delivery method and device
CN118802307A (en) Communication authentication method, related device, storage medium and computer program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination